Date
June 8, 2025, 11:09 p.m.
Failure - log-parser-boot - internal-error-oops-oops-smp
[ 63.947616] Internal error: Oops: 0000000096000005 [#1] SMP [ 63.948136] Modules linked in: [ 63.948444] CPU: 3 UID: 0 PID: 633 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 63.949344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.949728] Hardware name: Radxa ROCK Pi 4B (DT) [ 63.950150] pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 63.950783] pc : kunit_test_null_dereference+0x70/0x170 [ 63.951278] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.951819] sp : ffff80008a637d30 [ 63.952126] x29: ffff80008a637d90 x28: 0000000000000000 x27: 0000000000000000 [ 63.952799] x26: 1fffe0000041e821 x25: 0000000000000000 x24: 0000000000000004 [ 63.953464] x23: ffff0000020f410c x22: ffff8000812578b8 x21: ffff000002347a08 [ 63.954132] x20: 1ffff000114c6fa6 x19: ffff800087e17990 x18: 00000000bd4f8ea8 [ 63.954799] x17: 000000040044ffff x16: 00500072b5503510 x15: 0000000000000000 [ 63.955464] x14: ffff000000e1bcc0 x13: ffff80004bb3e000 x12: ffff600001e32b3c [ 63.956131] x11: 1fffe00001e32b3b x10: ffff600001e32b3b x9 : ffff80008124ed20 [ 63.956797] x8 : ffff80008a637c18 x7 : 0000000000000000 x6 : 0000000041b58ab3 [ 63.957464] x5 : ffff7000114c6fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 63.958130] x2 : dfff800000000000 x1 : ffff00000f195100 x0 : ffff800087e17990 [ 63.958797] Call trace: [ 63.959032] kunit_test_null_dereference+0x70/0x170 (P) [ 63.959528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 63.959696] dwmmc_rockchip fe310000.mmc: IDMAC supports 32-bit address mode. [ 63.960043] kthread+0x328/0x630 [ 63.960815] dwmmc_rockchip fe310000.mmc: Using internal DMA controller. [ 63.960954] ret_from_fork+0x10/0x20 [ 63.961553] dwmmc_rockchip fe310000.mmc: Version ID is 270a [ 63.961867] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 63.962427] dwmmc_rockchip fe310000.mmc: DW MMC controller at irq 49,32 bit host data width,256 deep fifo [ 63.962886] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 55.276944] ================================================================== [ 55.277610] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 55.277610] [ 55.278365] Use-after-free read at 0x(____ptrval____) (in kfence-#172): [ 55.278956] test_krealloc+0x51c/0x830 [ 55.279301] kunit_try_run_case+0x170/0x3f0 [ 55.279684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.280179] kthread+0x328/0x630 [ 55.280475] ret_from_fork+0x10/0x20 [ 55.280804] [ 55.280945] kfence-#172: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 55.280945] [ 55.281797] allocated by task 390 on cpu 4 at 55.276893s (0.004903s ago): [ 55.282411] test_alloc+0x29c/0x628 [ 55.282729] test_krealloc+0xc0/0x830 [ 55.283063] kunit_try_run_case+0x170/0x3f0 [ 55.283442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.283935] kthread+0x328/0x630 [ 55.284229] ret_from_fork+0x10/0x20 [ 55.284555] [ 55.284695] freed by task 390 on cpu 4 at 55.276909s (0.007784s ago): [ 55.285276] krealloc_noprof+0x148/0x360 [ 55.285631] test_krealloc+0x1dc/0x830 [ 55.285974] kunit_try_run_case+0x170/0x3f0 [ 55.286352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.286846] kthread+0x328/0x630 [ 55.287139] ret_from_fork+0x10/0x20 [ 55.287465] [ 55.287610] CPU: 4 UID: 0 PID: 390 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 55.288494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 55.288868] Hardware name: Radxa ROCK Pi 4B (DT) [ 55.289282] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 55.112417] ================================================================== [ 55.113081] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 55.113081] [ 55.113952] Use-after-free read at 0x(____ptrval____) (in kfence-#170): [ 55.114541] test_memcache_typesafe_by_rcu+0x280/0x560 [ 55.115005] kunit_try_run_case+0x170/0x3f0 [ 55.115386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.115880] kthread+0x328/0x630 [ 55.116174] ret_from_fork+0x10/0x20 [ 55.116500] [ 55.116639] kfence-#170: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 55.116639] [ 55.117446] allocated by task 388 on cpu 4 at 55.069494s (0.047951s ago): [ 55.118057] test_alloc+0x230/0x628 [ 55.118374] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 55.118836] kunit_try_run_case+0x170/0x3f0 [ 55.119213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.119705] kthread+0x328/0x630 [ 55.119997] ret_from_fork+0x10/0x20 [ 55.120320] [ 55.120460] freed by task 388 on cpu 4 at 55.069505s (0.050954s ago): [ 55.121037] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 55.121499] kunit_try_run_case+0x170/0x3f0 [ 55.121875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.122367] kthread+0x328/0x630 [ 55.122659] ret_from_fork+0x10/0x20 [ 55.122983] [ 55.123127] CPU: 4 UID: 0 PID: 388 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 55.124009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 55.124382] Hardware name: Radxa ROCK Pi 4B (DT) [ 55.124794] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 31.890895] ================================================================== [ 31.891966] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 31.891966] [ 31.892808] Invalid read at 0x(____ptrval____): [ 31.893251] test_invalid_access+0xdc/0x1f0 [ 31.893674] kunit_try_run_case+0x170/0x3f0 [ 31.894095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.894631] kthread+0x328/0x630 [ 31.894961] ret_from_fork+0x10/0x20 [ 31.895326] [ 31.895501] CPU: 1 UID: 0 PID: 384 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 31.896486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.896897] Hardware name: Radxa ROCK Pi 4B (DT) [ 31.897336] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 31.668600] ================================================================== [ 31.669270] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 31.669270] [ 31.670116] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#165): [ 31.671015] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 31.671484] kunit_try_run_case+0x170/0x3f0 [ 31.671865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.672356] kthread+0x328/0x630 [ 31.672650] ret_from_fork+0x10/0x20 [ 31.672975] [ 31.673113] kfence-#165: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 31.673113] [ 31.673963] allocated by task 378 on cpu 4 at 31.668538s (0.005424s ago): [ 31.674569] test_alloc+0x29c/0x628 [ 31.674884] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 31.675344] kunit_try_run_case+0x170/0x3f0 [ 31.675719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.676208] kthread+0x328/0x630 [ 31.676499] ret_from_fork+0x10/0x20 [ 31.676820] [ 31.676958] freed by task 378 on cpu 4 at 31.668547s (0.008410s ago): [ 31.677534] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 31.678000] kunit_try_run_case+0x170/0x3f0 [ 31.678375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.678866] kthread+0x328/0x630 [ 31.679156] ret_from_fork+0x10/0x20 [ 31.679479] [ 31.679622] CPU: 4 UID: 0 PID: 378 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 31.680501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.680875] Hardware name: Radxa ROCK Pi 4B (DT) [ 31.681286] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 31.044553] ================================================================== [ 31.045232] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 31.045232] [ 31.046096] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#159): [ 31.046759] test_kmalloc_aligned_oob_read+0x238/0x468 [ 31.047221] kunit_try_run_case+0x170/0x3f0 [ 31.047601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.048093] kthread+0x328/0x630 [ 31.048386] ret_from_fork+0x10/0x20 [ 31.048711] [ 31.048849] kfence-#159: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 31.048849] [ 31.049699] allocated by task 376 on cpu 4 at 31.044524s (0.005174s ago): [ 31.050309] test_alloc+0x29c/0x628 [ 31.050625] test_kmalloc_aligned_oob_read+0x100/0x468 [ 31.051085] kunit_try_run_case+0x170/0x3f0 [ 31.051460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.051951] kthread+0x328/0x630 [ 31.052241] ret_from_fork+0x10/0x20 [ 31.052563] [ 31.052706] CPU: 4 UID: 0 PID: 376 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 31.053584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.053957] Hardware name: Radxa ROCK Pi 4B (DT) [ 31.054367] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 26.260570] ================================================================== [ 26.261238] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 26.261238] [ 26.261972] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#113): [ 26.262597] test_corruption+0x284/0x378 [ 26.262952] kunit_try_run_case+0x170/0x3f0 [ 26.263330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.263819] kthread+0x328/0x630 [ 26.264113] ret_from_fork+0x10/0x20 [ 26.264437] [ 26.264576] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.264576] [ 26.265425] allocated by task 364 on cpu 4 at 26.260513s (0.004911s ago): [ 26.266031] test_alloc+0x29c/0x628 [ 26.266347] test_corruption+0x198/0x378 [ 26.266700] kunit_try_run_case+0x170/0x3f0 [ 26.267076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.267566] kthread+0x328/0x630 [ 26.267857] ret_from_fork+0x10/0x20 [ 26.268179] [ 26.268316] freed by task 364 on cpu 4 at 26.260523s (0.007792s ago): [ 26.268892] test_corruption+0x284/0x378 [ 26.269245] kunit_try_run_case+0x170/0x3f0 [ 26.269621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.270111] kthread+0x328/0x630 [ 26.270401] ret_from_fork+0x10/0x20 [ 26.270724] [ 26.270866] CPU: 4 UID: 0 PID: 364 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.271744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.272115] Hardware name: Radxa ROCK Pi 4B (DT) [ 26.272526] ================================================================== [ 26.364632] ================================================================== [ 26.365297] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 26.365297] [ 26.366032] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#114): [ 26.366940] test_corruption+0x120/0x378 [ 26.367297] kunit_try_run_case+0x170/0x3f0 [ 26.367678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.368171] kthread+0x328/0x630 [ 26.368466] ret_from_fork+0x10/0x20 [ 26.368791] [ 26.368930] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.368930] [ 26.369737] allocated by task 366 on cpu 4 at 26.364584s (0.005152s ago): [ 26.370345] test_alloc+0x230/0x628 [ 26.370663] test_corruption+0xdc/0x378 [ 26.371012] kunit_try_run_case+0x170/0x3f0 [ 26.371389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.371880] kthread+0x328/0x630 [ 26.372172] ret_from_fork+0x10/0x20 [ 26.372495] [ 26.372634] freed by task 366 on cpu 4 at 26.364593s (0.008040s ago): [ 26.373213] test_corruption+0x120/0x378 [ 26.373568] kunit_try_run_case+0x170/0x3f0 [ 26.373944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.374436] kthread+0x328/0x630 [ 26.374728] ret_from_fork+0x10/0x20 [ 26.375051] [ 26.375195] CPU: 4 UID: 0 PID: 366 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.376074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.376446] Hardware name: Radxa ROCK Pi 4B (DT) [ 26.376857] ================================================================== [ 26.156710] ================================================================== [ 26.157378] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 26.157378] [ 26.158117] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#112): [ 26.159034] test_corruption+0x278/0x378 [ 26.159395] kunit_try_run_case+0x170/0x3f0 [ 26.159778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.160273] kthread+0x328/0x630 [ 26.160570] ret_from_fork+0x10/0x20 [ 26.160897] [ 26.161037] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.161037] [ 26.161892] allocated by task 364 on cpu 4 at 26.156663s (0.005228s ago): [ 26.162503] test_alloc+0x29c/0x628 [ 26.162823] test_corruption+0xdc/0x378 [ 26.163172] kunit_try_run_case+0x170/0x3f0 [ 26.163551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.164044] kthread+0x328/0x630 [ 26.164339] ret_from_fork+0x10/0x20 [ 26.164665] [ 26.164804] freed by task 364 on cpu 4 at 26.156672s (0.008131s ago): [ 26.165385] test_corruption+0x278/0x378 [ 26.165741] kunit_try_run_case+0x170/0x3f0 [ 26.166120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.166614] kthread+0x328/0x630 [ 26.166908] ret_from_fork+0x10/0x20 [ 26.167233] [ 26.167378] CPU: 4 UID: 0 PID: 364 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.168261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.168636] Hardware name: Radxa ROCK Pi 4B (DT) [ 26.169049] ================================================================== [ 26.780541] ================================================================== [ 26.781209] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 26.781209] [ 26.781944] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#118): [ 26.782569] test_corruption+0x1d8/0x378 [ 26.782923] kunit_try_run_case+0x170/0x3f0 [ 26.783302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.783792] kthread+0x328/0x630 [ 26.784086] ret_from_fork+0x10/0x20 [ 26.784410] [ 26.784548] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.784548] [ 26.785352] allocated by task 366 on cpu 4 at 26.780483s (0.004867s ago): [ 26.785957] test_alloc+0x230/0x628 [ 26.786273] test_corruption+0x198/0x378 [ 26.786626] kunit_try_run_case+0x170/0x3f0 [ 26.787001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.787489] kthread+0x328/0x630 [ 26.787780] ret_from_fork+0x10/0x20 [ 26.788102] [ 26.788239] freed by task 366 on cpu 4 at 26.780493s (0.007745s ago): [ 26.788816] test_corruption+0x1d8/0x378 [ 26.789168] kunit_try_run_case+0x170/0x3f0 [ 26.789543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.790033] kthread+0x328/0x630 [ 26.790323] ret_from_fork+0x10/0x20 [ 26.790645] [ 26.790788] CPU: 4 UID: 0 PID: 366 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.791667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.792038] Hardware name: Radxa ROCK Pi 4B (DT) [ 26.792448] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 26.052670] ================================================================== [ 26.053337] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 26.053337] [ 26.054081] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 26.054617] test_invalid_addr_free+0xec/0x238 [ 26.055020] kunit_try_run_case+0x170/0x3f0 [ 26.055400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.055893] kthread+0x328/0x630 [ 26.056187] ret_from_fork+0x10/0x20 [ 26.056512] [ 26.056652] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.056652] [ 26.057458] allocated by task 362 on cpu 4 at 26.052626s (0.004831s ago): [ 26.058066] test_alloc+0x230/0x628 [ 26.058384] test_invalid_addr_free+0xd4/0x238 [ 26.058785] kunit_try_run_case+0x170/0x3f0 [ 26.059162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.059652] kthread+0x328/0x630 [ 26.059944] ret_from_fork+0x10/0x20 [ 26.060268] [ 26.060412] CPU: 4 UID: 0 PID: 362 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.061292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.061665] Hardware name: Radxa ROCK Pi 4B (DT) [ 26.062076] ================================================================== [ 25.948644] ================================================================== [ 25.949312] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 25.949312] [ 25.950068] Invalid free of 0x(____ptrval____) (in kfence-#110): [ 25.950606] test_invalid_addr_free+0x1ac/0x238 [ 25.951020] kunit_try_run_case+0x170/0x3f0 [ 25.951402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.951897] kthread+0x328/0x630 [ 25.952193] ret_from_fork+0x10/0x20 [ 25.952521] [ 25.952662] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.952662] [ 25.953514] allocated by task 360 on cpu 4 at 25.948600s (0.004912s ago): [ 25.954125] test_alloc+0x29c/0x628 [ 25.954445] test_invalid_addr_free+0xd4/0x238 [ 25.954847] kunit_try_run_case+0x170/0x3f0 [ 25.955227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.955720] kthread+0x328/0x630 [ 25.956015] ret_from_fork+0x10/0x20 [ 25.956339] [ 25.956486] CPU: 4 UID: 0 PID: 360 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.957369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.957744] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.958157] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 25.740819] ================================================================== [ 25.741487] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 25.741487] [ 25.742195] Invalid free of 0x(____ptrval____) (in kfence-#108): [ 25.742733] test_double_free+0x1bc/0x238 [ 25.743100] kunit_try_run_case+0x170/0x3f0 [ 25.743484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.743980] kthread+0x328/0x630 [ 25.744278] ret_from_fork+0x10/0x20 [ 25.744605] [ 25.744746] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.744746] [ 25.745600] allocated by task 356 on cpu 4 at 25.740760s (0.004838s ago): [ 25.746211] test_alloc+0x29c/0x628 [ 25.746529] test_double_free+0xd4/0x238 [ 25.746886] kunit_try_run_case+0x170/0x3f0 [ 25.747265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.747760] kthread+0x328/0x630 [ 25.748054] ret_from_fork+0x10/0x20 [ 25.748381] [ 25.748521] freed by task 356 on cpu 4 at 25.740768s (0.007751s ago): [ 25.749103] test_double_free+0x1ac/0x238 [ 25.749466] kunit_try_run_case+0x170/0x3f0 [ 25.749846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.750340] kthread+0x328/0x630 [ 25.750635] ret_from_fork+0x10/0x20 [ 25.750960] [ 25.751105] CPU: 4 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.751989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.752363] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.752776] ================================================================== [ 25.844730] ================================================================== [ 25.845395] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 25.845395] [ 25.846102] Invalid free of 0x(____ptrval____) (in kfence-#109): [ 25.846638] test_double_free+0x100/0x238 [ 25.847003] kunit_try_run_case+0x170/0x3f0 [ 25.847384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.847878] kthread+0x328/0x630 [ 25.848173] ret_from_fork+0x10/0x20 [ 25.848498] [ 25.848637] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.848637] [ 25.849444] allocated by task 358 on cpu 4 at 25.844674s (0.004769s ago): [ 25.850052] test_alloc+0x230/0x628 [ 25.850370] test_double_free+0xd4/0x238 [ 25.850725] kunit_try_run_case+0x170/0x3f0 [ 25.851102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.851592] kthread+0x328/0x630 [ 25.851885] ret_from_fork+0x10/0x20 [ 25.852209] [ 25.852347] freed by task 358 on cpu 4 at 25.844682s (0.007664s ago): [ 25.852926] test_double_free+0xf0/0x238 [ 25.853281] kunit_try_run_case+0x170/0x3f0 [ 25.853658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.854150] kthread+0x328/0x630 [ 25.854442] ret_from_fork+0x10/0x20 [ 25.854766] [ 25.854910] CPU: 4 UID: 0 PID: 358 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.855792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.856165] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.856576] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 25.324642] ================================================================== [ 25.325312] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 25.325312] [ 25.326148] Use-after-free read at 0x(____ptrval____) (in kfence-#104): [ 25.326738] test_use_after_free_read+0x114/0x248 [ 25.327167] kunit_try_run_case+0x170/0x3f0 [ 25.327550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.328044] kthread+0x328/0x630 [ 25.328341] ret_from_fork+0x10/0x20 [ 25.328669] [ 25.328810] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.328810] [ 25.329663] allocated by task 348 on cpu 4 at 25.324603s (0.005058s ago): [ 25.330275] test_alloc+0x29c/0x628 [ 25.330595] test_use_after_free_read+0xd0/0x248 [ 25.331012] kunit_try_run_case+0x170/0x3f0 [ 25.331391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.331884] kthread+0x328/0x630 [ 25.332179] ret_from_fork+0x10/0x20 [ 25.332503] [ 25.332643] freed by task 348 on cpu 4 at 25.324612s (0.008031s ago): [ 25.333224] test_use_after_free_read+0x1c0/0x248 [ 25.333649] kunit_try_run_case+0x170/0x3f0 [ 25.334027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.334521] kthread+0x328/0x630 [ 25.334815] ret_from_fork+0x10/0x20 [ 25.335141] [ 25.335287] CPU: 4 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.336170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.336544] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.336956] ================================================================== [ 25.428621] ================================================================== [ 25.429290] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 25.429290] [ 25.430124] Use-after-free read at 0x(____ptrval____) (in kfence-#105): [ 25.430712] test_use_after_free_read+0x114/0x248 [ 25.431138] kunit_try_run_case+0x170/0x3f0 [ 25.431519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.432012] kthread+0x328/0x630 [ 25.432307] ret_from_fork+0x10/0x20 [ 25.432632] [ 25.432771] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.432771] [ 25.433577] allocated by task 350 on cpu 4 at 25.428582s (0.004994s ago): [ 25.434187] test_alloc+0x230/0x628 [ 25.434504] test_use_after_free_read+0xd0/0x248 [ 25.434919] kunit_try_run_case+0x170/0x3f0 [ 25.435296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.435788] kthread+0x328/0x630 [ 25.436080] ret_from_fork+0x10/0x20 [ 25.436404] [ 25.436543] freed by task 350 on cpu 4 at 25.428590s (0.007952s ago): [ 25.437123] test_use_after_free_read+0xf0/0x248 [ 25.437538] kunit_try_run_case+0x170/0x3f0 [ 25.437916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.438407] kthread+0x328/0x630 [ 25.438699] ret_from_fork+0x10/0x20 [ 25.439023] [ 25.439166] CPU: 4 UID: 0 PID: 350 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.440046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.440418] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.440830] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 25.116654] ================================================================== [ 25.117321] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 25.117321] [ 25.118157] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#102): [ 25.118810] test_out_of_bounds_write+0x100/0x240 [ 25.119237] kunit_try_run_case+0x170/0x3f0 [ 25.119620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.120114] kthread+0x328/0x630 [ 25.120411] ret_from_fork+0x10/0x20 [ 25.120740] [ 25.120881] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.120881] [ 25.121734] allocated by task 344 on cpu 4 at 25.116630s (0.005103s ago): [ 25.122346] test_alloc+0x29c/0x628 [ 25.122666] test_out_of_bounds_write+0xc8/0x240 [ 25.123083] kunit_try_run_case+0x170/0x3f0 [ 25.123462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.123956] kthread+0x328/0x630 [ 25.124251] ret_from_fork+0x10/0x20 [ 25.124577] [ 25.124722] CPU: 4 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.125606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.125981] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.126395] ================================================================== [ 25.220716] ================================================================== [ 25.221387] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 25.221387] [ 25.222221] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#103): [ 25.222870] test_out_of_bounds_write+0x100/0x240 [ 25.223296] kunit_try_run_case+0x170/0x3f0 [ 25.223677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.224170] kthread+0x328/0x630 [ 25.224464] ret_from_fork+0x10/0x20 [ 25.224789] [ 25.224929] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.224929] [ 25.225733] allocated by task 346 on cpu 4 at 25.220692s (0.005040s ago): [ 25.226343] test_alloc+0x230/0x628 [ 25.226661] test_out_of_bounds_write+0xc8/0x240 [ 25.227077] kunit_try_run_case+0x170/0x3f0 [ 25.227453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.227945] kthread+0x328/0x630 [ 25.228237] ret_from_fork+0x10/0x20 [ 25.228561] [ 25.228706] CPU: 4 UID: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.229587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.229959] Hardware name: Radxa ROCK Pi 4B (DT) [ 25.230371] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 24.908525] ================================================================== [ 24.909195] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 24.909195] [ 24.910010] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#100): [ 24.910666] test_out_of_bounds_read+0x1c8/0x3e0 [ 24.911081] kunit_try_run_case+0x170/0x3f0 [ 24.911462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.911953] kthread+0x328/0x630 [ 24.912246] ret_from_fork+0x10/0x20 [ 24.912571] [ 24.912710] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.912710] [ 24.913514] allocated by task 342 on cpu 4 at 24.908498s (0.005015s ago): [ 24.914123] test_alloc+0x230/0x628 [ 24.914439] test_out_of_bounds_read+0x198/0x3e0 [ 24.914853] kunit_try_run_case+0x170/0x3f0 [ 24.915228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.915717] kthread+0x328/0x630 [ 24.916008] ret_from_fork+0x10/0x20 [ 24.916330] [ 24.916473] CPU: 4 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.917350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.917721] Hardware name: Radxa ROCK Pi 4B (DT) [ 24.918131] ================================================================== [ 23.764547] ================================================================== [ 23.765221] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 23.765221] [ 23.766040] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#89): [ 23.766674] test_out_of_bounds_read+0x114/0x3e0 [ 23.767090] kunit_try_run_case+0x170/0x3f0 [ 23.767470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.767962] kthread+0x328/0x630 [ 23.768255] ret_from_fork+0x10/0x20 [ 23.768584] [ 23.768724] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 23.768724] [ 23.769567] allocated by task 340 on cpu 4 at 23.764517s (0.005049s ago): [ 23.770175] test_alloc+0x29c/0x628 [ 23.770492] test_out_of_bounds_read+0xdc/0x3e0 [ 23.770897] kunit_try_run_case+0x170/0x3f0 [ 23.771273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.771763] kthread+0x328/0x630 [ 23.772053] ret_from_fork+0x10/0x20 [ 23.772375] [ 23.772519] CPU: 4 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.773397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.773768] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.774178] ================================================================== [ 24.180533] ================================================================== [ 24.181207] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 24.181207] [ 24.182026] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#93): [ 24.182660] test_out_of_bounds_read+0x114/0x3e0 [ 24.183076] kunit_try_run_case+0x170/0x3f0 [ 24.183457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.183948] kthread+0x328/0x630 [ 24.184241] ret_from_fork+0x10/0x20 [ 24.184565] [ 24.184704] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.184704] [ 24.185501] allocated by task 342 on cpu 4 at 24.180505s (0.004995s ago): [ 24.186110] test_alloc+0x230/0x628 [ 24.186425] test_out_of_bounds_read+0xdc/0x3e0 [ 24.186831] kunit_try_run_case+0x170/0x3f0 [ 24.187206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.187696] kthread+0x328/0x630 [ 24.187986] ret_from_fork+0x10/0x20 [ 24.188308] [ 24.188451] CPU: 4 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.189329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.189701] Hardware name: Radxa ROCK Pi 4B (DT) [ 24.190111] ================================================================== [ 23.868542] ================================================================== [ 23.869211] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 23.869211] [ 23.870027] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#90): [ 23.870674] test_out_of_bounds_read+0x1c8/0x3e0 [ 23.871089] kunit_try_run_case+0x170/0x3f0 [ 23.871469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.871959] kthread+0x328/0x630 [ 23.872253] ret_from_fork+0x10/0x20 [ 23.872582] [ 23.872720] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 23.872720] [ 23.873560] allocated by task 340 on cpu 4 at 23.868515s (0.005044s ago): [ 23.874169] test_alloc+0x29c/0x628 [ 23.874483] test_out_of_bounds_read+0x198/0x3e0 [ 23.874897] kunit_try_run_case+0x170/0x3f0 [ 23.875273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.875764] kthread+0x328/0x630 [ 23.876054] ret_from_fork+0x10/0x20 [ 23.876376] [ 23.876518] CPU: 4 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.877395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.877767] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.878177] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kasan_atomics
[ 23.221128] ================================================================== [ 23.223203] BUG: KFENCE: memory corruption in kasan_atomics+0x1a0/0x2e0 [ 23.223203] [ 23.223926] Corrupted memory at 0x(____ptrval____) [ ! ! ! ! ! ! ! ! . . . . . . . . ] (in kfence-#83): [ 23.224832] kasan_atomics+0x1a0/0x2e0 [ 23.225175] kunit_try_run_case+0x170/0x3f0 [ 23.225558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.226052] kthread+0x328/0x630 [ 23.226348] ret_from_fork+0x10/0x20 [ 23.226675] [ 23.226815] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=48, cache=kmalloc-64 [ 23.226815] [ 23.227662] allocated by task 318 on cpu 2 at 23.140583s (0.087077s ago): [ 23.228272] kasan_atomics+0xb8/0x2e0 [ 23.228606] kunit_try_run_case+0x170/0x3f0 [ 23.228985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.229479] kthread+0x328/0x630 [ 23.229773] ret_from_fork+0x10/0x20 [ 23.230099] [ 23.230238] freed by task 318 on cpu 4 at 23.221095s (0.009142s ago): [ 23.230820] kasan_atomics+0x1a0/0x2e0 [ 23.231161] kunit_try_run_case+0x170/0x3f0 [ 23.231541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.232035] kthread+0x328/0x630 [ 23.232329] ret_from_fork+0x10/0x20 [ 23.232654] [ 23.232800] CPU: 4 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.233685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.234059] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.234473] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 23.495943] ================================================================== [ 23.496582] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 23.497199] Write of size 121 at addr ffff00000c5d5400 by task kunit_try_catch/338 [ 23.497867] [ 23.498005] CPU: 5 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.498020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.498024] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.498029] Call trace: [ 23.498033] show_stack+0x20/0x38 (C) [ 23.498042] dump_stack_lvl+0x8c/0xd0 [ 23.498052] print_report+0x118/0x608 [ 23.498062] kasan_report+0xdc/0x128 [ 23.498072] kasan_check_range+0x100/0x1a8 [ 23.498083] __kasan_check_write+0x20/0x30 [ 23.498091] strncpy_from_user+0x3c/0x2a0 [ 23.498102] copy_user_test_oob+0x5c0/0xec8 [ 23.498112] kunit_try_run_case+0x170/0x3f0 [ 23.498122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.498134] kthread+0x328/0x630 [ 23.498141] ret_from_fork+0x10/0x20 [ 23.498150] [ 23.504271] Allocated by task 338: [ 23.504576] kasan_save_stack+0x3c/0x68 [ 23.504921] kasan_save_track+0x20/0x40 [ 23.505267] kasan_save_alloc_info+0x40/0x58 [ 23.505651] __kasan_kmalloc+0xd4/0xd8 [ 23.505990] __kmalloc_noprof+0x198/0x4c8 [ 23.506351] kunit_kmalloc_array+0x34/0x88 [ 23.506720] copy_user_test_oob+0xac/0xec8 [ 23.507089] kunit_try_run_case+0x170/0x3f0 [ 23.507465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.507954] kthread+0x328/0x630 [ 23.508245] ret_from_fork+0x10/0x20 [ 23.508567] [ 23.508704] The buggy address belongs to the object at ffff00000c5d5400 [ 23.508704] which belongs to the cache kmalloc-128 of size 128 [ 23.509802] The buggy address is located 0 bytes inside of [ 23.509802] allocated 120-byte region [ffff00000c5d5400, ffff00000c5d5478) [ 23.510893] [ 23.511031] The buggy address belongs to the physical page: [ 23.511523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc5d5 [ 23.512215] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.512794] page_type: f5(slab) [ 23.513077] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.513762] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.514444] page dumped because: kasan: bad access detected [ 23.514936] [ 23.515074] Memory state around the buggy address: [ 23.515499] ffff00000c5d5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.516136] ffff00000c5d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.516773] >ffff00000c5d5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.517409] ^ [ 23.518039] ffff00000c5d5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.518676] ffff00000c5d5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.519311] ================================================================== [ 23.519967] ================================================================== [ 23.520604] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 23.521222] Write of size 1 at addr ffff00000c5d5478 by task kunit_try_catch/338 [ 23.521875] [ 23.522014] CPU: 5 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.522028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.522033] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.522038] Call trace: [ 23.522041] show_stack+0x20/0x38 (C) [ 23.522050] dump_stack_lvl+0x8c/0xd0 [ 23.522060] print_report+0x118/0x608 [ 23.522071] kasan_report+0xdc/0x128 [ 23.522080] __asan_report_store1_noabort+0x20/0x30 [ 23.522089] strncpy_from_user+0x270/0x2a0 [ 23.522100] copy_user_test_oob+0x5c0/0xec8 [ 23.522110] kunit_try_run_case+0x170/0x3f0 [ 23.522120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.522132] kthread+0x328/0x630 [ 23.522139] ret_from_fork+0x10/0x20 [ 23.522149] [ 23.527985] Allocated by task 338: [ 23.528289] kasan_save_stack+0x3c/0x68 [ 23.528636] kasan_save_track+0x20/0x40 [ 23.528981] kasan_save_alloc_info+0x40/0x58 [ 23.529366] __kasan_kmalloc+0xd4/0xd8 [ 23.529704] __kmalloc_noprof+0x198/0x4c8 [ 23.530065] kunit_kmalloc_array+0x34/0x88 [ 23.530434] copy_user_test_oob+0xac/0xec8 [ 23.530802] kunit_try_run_case+0x170/0x3f0 [ 23.531178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.531669] kthread+0x328/0x630 [ 23.531959] ret_from_fork+0x10/0x20 [ 23.532281] [ 23.532418] The buggy address belongs to the object at ffff00000c5d5400 [ 23.532418] which belongs to the cache kmalloc-128 of size 128 [ 23.533516] The buggy address is located 0 bytes to the right of [ 23.533516] allocated 120-byte region [ffff00000c5d5400, ffff00000c5d5478) [ 23.534653] [ 23.534790] The buggy address belongs to the physical page: [ 23.535282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc5d5 [ 23.535974] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.536551] page_type: f5(slab) [ 23.536834] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.537518] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.538199] page dumped because: kasan: bad access detected [ 23.538691] [ 23.538827] Memory state around the buggy address: [ 23.539253] ffff00000c5d5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.539890] ffff00000c5d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.540528] >ffff00000c5d5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.541164] ^ [ 23.541792] ffff00000c5d5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.542429] ffff00000c5d5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.543065] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 23.375622] ================================================================== [ 23.376277] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 23.376919] Read of size 121 at addr ffff00000c5d5400 by task kunit_try_catch/338 [ 23.377598] [ 23.377747] CPU: 5 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.377779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.377789] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.377800] Call trace: [ 23.377808] show_stack+0x20/0x38 (C) [ 23.377829] dump_stack_lvl+0x8c/0xd0 [ 23.377851] print_report+0x118/0x608 [ 23.377874] kasan_report+0xdc/0x128 [ 23.377895] kasan_check_range+0x100/0x1a8 [ 23.377919] __kasan_check_read+0x20/0x30 [ 23.377937] copy_user_test_oob+0x728/0xec8 [ 23.377958] kunit_try_run_case+0x170/0x3f0 [ 23.377979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.378005] kthread+0x328/0x630 [ 23.378022] ret_from_fork+0x10/0x20 [ 23.378042] [ 23.383863] Allocated by task 338: [ 23.384178] kasan_save_stack+0x3c/0x68 [ 23.384541] kasan_save_track+0x20/0x40 [ 23.384904] kasan_save_alloc_info+0x40/0x58 [ 23.385305] __kasan_kmalloc+0xd4/0xd8 [ 23.385660] __kmalloc_noprof+0x198/0x4c8 [ 23.386036] kunit_kmalloc_array+0x34/0x88 [ 23.386421] copy_user_test_oob+0xac/0xec8 [ 23.386804] kunit_try_run_case+0x170/0x3f0 [ 23.387196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.387705] kthread+0x328/0x630 [ 23.388009] ret_from_fork+0x10/0x20 [ 23.388347] [ 23.388493] The buggy address belongs to the object at ffff00000c5d5400 [ 23.388493] which belongs to the cache kmalloc-128 of size 128 [ 23.389609] The buggy address is located 0 bytes inside of [ 23.389609] allocated 120-byte region [ffff00000c5d5400, ffff00000c5d5478) [ 23.390719] [ 23.390866] The buggy address belongs to the physical page: [ 23.391371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc5d5 [ 23.392080] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.392674] page_type: f5(slab) [ 23.392972] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.393673] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.394368] page dumped because: kasan: bad access detected [ 23.394872] [ 23.395017] Memory state around the buggy address: [ 23.395454] ffff00000c5d5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.396106] ffff00000c5d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.396759] >ffff00000c5d5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.397408] ^ [ 23.398053] ffff00000c5d5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.398706] ffff00000c5d5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.399355] ================================================================== [ 23.350394] ================================================================== [ 23.351609] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 23.352266] Write of size 121 at addr ffff00000c5d5400 by task kunit_try_catch/338 [ 23.352955] [ 23.353109] CPU: 5 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.353147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.353157] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.353170] Call trace: [ 23.353179] show_stack+0x20/0x38 (C) [ 23.353204] dump_stack_lvl+0x8c/0xd0 [ 23.353231] print_report+0x118/0x608 [ 23.353255] kasan_report+0xdc/0x128 [ 23.353276] kasan_check_range+0x100/0x1a8 [ 23.353300] __kasan_check_write+0x20/0x30 [ 23.353318] copy_user_test_oob+0x234/0xec8 [ 23.353339] kunit_try_run_case+0x170/0x3f0 [ 23.353364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.353390] kthread+0x328/0x630 [ 23.353407] ret_from_fork+0x10/0x20 [ 23.353429] [ 23.359260] Allocated by task 338: [ 23.359577] kasan_save_stack+0x3c/0x68 [ 23.359942] kasan_save_track+0x20/0x40 [ 23.360305] kasan_save_alloc_info+0x40/0x58 [ 23.360707] __kasan_kmalloc+0xd4/0xd8 [ 23.361060] __kmalloc_noprof+0x198/0x4c8 [ 23.361437] kunit_kmalloc_array+0x34/0x88 [ 23.361821] copy_user_test_oob+0xac/0xec8 [ 23.362205] kunit_try_run_case+0x170/0x3f0 [ 23.362597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.363105] kthread+0x328/0x630 [ 23.363409] ret_from_fork+0x10/0x20 [ 23.363747] [ 23.363893] The buggy address belongs to the object at ffff00000c5d5400 [ 23.363893] which belongs to the cache kmalloc-128 of size 128 [ 23.365010] The buggy address is located 0 bytes inside of [ 23.365010] allocated 120-byte region [ffff00000c5d5400, ffff00000c5d5478) [ 23.366123] [ 23.366269] The buggy address belongs to the physical page: [ 23.366775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc5d5 [ 23.367485] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.368083] page_type: f5(slab) [ 23.368382] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.369084] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.369779] page dumped because: kasan: bad access detected [ 23.370284] [ 23.370430] Memory state around the buggy address: [ 23.370869] ffff00000c5d5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.371522] ffff00000c5d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.372175] >ffff00000c5d5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.372824] ^ [ 23.373468] ffff00000c5d5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.374120] ffff00000c5d5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.374770] ================================================================== [ 23.472250] ================================================================== [ 23.472892] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 23.473518] Read of size 121 at addr ffff00000c5d5400 by task kunit_try_catch/338 [ 23.474182] [ 23.474322] CPU: 5 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.474338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.474343] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.474349] Call trace: [ 23.474353] show_stack+0x20/0x38 (C) [ 23.474364] dump_stack_lvl+0x8c/0xd0 [ 23.474376] print_report+0x118/0x608 [ 23.474387] kasan_report+0xdc/0x128 [ 23.474398] kasan_check_range+0x100/0x1a8 [ 23.474410] __kasan_check_read+0x20/0x30 [ 23.474419] copy_user_test_oob+0x4a0/0xec8 [ 23.474430] kunit_try_run_case+0x170/0x3f0 [ 23.474441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.474454] kthread+0x328/0x630 [ 23.474463] ret_from_fork+0x10/0x20 [ 23.474473] [ 23.480239] Allocated by task 338: [ 23.480544] kasan_save_stack+0x3c/0x68 [ 23.480889] kasan_save_track+0x20/0x40 [ 23.481236] kasan_save_alloc_info+0x40/0x58 [ 23.481621] __kasan_kmalloc+0xd4/0xd8 [ 23.481959] __kmalloc_noprof+0x198/0x4c8 [ 23.482321] kunit_kmalloc_array+0x34/0x88 [ 23.482689] copy_user_test_oob+0xac/0xec8 [ 23.483058] kunit_try_run_case+0x170/0x3f0 [ 23.483435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.483924] kthread+0x328/0x630 [ 23.484215] ret_from_fork+0x10/0x20 [ 23.484537] [ 23.484675] The buggy address belongs to the object at ffff00000c5d5400 [ 23.484675] which belongs to the cache kmalloc-128 of size 128 [ 23.485773] The buggy address is located 0 bytes inside of [ 23.485773] allocated 120-byte region [ffff00000c5d5400, ffff00000c5d5478) [ 23.486864] [ 23.487001] The buggy address belongs to the physical page: [ 23.487493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc5d5 [ 23.488185] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.488765] page_type: f5(slab) [ 23.489048] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.489732] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.490413] page dumped because: kasan: bad access detected [ 23.490906] [ 23.491042] Memory state around the buggy address: [ 23.491468] ffff00000c5d5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.492104] ffff00000c5d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.492742] >ffff00000c5d5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.493379] ^ [ 23.494009] ffff00000c5d5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.494646] ffff00000c5d5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.495282] ================================================================== [ 23.424511] ================================================================== [ 23.425162] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 23.425798] Read of size 121 at addr ffff00000c5d5400 by task kunit_try_catch/338 [ 23.426471] [ 23.426617] CPU: 5 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.426643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.426651] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.426660] Call trace: [ 23.426667] show_stack+0x20/0x38 (C) [ 23.426684] dump_stack_lvl+0x8c/0xd0 [ 23.426702] print_report+0x118/0x608 [ 23.426721] kasan_report+0xdc/0x128 [ 23.426738] kasan_check_range+0x100/0x1a8 [ 23.426757] __kasan_check_read+0x20/0x30 [ 23.426772] copy_user_test_oob+0x3c8/0xec8 [ 23.426788] kunit_try_run_case+0x170/0x3f0 [ 23.426806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.426827] kthread+0x328/0x630 [ 23.426840] ret_from_fork+0x10/0x20 [ 23.426857] [ 23.432642] Allocated by task 338: [ 23.432950] kasan_save_stack+0x3c/0x68 [ 23.433301] kasan_save_track+0x20/0x40 [ 23.433650] kasan_save_alloc_info+0x40/0x58 [ 23.434038] __kasan_kmalloc+0xd4/0xd8 [ 23.434381] __kmalloc_noprof+0x198/0x4c8 [ 23.434745] kunit_kmalloc_array+0x34/0x88 [ 23.435117] copy_user_test_oob+0xac/0xec8 [ 23.435489] kunit_try_run_case+0x170/0x3f0 [ 23.435868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.436362] kthread+0x328/0x630 [ 23.436656] ret_from_fork+0x10/0x20 [ 23.436982] [ 23.437122] The buggy address belongs to the object at ffff00000c5d5400 [ 23.437122] which belongs to the cache kmalloc-128 of size 128 [ 23.438224] The buggy address is located 0 bytes inside of [ 23.438224] allocated 120-byte region [ffff00000c5d5400, ffff00000c5d5478) [ 23.439321] [ 23.439460] The buggy address belongs to the physical page: [ 23.439955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc5d5 [ 23.440651] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.441234] page_type: f5(slab) [ 23.441521] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.442209] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.442893] page dumped because: kasan: bad access detected [ 23.443388] [ 23.443528] Memory state around the buggy address: [ 23.443955] ffff00000c5d5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.444597] ffff00000c5d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.445237] >ffff00000c5d5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.445877] ^ [ 23.446510] ffff00000c5d5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.447152] ffff00000c5d5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.447791] ================================================================== [ 23.448457] ================================================================== [ 23.449100] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 23.449730] Write of size 121 at addr ffff00000c5d5400 by task kunit_try_catch/338 [ 23.450402] [ 23.450543] CPU: 5 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.450562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.450568] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.450575] Call trace: [ 23.450579] show_stack+0x20/0x38 (C) [ 23.450592] dump_stack_lvl+0x8c/0xd0 [ 23.450606] print_report+0x118/0x608 [ 23.450619] kasan_report+0xdc/0x128 [ 23.450631] kasan_check_range+0x100/0x1a8 [ 23.450644] __kasan_check_write+0x20/0x30 [ 23.450655] copy_user_test_oob+0x434/0xec8 [ 23.450667] kunit_try_run_case+0x170/0x3f0 [ 23.450681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.450695] kthread+0x328/0x630 [ 23.450705] ret_from_fork+0x10/0x20 [ 23.450717] [ 23.456497] Allocated by task 338: [ 23.456803] kasan_save_stack+0x3c/0x68 [ 23.457151] kasan_save_track+0x20/0x40 [ 23.457499] kasan_save_alloc_info+0x40/0x58 [ 23.457886] __kasan_kmalloc+0xd4/0xd8 [ 23.458226] __kmalloc_noprof+0x198/0x4c8 [ 23.458589] kunit_kmalloc_array+0x34/0x88 [ 23.458960] copy_user_test_oob+0xac/0xec8 [ 23.459330] kunit_try_run_case+0x170/0x3f0 [ 23.459708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.460200] kthread+0x328/0x630 [ 23.460492] ret_from_fork+0x10/0x20 [ 23.460816] [ 23.460954] The buggy address belongs to the object at ffff00000c5d5400 [ 23.460954] which belongs to the cache kmalloc-128 of size 128 [ 23.462053] The buggy address is located 0 bytes inside of [ 23.462053] allocated 120-byte region [ffff00000c5d5400, ffff00000c5d5478) [ 23.463147] [ 23.463285] The buggy address belongs to the physical page: [ 23.463779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc5d5 [ 23.464473] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.465053] page_type: f5(slab) [ 23.465338] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.466024] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.466706] page dumped because: kasan: bad access detected [ 23.467199] [ 23.467336] Memory state around the buggy address: [ 23.467763] ffff00000c5d5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.468402] ffff00000c5d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.469041] >ffff00000c5d5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.469678] ^ [ 23.470309] ffff00000c5d5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.470948] ffff00000c5d5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.471585] ================================================================== [ 23.400222] ================================================================== [ 23.400880] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 23.401525] Write of size 121 at addr ffff00000c5d5400 by task kunit_try_catch/338 [ 23.402209] [ 23.402360] CPU: 5 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.402393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.402403] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.402414] Call trace: [ 23.402422] show_stack+0x20/0x38 (C) [ 23.402443] dump_stack_lvl+0x8c/0xd0 [ 23.402466] print_report+0x118/0x608 [ 23.402489] kasan_report+0xdc/0x128 [ 23.402510] kasan_check_range+0x100/0x1a8 [ 23.402534] __kasan_check_write+0x20/0x30 [ 23.402552] copy_user_test_oob+0x35c/0xec8 [ 23.402573] kunit_try_run_case+0x170/0x3f0 [ 23.402596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.402621] kthread+0x328/0x630 [ 23.402638] ret_from_fork+0x10/0x20 [ 23.402659] [ 23.408469] Allocated by task 338: [ 23.408781] kasan_save_stack+0x3c/0x68 [ 23.409137] kasan_save_track+0x20/0x40 [ 23.409494] kasan_save_alloc_info+0x40/0x58 [ 23.409889] __kasan_kmalloc+0xd4/0xd8 [ 23.410239] __kmalloc_noprof+0x198/0x4c8 [ 23.410610] kunit_kmalloc_array+0x34/0x88 [ 23.410988] copy_user_test_oob+0xac/0xec8 [ 23.411366] kunit_try_run_case+0x170/0x3f0 [ 23.411752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.412254] kthread+0x328/0x630 [ 23.412553] ret_from_fork+0x10/0x20 [ 23.412885] [ 23.413028] The buggy address belongs to the object at ffff00000c5d5400 [ 23.413028] which belongs to the cache kmalloc-128 of size 128 [ 23.414137] The buggy address is located 0 bytes inside of [ 23.414137] allocated 120-byte region [ffff00000c5d5400, ffff00000c5d5478) [ 23.415241] [ 23.415385] The buggy address belongs to the physical page: [ 23.415886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc5d5 [ 23.416589] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.417179] page_type: f5(slab) [ 23.417473] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.418167] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.418857] page dumped because: kasan: bad access detected [ 23.419358] [ 23.419500] Memory state around the buggy address: [ 23.419934] ffff00000c5d5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.420581] ffff00000c5d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.421228] >ffff00000c5d5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.421873] ^ [ 23.422511] ffff00000c5d5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.423158] ffff00000c5d5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.423803] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 23.294093] ================================================================== [ 23.295460] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 23.296164] Read of size 8 at addr ffff00000e1a3278 by task kunit_try_catch/334 [ 23.296843] [ 23.297015] CPU: 1 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.297068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.297084] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.297102] Call trace: [ 23.297114] show_stack+0x20/0x38 (C) [ 23.297152] dump_stack_lvl+0x8c/0xd0 [ 23.297189] print_report+0x118/0x608 [ 23.297225] kasan_report+0xdc/0x128 [ 23.297258] __asan_report_load8_noabort+0x20/0x30 [ 23.297298] copy_to_kernel_nofault+0x204/0x250 [ 23.297333] copy_to_kernel_nofault_oob+0x158/0x418 [ 23.297366] kunit_try_run_case+0x170/0x3f0 [ 23.297402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.297441] kthread+0x328/0x630 [ 23.297469] ret_from_fork+0x10/0x20 [ 23.297502] [ 23.303546] Allocated by task 334: [ 23.303874] kasan_save_stack+0x3c/0x68 [ 23.304255] kasan_save_track+0x20/0x40 [ 23.304632] kasan_save_alloc_info+0x40/0x58 [ 23.305051] __kasan_kmalloc+0xd4/0xd8 [ 23.305420] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.305857] copy_to_kernel_nofault_oob+0xc8/0x418 [ 23.306317] kunit_try_run_case+0x170/0x3f0 [ 23.306724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.307248] kthread+0x328/0x630 [ 23.307565] ret_from_fork+0x10/0x20 [ 23.307917] [ 23.308071] The buggy address belongs to the object at ffff00000e1a3200 [ 23.308071] which belongs to the cache kmalloc-128 of size 128 [ 23.309205] The buggy address is located 0 bytes to the right of [ 23.309205] allocated 120-byte region [ffff00000e1a3200, ffff00000e1a3278) [ 23.310381] [ 23.310536] The buggy address belongs to the physical page: [ 23.311053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe1a3 [ 23.311777] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.312391] page_type: f5(slab) [ 23.312707] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.313423] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.314130] page dumped because: kasan: bad access detected [ 23.314646] [ 23.314799] Memory state around the buggy address: [ 23.315248] ffff00000e1a3100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.315915] ffff00000e1a3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.316583] >ffff00000e1a3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.317244] ^ [ 23.317903] ffff00000e1a3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.318569] ffff00000e1a3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.319231] ================================================================== [ 23.320726] ================================================================== [ 23.321436] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 23.322131] Write of size 8 at addr ffff00000e1a3278 by task kunit_try_catch/334 [ 23.322805] [ 23.322964] CPU: 1 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.323002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.323013] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.323026] Call trace: [ 23.323036] show_stack+0x20/0x38 (C) [ 23.323062] dump_stack_lvl+0x8c/0xd0 [ 23.323088] print_report+0x118/0x608 [ 23.323116] kasan_report+0xdc/0x128 [ 23.323139] kasan_check_range+0x100/0x1a8 [ 23.323166] __kasan_check_write+0x20/0x30 [ 23.323187] copy_to_kernel_nofault+0x8c/0x250 [ 23.323211] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 23.323235] kunit_try_run_case+0x170/0x3f0 [ 23.323261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.323289] kthread+0x328/0x630 [ 23.323309] ret_from_fork+0x10/0x20 [ 23.323333] [ 23.329624] Allocated by task 334: [ 23.329942] kasan_save_stack+0x3c/0x68 [ 23.330307] kasan_save_track+0x20/0x40 [ 23.330671] kasan_save_alloc_info+0x40/0x58 [ 23.331075] __kasan_kmalloc+0xd4/0xd8 [ 23.331432] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.331859] copy_to_kernel_nofault_oob+0xc8/0x418 [ 23.332305] kunit_try_run_case+0x170/0x3f0 [ 23.332700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.333211] kthread+0x328/0x630 [ 23.333517] ret_from_fork+0x10/0x20 [ 23.333858] [ 23.334006] The buggy address belongs to the object at ffff00000e1a3200 [ 23.334006] which belongs to the cache kmalloc-128 of size 128 [ 23.335125] The buggy address is located 0 bytes to the right of [ 23.335125] allocated 120-byte region [ffff00000e1a3200, ffff00000e1a3278) [ 23.336285] [ 23.336433] The buggy address belongs to the physical page: [ 23.336940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe1a3 [ 23.337653] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.338253] page_type: f5(slab) [ 23.338555] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 23.339259] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.339956] page dumped because: kasan: bad access detected [ 23.340462] [ 23.340610] Memory state around the buggy address: [ 23.341050] ffff00000e1a3100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.341705] ffff00000e1a3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.342359] >ffff00000e1a3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.343011] ^ [ 23.343656] ffff00000e1a3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.344310] ffff00000e1a3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.344963] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 23.262014] ================================================================== [ 23.262685] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 23.263317] Read of size 1 at addr ffff800087f0c7f8 by task kunit_try_catch/322 [ 23.263984] [ 23.264139] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.264176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.264187] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.264200] Call trace: [ 23.264209] show_stack+0x20/0x38 (C) [ 23.264234] dump_stack_lvl+0x8c/0xd0 [ 23.264262] print_report+0x310/0x608 [ 23.264286] kasan_report+0xdc/0x128 [ 23.264310] __asan_report_load1_noabort+0x20/0x30 [ 23.264338] vmalloc_oob+0x51c/0x5d0 [ 23.264358] kunit_try_run_case+0x170/0x3f0 [ 23.264384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.264411] kthread+0x328/0x630 [ 23.264432] ret_from_fork+0x10/0x20 [ 23.264457] [ 23.269951] The buggy address belongs to the virtual mapping at [ 23.269951] [ffff800087f0c000, ffff800087f0e000) created by: [ 23.269951] vmalloc_oob+0x98/0x5d0 [ 23.271305] [ 23.271454] The buggy address belongs to the physical page: [ 23.271961] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf691 [ 23.272673] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.273280] raw: 03fffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 23.273984] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.274682] page dumped because: kasan: bad access detected [ 23.275188] [ 23.275334] Memory state around the buggy address: [ 23.275773] ffff800087f0c680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.276428] ffff800087f0c700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.277082] >ffff800087f0c780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 23.277734] ^ [ 23.278379] ffff800087f0c800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.279034] ffff800087f0c880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.279685] ================================================================== [ 23.242448] ================================================================== [ 23.243844] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 23.244481] Read of size 1 at addr ffff800087f0c7f3 by task kunit_try_catch/322 [ 23.245161] [ 23.245324] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.245373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.245389] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.245406] Call trace: [ 23.245418] show_stack+0x20/0x38 (C) [ 23.245454] dump_stack_lvl+0x8c/0xd0 [ 23.245490] print_report+0x310/0x608 [ 23.245524] kasan_report+0xdc/0x128 [ 23.245557] __asan_report_load1_noabort+0x20/0x30 [ 23.245596] vmalloc_oob+0x578/0x5d0 [ 23.245626] kunit_try_run_case+0x170/0x3f0 [ 23.245660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.245700] kthread+0x328/0x630 [ 23.245726] ret_from_fork+0x10/0x20 [ 23.245759] [ 23.251292] The buggy address belongs to the virtual mapping at [ 23.251292] [ffff800087f0c000, ffff800087f0e000) created by: [ 23.251292] vmalloc_oob+0x98/0x5d0 [ 23.252665] [ 23.252821] The buggy address belongs to the physical page: [ 23.253338] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf691 [ 23.254063] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.254688] raw: 03fffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 23.255405] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.256115] page dumped because: kasan: bad access detected [ 23.256630] [ 23.256784] Memory state around the buggy address: [ 23.257233] ffff800087f0c680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.257900] ffff800087f0c700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.258568] >ffff800087f0c780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 23.259230] ^ [ 23.259864] ffff800087f0c800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.260531] ffff800087f0c880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.261194] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 23.062056] ================================================================== [ 23.062700] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 23.063498] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 23.064157] [ 23.064300] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.064321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.064328] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.064336] Call trace: [ 23.064341] show_stack+0x20/0x38 (C) [ 23.064354] dump_stack_lvl+0x8c/0xd0 [ 23.064369] print_report+0x118/0x608 [ 23.064384] kasan_report+0xdc/0x128 [ 23.064398] kasan_check_range+0x100/0x1a8 [ 23.064414] __kasan_check_write+0x20/0x30 [ 23.064426] kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 23.064443] kasan_bitops_generic+0x11c/0x1c8 [ 23.064457] kunit_try_run_case+0x170/0x3f0 [ 23.064471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.064488] kthread+0x328/0x630 [ 23.064499] ret_from_fork+0x10/0x20 [ 23.064513] [ 23.070855] Allocated by task 314: [ 23.071163] kasan_save_stack+0x3c/0x68 [ 23.071516] kasan_save_track+0x20/0x40 [ 23.071869] kasan_save_alloc_info+0x40/0x58 [ 23.072261] __kasan_kmalloc+0xd4/0xd8 [ 23.072605] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.073017] kasan_bitops_generic+0xa0/0x1c8 [ 23.073408] kunit_try_run_case+0x170/0x3f0 [ 23.073790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.074287] kthread+0x328/0x630 [ 23.074584] ret_from_fork+0x10/0x20 [ 23.074913] [ 23.075053] The buggy address belongs to the object at ffff00000223e620 [ 23.075053] which belongs to the cache kmalloc-16 of size 16 [ 23.076143] The buggy address is located 8 bytes inside of [ 23.076143] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 23.077226] [ 23.077367] The buggy address belongs to the physical page: [ 23.077865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 23.078563] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.079148] page_type: f5(slab) [ 23.079437] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 23.080128] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.080816] page dumped because: kasan: bad access detected [ 23.081314] [ 23.081454] Memory state around the buggy address: [ 23.081884] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.082528] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.083172] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 23.083814] ^ [ 23.084222] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.084865] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.085507] ================================================================== [ 22.917362] ================================================================== [ 22.918014] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 22.918815] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.919485] [ 22.919634] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.919665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.919675] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.919686] Call trace: [ 22.919693] show_stack+0x20/0x38 (C) [ 22.919713] dump_stack_lvl+0x8c/0xd0 [ 22.919734] print_report+0x118/0x608 [ 22.919756] kasan_report+0xdc/0x128 [ 22.919777] kasan_check_range+0x100/0x1a8 [ 22.919801] __kasan_check_write+0x20/0x30 [ 22.919819] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 22.919843] kasan_bitops_generic+0x11c/0x1c8 [ 22.919864] kunit_try_run_case+0x170/0x3f0 [ 22.919885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.919910] kthread+0x328/0x630 [ 22.919926] ret_from_fork+0x10/0x20 [ 22.919945] [ 22.926318] Allocated by task 314: [ 22.926633] kasan_save_stack+0x3c/0x68 [ 22.926994] kasan_save_track+0x20/0x40 [ 22.927356] kasan_save_alloc_info+0x40/0x58 [ 22.927757] __kasan_kmalloc+0xd4/0xd8 [ 22.928110] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.928532] kasan_bitops_generic+0xa0/0x1c8 [ 22.928931] kunit_try_run_case+0x170/0x3f0 [ 22.929322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.929830] kthread+0x328/0x630 [ 22.930134] ret_from_fork+0x10/0x20 [ 22.930471] [ 22.930617] The buggy address belongs to the object at ffff00000223e620 [ 22.930617] which belongs to the cache kmalloc-16 of size 16 [ 22.931717] The buggy address is located 8 bytes inside of [ 22.931717] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.932813] [ 22.932959] The buggy address belongs to the physical page: [ 22.933462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.934169] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.934762] page_type: f5(slab) [ 22.935060] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.935760] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.936456] page dumped because: kasan: bad access detected [ 22.936961] [ 22.937108] Memory state around the buggy address: [ 22.937545] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.938199] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.938851] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.939502] ^ [ 22.939918] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.940570] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.941218] ================================================================== [ 22.942095] ================================================================== [ 22.942741] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 22.943540] Read of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.944192] [ 22.944335] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.944357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.944363] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.944370] Call trace: [ 22.944375] show_stack+0x20/0x38 (C) [ 22.944389] dump_stack_lvl+0x8c/0xd0 [ 22.944404] print_report+0x118/0x608 [ 22.944419] kasan_report+0xdc/0x128 [ 22.944433] __asan_report_load8_noabort+0x20/0x30 [ 22.944451] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 22.944467] kasan_bitops_generic+0x11c/0x1c8 [ 22.944481] kunit_try_run_case+0x170/0x3f0 [ 22.944496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.944513] kthread+0x328/0x630 [ 22.944523] ret_from_fork+0x10/0x20 [ 22.944537] [ 22.950579] Allocated by task 314: [ 22.950888] kasan_save_stack+0x3c/0x68 [ 22.951240] kasan_save_track+0x20/0x40 [ 22.951593] kasan_save_alloc_info+0x40/0x58 [ 22.951985] __kasan_kmalloc+0xd4/0xd8 [ 22.952329] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.952742] kasan_bitops_generic+0xa0/0x1c8 [ 22.953132] kunit_try_run_case+0x170/0x3f0 [ 22.953514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.954011] kthread+0x328/0x630 [ 22.954307] ret_from_fork+0x10/0x20 [ 22.954635] [ 22.954776] The buggy address belongs to the object at ffff00000223e620 [ 22.954776] which belongs to the cache kmalloc-16 of size 16 [ 22.955866] The buggy address is located 8 bytes inside of [ 22.955866] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.956950] [ 22.957091] The buggy address belongs to the physical page: [ 22.957589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.958287] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.958870] page_type: f5(slab) [ 22.959159] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.959850] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.960537] page dumped because: kasan: bad access detected [ 22.961035] [ 22.961174] Memory state around the buggy address: [ 22.961605] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.962249] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.962892] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.963534] ^ [ 22.963942] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.964585] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.965227] ================================================================== [ 22.965964] ================================================================== [ 22.966610] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 22.967408] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.968068] [ 22.968210] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.968232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.968238] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.968246] Call trace: [ 22.968250] show_stack+0x20/0x38 (C) [ 22.968265] dump_stack_lvl+0x8c/0xd0 [ 22.968280] print_report+0x118/0x608 [ 22.968295] kasan_report+0xdc/0x128 [ 22.968309] kasan_check_range+0x100/0x1a8 [ 22.968325] __kasan_check_write+0x20/0x30 [ 22.968337] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 22.968354] kasan_bitops_generic+0x11c/0x1c8 [ 22.968367] kunit_try_run_case+0x170/0x3f0 [ 22.968382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.968399] kthread+0x328/0x630 [ 22.968411] ret_from_fork+0x10/0x20 [ 22.968424] [ 22.974766] Allocated by task 314: [ 22.975074] kasan_save_stack+0x3c/0x68 [ 22.975427] kasan_save_track+0x20/0x40 [ 22.975780] kasan_save_alloc_info+0x40/0x58 [ 22.976172] __kasan_kmalloc+0xd4/0xd8 [ 22.976516] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.976929] kasan_bitops_generic+0xa0/0x1c8 [ 22.977320] kunit_try_run_case+0x170/0x3f0 [ 22.977701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.978198] kthread+0x328/0x630 [ 22.978494] ret_from_fork+0x10/0x20 [ 22.978823] [ 22.978964] The buggy address belongs to the object at ffff00000223e620 [ 22.978964] which belongs to the cache kmalloc-16 of size 16 [ 22.980053] The buggy address is located 8 bytes inside of [ 22.980053] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.981138] [ 22.981278] The buggy address belongs to the physical page: [ 22.981776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.982474] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.983059] page_type: f5(slab) [ 22.983349] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.984039] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.984726] page dumped because: kasan: bad access detected [ 22.985222] [ 22.985362] Memory state around the buggy address: [ 22.985792] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.986436] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.987080] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.987722] ^ [ 22.988129] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.988774] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.989415] ================================================================== [ 23.086244] ================================================================== [ 23.086888] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 23.087686] Read of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 23.088339] [ 23.088482] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.088504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.088510] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.088518] Call trace: [ 23.088523] show_stack+0x20/0x38 (C) [ 23.088536] dump_stack_lvl+0x8c/0xd0 [ 23.088552] print_report+0x118/0x608 [ 23.088566] kasan_report+0xdc/0x128 [ 23.088581] __asan_report_load8_noabort+0x20/0x30 [ 23.088599] kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 23.088616] kasan_bitops_generic+0x11c/0x1c8 [ 23.088630] kunit_try_run_case+0x170/0x3f0 [ 23.088645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.088662] kthread+0x328/0x630 [ 23.088673] ret_from_fork+0x10/0x20 [ 23.088686] [ 23.094729] Allocated by task 314: [ 23.095037] kasan_save_stack+0x3c/0x68 [ 23.095390] kasan_save_track+0x20/0x40 [ 23.095742] kasan_save_alloc_info+0x40/0x58 [ 23.096134] __kasan_kmalloc+0xd4/0xd8 [ 23.096480] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.096892] kasan_bitops_generic+0xa0/0x1c8 [ 23.097282] kunit_try_run_case+0x170/0x3f0 [ 23.097664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.098162] kthread+0x328/0x630 [ 23.098458] ret_from_fork+0x10/0x20 [ 23.098786] [ 23.098927] The buggy address belongs to the object at ffff00000223e620 [ 23.098927] which belongs to the cache kmalloc-16 of size 16 [ 23.100016] The buggy address is located 8 bytes inside of [ 23.100016] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 23.101101] [ 23.101241] The buggy address belongs to the physical page: [ 23.101739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 23.102437] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.103022] page_type: f5(slab) [ 23.103310] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 23.104001] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.104688] page dumped because: kasan: bad access detected [ 23.105184] [ 23.105324] Memory state around the buggy address: [ 23.105754] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.106398] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.107042] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 23.107684] ^ [ 23.108092] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.108735] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.109377] ================================================================== [ 23.013983] ================================================================== [ 23.014628] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 23.015426] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 23.016086] [ 23.016229] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.016251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.016258] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.016265] Call trace: [ 23.016270] show_stack+0x20/0x38 (C) [ 23.016283] dump_stack_lvl+0x8c/0xd0 [ 23.016298] print_report+0x118/0x608 [ 23.016313] kasan_report+0xdc/0x128 [ 23.016328] kasan_check_range+0x100/0x1a8 [ 23.016344] __kasan_check_write+0x20/0x30 [ 23.016357] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 23.016373] kasan_bitops_generic+0x11c/0x1c8 [ 23.016387] kunit_try_run_case+0x170/0x3f0 [ 23.016402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.016418] kthread+0x328/0x630 [ 23.016429] ret_from_fork+0x10/0x20 [ 23.016443] [ 23.022783] Allocated by task 314: [ 23.023091] kasan_save_stack+0x3c/0x68 [ 23.023444] kasan_save_track+0x20/0x40 [ 23.023797] kasan_save_alloc_info+0x40/0x58 [ 23.024188] __kasan_kmalloc+0xd4/0xd8 [ 23.024532] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.024945] kasan_bitops_generic+0xa0/0x1c8 [ 23.025335] kunit_try_run_case+0x170/0x3f0 [ 23.025717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.026214] kthread+0x328/0x630 [ 23.026510] ret_from_fork+0x10/0x20 [ 23.026839] [ 23.026979] The buggy address belongs to the object at ffff00000223e620 [ 23.026979] which belongs to the cache kmalloc-16 of size 16 [ 23.028068] The buggy address is located 8 bytes inside of [ 23.028068] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 23.029153] [ 23.029294] The buggy address belongs to the physical page: [ 23.029791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 23.030489] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.031073] page_type: f5(slab) [ 23.031363] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 23.032053] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.032740] page dumped because: kasan: bad access detected [ 23.033236] [ 23.033377] Memory state around the buggy address: [ 23.033806] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.034450] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.035093] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 23.035735] ^ [ 23.036143] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.036787] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.037429] ================================================================== [ 23.038196] ================================================================== [ 23.038843] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 23.039643] Read of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 23.040295] [ 23.040439] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.040461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.040467] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.040475] Call trace: [ 23.040480] show_stack+0x20/0x38 (C) [ 23.040494] dump_stack_lvl+0x8c/0xd0 [ 23.040510] print_report+0x118/0x608 [ 23.040525] kasan_report+0xdc/0x128 [ 23.040540] __asan_report_load8_noabort+0x20/0x30 [ 23.040557] kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 23.040574] kasan_bitops_generic+0x11c/0x1c8 [ 23.040589] kunit_try_run_case+0x170/0x3f0 [ 23.040604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.040621] kthread+0x328/0x630 [ 23.040632] ret_from_fork+0x10/0x20 [ 23.040646] [ 23.046690] Allocated by task 314: [ 23.046998] kasan_save_stack+0x3c/0x68 [ 23.047351] kasan_save_track+0x20/0x40 [ 23.047704] kasan_save_alloc_info+0x40/0x58 [ 23.048096] __kasan_kmalloc+0xd4/0xd8 [ 23.048440] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.048853] kasan_bitops_generic+0xa0/0x1c8 [ 23.049244] kunit_try_run_case+0x170/0x3f0 [ 23.049626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.050123] kthread+0x328/0x630 [ 23.050420] ret_from_fork+0x10/0x20 [ 23.050748] [ 23.050889] The buggy address belongs to the object at ffff00000223e620 [ 23.050889] which belongs to the cache kmalloc-16 of size 16 [ 23.051979] The buggy address is located 8 bytes inside of [ 23.051979] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 23.053063] [ 23.053204] The buggy address belongs to the physical page: [ 23.053702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 23.054399] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.054985] page_type: f5(slab) [ 23.055275] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 23.055965] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.056652] page dumped because: kasan: bad access detected [ 23.057149] [ 23.057289] Memory state around the buggy address: [ 23.057719] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.058363] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.059007] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 23.059649] ^ [ 23.060056] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.060700] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.061342] ================================================================== [ 23.110108] ================================================================== [ 23.110752] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 23.111551] Read of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 23.112204] [ 23.112347] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 23.112368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.112374] Hardware name: Radxa ROCK Pi 4B (DT) [ 23.112382] Call trace: [ 23.112386] show_stack+0x20/0x38 (C) [ 23.112400] dump_stack_lvl+0x8c/0xd0 [ 23.112415] print_report+0x118/0x608 [ 23.112430] kasan_report+0xdc/0x128 [ 23.112445] __asan_report_load8_noabort+0x20/0x30 [ 23.112462] kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 23.112479] kasan_bitops_generic+0x11c/0x1c8 [ 23.112492] kunit_try_run_case+0x170/0x3f0 [ 23.112507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.112524] kthread+0x328/0x630 [ 23.112535] ret_from_fork+0x10/0x20 [ 23.112548] [ 23.118590] Allocated by task 314: [ 23.118898] kasan_save_stack+0x3c/0x68 [ 23.119251] kasan_save_track+0x20/0x40 [ 23.119604] kasan_save_alloc_info+0x40/0x58 [ 23.119995] __kasan_kmalloc+0xd4/0xd8 [ 23.120339] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.120751] kasan_bitops_generic+0xa0/0x1c8 [ 23.121142] kunit_try_run_case+0x170/0x3f0 [ 23.121524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.122021] kthread+0x328/0x630 [ 23.122317] ret_from_fork+0x10/0x20 [ 23.122645] [ 23.122785] The buggy address belongs to the object at ffff00000223e620 [ 23.122785] which belongs to the cache kmalloc-16 of size 16 [ 23.123875] The buggy address is located 8 bytes inside of [ 23.123875] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 23.124959] [ 23.125100] The buggy address belongs to the physical page: [ 23.125598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 23.126296] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.126880] page_type: f5(slab) [ 23.127170] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 23.127861] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.128549] page dumped because: kasan: bad access detected [ 23.129047] [ 23.129187] Memory state around the buggy address: [ 23.129616] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.130260] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.130904] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 23.131545] ^ [ 23.131954] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.132598] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.133240] ================================================================== [ 22.990128] ================================================================== [ 22.990772] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 22.991571] Read of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.992224] [ 22.992367] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.992388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.992395] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.992402] Call trace: [ 22.992407] show_stack+0x20/0x38 (C) [ 22.992421] dump_stack_lvl+0x8c/0xd0 [ 22.992435] print_report+0x118/0x608 [ 22.992450] kasan_report+0xdc/0x128 [ 22.992464] __asan_report_load8_noabort+0x20/0x30 [ 22.992482] kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 22.992499] kasan_bitops_generic+0x11c/0x1c8 [ 22.992513] kunit_try_run_case+0x170/0x3f0 [ 22.992528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.992545] kthread+0x328/0x630 [ 22.992555] ret_from_fork+0x10/0x20 [ 22.992569] [ 22.998610] Allocated by task 314: [ 22.998918] kasan_save_stack+0x3c/0x68 [ 22.999271] kasan_save_track+0x20/0x40 [ 22.999624] kasan_save_alloc_info+0x40/0x58 [ 23.000016] __kasan_kmalloc+0xd4/0xd8 [ 23.000360] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.000772] kasan_bitops_generic+0xa0/0x1c8 [ 23.001162] kunit_try_run_case+0x170/0x3f0 [ 23.001544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.002041] kthread+0x328/0x630 [ 23.002337] ret_from_fork+0x10/0x20 [ 23.002667] [ 23.002807] The buggy address belongs to the object at ffff00000223e620 [ 23.002807] which belongs to the cache kmalloc-16 of size 16 [ 23.003897] The buggy address is located 8 bytes inside of [ 23.003897] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 23.004981] [ 23.005121] The buggy address belongs to the physical page: [ 23.005618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 23.006317] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 23.006902] page_type: f5(slab) [ 23.007192] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 23.007883] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.008570] page dumped because: kasan: bad access detected [ 23.009067] [ 23.009207] Memory state around the buggy address: [ 23.009636] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.010280] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.010923] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 23.011565] ^ [ 23.011973] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.012616] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.013258] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 22.819967] ================================================================== [ 22.820621] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 22.821364] Read of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.822027] [ 22.822176] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.822209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.822219] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.822230] Call trace: [ 22.822237] show_stack+0x20/0x38 (C) [ 22.822258] dump_stack_lvl+0x8c/0xd0 [ 22.822279] print_report+0x118/0x608 [ 22.822301] kasan_report+0xdc/0x128 [ 22.822322] __asan_report_load8_noabort+0x20/0x30 [ 22.822347] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 22.822370] kasan_bitops_generic+0x110/0x1c8 [ 22.822392] kunit_try_run_case+0x170/0x3f0 [ 22.822413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.822438] kthread+0x328/0x630 [ 22.822454] ret_from_fork+0x10/0x20 [ 22.822475] [ 22.828485] Allocated by task 314: [ 22.828801] kasan_save_stack+0x3c/0x68 [ 22.829163] kasan_save_track+0x20/0x40 [ 22.829524] kasan_save_alloc_info+0x40/0x58 [ 22.829925] __kasan_kmalloc+0xd4/0xd8 [ 22.830280] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.830701] kasan_bitops_generic+0xa0/0x1c8 [ 22.831100] kunit_try_run_case+0x170/0x3f0 [ 22.831493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.832001] kthread+0x328/0x630 [ 22.832305] ret_from_fork+0x10/0x20 [ 22.832642] [ 22.832789] The buggy address belongs to the object at ffff00000223e620 [ 22.832789] which belongs to the cache kmalloc-16 of size 16 [ 22.833890] The buggy address is located 8 bytes inside of [ 22.833890] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.834986] [ 22.835133] The buggy address belongs to the physical page: [ 22.835637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.836345] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.836939] page_type: f5(slab) [ 22.837237] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.837937] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.838633] page dumped because: kasan: bad access detected [ 22.839137] [ 22.839282] Memory state around the buggy address: [ 22.839721] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.840373] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.841026] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.841675] ^ [ 22.842091] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.842743] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.843393] ================================================================== [ 22.770764] ================================================================== [ 22.771420] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 22.772162] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.772833] [ 22.772983] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.773016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.773026] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.773037] Call trace: [ 22.773045] show_stack+0x20/0x38 (C) [ 22.773066] dump_stack_lvl+0x8c/0xd0 [ 22.773088] print_report+0x118/0x608 [ 22.773110] kasan_report+0xdc/0x128 [ 22.773132] kasan_check_range+0x100/0x1a8 [ 22.773155] __kasan_check_write+0x20/0x30 [ 22.773174] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 22.773197] kasan_bitops_generic+0x110/0x1c8 [ 22.773217] kunit_try_run_case+0x170/0x3f0 [ 22.773239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.773264] kthread+0x328/0x630 [ 22.773280] ret_from_fork+0x10/0x20 [ 22.773301] [ 22.779615] Allocated by task 314: [ 22.779931] kasan_save_stack+0x3c/0x68 [ 22.780293] kasan_save_track+0x20/0x40 [ 22.780655] kasan_save_alloc_info+0x40/0x58 [ 22.781057] __kasan_kmalloc+0xd4/0xd8 [ 22.781411] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.781832] kasan_bitops_generic+0xa0/0x1c8 [ 22.782232] kunit_try_run_case+0x170/0x3f0 [ 22.782624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.783132] kthread+0x328/0x630 [ 22.783436] ret_from_fork+0x10/0x20 [ 22.783774] [ 22.783919] The buggy address belongs to the object at ffff00000223e620 [ 22.783919] which belongs to the cache kmalloc-16 of size 16 [ 22.785020] The buggy address is located 8 bytes inside of [ 22.785020] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.786116] [ 22.786262] The buggy address belongs to the physical page: [ 22.786766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.787475] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.788068] page_type: f5(slab) [ 22.788366] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.789066] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.789763] page dumped because: kasan: bad access detected [ 22.790266] [ 22.790413] Memory state around the buggy address: [ 22.790851] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.791504] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.792157] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.792807] ^ [ 22.793223] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.793875] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.794525] ================================================================== [ 22.746277] ================================================================== [ 22.746954] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 22.747710] Read of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.748376] [ 22.748532] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.748571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.748581] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.748595] Call trace: [ 22.748604] show_stack+0x20/0x38 (C) [ 22.748631] dump_stack_lvl+0x8c/0xd0 [ 22.748656] print_report+0x118/0x608 [ 22.748679] kasan_report+0xdc/0x128 [ 22.748701] __asan_report_load8_noabort+0x20/0x30 [ 22.748726] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 22.748749] kasan_bitops_generic+0x110/0x1c8 [ 22.748771] kunit_try_run_case+0x170/0x3f0 [ 22.748794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.748819] kthread+0x328/0x630 [ 22.748837] ret_from_fork+0x10/0x20 [ 22.748858] [ 22.754869] Allocated by task 314: [ 22.755187] kasan_save_stack+0x3c/0x68 [ 22.755553] kasan_save_track+0x20/0x40 [ 22.755915] kasan_save_alloc_info+0x40/0x58 [ 22.756316] __kasan_kmalloc+0xd4/0xd8 [ 22.756672] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.757095] kasan_bitops_generic+0xa0/0x1c8 [ 22.757493] kunit_try_run_case+0x170/0x3f0 [ 22.757884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.758392] kthread+0x328/0x630 [ 22.758696] ret_from_fork+0x10/0x20 [ 22.759034] [ 22.759181] The buggy address belongs to the object at ffff00000223e620 [ 22.759181] which belongs to the cache kmalloc-16 of size 16 [ 22.760282] The buggy address is located 8 bytes inside of [ 22.760282] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.761380] [ 22.761526] The buggy address belongs to the physical page: [ 22.762031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.762741] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.763338] page_type: f5(slab) [ 22.763638] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.764339] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.765034] page dumped because: kasan: bad access detected [ 22.765539] [ 22.765685] Memory state around the buggy address: [ 22.766123] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.766777] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.767429] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.768079] ^ [ 22.768495] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.769148] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.769798] ================================================================== [ 22.893201] ================================================================== [ 22.893855] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 22.894597] Read of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.895259] [ 22.895408] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.895440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.895450] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.895461] Call trace: [ 22.895468] show_stack+0x20/0x38 (C) [ 22.895488] dump_stack_lvl+0x8c/0xd0 [ 22.895510] print_report+0x118/0x608 [ 22.895531] kasan_report+0xdc/0x128 [ 22.895553] __asan_report_load8_noabort+0x20/0x30 [ 22.895578] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 22.895601] kasan_bitops_generic+0x110/0x1c8 [ 22.895622] kunit_try_run_case+0x170/0x3f0 [ 22.895643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.895667] kthread+0x328/0x630 [ 22.895683] ret_from_fork+0x10/0x20 [ 22.895704] [ 22.901714] Allocated by task 314: [ 22.902029] kasan_save_stack+0x3c/0x68 [ 22.902390] kasan_save_track+0x20/0x40 [ 22.902753] kasan_save_alloc_info+0x40/0x58 [ 22.903155] __kasan_kmalloc+0xd4/0xd8 [ 22.903509] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.903931] kasan_bitops_generic+0xa0/0x1c8 [ 22.904329] kunit_try_run_case+0x170/0x3f0 [ 22.904721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.905228] kthread+0x328/0x630 [ 22.905531] ret_from_fork+0x10/0x20 [ 22.905868] [ 22.906014] The buggy address belongs to the object at ffff00000223e620 [ 22.906014] which belongs to the cache kmalloc-16 of size 16 [ 22.907115] The buggy address is located 8 bytes inside of [ 22.907115] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.908209] [ 22.908355] The buggy address belongs to the physical page: [ 22.908860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.909568] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.910160] page_type: f5(slab) [ 22.910459] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.911158] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.911855] page dumped because: kasan: bad access detected [ 22.912359] [ 22.912504] Memory state around the buggy address: [ 22.912943] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.913594] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.914247] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.914896] ^ [ 22.915312] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.915965] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.916615] ================================================================== [ 22.671062] ================================================================== [ 22.672107] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 22.672876] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.673561] [ 22.673724] CPU: 3 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.673774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.673789] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.673807] Call trace: [ 22.673819] show_stack+0x20/0x38 (C) [ 22.673852] dump_stack_lvl+0x8c/0xd0 [ 22.673888] print_report+0x118/0x608 [ 22.673922] kasan_report+0xdc/0x128 [ 22.673953] kasan_check_range+0x100/0x1a8 [ 22.673988] __kasan_check_write+0x20/0x30 [ 22.674017] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 22.674052] kasan_bitops_generic+0x110/0x1c8 [ 22.674085] kunit_try_run_case+0x170/0x3f0 [ 22.674119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.674157] kthread+0x328/0x630 [ 22.674184] ret_from_fork+0x10/0x20 [ 22.674217] [ 22.680582] Allocated by task 314: [ 22.680907] kasan_save_stack+0x3c/0x68 [ 22.681284] kasan_save_track+0x20/0x40 [ 22.681660] kasan_save_alloc_info+0x40/0x58 [ 22.682076] __kasan_kmalloc+0xd4/0xd8 [ 22.682444] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.682882] kasan_bitops_generic+0xa0/0x1c8 [ 22.683297] kunit_try_run_case+0x170/0x3f0 [ 22.683704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.684228] kthread+0x328/0x630 [ 22.684545] ret_from_fork+0x10/0x20 [ 22.684895] [ 22.685049] The buggy address belongs to the object at ffff00000223e620 [ 22.685049] which belongs to the cache kmalloc-16 of size 16 [ 22.686166] The buggy address is located 8 bytes inside of [ 22.686166] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.687279] [ 22.687434] The buggy address belongs to the physical page: [ 22.687949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.688675] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.689287] page_type: f5(slab) [ 22.689598] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.690314] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.691022] page dumped because: kasan: bad access detected [ 22.691537] [ 22.691690] Memory state around the buggy address: [ 22.692140] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.692807] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.693474] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.694136] ^ [ 22.694563] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.695229] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.695892] ================================================================== [ 22.844170] ================================================================== [ 22.844824] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 22.845566] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.846236] [ 22.846386] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.846418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.846428] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.846439] Call trace: [ 22.846446] show_stack+0x20/0x38 (C) [ 22.846466] dump_stack_lvl+0x8c/0xd0 [ 22.846488] print_report+0x118/0x608 [ 22.846510] kasan_report+0xdc/0x128 [ 22.846532] kasan_check_range+0x100/0x1a8 [ 22.846554] __kasan_check_write+0x20/0x30 [ 22.846573] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 22.846595] kasan_bitops_generic+0x110/0x1c8 [ 22.846616] kunit_try_run_case+0x170/0x3f0 [ 22.846638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.846662] kthread+0x328/0x630 [ 22.846678] ret_from_fork+0x10/0x20 [ 22.846699] [ 22.853008] Allocated by task 314: [ 22.853322] kasan_save_stack+0x3c/0x68 [ 22.853684] kasan_save_track+0x20/0x40 [ 22.854045] kasan_save_alloc_info+0x40/0x58 [ 22.854447] __kasan_kmalloc+0xd4/0xd8 [ 22.854801] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.855223] kasan_bitops_generic+0xa0/0x1c8 [ 22.855623] kunit_try_run_case+0x170/0x3f0 [ 22.856014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.856521] kthread+0x328/0x630 [ 22.856826] ret_from_fork+0x10/0x20 [ 22.857163] [ 22.857309] The buggy address belongs to the object at ffff00000223e620 [ 22.857309] which belongs to the cache kmalloc-16 of size 16 [ 22.858411] The buggy address is located 8 bytes inside of [ 22.858411] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.859505] [ 22.859651] The buggy address belongs to the physical page: [ 22.860155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.860862] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.861456] page_type: f5(slab) [ 22.861752] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.862453] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.863148] page dumped because: kasan: bad access detected [ 22.863652] [ 22.863798] Memory state around the buggy address: [ 22.864236] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.864888] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.865540] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.866190] ^ [ 22.866605] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.867259] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.867908] ================================================================== [ 22.868677] ================================================================== [ 22.869331] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 22.870071] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.870740] [ 22.870889] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.870921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.870930] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.870941] Call trace: [ 22.870949] show_stack+0x20/0x38 (C) [ 22.870969] dump_stack_lvl+0x8c/0xd0 [ 22.870990] print_report+0x118/0x608 [ 22.871012] kasan_report+0xdc/0x128 [ 22.871033] kasan_check_range+0x100/0x1a8 [ 22.871057] __kasan_check_write+0x20/0x30 [ 22.871075] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 22.871098] kasan_bitops_generic+0x110/0x1c8 [ 22.871119] kunit_try_run_case+0x170/0x3f0 [ 22.871140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.871164] kthread+0x328/0x630 [ 22.871180] ret_from_fork+0x10/0x20 [ 22.871201] [ 22.877511] Allocated by task 314: [ 22.877824] kasan_save_stack+0x3c/0x68 [ 22.878186] kasan_save_track+0x20/0x40 [ 22.878547] kasan_save_alloc_info+0x40/0x58 [ 22.878950] __kasan_kmalloc+0xd4/0xd8 [ 22.879303] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.879726] kasan_bitops_generic+0xa0/0x1c8 [ 22.880126] kunit_try_run_case+0x170/0x3f0 [ 22.880517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.881025] kthread+0x328/0x630 [ 22.881329] ret_from_fork+0x10/0x20 [ 22.881666] [ 22.881812] The buggy address belongs to the object at ffff00000223e620 [ 22.881812] which belongs to the cache kmalloc-16 of size 16 [ 22.882913] The buggy address is located 8 bytes inside of [ 22.882913] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.884008] [ 22.884154] The buggy address belongs to the physical page: [ 22.884659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.885367] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.885960] page_type: f5(slab) [ 22.886258] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.886958] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.887654] page dumped because: kasan: bad access detected [ 22.888158] [ 22.888305] Memory state around the buggy address: [ 22.888742] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.889395] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.890047] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.890697] ^ [ 22.891112] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.891764] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.892414] ================================================================== [ 22.696794] ================================================================== [ 22.697466] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 22.698232] Read of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.698898] [ 22.699053] CPU: 3 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.699089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.699101] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.699114] Call trace: [ 22.699123] show_stack+0x20/0x38 (C) [ 22.699147] dump_stack_lvl+0x8c/0xd0 [ 22.699173] print_report+0x118/0x608 [ 22.699198] kasan_report+0xdc/0x128 [ 22.699221] __asan_report_load8_noabort+0x20/0x30 [ 22.699248] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 22.699272] kasan_bitops_generic+0x110/0x1c8 [ 22.699296] kunit_try_run_case+0x170/0x3f0 [ 22.699321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.699348] kthread+0x328/0x630 [ 22.699368] ret_from_fork+0x10/0x20 [ 22.699391] [ 22.705411] Allocated by task 314: [ 22.705729] kasan_save_stack+0x3c/0x68 [ 22.706093] kasan_save_track+0x20/0x40 [ 22.706456] kasan_save_alloc_info+0x40/0x58 [ 22.706861] __kasan_kmalloc+0xd4/0xd8 [ 22.707217] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.707643] kasan_bitops_generic+0xa0/0x1c8 [ 22.708045] kunit_try_run_case+0x170/0x3f0 [ 22.708439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.708949] kthread+0x328/0x630 [ 22.709257] ret_from_fork+0x10/0x20 [ 22.709596] [ 22.709744] The buggy address belongs to the object at ffff00000223e620 [ 22.709744] which belongs to the cache kmalloc-16 of size 16 [ 22.710848] The buggy address is located 8 bytes inside of [ 22.710848] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.711946] [ 22.712094] The buggy address belongs to the physical page: [ 22.712602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.713313] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.713913] page_type: f5(slab) [ 22.714216] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.714919] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.715617] page dumped because: kasan: bad access detected [ 22.716123] [ 22.716269] Memory state around the buggy address: [ 22.716710] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.717367] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.718023] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.718675] ^ [ 22.719093] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.719747] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.720400] ================================================================== [ 22.721177] ================================================================== [ 22.721839] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 22.722586] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.723259] [ 22.723413] CPU: 3 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.723449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.723460] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.723474] Call trace: [ 22.723482] show_stack+0x20/0x38 (C) [ 22.723507] dump_stack_lvl+0x8c/0xd0 [ 22.723533] print_report+0x118/0x608 [ 22.723557] kasan_report+0xdc/0x128 [ 22.723579] kasan_check_range+0x100/0x1a8 [ 22.723605] __kasan_check_write+0x20/0x30 [ 22.723625] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 22.723650] kasan_bitops_generic+0x110/0x1c8 [ 22.723673] kunit_try_run_case+0x170/0x3f0 [ 22.723698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.723725] kthread+0x328/0x630 [ 22.723744] ret_from_fork+0x10/0x20 [ 22.723767] [ 22.730086] Allocated by task 314: [ 22.730406] kasan_save_stack+0x3c/0x68 [ 22.730772] kasan_save_track+0x20/0x40 [ 22.731136] kasan_save_alloc_info+0x40/0x58 [ 22.731539] __kasan_kmalloc+0xd4/0xd8 [ 22.731896] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.732320] kasan_bitops_generic+0xa0/0x1c8 [ 22.732723] kunit_try_run_case+0x170/0x3f0 [ 22.733117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.733627] kthread+0x328/0x630 [ 22.733934] ret_from_fork+0x10/0x20 [ 22.734273] [ 22.734421] The buggy address belongs to the object at ffff00000223e620 [ 22.734421] which belongs to the cache kmalloc-16 of size 16 [ 22.735525] The buggy address is located 8 bytes inside of [ 22.735525] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.736623] [ 22.736771] The buggy address belongs to the physical page: [ 22.737277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.737988] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.738586] page_type: f5(slab) [ 22.738887] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.739590] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.740287] page dumped because: kasan: bad access detected [ 22.740793] [ 22.740940] Memory state around the buggy address: [ 22.741379] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.742035] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.742690] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.743341] ^ [ 22.743758] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.744413] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.745066] ================================================================== [ 22.795394] ================================================================== [ 22.796048] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 22.796790] Write of size 8 at addr ffff00000223e628 by task kunit_try_catch/314 [ 22.797459] [ 22.797609] CPU: 4 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.797641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.797651] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.797663] Call trace: [ 22.797670] show_stack+0x20/0x38 (C) [ 22.797691] dump_stack_lvl+0x8c/0xd0 [ 22.797713] print_report+0x118/0x608 [ 22.797735] kasan_report+0xdc/0x128 [ 22.797756] kasan_check_range+0x100/0x1a8 [ 22.797779] __kasan_check_write+0x20/0x30 [ 22.797797] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 22.797821] kasan_bitops_generic+0x110/0x1c8 [ 22.797842] kunit_try_run_case+0x170/0x3f0 [ 22.797863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.797889] kthread+0x328/0x630 [ 22.797905] ret_from_fork+0x10/0x20 [ 22.797925] [ 22.804236] Allocated by task 314: [ 22.804551] kasan_save_stack+0x3c/0x68 [ 22.804913] kasan_save_track+0x20/0x40 [ 22.805275] kasan_save_alloc_info+0x40/0x58 [ 22.805676] __kasan_kmalloc+0xd4/0xd8 [ 22.806029] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.806451] kasan_bitops_generic+0xa0/0x1c8 [ 22.806851] kunit_try_run_case+0x170/0x3f0 [ 22.807243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.807750] kthread+0x328/0x630 [ 22.808055] ret_from_fork+0x10/0x20 [ 22.808393] [ 22.808540] The buggy address belongs to the object at ffff00000223e620 [ 22.808540] which belongs to the cache kmalloc-16 of size 16 [ 22.809641] The buggy address is located 8 bytes inside of [ 22.809641] allocated 9-byte region [ffff00000223e620, ffff00000223e629) [ 22.810737] [ 22.810883] The buggy address belongs to the physical page: [ 22.811386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223e [ 22.812094] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.812687] page_type: f5(slab) [ 22.812985] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 22.813686] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.814380] page dumped because: kasan: bad access detected [ 22.814885] [ 22.815031] Memory state around the buggy address: [ 22.815467] ffff00000223e500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.816121] ffff00000223e580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.816773] >ffff00000223e600: 00 06 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.817423] ^ [ 22.817839] ffff00000223e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.818492] ffff00000223e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.819141] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 22.639589] ================================================================== [ 22.640243] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 22.640794] Read of size 1 at addr ffff00000f4bf450 by task kunit_try_catch/312 [ 22.641455] [ 22.641605] CPU: 4 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.641638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.641648] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.641658] Call trace: [ 22.641666] show_stack+0x20/0x38 (C) [ 22.641687] dump_stack_lvl+0x8c/0xd0 [ 22.641708] print_report+0x118/0x608 [ 22.641730] kasan_report+0xdc/0x128 [ 22.641751] __asan_report_load1_noabort+0x20/0x30 [ 22.641777] strnlen+0x80/0x88 [ 22.641794] kasan_strings+0x478/0xb00 [ 22.641812] kunit_try_run_case+0x170/0x3f0 [ 22.641834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.641859] kthread+0x328/0x630 [ 22.641875] ret_from_fork+0x10/0x20 [ 22.641895] [ 22.647654] Allocated by task 312: [ 22.647969] kasan_save_stack+0x3c/0x68 [ 22.648330] kasan_save_track+0x20/0x40 [ 22.648691] kasan_save_alloc_info+0x40/0x58 [ 22.649092] __kasan_kmalloc+0xd4/0xd8 [ 22.649448] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.649869] kasan_strings+0xc8/0xb00 [ 22.650212] kunit_try_run_case+0x170/0x3f0 [ 22.650604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.651112] kthread+0x328/0x630 [ 22.651416] ret_from_fork+0x10/0x20 [ 22.651754] [ 22.651899] Freed by task 312: [ 22.652183] kasan_save_stack+0x3c/0x68 [ 22.652545] kasan_save_track+0x20/0x40 [ 22.652905] kasan_save_free_info+0x4c/0x78 [ 22.653298] __kasan_slab_free+0x6c/0x98 [ 22.653667] kfree+0x214/0x3c8 [ 22.653959] kasan_strings+0x24c/0xb00 [ 22.654310] kunit_try_run_case+0x170/0x3f0 [ 22.654701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.655209] kthread+0x328/0x630 [ 22.655512] ret_from_fork+0x10/0x20 [ 22.655850] [ 22.655996] The buggy address belongs to the object at ffff00000f4bf440 [ 22.655996] which belongs to the cache kmalloc-32 of size 32 [ 22.657095] The buggy address is located 16 bytes inside of [ 22.657095] freed 32-byte region [ffff00000f4bf440, ffff00000f4bf460) [ 22.658174] [ 22.658320] The buggy address belongs to the physical page: [ 22.658823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf4bf [ 22.659531] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.660124] page_type: f5(slab) [ 22.660423] raw: 03fffe0000000000 ffff000000402780 dead000000000122 0000000000000000 [ 22.661123] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.661818] page dumped because: kasan: bad access detected [ 22.662321] [ 22.662466] Memory state around the buggy address: [ 22.662903] ffff00000f4bf300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.663556] ffff00000f4bf380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.664210] >ffff00000f4bf400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.664860] ^ [ 22.665389] ffff00000f4bf480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.666041] ffff00000f4bf500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.666691] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 22.611696] ================================================================== [ 22.612351] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 22.612897] Read of size 1 at addr ffff00000f4bf450 by task kunit_try_catch/312 [ 22.613559] [ 22.613709] CPU: 4 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.613742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.613752] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.613763] Call trace: [ 22.613771] show_stack+0x20/0x38 (C) [ 22.613792] dump_stack_lvl+0x8c/0xd0 [ 22.613814] print_report+0x118/0x608 [ 22.613836] kasan_report+0xdc/0x128 [ 22.613857] __asan_report_load1_noabort+0x20/0x30 [ 22.613882] strlen+0xa8/0xb0 [ 22.613900] kasan_strings+0x418/0xb00 [ 22.613919] kunit_try_run_case+0x170/0x3f0 [ 22.613941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.613966] kthread+0x328/0x630 [ 22.613982] ret_from_fork+0x10/0x20 [ 22.614002] [ 22.619754] Allocated by task 312: [ 22.620068] kasan_save_stack+0x3c/0x68 [ 22.620431] kasan_save_track+0x20/0x40 [ 22.620793] kasan_save_alloc_info+0x40/0x58 [ 22.621195] __kasan_kmalloc+0xd4/0xd8 [ 22.621549] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.621971] kasan_strings+0xc8/0xb00 [ 22.622317] kunit_try_run_case+0x170/0x3f0 [ 22.622708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.623215] kthread+0x328/0x630 [ 22.623519] ret_from_fork+0x10/0x20 [ 22.623855] [ 22.624001] Freed by task 312: [ 22.624285] kasan_save_stack+0x3c/0x68 [ 22.624646] kasan_save_track+0x20/0x40 [ 22.625007] kasan_save_free_info+0x4c/0x78 [ 22.625401] __kasan_slab_free+0x6c/0x98 [ 22.625770] kfree+0x214/0x3c8 [ 22.626060] kasan_strings+0x24c/0xb00 [ 22.626412] kunit_try_run_case+0x170/0x3f0 [ 22.626804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.627312] kthread+0x328/0x630 [ 22.627616] ret_from_fork+0x10/0x20 [ 22.627954] [ 22.628101] The buggy address belongs to the object at ffff00000f4bf440 [ 22.628101] which belongs to the cache kmalloc-32 of size 32 [ 22.629203] The buggy address is located 16 bytes inside of [ 22.629203] freed 32-byte region [ffff00000f4bf440, ffff00000f4bf460) [ 22.630282] [ 22.630429] The buggy address belongs to the physical page: [ 22.630933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf4bf [ 22.631641] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.632234] page_type: f5(slab) [ 22.632533] raw: 03fffe0000000000 ffff000000402780 dead000000000122 0000000000000000 [ 22.633233] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.633928] page dumped because: kasan: bad access detected [ 22.634432] [ 22.634578] Memory state around the buggy address: [ 22.635015] ffff00000f4bf300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.635668] ffff00000f4bf380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.636319] >ffff00000f4bf400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.636969] ^ [ 22.637499] ffff00000f4bf480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.638152] ffff00000f4bf500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.638802] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 22.583888] ================================================================== [ 22.584564] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 22.585188] Read of size 1 at addr ffff00000f4bf450 by task kunit_try_catch/312 [ 22.585854] [ 22.586008] CPU: 4 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.586046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.586056] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.586068] Call trace: [ 22.586077] show_stack+0x20/0x38 (C) [ 22.586102] dump_stack_lvl+0x8c/0xd0 [ 22.586126] print_report+0x118/0x608 [ 22.586149] kasan_report+0xdc/0x128 [ 22.586171] __asan_report_load1_noabort+0x20/0x30 [ 22.586197] kasan_strings+0x95c/0xb00 [ 22.586215] kunit_try_run_case+0x170/0x3f0 [ 22.586239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.586264] kthread+0x328/0x630 [ 22.586281] ret_from_fork+0x10/0x20 [ 22.586303] [ 22.591799] Allocated by task 312: [ 22.592115] kasan_save_stack+0x3c/0x68 [ 22.592481] kasan_save_track+0x20/0x40 [ 22.592842] kasan_save_alloc_info+0x40/0x58 [ 22.593245] __kasan_kmalloc+0xd4/0xd8 [ 22.593600] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.594023] kasan_strings+0xc8/0xb00 [ 22.594368] kunit_try_run_case+0x170/0x3f0 [ 22.594759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.595267] kthread+0x328/0x630 [ 22.595571] ret_from_fork+0x10/0x20 [ 22.595910] [ 22.596056] Freed by task 312: [ 22.596342] kasan_save_stack+0x3c/0x68 [ 22.596705] kasan_save_track+0x20/0x40 [ 22.597066] kasan_save_free_info+0x4c/0x78 [ 22.597461] __kasan_slab_free+0x6c/0x98 [ 22.597831] kfree+0x214/0x3c8 [ 22.598121] kasan_strings+0x24c/0xb00 [ 22.598472] kunit_try_run_case+0x170/0x3f0 [ 22.598864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.599371] kthread+0x328/0x630 [ 22.599675] ret_from_fork+0x10/0x20 [ 22.600014] [ 22.600160] The buggy address belongs to the object at ffff00000f4bf440 [ 22.600160] which belongs to the cache kmalloc-32 of size 32 [ 22.601262] The buggy address is located 16 bytes inside of [ 22.601262] freed 32-byte region [ffff00000f4bf440, ffff00000f4bf460) [ 22.602343] [ 22.602490] The buggy address belongs to the physical page: [ 22.602995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf4bf [ 22.603707] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.604304] page_type: f5(slab) [ 22.604605] raw: 03fffe0000000000 ffff000000402780 dead000000000122 0000000000000000 [ 22.605307] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.606003] page dumped because: kasan: bad access detected [ 22.606508] [ 22.606654] Memory state around the buggy address: [ 22.607091] ffff00000f4bf300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.607745] ffff00000f4bf380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.608397] >ffff00000f4bf400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.609047] ^ [ 22.609577] ffff00000f4bf480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.610229] ffff00000f4bf500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.610879] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 22.553474] ================================================================== [ 22.555608] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 22.556170] Read of size 1 at addr ffff00000f4bf450 by task kunit_try_catch/312 [ 22.556843] [ 22.557006] CPU: 2 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.557052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.557065] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.557080] Call trace: [ 22.557091] show_stack+0x20/0x38 (C) [ 22.557124] dump_stack_lvl+0x8c/0xd0 [ 22.557155] print_report+0x118/0x608 [ 22.557186] kasan_report+0xdc/0x128 [ 22.557213] __asan_report_load1_noabort+0x20/0x30 [ 22.557245] strcmp+0xc0/0xc8 [ 22.557269] kasan_strings+0x340/0xb00 [ 22.557295] kunit_try_run_case+0x170/0x3f0 [ 22.557326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.557359] kthread+0x328/0x630 [ 22.557382] ret_from_fork+0x10/0x20 [ 22.557411] [ 22.563195] Allocated by task 312: [ 22.563517] kasan_save_stack+0x3c/0x68 [ 22.563888] kasan_save_track+0x20/0x40 [ 22.564257] kasan_save_alloc_info+0x40/0x58 [ 22.564669] __kasan_kmalloc+0xd4/0xd8 [ 22.565030] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.565463] kasan_strings+0xc8/0xb00 [ 22.565815] kunit_try_run_case+0x170/0x3f0 [ 22.566215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.566732] kthread+0x328/0x630 [ 22.567043] ret_from_fork+0x10/0x20 [ 22.567388] [ 22.567538] Freed by task 312: [ 22.567829] kasan_save_stack+0x3c/0x68 [ 22.568199] kasan_save_track+0x20/0x40 [ 22.568567] kasan_save_free_info+0x4c/0x78 [ 22.568969] __kasan_slab_free+0x6c/0x98 [ 22.569345] kfree+0x214/0x3c8 [ 22.569643] kasan_strings+0x24c/0xb00 [ 22.570003] kunit_try_run_case+0x170/0x3f0 [ 22.570402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.570919] kthread+0x328/0x630 [ 22.571230] ret_from_fork+0x10/0x20 [ 22.571575] [ 22.571725] The buggy address belongs to the object at ffff00000f4bf440 [ 22.571725] which belongs to the cache kmalloc-32 of size 32 [ 22.572835] The buggy address is located 16 bytes inside of [ 22.572835] freed 32-byte region [ffff00000f4bf440, ffff00000f4bf460) [ 22.573924] [ 22.574075] The buggy address belongs to the physical page: [ 22.574586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf4bf [ 22.575305] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.575910] page_type: f5(slab) [ 22.576217] raw: 03fffe0000000000 ffff000000402780 dead000000000122 0000000000000000 [ 22.576926] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.577628] page dumped because: kasan: bad access detected [ 22.578138] [ 22.578287] Memory state around the buggy address: [ 22.578732] ffff00000f4bf300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.579393] ffff00000f4bf380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.580052] >ffff00000f4bf400: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.580709] ^ [ 22.581247] ffff00000f4bf480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.581907] ffff00000f4bf500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.582564] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 22.521041] ================================================================== [ 22.522092] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 22.522670] Read of size 1 at addr ffff00000f5d5498 by task kunit_try_catch/310 [ 22.523349] [ 22.523514] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.523565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.523581] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.523598] Call trace: [ 22.523611] show_stack+0x20/0x38 (C) [ 22.523646] dump_stack_lvl+0x8c/0xd0 [ 22.523680] print_report+0x118/0x608 [ 22.523717] kasan_report+0xdc/0x128 [ 22.523749] __asan_report_load1_noabort+0x20/0x30 [ 22.523788] memcmp+0x198/0x1d8 [ 22.523815] kasan_memcmp+0x16c/0x300 [ 22.523846] kunit_try_run_case+0x170/0x3f0 [ 22.523881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.523920] kthread+0x328/0x630 [ 22.523947] ret_from_fork+0x10/0x20 [ 22.523981] [ 22.529798] Allocated by task 310: [ 22.530125] kasan_save_stack+0x3c/0x68 [ 22.530505] kasan_save_track+0x20/0x40 [ 22.530882] kasan_save_alloc_info+0x40/0x58 [ 22.531299] __kasan_kmalloc+0xd4/0xd8 [ 22.531667] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.532106] kasan_memcmp+0xbc/0x300 [ 22.532456] kunit_try_run_case+0x170/0x3f0 [ 22.532865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.533389] kthread+0x328/0x630 [ 22.533706] ret_from_fork+0x10/0x20 [ 22.534057] [ 22.534211] The buggy address belongs to the object at ffff00000f5d5480 [ 22.534211] which belongs to the cache kmalloc-32 of size 32 [ 22.535330] The buggy address is located 0 bytes to the right of [ 22.535330] allocated 24-byte region [ffff00000f5d5480, ffff00000f5d5498) [ 22.536498] [ 22.536653] The buggy address belongs to the physical page: [ 22.537169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf5d5 [ 22.537895] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.538508] page_type: f5(slab) [ 22.538823] raw: 03fffe0000000000 ffff000000402780 dead000000000122 0000000000000000 [ 22.539540] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.540248] page dumped because: kasan: bad access detected [ 22.540764] [ 22.540917] Memory state around the buggy address: [ 22.541367] ffff00000f5d5380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.542034] ffff00000f5d5400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.542701] >ffff00000f5d5480: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.543363] ^ [ 22.543744] ffff00000f5d5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.544410] ffff00000f5d5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.545074] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 22.492650] ================================================================== [ 22.493737] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 22.494454] Read of size 1 at addr ffff800089737b4a by task kunit_try_catch/306 [ 22.495131] [ 22.495296] CPU: 3 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.495347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.495362] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.495380] Call trace: [ 22.495392] show_stack+0x20/0x38 (C) [ 22.495427] dump_stack_lvl+0x8c/0xd0 [ 22.495463] print_report+0x310/0x608 [ 22.495497] kasan_report+0xdc/0x128 [ 22.495529] __asan_report_load1_noabort+0x20/0x30 [ 22.495568] kasan_alloca_oob_right+0x2dc/0x340 [ 22.495600] kunit_try_run_case+0x170/0x3f0 [ 22.495636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.495676] kthread+0x328/0x630 [ 22.495703] ret_from_fork+0x10/0x20 [ 22.495736] [ 22.501350] The buggy address belongs to stack of task kunit_try_catch/306 [ 22.502006] [ 22.502166] The buggy address belongs to the virtual mapping at [ 22.502166] [ffff800089730000, ffff800089739000) created by: [ 22.502166] kernel_clone+0x150/0x7a8 [ 22.503562] [ 22.503717] The buggy address belongs to the physical page: [ 22.504234] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe37e [ 22.504960] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.505585] raw: 03fffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.506302] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.507013] page dumped because: kasan: bad access detected [ 22.507529] [ 22.507682] Memory state around the buggy address: [ 22.508132] ffff800089737a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.508798] ffff800089737a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.509465] >ffff800089737b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 22.510126] ^ [ 22.510646] ffff800089737b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 22.511312] ffff800089737c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 22.511975] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 22.470069] ================================================================== [ 22.471109] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 22.471817] Read of size 1 at addr ffff800089717b5f by task kunit_try_catch/304 [ 22.472496] [ 22.472660] CPU: 3 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.472713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.472728] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.472747] Call trace: [ 22.472759] show_stack+0x20/0x38 (C) [ 22.472795] dump_stack_lvl+0x8c/0xd0 [ 22.472832] print_report+0x310/0x608 [ 22.472867] kasan_report+0xdc/0x128 [ 22.472899] __asan_report_load1_noabort+0x20/0x30 [ 22.472938] kasan_alloca_oob_left+0x2b8/0x310 [ 22.472970] kunit_try_run_case+0x170/0x3f0 [ 22.473006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.473045] kthread+0x328/0x630 [ 22.473072] ret_from_fork+0x10/0x20 [ 22.473104] [ 22.478709] The buggy address belongs to stack of task kunit_try_catch/304 [ 22.479360] [ 22.479520] The buggy address belongs to the virtual mapping at [ 22.479520] [ffff800089710000, ffff800089719000) created by: [ 22.479520] kernel_clone+0x150/0x7a8 [ 22.480913] [ 22.481069] The buggy address belongs to the physical page: [ 22.481585] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe36a [ 22.482310] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.482934] raw: 03fffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.483650] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.484358] page dumped because: kasan: bad access detected [ 22.484873] [ 22.485026] Memory state around the buggy address: [ 22.485475] ffff800089717a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.486142] ffff800089717a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.486809] >ffff800089717b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 22.487470] ^ [ 22.488036] ffff800089717b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 22.488703] ffff800089717c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 22.489366] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 22.443964] ================================================================== [ 22.445349] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 22.446032] Read of size 1 at addr ffff8000896f7c2a by task kunit_try_catch/302 [ 22.446721] [ 22.446895] CPU: 3 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.446958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.446977] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.446999] Call trace: [ 22.447013] show_stack+0x20/0x38 (C) [ 22.447055] dump_stack_lvl+0x8c/0xd0 [ 22.447099] print_report+0x310/0x608 [ 22.447141] kasan_report+0xdc/0x128 [ 22.447181] __asan_report_load1_noabort+0x20/0x30 [ 22.447228] kasan_stack_oob+0x238/0x270 [ 22.447264] kunit_try_run_case+0x170/0x3f0 [ 22.447306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.447354] kthread+0x328/0x630 [ 22.447387] ret_from_fork+0x10/0x20 [ 22.447428] [ 22.453024] The buggy address belongs to stack of task kunit_try_catch/302 [ 22.453670] and is located at offset 138 in frame: [ 22.454130] kasan_stack_oob+0x0/0x270 [ 22.454511] [ 22.454671] This frame has 4 objects: [ 22.455029] [48, 49) '__assertion' [ 22.455057] [64, 72) 'array' [ 22.455400] [96, 112) '__assertion' [ 22.455700] [128, 138) 'stack_array' [ 22.456050] [ 22.456548] The buggy address belongs to the virtual mapping at [ 22.456548] [ffff8000896f0000, ffff8000896f9000) created by: [ 22.456548] kernel_clone+0x150/0x7a8 [ 22.457957] [ 22.458120] The buggy address belongs to the physical page: [ 22.458643] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf1d6 [ 22.459380] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.460017] raw: 03fffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.460744] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.461462] page dumped because: kasan: bad access detected [ 22.461985] [ 22.462143] Memory state around the buggy address: [ 22.462602] ffff8000896f7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.463279] ffff8000896f7b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 22.463956] >ffff8000896f7c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 22.464628] ^ [ 22.465065] ffff8000896f7c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 22.465741] ffff8000896f7d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 22.466413] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 22.419379] ================================================================== [ 22.420564] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 22.421292] Read of size 1 at addr ffff800087baf5cd by task kunit_try_catch/298 [ 22.421972] [ 22.422136] CPU: 2 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.422189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.422203] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.422222] Call trace: [ 22.422234] show_stack+0x20/0x38 (C) [ 22.422271] dump_stack_lvl+0x8c/0xd0 [ 22.422308] print_report+0x310/0x608 [ 22.422342] kasan_report+0xdc/0x128 [ 22.422375] __asan_report_load1_noabort+0x20/0x30 [ 22.422413] kasan_global_oob_right+0x230/0x270 [ 22.422444] kunit_try_run_case+0x170/0x3f0 [ 22.422481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.422520] kthread+0x328/0x630 [ 22.422548] ret_from_fork+0x10/0x20 [ 22.422581] [ 22.428191] The buggy address belongs to the variable: [ 22.428667] global_array+0xd/0x40 [ 22.429010] [ 22.429177] The buggy address belongs to the virtual mapping at [ 22.429177] [ffff800085d50000, ffff800087c61000) created by: [ 22.429177] paging_init+0x66c/0x7d0 [ 22.430564] [ 22.430720] The buggy address belongs to the physical page: [ 22.431237] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa3af [ 22.431962] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 22.432659] raw: 03fffe0000002000 fffffdffc028ebc8 fffffdffc028ebc8 0000000000000000 [ 22.433377] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.434085] page dumped because: kasan: bad access detected [ 22.434601] [ 22.434754] Memory state around the buggy address: [ 22.435204] ffff800087baf480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.435872] ffff800087baf500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.436539] >ffff800087baf580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 22.437202] ^ [ 22.437722] ffff800087baf600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 22.438389] ffff800087baf680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 22.439052] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 22.391264] ================================================================== [ 22.392441] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.393234] Free of addr ffff00000e1f8001 by task kunit_try_catch/296 [ 22.393861] [ 22.394044] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.394128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.394154] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.394182] Call trace: [ 22.394203] show_stack+0x20/0x38 (C) [ 22.394258] dump_stack_lvl+0x8c/0xd0 [ 22.394317] print_report+0x118/0x608 [ 22.394376] kasan_report_invalid_free+0xc0/0xe8 [ 22.394435] __kasan_mempool_poison_object+0xfc/0x150 [ 22.394497] mempool_free+0x28c/0x328 [ 22.394546] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.394606] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 22.394664] kunit_try_run_case+0x170/0x3f0 [ 22.394723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.394788] kthread+0x328/0x630 [ 22.394833] ret_from_fork+0x10/0x20 [ 22.394887] [ 22.401642] The buggy address belongs to the physical page: [ 22.402184] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe1f8 [ 22.402940] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.403676] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 22.404362] page_type: f8(unknown) [ 22.404725] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.405473] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.406222] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.406977] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.407734] head: 03fffe0000000002 fffffdffc0387e01 00000000ffffffff 00000000ffffffff [ 22.408490] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.409234] page dumped because: kasan: bad access detected [ 22.409769] [ 22.409940] Memory state around the buggy address: [ 22.410411] ffff00000e1f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.411106] ffff00000e1f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.411801] >ffff00000e1f8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.412489] ^ [ 22.412825] ffff00000e1f8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.413519] ffff00000e1f8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.414207] ================================================================== [ 22.361508] ================================================================== [ 22.362624] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.363362] Free of addr ffff00000c5d5201 by task kunit_try_catch/294 [ 22.363939] [ 22.364088] CPU: 5 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.364114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.364121] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.364130] Call trace: [ 22.364136] show_stack+0x20/0x38 (C) [ 22.364154] dump_stack_lvl+0x8c/0xd0 [ 22.364171] print_report+0x118/0x608 [ 22.364187] kasan_report_invalid_free+0xc0/0xe8 [ 22.364204] check_slab_allocation+0xfc/0x108 [ 22.364220] __kasan_mempool_poison_object+0x78/0x150 [ 22.364236] mempool_free+0x28c/0x328 [ 22.364250] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.364266] mempool_kmalloc_invalid_free+0xc0/0x118 [ 22.364279] kunit_try_run_case+0x170/0x3f0 [ 22.364296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.364314] kthread+0x328/0x630 [ 22.364327] ret_from_fork+0x10/0x20 [ 22.364341] [ 22.371218] Allocated by task 294: [ 22.371528] kasan_save_stack+0x3c/0x68 [ 22.371883] kasan_save_track+0x20/0x40 [ 22.372234] kasan_save_alloc_info+0x40/0x58 [ 22.372627] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.373110] remove_element+0x130/0x1f8 [ 22.373460] mempool_alloc_preallocated+0x58/0xc0 [ 22.373886] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 22.374390] mempool_kmalloc_invalid_free+0xc0/0x118 [ 22.374840] kunit_try_run_case+0x170/0x3f0 [ 22.375222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.375719] kthread+0x328/0x630 [ 22.376016] ret_from_fork+0x10/0x20 [ 22.376344] [ 22.376486] The buggy address belongs to the object at ffff00000c5d5200 [ 22.376486] which belongs to the cache kmalloc-128 of size 128 [ 22.377592] The buggy address is located 1 bytes inside of [ 22.377592] 128-byte region [ffff00000c5d5200, ffff00000c5d5280) [ 22.378616] [ 22.378758] The buggy address belongs to the physical page: [ 22.379257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc5d5 [ 22.379957] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.380545] page_type: f5(slab) [ 22.380838] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 22.381529] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.382216] page dumped because: kasan: bad access detected [ 22.382713] [ 22.382854] Memory state around the buggy address: [ 22.383285] ffff00000c5d5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.383928] ffff00000c5d5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.384572] >ffff00000c5d5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.385214] ^ [ 22.385509] ffff00000c5d5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.386152] ffff00000c5d5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.386794] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 22.339973] ================================================================== [ 22.341142] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 22.341830] Free of addr ffff00000e1f8000 by task kunit_try_catch/292 [ 22.342427] [ 22.342590] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.342640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.342654] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.342672] Call trace: [ 22.342683] show_stack+0x20/0x38 (C) [ 22.342717] dump_stack_lvl+0x8c/0xd0 [ 22.342752] print_report+0x118/0x608 [ 22.342787] kasan_report_invalid_free+0xc0/0xe8 [ 22.342821] __kasan_mempool_poison_pages+0xe0/0xe8 [ 22.342857] mempool_free+0x24c/0x328 [ 22.342885] mempool_double_free_helper+0x150/0x2e8 [ 22.342916] mempool_page_alloc_double_free+0xbc/0x118 [ 22.342951] kunit_try_run_case+0x170/0x3f0 [ 22.342986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.343025] kthread+0x328/0x630 [ 22.343053] ret_from_fork+0x10/0x20 [ 22.343087] [ 22.349610] The buggy address belongs to the physical page: [ 22.350127] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe1f8 [ 22.350853] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.351477] raw: 03fffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.352193] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.352902] page dumped because: kasan: bad access detected [ 22.353416] [ 22.353569] Memory state around the buggy address: [ 22.354018] ffff00000e1f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.354685] ffff00000e1f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.355351] >ffff00000e1f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.356014] ^ [ 22.356325] ffff00000e1f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.356992] ffff00000e1f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.357655] ================================================================== [ 22.315025] ================================================================== [ 22.316152] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 22.316825] Free of addr ffff00000e270000 by task kunit_try_catch/290 [ 22.317417] [ 22.317577] CPU: 3 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.317620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.317632] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.317647] Call trace: [ 22.317657] show_stack+0x20/0x38 (C) [ 22.317688] dump_stack_lvl+0x8c/0xd0 [ 22.317719] print_report+0x118/0x608 [ 22.317748] kasan_report_invalid_free+0xc0/0xe8 [ 22.317777] __kasan_mempool_poison_object+0x14c/0x150 [ 22.317807] mempool_free+0x28c/0x328 [ 22.317831] mempool_double_free_helper+0x150/0x2e8 [ 22.317859] mempool_kmalloc_large_double_free+0xc0/0x118 [ 22.317886] kunit_try_run_case+0x170/0x3f0 [ 22.317916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.317948] kthread+0x328/0x630 [ 22.317972] ret_from_fork+0x10/0x20 [ 22.317999] [ 22.324535] The buggy address belongs to the physical page: [ 22.325047] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe270 [ 22.325765] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.326463] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 22.327108] page_type: f8(unknown) [ 22.327437] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.328144] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.328852] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.329567] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.330284] head: 03fffe0000000002 fffffdffc0389c01 00000000ffffffff 00000000ffffffff [ 22.330999] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.331708] page dumped because: kasan: bad access detected [ 22.332216] [ 22.332364] Memory state around the buggy address: [ 22.332808] ffff00000e26ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.333467] ffff00000e26ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.334127] >ffff00000e270000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.334781] ^ [ 22.335087] ffff00000e270080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.335746] ffff00000e270100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.336402] ================================================================== [ 22.280405] ================================================================== [ 22.281489] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 22.282171] Free of addr ffff00000cea4600 by task kunit_try_catch/288 [ 22.282763] [ 22.282922] CPU: 3 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.282965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.282978] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.282993] Call trace: [ 22.283003] show_stack+0x20/0x38 (C) [ 22.283031] dump_stack_lvl+0x8c/0xd0 [ 22.283061] print_report+0x118/0x608 [ 22.283090] kasan_report_invalid_free+0xc0/0xe8 [ 22.283119] check_slab_allocation+0xd4/0x108 [ 22.283147] __kasan_mempool_poison_object+0x78/0x150 [ 22.283177] mempool_free+0x28c/0x328 [ 22.283202] mempool_double_free_helper+0x150/0x2e8 [ 22.283228] mempool_kmalloc_double_free+0xc0/0x118 [ 22.283255] kunit_try_run_case+0x170/0x3f0 [ 22.283285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.283317] kthread+0x328/0x630 [ 22.283340] ret_from_fork+0x10/0x20 [ 22.283367] [ 22.290235] Allocated by task 288: [ 22.290557] kasan_save_stack+0x3c/0x68 [ 22.290928] kasan_save_track+0x20/0x40 [ 22.291296] kasan_save_alloc_info+0x40/0x58 [ 22.291705] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.292206] remove_element+0x130/0x1f8 [ 22.292572] mempool_alloc_preallocated+0x58/0xc0 [ 22.293014] mempool_double_free_helper+0x94/0x2e8 [ 22.293466] mempool_kmalloc_double_free+0xc0/0x118 [ 22.293923] kunit_try_run_case+0x170/0x3f0 [ 22.294322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.294838] kthread+0x328/0x630 [ 22.295148] ret_from_fork+0x10/0x20 [ 22.295491] [ 22.295641] Freed by task 288: [ 22.295930] kasan_save_stack+0x3c/0x68 [ 22.296298] kasan_save_track+0x20/0x40 [ 22.296667] kasan_save_free_info+0x4c/0x78 [ 22.297068] __kasan_mempool_poison_object+0xc0/0x150 [ 22.297545] mempool_free+0x28c/0x328 [ 22.297895] mempool_double_free_helper+0x100/0x2e8 [ 22.298354] mempool_kmalloc_double_free+0xc0/0x118 [ 22.298812] kunit_try_run_case+0x170/0x3f0 [ 22.299212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.299727] kthread+0x328/0x630 [ 22.300037] ret_from_fork+0x10/0x20 [ 22.300381] [ 22.300531] The buggy address belongs to the object at ffff00000cea4600 [ 22.300531] which belongs to the cache kmalloc-128 of size 128 [ 22.301656] The buggy address is located 0 bytes inside of [ 22.301656] 128-byte region [ffff00000cea4600, ffff00000cea4680) [ 22.302698] [ 22.302848] The buggy address belongs to the physical page: [ 22.303359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xcea4 [ 22.304077] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.304682] page_type: f5(slab) [ 22.304990] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 22.305697] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.306399] page dumped because: kasan: bad access detected [ 22.306907] [ 22.307056] Memory state around the buggy address: [ 22.307499] ffff00000cea4500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.308158] ffff00000cea4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.308817] >ffff00000cea4600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.309473] ^ [ 22.309778] ffff00000cea4680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.310436] ffff00000cea4700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.311092] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 22.174667] ================================================================== [ 22.175733] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 22.176374] Read of size 1 at addr ffff00000e270000 by task kunit_try_catch/282 [ 22.177051] [ 22.177217] CPU: 3 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.177266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.177280] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.177298] Call trace: [ 22.177310] show_stack+0x20/0x38 (C) [ 22.177343] dump_stack_lvl+0x8c/0xd0 [ 22.177379] print_report+0x118/0x608 [ 22.177413] kasan_report+0xdc/0x128 [ 22.177445] __asan_report_load1_noabort+0x20/0x30 [ 22.177482] mempool_uaf_helper+0x314/0x340 [ 22.177512] mempool_kmalloc_large_uaf+0xc4/0x120 [ 22.177544] kunit_try_run_case+0x170/0x3f0 [ 22.177578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.177616] kthread+0x328/0x630 [ 22.177644] ret_from_fork+0x10/0x20 [ 22.177675] [ 22.183674] The buggy address belongs to the physical page: [ 22.184190] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe270 [ 22.184913] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.185619] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 22.186270] page_type: f8(unknown) [ 22.186606] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.187320] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.188035] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.188758] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.189481] head: 03fffe0000000002 fffffdffc0389c01 00000000ffffffff 00000000ffffffff [ 22.190204] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.190919] page dumped because: kasan: bad access detected [ 22.191433] [ 22.191586] Memory state around the buggy address: [ 22.192034] ffff00000e26ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.192700] ffff00000e26ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.193366] >ffff00000e270000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.194027] ^ [ 22.194338] ffff00000e270080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.195004] ffff00000e270100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.195665] ================================================================== [ 22.260274] ================================================================== [ 22.261333] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 22.261976] Read of size 1 at addr ffff00000e1f8000 by task kunit_try_catch/286 [ 22.262651] [ 22.262816] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.262867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.262882] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.262899] Call trace: [ 22.262910] show_stack+0x20/0x38 (C) [ 22.262943] dump_stack_lvl+0x8c/0xd0 [ 22.262979] print_report+0x118/0x608 [ 22.263013] kasan_report+0xdc/0x128 [ 22.263045] __asan_report_load1_noabort+0x20/0x30 [ 22.263082] mempool_uaf_helper+0x314/0x340 [ 22.263112] mempool_page_alloc_uaf+0xc0/0x118 [ 22.263145] kunit_try_run_case+0x170/0x3f0 [ 22.263179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.263217] kthread+0x328/0x630 [ 22.263243] ret_from_fork+0x10/0x20 [ 22.263275] [ 22.269249] The buggy address belongs to the physical page: [ 22.269764] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe1f8 [ 22.270489] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.271111] raw: 03fffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.271827] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.272534] page dumped because: kasan: bad access detected [ 22.273049] [ 22.273201] Memory state around the buggy address: [ 22.273650] ffff00000e1f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.274316] ffff00000e1f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.274981] >ffff00000e1f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.275642] ^ [ 22.275952] ffff00000e1f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.276618] ffff00000e1f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.277279] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 22.140778] ================================================================== [ 22.141874] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 22.142553] Read of size 1 at addr ffff00000cef7700 by task kunit_try_catch/280 [ 22.143231] [ 22.143395] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.143446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.143460] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.143477] Call trace: [ 22.143488] show_stack+0x20/0x38 (C) [ 22.143522] dump_stack_lvl+0x8c/0xd0 [ 22.143557] print_report+0x118/0x608 [ 22.143591] kasan_report+0xdc/0x128 [ 22.143624] __asan_report_load1_noabort+0x20/0x30 [ 22.143662] mempool_uaf_helper+0x314/0x340 [ 22.143692] mempool_kmalloc_uaf+0xc4/0x120 [ 22.143722] kunit_try_run_case+0x170/0x3f0 [ 22.143757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.143794] kthread+0x328/0x630 [ 22.143821] ret_from_fork+0x10/0x20 [ 22.143853] [ 22.149803] Allocated by task 280: [ 22.150128] kasan_save_stack+0x3c/0x68 [ 22.150506] kasan_save_track+0x20/0x40 [ 22.150881] kasan_save_alloc_info+0x40/0x58 [ 22.151298] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.151805] remove_element+0x130/0x1f8 [ 22.152179] mempool_alloc_preallocated+0x58/0xc0 [ 22.152629] mempool_uaf_helper+0xa4/0x340 [ 22.153026] mempool_kmalloc_uaf+0xc4/0x120 [ 22.153428] kunit_try_run_case+0x170/0x3f0 [ 22.153835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.154359] kthread+0x328/0x630 [ 22.154675] ret_from_fork+0x10/0x20 [ 22.155025] [ 22.155176] Freed by task 280: [ 22.155470] kasan_save_stack+0x3c/0x68 [ 22.155846] kasan_save_track+0x20/0x40 [ 22.156219] kasan_save_free_info+0x4c/0x78 [ 22.156628] __kasan_mempool_poison_object+0xc0/0x150 [ 22.157111] mempool_free+0x28c/0x328 [ 22.157468] mempool_uaf_helper+0x104/0x340 [ 22.157871] mempool_kmalloc_uaf+0xc4/0x120 [ 22.158274] kunit_try_run_case+0x170/0x3f0 [ 22.158679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.159203] kthread+0x328/0x630 [ 22.159518] ret_from_fork+0x10/0x20 [ 22.159868] [ 22.160020] The buggy address belongs to the object at ffff00000cef7700 [ 22.160020] which belongs to the cache kmalloc-128 of size 128 [ 22.161153] The buggy address is located 0 bytes inside of [ 22.161153] freed 128-byte region [ffff00000cef7700, ffff00000cef7780) [ 22.162252] [ 22.162405] The buggy address belongs to the physical page: [ 22.162921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xcef7 [ 22.163646] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.164256] page_type: f5(slab) [ 22.164570] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 22.165285] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.165992] page dumped because: kasan: bad access detected [ 22.166505] [ 22.166658] Memory state around the buggy address: [ 22.167106] ffff00000cef7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.167772] ffff00000cef7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.168438] >ffff00000cef7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.169099] ^ [ 22.169410] ffff00000cef7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.170075] ffff00000cef7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.170736] ================================================================== [ 22.199945] ================================================================== [ 22.201061] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 22.201740] Read of size 1 at addr ffff00000f241240 by task kunit_try_catch/284 [ 22.202417] [ 22.202581] CPU: 3 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.202632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.202646] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.202662] Call trace: [ 22.202674] show_stack+0x20/0x38 (C) [ 22.202708] dump_stack_lvl+0x8c/0xd0 [ 22.202744] print_report+0x118/0x608 [ 22.202778] kasan_report+0xdc/0x128 [ 22.202809] __asan_report_load1_noabort+0x20/0x30 [ 22.202848] mempool_uaf_helper+0x314/0x340 [ 22.202877] mempool_slab_uaf+0xc0/0x118 [ 22.202908] kunit_try_run_case+0x170/0x3f0 [ 22.202942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.202980] kthread+0x328/0x630 [ 22.203006] ret_from_fork+0x10/0x20 [ 22.203039] [ 22.208992] Allocated by task 284: [ 22.209331] kasan_save_stack+0x3c/0x68 [ 22.209725] kasan_save_track+0x20/0x40 [ 22.210109] kasan_save_alloc_info+0x40/0x58 [ 22.210537] __kasan_mempool_unpoison_object+0xbc/0x180 [ 22.211049] remove_element+0x16c/0x1f8 [ 22.211430] mempool_alloc_preallocated+0x58/0xc0 [ 22.211889] mempool_uaf_helper+0xa4/0x340 [ 22.212295] mempool_slab_uaf+0xc0/0x118 [ 22.212686] kunit_try_run_case+0x170/0x3f0 [ 22.213104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.213637] kthread+0x328/0x630 [ 22.213962] ret_from_fork+0x10/0x20 [ 22.214322] [ 22.214479] Freed by task 284: [ 22.214782] kasan_save_stack+0x3c/0x68 [ 22.215167] kasan_save_track+0x20/0x40 [ 22.215551] kasan_save_free_info+0x4c/0x78 [ 22.215969] __kasan_mempool_poison_object+0xc0/0x150 [ 22.216465] mempool_free+0x28c/0x328 [ 22.216830] mempool_uaf_helper+0x104/0x340 [ 22.217243] mempool_slab_uaf+0xc0/0x118 [ 22.217634] kunit_try_run_case+0x170/0x3f0 [ 22.218050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.218585] kthread+0x328/0x630 [ 22.218909] ret_from_fork+0x10/0x20 [ 22.219267] [ 22.219427] The buggy address belongs to the object at ffff00000f241240 [ 22.219427] which belongs to the cache test_cache of size 123 [ 22.220565] The buggy address is located 0 bytes inside of [ 22.220565] freed 123-byte region [ffff00000f241240, ffff00000f2412bb) [ 22.221673] [ 22.221833] The buggy address belongs to the physical page: [ 22.222356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf241 [ 22.223091] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.223713] page_type: f5(slab) [ 22.224034] raw: 03fffe0000000000 ffff00000daa4140 dead000000000122 0000000000000000 [ 22.224761] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 22.225477] page dumped because: kasan: bad access detected [ 22.225996] [ 22.226153] Memory state around the buggy address: [ 22.226610] ffff00000f241100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.227284] ffff00000f241180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.227958] >ffff00000f241200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 22.228626] ^ [ 22.229129] ffff00000f241280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.229803] ffff00000f241300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.230471] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 22.075038] ================================================================== [ 22.076147] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 22.076863] Read of size 1 at addr ffff00000dbe2001 by task kunit_try_catch/276 [ 22.077541] [ 22.077705] CPU: 2 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.077756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.077771] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.077788] Call trace: [ 22.077799] show_stack+0x20/0x38 (C) [ 22.077834] dump_stack_lvl+0x8c/0xd0 [ 22.077870] print_report+0x118/0x608 [ 22.077903] kasan_report+0xdc/0x128 [ 22.077935] __asan_report_load1_noabort+0x20/0x30 [ 22.077973] mempool_oob_right_helper+0x2ac/0x2f0 [ 22.078005] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 22.078039] kunit_try_run_case+0x170/0x3f0 [ 22.078073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.078111] kthread+0x328/0x630 [ 22.078138] ret_from_fork+0x10/0x20 [ 22.078170] [ 22.084256] The buggy address belongs to the physical page: [ 22.084771] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdbe0 [ 22.085497] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.086202] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 22.086855] page_type: f8(unknown) [ 22.087190] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.087905] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.088621] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.089344] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.090067] head: 03fffe0000000002 fffffdffc036f801 00000000ffffffff 00000000ffffffff [ 22.090790] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.091504] page dumped because: kasan: bad access detected [ 22.092018] [ 22.092170] Memory state around the buggy address: [ 22.092617] ffff00000dbe1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.093283] ffff00000dbe1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.093948] >ffff00000dbe2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.094609] ^ [ 22.094920] ffff00000dbe2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.095585] ffff00000dbe2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.096246] ================================================================== [ 22.100996] ================================================================== [ 22.102160] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 22.102876] Read of size 1 at addr ffff00000f5c82bb by task kunit_try_catch/278 [ 22.103553] [ 22.103717] CPU: 2 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.103768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.103782] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.103800] Call trace: [ 22.103811] show_stack+0x20/0x38 (C) [ 22.103845] dump_stack_lvl+0x8c/0xd0 [ 22.103880] print_report+0x118/0x608 [ 22.103915] kasan_report+0xdc/0x128 [ 22.103947] __asan_report_load1_noabort+0x20/0x30 [ 22.103983] mempool_oob_right_helper+0x2ac/0x2f0 [ 22.104015] mempool_slab_oob_right+0xc0/0x118 [ 22.104048] kunit_try_run_case+0x170/0x3f0 [ 22.104082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.104120] kthread+0x328/0x630 [ 22.104146] ret_from_fork+0x10/0x20 [ 22.104179] [ 22.110198] Allocated by task 278: [ 22.110522] kasan_save_stack+0x3c/0x68 [ 22.110899] kasan_save_track+0x20/0x40 [ 22.111274] kasan_save_alloc_info+0x40/0x58 [ 22.111692] __kasan_mempool_unpoison_object+0xbc/0x180 [ 22.112191] remove_element+0x16c/0x1f8 [ 22.112564] mempool_alloc_preallocated+0x58/0xc0 [ 22.113013] mempool_oob_right_helper+0x98/0x2f0 [ 22.113456] mempool_slab_oob_right+0xc0/0x118 [ 22.113885] kunit_try_run_case+0x170/0x3f0 [ 22.114291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.114814] kthread+0x328/0x630 [ 22.115130] ret_from_fork+0x10/0x20 [ 22.115479] [ 22.115633] The buggy address belongs to the object at ffff00000f5c8240 [ 22.115633] which belongs to the cache test_cache of size 123 [ 22.116756] The buggy address is located 0 bytes to the right of [ 22.116756] allocated 123-byte region [ffff00000f5c8240, ffff00000f5c82bb) [ 22.117930] [ 22.118084] The buggy address belongs to the physical page: [ 22.118600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf5c8 [ 22.119324] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.119935] page_type: f5(slab) [ 22.120249] raw: 03fffe0000000000 ffff00000e042280 dead000000000122 0000000000000000 [ 22.120964] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 22.121673] page dumped because: kasan: bad access detected [ 22.122187] [ 22.122339] Memory state around the buggy address: [ 22.122788] ffff00000f5c8180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.123452] ffff00000f5c8200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 22.124117] >ffff00000f5c8280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 22.124778] ^ [ 22.125251] ffff00000f5c8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.125917] ffff00000f5c8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.126579] ================================================================== [ 22.045244] ================================================================== [ 22.046274] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 22.046990] Read of size 1 at addr ffff00000e2f8673 by task kunit_try_catch/274 [ 22.047668] [ 22.047831] CPU: 2 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 22.047882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.047897] Hardware name: Radxa ROCK Pi 4B (DT) [ 22.047915] Call trace: [ 22.047926] show_stack+0x20/0x38 (C) [ 22.047960] dump_stack_lvl+0x8c/0xd0 [ 22.047996] print_report+0x118/0x608 [ 22.048031] kasan_report+0xdc/0x128 [ 22.048063] __asan_report_load1_noabort+0x20/0x30 [ 22.048101] mempool_oob_right_helper+0x2ac/0x2f0 [ 22.048133] mempool_kmalloc_oob_right+0xc4/0x120 [ 22.048165] kunit_try_run_case+0x170/0x3f0 [ 22.048200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.048238] kthread+0x328/0x630 [ 22.048265] ret_from_fork+0x10/0x20 [ 22.048298] [ 22.054344] Allocated by task 274: [ 22.054676] kasan_save_stack+0x3c/0x68 [ 22.055058] kasan_save_track+0x20/0x40 [ 22.055432] kasan_save_alloc_info+0x40/0x58 [ 22.055850] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.056359] remove_element+0x130/0x1f8 [ 22.056731] mempool_alloc_preallocated+0x58/0xc0 [ 22.057181] mempool_oob_right_helper+0x98/0x2f0 [ 22.057625] mempool_kmalloc_oob_right+0xc4/0x120 [ 22.058075] kunit_try_run_case+0x170/0x3f0 [ 22.058481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.059005] kthread+0x328/0x630 [ 22.059321] ret_from_fork+0x10/0x20 [ 22.059670] [ 22.059823] The buggy address belongs to the object at ffff00000e2f8600 [ 22.059823] which belongs to the cache kmalloc-128 of size 128 [ 22.060957] The buggy address is located 0 bytes to the right of [ 22.060957] allocated 115-byte region [ffff00000e2f8600, ffff00000e2f8673) [ 22.062130] [ 22.062285] The buggy address belongs to the physical page: [ 22.062799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe2f8 [ 22.063523] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 22.064134] page_type: f5(slab) [ 22.064449] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 22.065167] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.065875] page dumped because: kasan: bad access detected [ 22.066391] [ 22.066543] Memory state around the buggy address: [ 22.066992] ffff00000e2f8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.067658] ffff00000e2f8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.068324] >ffff00000e2f8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.068985] ^ [ 22.069618] ffff00000e2f8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.070283] ffff00000e2f8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.070945] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 21.458090] ================================================================== [ 21.459157] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 21.459891] Read of size 1 at addr ffff00000daa2140 by task kunit_try_catch/268 [ 21.460568] [ 21.460732] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 21.460782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.460796] Hardware name: Radxa ROCK Pi 4B (DT) [ 21.460813] Call trace: [ 21.460824] show_stack+0x20/0x38 (C) [ 21.460857] dump_stack_lvl+0x8c/0xd0 [ 21.460893] print_report+0x118/0x608 [ 21.460927] kasan_report+0xdc/0x128 [ 21.460958] __kasan_check_byte+0x54/0x70 [ 21.460990] kmem_cache_destroy+0x34/0x218 [ 21.461022] kmem_cache_double_destroy+0x174/0x300 [ 21.461054] kunit_try_run_case+0x170/0x3f0 [ 21.461088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.461126] kthread+0x328/0x630 [ 21.461152] ret_from_fork+0x10/0x20 [ 21.461184] [ 21.467115] Allocated by task 268: [ 21.467440] kasan_save_stack+0x3c/0x68 [ 21.467817] kasan_save_track+0x20/0x40 [ 21.468193] kasan_save_alloc_info+0x40/0x58 [ 21.468611] __kasan_slab_alloc+0xa8/0xb0 [ 21.469002] kmem_cache_alloc_noprof+0x10c/0x398 [ 21.469448] __kmem_cache_create_args+0x178/0x280 [ 21.469899] kmem_cache_double_destroy+0xc0/0x300 [ 21.470350] kunit_try_run_case+0x170/0x3f0 [ 21.470755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.471279] kthread+0x328/0x630 [ 21.471595] ret_from_fork+0x10/0x20 [ 21.471945] [ 21.472098] Freed by task 268: [ 21.472392] kasan_save_stack+0x3c/0x68 [ 21.472768] kasan_save_track+0x20/0x40 [ 21.473143] kasan_save_free_info+0x4c/0x78 [ 21.473553] __kasan_slab_free+0x6c/0x98 [ 21.473936] kmem_cache_free+0x260/0x468 [ 21.474317] slab_kmem_cache_release+0x38/0x50 [ 21.474746] kmem_cache_release+0x1c/0x30 [ 21.475134] kobject_put+0x17c/0x420 [ 21.475485] sysfs_slab_release+0x1c/0x30 [ 21.475875] kmem_cache_destroy+0x118/0x218 [ 21.476280] kmem_cache_double_destroy+0x128/0x300 [ 21.476739] kunit_try_run_case+0x170/0x3f0 [ 21.477146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.477671] kthread+0x328/0x630 [ 21.477986] ret_from_fork+0x10/0x20 [ 21.478335] [ 21.478488] The buggy address belongs to the object at ffff00000daa2140 [ 21.478488] which belongs to the cache kmem_cache of size 208 [ 21.479613] The buggy address is located 0 bytes inside of [ 21.479613] freed 208-byte region [ffff00000daa2140, ffff00000daa2210) [ 21.480709] [ 21.480863] The buggy address belongs to the physical page: [ 21.481378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaa2 [ 21.482101] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.482806] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 21.483457] page_type: f5(slab) [ 21.483770] raw: 03fffe0000000040 ffff000000402000 dead000000000122 0000000000000000 [ 21.484486] raw: 0000000000000000 0000000080190019 00000000f5000000 0000000000000000 [ 21.485201] head: 03fffe0000000040 ffff000000402000 dead000000000122 0000000000000000 [ 21.485924] head: 0000000000000000 0000000080190019 00000000f5000000 0000000000000000 [ 21.486647] head: 03fffe0000000001 fffffdffc036a881 00000000ffffffff 00000000ffffffff [ 21.487370] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.488084] page dumped because: kasan: bad access detected [ 21.488598] [ 21.488750] Memory state around the buggy address: [ 21.489199] ffff00000daa2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.489865] ffff00000daa2080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 21.490530] >ffff00000daa2100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.491191] ^ [ 21.491685] ffff00000daa2180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.492351] ffff00000daa2200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.493013] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 21.380943] ================================================================== [ 21.382067] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 21.382752] Read of size 1 at addr ffff00000f560000 by task kunit_try_catch/266 [ 21.383431] [ 21.383596] CPU: 3 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 21.383645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.383659] Hardware name: Radxa ROCK Pi 4B (DT) [ 21.383677] Call trace: [ 21.383688] show_stack+0x20/0x38 (C) [ 21.383722] dump_stack_lvl+0x8c/0xd0 [ 21.383757] print_report+0x118/0x608 [ 21.383792] kasan_report+0xdc/0x128 [ 21.383823] __asan_report_load1_noabort+0x20/0x30 [ 21.383861] kmem_cache_rcu_uaf+0x388/0x468 [ 21.383892] kunit_try_run_case+0x170/0x3f0 [ 21.383926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.383963] kthread+0x328/0x630 [ 21.383990] ret_from_fork+0x10/0x20 [ 21.384023] [ 21.389602] Allocated by task 266: [ 21.389930] kasan_save_stack+0x3c/0x68 [ 21.390307] kasan_save_track+0x20/0x40 [ 21.390682] kasan_save_alloc_info+0x40/0x58 [ 21.391099] __kasan_slab_alloc+0xa8/0xb0 [ 21.391490] kmem_cache_alloc_noprof+0x10c/0x398 [ 21.391936] kmem_cache_rcu_uaf+0x12c/0x468 [ 21.392341] kunit_try_run_case+0x170/0x3f0 [ 21.392746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.393270] kthread+0x328/0x630 [ 21.393585] ret_from_fork+0x10/0x20 [ 21.393935] [ 21.394088] Freed by task 0: [ 21.394366] kasan_save_stack+0x3c/0x68 [ 21.394741] kasan_save_track+0x20/0x40 [ 21.395116] kasan_save_free_info+0x4c/0x78 [ 21.395524] __kasan_slab_free+0x6c/0x98 [ 21.395907] slab_free_after_rcu_debug+0xd4/0x2f8 [ 21.396358] rcu_core+0x9f4/0x1e20 [ 21.396694] rcu_core_si+0x18/0x30 [ 21.397029] handle_softirqs+0x374/0xb28 [ 21.397412] __do_softirq+0x1c/0x28 [ 21.397752] [ 21.397905] Last potentially related work creation: [ 21.398356] kasan_save_stack+0x3c/0x68 [ 21.398732] kasan_record_aux_stack+0xb4/0xc8 [ 21.399156] kmem_cache_free+0x120/0x468 [ 21.399537] kmem_cache_rcu_uaf+0x16c/0x468 [ 21.399941] kunit_try_run_case+0x170/0x3f0 [ 21.400347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.400870] kthread+0x328/0x630 [ 21.401187] ret_from_fork+0x10/0x20 [ 21.401536] [ 21.401689] The buggy address belongs to the object at ffff00000f560000 [ 21.401689] which belongs to the cache test_cache of size 200 [ 21.402814] The buggy address is located 0 bytes inside of [ 21.402814] freed 200-byte region [ffff00000f560000, ffff00000f5600c8) [ 21.403910] [ 21.404065] The buggy address belongs to the physical page: [ 21.404580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf560 [ 21.405305] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.406012] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 21.406663] page_type: f5(slab) [ 21.406976] raw: 03fffe0000000040 ffff00000daa4000 dead000000000122 0000000000000000 [ 21.407690] raw: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 21.408405] head: 03fffe0000000040 ffff00000daa4000 dead000000000122 0000000000000000 [ 21.409128] head: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 21.409852] head: 03fffe0000000001 fffffdffc03d5801 00000000ffffffff 00000000ffffffff [ 21.410574] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.411288] page dumped because: kasan: bad access detected [ 21.411803] [ 21.411955] Memory state around the buggy address: [ 21.412404] ffff00000f55ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.413069] ffff00000f55ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.413734] >ffff00000f560000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.414395] ^ [ 21.414704] ffff00000f560080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 21.415370] ffff00000f560100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.416031] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 21.251417] ================================================================== [ 21.252511] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 21.253179] Free of addr ffff00000e044001 by task kunit_try_catch/264 [ 21.253776] [ 21.253941] CPU: 2 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 21.253991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.254005] Hardware name: Radxa ROCK Pi 4B (DT) [ 21.254023] Call trace: [ 21.254035] show_stack+0x20/0x38 (C) [ 21.254069] dump_stack_lvl+0x8c/0xd0 [ 21.254105] print_report+0x118/0x608 [ 21.254138] kasan_report_invalid_free+0xc0/0xe8 [ 21.254173] check_slab_allocation+0xfc/0x108 [ 21.254205] __kasan_slab_pre_free+0x2c/0x48 [ 21.254238] kmem_cache_free+0xf0/0x468 [ 21.254270] kmem_cache_invalid_free+0x184/0x3c8 [ 21.254301] kunit_try_run_case+0x170/0x3f0 [ 21.254336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.254375] kthread+0x328/0x630 [ 21.254401] ret_from_fork+0x10/0x20 [ 21.254433] [ 21.260825] Allocated by task 264: [ 21.261152] kasan_save_stack+0x3c/0x68 [ 21.261530] kasan_save_track+0x20/0x40 [ 21.261905] kasan_save_alloc_info+0x40/0x58 [ 21.262321] __kasan_slab_alloc+0xa8/0xb0 [ 21.262712] kmem_cache_alloc_noprof+0x10c/0x398 [ 21.263158] kmem_cache_invalid_free+0x12c/0x3c8 [ 21.263601] kunit_try_run_case+0x170/0x3f0 [ 21.264007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.264531] kthread+0x328/0x630 [ 21.264847] ret_from_fork+0x10/0x20 [ 21.265196] [ 21.265350] The buggy address belongs to the object at ffff00000e044000 [ 21.265350] which belongs to the cache test_cache of size 200 [ 21.266473] The buggy address is located 1 bytes inside of [ 21.266473] 200-byte region [ffff00000e044000, ffff00000e0440c8) [ 21.267523] [ 21.267677] The buggy address belongs to the physical page: [ 21.268192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe044 [ 21.268915] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.269621] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 21.270272] page_type: f5(slab) [ 21.270585] raw: 03fffe0000000040 ffff00000e042000 dead000000000122 0000000000000000 [ 21.271301] raw: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 21.272016] head: 03fffe0000000040 ffff00000e042000 dead000000000122 0000000000000000 [ 21.272740] head: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 21.273463] head: 03fffe0000000001 fffffdffc0381101 00000000ffffffff 00000000ffffffff [ 21.274186] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.274901] page dumped because: kasan: bad access detected [ 21.275415] [ 21.275567] Memory state around the buggy address: [ 21.276015] ffff00000e043f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.276681] ffff00000e043f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.277347] >ffff00000e044000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.278008] ^ [ 21.278319] ffff00000e044080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 21.278985] ffff00000e044100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.279646] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 21.204938] ================================================================== [ 21.205975] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 21.206624] Free of addr ffff00000daa4000 by task kunit_try_catch/262 [ 21.207221] [ 21.207386] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 21.207436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.207450] Hardware name: Radxa ROCK Pi 4B (DT) [ 21.207468] Call trace: [ 21.207479] show_stack+0x20/0x38 (C) [ 21.207513] dump_stack_lvl+0x8c/0xd0 [ 21.207548] print_report+0x118/0x608 [ 21.207582] kasan_report_invalid_free+0xc0/0xe8 [ 21.207617] check_slab_allocation+0xd4/0x108 [ 21.207649] __kasan_slab_pre_free+0x2c/0x48 [ 21.207682] kmem_cache_free+0xf0/0x468 [ 21.207714] kmem_cache_double_free+0x190/0x3c8 [ 21.207745] kunit_try_run_case+0x170/0x3f0 [ 21.207779] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.207817] kthread+0x328/0x630 [ 21.207843] ret_from_fork+0x10/0x20 [ 21.207875] [ 21.214293] Allocated by task 262: [ 21.214638] kasan_save_stack+0x3c/0x68 [ 21.215047] kasan_save_track+0x20/0x40 [ 21.215454] kasan_save_alloc_info+0x40/0x58 [ 21.215903] __kasan_slab_alloc+0xa8/0xb0 [ 21.216323] kmem_cache_alloc_noprof+0x10c/0x398 [ 21.216800] kmem_cache_double_free+0x12c/0x3c8 [ 21.217266] kunit_try_run_case+0x170/0x3f0 [ 21.217703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.218260] kthread+0x328/0x630 [ 21.218601] ret_from_fork+0x10/0x20 [ 21.218980] [ 21.219148] Freed by task 262: [ 21.219460] kasan_save_stack+0x3c/0x68 [ 21.219866] kasan_save_track+0x20/0x40 [ 21.220271] kasan_save_free_info+0x4c/0x78 [ 21.220713] __kasan_slab_free+0x6c/0x98 [ 21.221123] kmem_cache_free+0x260/0x468 [ 21.221534] kmem_cache_double_free+0x140/0x3c8 [ 21.222000] kunit_try_run_case+0x170/0x3f0 [ 21.222436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.222990] kthread+0x328/0x630 [ 21.223331] ret_from_fork+0x10/0x20 [ 21.223708] [ 21.223875] The buggy address belongs to the object at ffff00000daa4000 [ 21.223875] which belongs to the cache test_cache of size 200 [ 21.225032] The buggy address is located 0 bytes inside of [ 21.225032] 200-byte region [ffff00000daa4000, ffff00000daa40c8) [ 21.226117] [ 21.226287] The buggy address belongs to the physical page: [ 21.226823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaa4 [ 21.227577] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.228311] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 21.228995] page_type: f5(slab) [ 21.229334] raw: 03fffe0000000040 ffff00000daa2000 dead000000000122 0000000000000000 [ 21.230081] raw: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 21.230829] head: 03fffe0000000040 ffff00000daa2000 dead000000000122 0000000000000000 [ 21.231583] head: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 21.232339] head: 03fffe0000000001 fffffdffc036a901 00000000ffffffff 00000000ffffffff [ 21.233093] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.233834] page dumped because: kasan: bad access detected [ 21.234370] [ 21.234537] Memory state around the buggy address: [ 21.235007] ffff00000daa3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.235700] ffff00000daa3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.236393] >ffff00000daa4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.237079] ^ [ 21.237411] ffff00000daa4080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 21.238104] ffff00000daa4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.238790] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 21.132613] ================================================================== [ 21.133652] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 21.134295] Read of size 1 at addr ffff00000e0b80c8 by task kunit_try_catch/260 [ 21.134972] [ 21.135136] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 21.135186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.135201] Hardware name: Radxa ROCK Pi 4B (DT) [ 21.135219] Call trace: [ 21.135231] show_stack+0x20/0x38 (C) [ 21.135264] dump_stack_lvl+0x8c/0xd0 [ 21.135299] print_report+0x118/0x608 [ 21.135334] kasan_report+0xdc/0x128 [ 21.135365] __asan_report_load1_noabort+0x20/0x30 [ 21.135403] kmem_cache_oob+0x344/0x430 [ 21.135432] kunit_try_run_case+0x170/0x3f0 [ 21.135466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.135503] kthread+0x328/0x630 [ 21.135529] ret_from_fork+0x10/0x20 [ 21.135561] [ 21.141110] Allocated by task 260: [ 21.141436] kasan_save_stack+0x3c/0x68 [ 21.141815] kasan_save_track+0x20/0x40 [ 21.142190] kasan_save_alloc_info+0x40/0x58 [ 21.142607] __kasan_slab_alloc+0xa8/0xb0 [ 21.142997] kmem_cache_alloc_noprof+0x10c/0x398 [ 21.143444] kmem_cache_oob+0x12c/0x430 [ 21.143817] kunit_try_run_case+0x170/0x3f0 [ 21.144223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.144746] kthread+0x328/0x630 [ 21.145062] ret_from_fork+0x10/0x20 [ 21.145413] [ 21.145566] The buggy address belongs to the object at ffff00000e0b8000 [ 21.145566] which belongs to the cache test_cache of size 200 [ 21.146690] The buggy address is located 0 bytes to the right of [ 21.146690] allocated 200-byte region [ffff00000e0b8000, ffff00000e0b80c8) [ 21.147864] [ 21.148017] The buggy address belongs to the physical page: [ 21.148534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe0b8 [ 21.149258] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.149964] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 21.150614] page_type: f5(slab) [ 21.150929] raw: 03fffe0000000040 ffff000002518500 dead000000000122 0000000000000000 [ 21.151644] raw: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 21.152359] head: 03fffe0000000040 ffff000002518500 dead000000000122 0000000000000000 [ 21.153082] head: 0000000000000000 00000000801f001f 00000000f5000000 0000000000000000 [ 21.153807] head: 03fffe0000000001 fffffdffc0382e01 00000000ffffffff 00000000ffffffff [ 21.154529] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.155244] page dumped because: kasan: bad access detected [ 21.155758] [ 21.155912] Memory state around the buggy address: [ 21.156360] ffff00000e0b7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.157027] ffff00000e0b8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.157692] >ffff00000e0b8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 21.158354] ^ [ 21.158872] ffff00000e0b8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.159538] ffff00000e0b8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.160199] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 21.091951] ================================================================== [ 21.092933] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 21.093598] Read of size 8 at addr ffff00000251ddc0 by task kunit_try_catch/253 [ 21.094277] [ 21.094441] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 21.094491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.094505] Hardware name: Radxa ROCK Pi 4B (DT) [ 21.094521] Call trace: [ 21.094533] show_stack+0x20/0x38 (C) [ 21.094567] dump_stack_lvl+0x8c/0xd0 [ 21.094603] print_report+0x118/0x608 [ 21.094638] kasan_report+0xdc/0x128 [ 21.094670] __asan_report_load8_noabort+0x20/0x30 [ 21.094708] workqueue_uaf+0x480/0x4a8 [ 21.094737] kunit_try_run_case+0x170/0x3f0 [ 21.094772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.094809] kthread+0x328/0x630 [ 21.094836] ret_from_fork+0x10/0x20 [ 21.094868] [ 21.100411] Allocated by task 253: [ 21.100738] kasan_save_stack+0x3c/0x68 [ 21.101118] kasan_save_track+0x20/0x40 [ 21.101495] kasan_save_alloc_info+0x40/0x58 [ 21.101911] __kasan_kmalloc+0xd4/0xd8 [ 21.102279] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.102716] workqueue_uaf+0x13c/0x4a8 [ 21.103081] kunit_try_run_case+0x170/0x3f0 [ 21.103487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.104010] kthread+0x328/0x630 [ 21.104326] ret_from_fork+0x10/0x20 [ 21.104676] [ 21.104828] Freed by task 11: [ 21.105114] kasan_save_stack+0x3c/0x68 [ 21.105491] kasan_save_track+0x20/0x40 [ 21.105866] kasan_save_free_info+0x4c/0x78 [ 21.106275] __kasan_slab_free+0x6c/0x98 [ 21.106656] kfree+0x214/0x3c8 [ 21.106958] workqueue_uaf_work+0x18/0x30 [ 21.107345] process_one_work+0x530/0xf98 [ 21.107734] worker_thread+0x618/0xf38 [ 21.108098] kthread+0x328/0x630 [ 21.108413] ret_from_fork+0x10/0x20 [ 21.108764] [ 21.108917] Last potentially related work creation: [ 21.109369] kasan_save_stack+0x3c/0x68 [ 21.109744] kasan_record_aux_stack+0xb4/0xc8 [ 21.110167] __queue_work+0x65c/0x1008 [ 21.110531] queue_work_on+0xbc/0xf8 [ 21.110881] workqueue_uaf+0x210/0x4a8 [ 21.111245] kunit_try_run_case+0x170/0x3f0 [ 21.111650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.112173] kthread+0x328/0x630 [ 21.112489] ret_from_fork+0x10/0x20 [ 21.112839] [ 21.112991] The buggy address belongs to the object at ffff00000251ddc0 [ 21.112991] which belongs to the cache kmalloc-32 of size 32 [ 21.114109] The buggy address is located 0 bytes inside of [ 21.114109] freed 32-byte region [ffff00000251ddc0, ffff00000251dde0) [ 21.115198] [ 21.115353] The buggy address belongs to the physical page: [ 21.115867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x251d [ 21.116593] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 21.117204] page_type: f5(slab) [ 21.117518] raw: 03fffe0000000000 ffff000000402780 dead000000000122 0000000000000000 [ 21.118233] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.118940] page dumped because: kasan: bad access detected [ 21.119454] [ 21.119605] Memory state around the buggy address: [ 21.120054] ffff00000251dc80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.120720] ffff00000251dd00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.121386] >ffff00000251dd80: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 21.122046] ^ [ 21.122541] ffff00000251de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.123206] ffff00000251de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.123868] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 21.048733] ================================================================== [ 21.049746] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 21.050397] Read of size 4 at addr ffff00000f201900 by task swapper/1/0 [ 21.051023] [ 21.051194] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 21.051252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.051269] Hardware name: Radxa ROCK Pi 4B (DT) [ 21.051290] Call trace: [ 21.051303] show_stack+0x20/0x38 (C) [ 21.051344] dump_stack_lvl+0x8c/0xd0 [ 21.051386] print_report+0x118/0x608 [ 21.051428] kasan_report+0xdc/0x128 [ 21.051466] __asan_report_load4_noabort+0x20/0x30 [ 21.051512] rcu_uaf_reclaim+0x64/0x70 [ 21.051545] rcu_core+0x9f4/0x1e20 [ 21.051583] rcu_core_si+0x18/0x30 [ 21.051618] handle_softirqs+0x374/0xb28 [ 21.051657] __do_softirq+0x1c/0x28 [ 21.051690] ____do_softirq+0x18/0x30 [ 21.051726] call_on_irq_stack+0x24/0x30 [ 21.051763] do_softirq_own_stack+0x24/0x38 [ 21.051800] __irq_exit_rcu+0x1fc/0x318 [ 21.051837] irq_exit_rcu+0x1c/0x80 [ 21.051872] el1_interrupt+0x38/0x58 [ 21.051915] el1h_64_irq_handler+0x18/0x28 [ 21.051949] el1h_64_irq+0x6c/0x70 [ 21.051980] arch_local_irq_enable+0x4/0x8 (P) [ 21.052026] cpuidle_enter+0x60/0xb8 [ 21.052065] do_idle+0x36c/0x4e8 [ 21.052102] cpu_startup_entry+0x68/0x80 [ 21.052139] secondary_start_kernel+0x288/0x340 [ 21.052176] __secondary_switched+0xc0/0xc8 [ 21.052223] [ 21.062381] Allocated by task 251: [ 21.062715] kasan_save_stack+0x3c/0x68 [ 21.063101] kasan_save_track+0x20/0x40 [ 21.063486] kasan_save_alloc_info+0x40/0x58 [ 21.063912] __kasan_kmalloc+0xd4/0xd8 [ 21.064290] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.064735] rcu_uaf+0xb0/0x2d8 [ 21.065054] kunit_try_run_case+0x170/0x3f0 [ 21.065472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.066009] kthread+0x328/0x630 [ 21.066335] ret_from_fork+0x10/0x20 [ 21.066695] [ 21.066854] Freed by task 0: [ 21.067136] kasan_save_stack+0x3c/0x68 [ 21.067523] kasan_save_track+0x20/0x40 [ 21.067908] kasan_save_free_info+0x4c/0x78 [ 21.068326] __kasan_slab_free+0x6c/0x98 [ 21.068718] kfree+0x214/0x3c8 [ 21.069031] rcu_uaf_reclaim+0x28/0x70 [ 21.069403] rcu_core+0x9f4/0x1e20 [ 21.069747] rcu_core_si+0x18/0x30 [ 21.070090] handle_softirqs+0x374/0xb28 [ 21.070482] __do_softirq+0x1c/0x28 [ 21.070830] [ 21.070990] Last potentially related work creation: [ 21.071447] kasan_save_stack+0x3c/0x68 [ 21.071831] kasan_record_aux_stack+0xb4/0xc8 [ 21.072266] __call_rcu_common.constprop.0+0x70/0x8b0 [ 21.072758] call_rcu+0x18/0x30 [ 21.073076] rcu_uaf+0x14c/0x2d8 [ 21.073403] kunit_try_run_case+0x170/0x3f0 [ 21.073819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.074353] kthread+0x328/0x630 [ 21.074678] ret_from_fork+0x10/0x20 [ 21.075039] [ 21.075197] The buggy address belongs to the object at ffff00000f201900 [ 21.075197] which belongs to the cache kmalloc-32 of size 32 [ 21.076325] The buggy address is located 0 bytes inside of [ 21.076325] freed 32-byte region [ffff00000f201900, ffff00000f201920) [ 21.077425] [ 21.077584] The buggy address belongs to the physical page: [ 21.078106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf201 [ 21.078841] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 21.079460] page_type: f5(slab) [ 21.079781] raw: 03fffe0000000000 ffff000000402780 dead000000000122 0000000000000000 [ 21.080507] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.081222] page dumped because: kasan: bad access detected [ 21.081742] [ 21.081900] Memory state around the buggy address: [ 21.082356] ffff00000f201800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.083032] ffff00000f201880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.083706] >ffff00000f201900: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 21.084376] ^ [ 21.084693] ffff00000f201980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.085367] ffff00000f201a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.086036] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 20.972050] ================================================================== [ 20.972724] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 20.973331] Read of size 1 at addr ffff00000cea4300 by task kunit_try_catch/249 [ 20.973998] [ 20.974155] CPU: 3 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.974192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.974202] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.974215] Call trace: [ 20.974224] show_stack+0x20/0x38 (C) [ 20.974249] dump_stack_lvl+0x8c/0xd0 [ 20.974275] print_report+0x118/0x608 [ 20.974299] kasan_report+0xdc/0x128 [ 20.974322] __asan_report_load1_noabort+0x20/0x30 [ 20.974348] ksize_uaf+0x598/0x5f8 [ 20.974369] kunit_try_run_case+0x170/0x3f0 [ 20.974393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.974420] kthread+0x328/0x630 [ 20.974439] ret_from_fork+0x10/0x20 [ 20.974463] [ 20.979931] Allocated by task 249: [ 20.980250] kasan_save_stack+0x3c/0x68 [ 20.980616] kasan_save_track+0x20/0x40 [ 20.980980] kasan_save_alloc_info+0x40/0x58 [ 20.981384] __kasan_kmalloc+0xd4/0xd8 [ 20.981739] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.982164] ksize_uaf+0xb8/0x5f8 [ 20.982481] kunit_try_run_case+0x170/0x3f0 [ 20.982875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.983384] kthread+0x328/0x630 [ 20.983691] ret_from_fork+0x10/0x20 [ 20.984029] [ 20.984176] Freed by task 249: [ 20.984463] kasan_save_stack+0x3c/0x68 [ 20.984827] kasan_save_track+0x20/0x40 [ 20.985190] kasan_save_free_info+0x4c/0x78 [ 20.985585] __kasan_slab_free+0x6c/0x98 [ 20.985956] kfree+0x214/0x3c8 [ 20.986248] ksize_uaf+0x11c/0x5f8 [ 20.986572] kunit_try_run_case+0x170/0x3f0 [ 20.986965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.987474] kthread+0x328/0x630 [ 20.987781] ret_from_fork+0x10/0x20 [ 20.988119] [ 20.988267] The buggy address belongs to the object at ffff00000cea4300 [ 20.988267] which belongs to the cache kmalloc-128 of size 128 [ 20.989385] The buggy address is located 0 bytes inside of [ 20.989385] freed 128-byte region [ffff00000cea4300, ffff00000cea4380) [ 20.990468] [ 20.990616] The buggy address belongs to the physical page: [ 20.991122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xcea4 [ 20.991834] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.992433] page_type: f5(slab) [ 20.992736] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.993439] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.994136] page dumped because: kasan: bad access detected [ 20.994641] [ 20.994788] Memory state around the buggy address: [ 20.995227] ffff00000cea4200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.995882] ffff00000cea4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.996537] >ffff00000cea4300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.997188] ^ [ 20.997490] ffff00000cea4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.998144] ffff00000cea4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.998797] ================================================================== [ 20.999875] ================================================================== [ 21.000547] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 21.001140] Read of size 1 at addr ffff00000cea4378 by task kunit_try_catch/249 [ 21.001805] [ 21.001959] CPU: 4 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 21.001995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.002005] Hardware name: Radxa ROCK Pi 4B (DT) [ 21.002017] Call trace: [ 21.002025] show_stack+0x20/0x38 (C) [ 21.002050] dump_stack_lvl+0x8c/0xd0 [ 21.002074] print_report+0x118/0x608 [ 21.002096] kasan_report+0xdc/0x128 [ 21.002117] __asan_report_load1_noabort+0x20/0x30 [ 21.002141] ksize_uaf+0x544/0x5f8 [ 21.002159] kunit_try_run_case+0x170/0x3f0 [ 21.002183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.002207] kthread+0x328/0x630 [ 21.002224] ret_from_fork+0x10/0x20 [ 21.002245] [ 21.007704] Allocated by task 249: [ 21.008021] kasan_save_stack+0x3c/0x68 [ 21.008385] kasan_save_track+0x20/0x40 [ 21.008745] kasan_save_alloc_info+0x40/0x58 [ 21.009146] __kasan_kmalloc+0xd4/0xd8 [ 21.009499] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.009920] ksize_uaf+0xb8/0x5f8 [ 21.010233] kunit_try_run_case+0x170/0x3f0 [ 21.010624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.011132] kthread+0x328/0x630 [ 21.011435] ret_from_fork+0x10/0x20 [ 21.011771] [ 21.011918] Freed by task 249: [ 21.012202] kasan_save_stack+0x3c/0x68 [ 21.012562] kasan_save_track+0x20/0x40 [ 21.012923] kasan_save_free_info+0x4c/0x78 [ 21.013316] __kasan_slab_free+0x6c/0x98 [ 21.013684] kfree+0x214/0x3c8 [ 21.013973] ksize_uaf+0x11c/0x5f8 [ 21.014295] kunit_try_run_case+0x170/0x3f0 [ 21.014685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.015192] kthread+0x328/0x630 [ 21.015495] ret_from_fork+0x10/0x20 [ 21.015832] [ 21.015977] The buggy address belongs to the object at ffff00000cea4300 [ 21.015977] which belongs to the cache kmalloc-128 of size 128 [ 21.017094] The buggy address is located 120 bytes inside of [ 21.017094] freed 128-byte region [ffff00000cea4300, ffff00000cea4380) [ 21.018190] [ 21.018336] The buggy address belongs to the physical page: [ 21.018840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xcea4 [ 21.019551] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 21.020147] page_type: f5(slab) [ 21.020447] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 21.021148] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.021844] page dumped because: kasan: bad access detected [ 21.022347] [ 21.022491] Memory state around the buggy address: [ 21.022929] ffff00000cea4200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.023581] ffff00000cea4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.024232] >ffff00000cea4300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.024880] ^ [ 21.025524] ffff00000cea4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.026174] ffff00000cea4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.026824] ================================================================== [ 20.943134] ================================================================== [ 20.944225] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 20.944835] Read of size 1 at addr ffff00000cea4300 by task kunit_try_catch/249 [ 20.945517] [ 20.945683] CPU: 3 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.945733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.945748] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.945765] Call trace: [ 20.945776] show_stack+0x20/0x38 (C) [ 20.945813] dump_stack_lvl+0x8c/0xd0 [ 20.945849] print_report+0x118/0x608 [ 20.945883] kasan_report+0xdc/0x128 [ 20.945915] __kasan_check_byte+0x54/0x70 [ 20.945948] ksize+0x30/0x88 [ 20.945976] ksize_uaf+0x168/0x5f8 [ 20.946004] kunit_try_run_case+0x170/0x3f0 [ 20.946039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.946077] kthread+0x328/0x630 [ 20.946104] ret_from_fork+0x10/0x20 [ 20.946136] [ 20.951838] Allocated by task 249: [ 20.952163] kasan_save_stack+0x3c/0x68 [ 20.952542] kasan_save_track+0x20/0x40 [ 20.952917] kasan_save_alloc_info+0x40/0x58 [ 20.953334] __kasan_kmalloc+0xd4/0xd8 [ 20.953701] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.954138] ksize_uaf+0xb8/0x5f8 [ 20.954465] kunit_try_run_case+0x170/0x3f0 [ 20.954872] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.955395] kthread+0x328/0x630 [ 20.955710] ret_from_fork+0x10/0x20 [ 20.956061] [ 20.956214] Freed by task 249: [ 20.956507] kasan_save_stack+0x3c/0x68 [ 20.956883] kasan_save_track+0x20/0x40 [ 20.957258] kasan_save_free_info+0x4c/0x78 [ 20.957667] __kasan_slab_free+0x6c/0x98 [ 20.958049] kfree+0x214/0x3c8 [ 20.958352] ksize_uaf+0x11c/0x5f8 [ 20.958686] kunit_try_run_case+0x170/0x3f0 [ 20.959091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.959615] kthread+0x328/0x630 [ 20.959931] ret_from_fork+0x10/0x20 [ 20.960280] [ 20.960433] The buggy address belongs to the object at ffff00000cea4300 [ 20.960433] which belongs to the cache kmalloc-128 of size 128 [ 20.961565] The buggy address is located 0 bytes inside of [ 20.961565] freed 128-byte region [ffff00000cea4300, ffff00000cea4380) [ 20.962662] [ 20.962816] The buggy address belongs to the physical page: [ 20.963331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xcea4 [ 20.964054] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.964666] page_type: f5(slab) [ 20.964979] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.965694] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.966402] page dumped because: kasan: bad access detected [ 20.966916] [ 20.967068] Memory state around the buggy address: [ 20.967516] ffff00000cea4200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.968181] ffff00000cea4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.968846] >ffff00000cea4300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.969507] ^ [ 20.969818] ffff00000cea4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.970483] ffff00000cea4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.971145] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 20.891107] ================================================================== [ 20.891802] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 20.892493] Read of size 1 at addr ffff00000e1a3178 by task kunit_try_catch/247 [ 20.893158] [ 20.893316] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.893353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.893364] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.893378] Call trace: [ 20.893386] show_stack+0x20/0x38 (C) [ 20.893411] dump_stack_lvl+0x8c/0xd0 [ 20.893437] print_report+0x118/0x608 [ 20.893463] kasan_report+0xdc/0x128 [ 20.893485] __asan_report_load1_noabort+0x20/0x30 [ 20.893513] ksize_unpoisons_memory+0x618/0x740 [ 20.893534] kunit_try_run_case+0x170/0x3f0 [ 20.893560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.893587] kthread+0x328/0x630 [ 20.893606] ret_from_fork+0x10/0x20 [ 20.893630] [ 20.899197] Allocated by task 247: [ 20.899514] kasan_save_stack+0x3c/0x68 [ 20.899878] kasan_save_track+0x20/0x40 [ 20.900242] kasan_save_alloc_info+0x40/0x58 [ 20.900645] __kasan_kmalloc+0xd4/0xd8 [ 20.900998] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.901424] ksize_unpoisons_memory+0xc0/0x740 [ 20.901840] kunit_try_run_case+0x170/0x3f0 [ 20.902233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.902744] kthread+0x328/0x630 [ 20.903050] ret_from_fork+0x10/0x20 [ 20.903389] [ 20.903536] The buggy address belongs to the object at ffff00000e1a3100 [ 20.903536] which belongs to the cache kmalloc-128 of size 128 [ 20.904655] The buggy address is located 5 bytes to the right of [ 20.904655] allocated 115-byte region [ffff00000e1a3100, ffff00000e1a3173) [ 20.905814] [ 20.905962] The buggy address belongs to the physical page: [ 20.906468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe1a3 [ 20.907180] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.907778] page_type: f5(slab) [ 20.908079] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.908781] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.909478] page dumped because: kasan: bad access detected [ 20.909983] [ 20.910130] Memory state around the buggy address: [ 20.910569] ffff00000e1a3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.911224] ffff00000e1a3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.911877] >ffff00000e1a3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.912529] ^ [ 20.913174] ffff00000e1a3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.913829] ffff00000e1a3200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.914479] ================================================================== [ 20.865672] ================================================================== [ 20.866761] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 20.867466] Read of size 1 at addr ffff00000e1a3173 by task kunit_try_catch/247 [ 20.868142] [ 20.868307] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.868358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.868372] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.868389] Call trace: [ 20.868400] show_stack+0x20/0x38 (C) [ 20.868436] dump_stack_lvl+0x8c/0xd0 [ 20.868472] print_report+0x118/0x608 [ 20.868506] kasan_report+0xdc/0x128 [ 20.868538] __asan_report_load1_noabort+0x20/0x30 [ 20.868577] ksize_unpoisons_memory+0x628/0x740 [ 20.868609] kunit_try_run_case+0x170/0x3f0 [ 20.868643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.868681] kthread+0x328/0x630 [ 20.868707] ret_from_fork+0x10/0x20 [ 20.868739] [ 20.874352] Allocated by task 247: [ 20.874677] kasan_save_stack+0x3c/0x68 [ 20.875053] kasan_save_track+0x20/0x40 [ 20.875428] kasan_save_alloc_info+0x40/0x58 [ 20.875845] __kasan_kmalloc+0xd4/0xd8 [ 20.876212] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.876648] ksize_unpoisons_memory+0xc0/0x740 [ 20.877075] kunit_try_run_case+0x170/0x3f0 [ 20.877479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.878003] kthread+0x328/0x630 [ 20.878319] ret_from_fork+0x10/0x20 [ 20.878669] [ 20.878822] The buggy address belongs to the object at ffff00000e1a3100 [ 20.878822] which belongs to the cache kmalloc-128 of size 128 [ 20.879955] The buggy address is located 0 bytes to the right of [ 20.879955] allocated 115-byte region [ffff00000e1a3100, ffff00000e1a3173) [ 20.881129] [ 20.881283] The buggy address belongs to the physical page: [ 20.881798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe1a3 [ 20.882522] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.883133] page_type: f5(slab) [ 20.883447] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.884163] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.884870] page dumped because: kasan: bad access detected [ 20.885386] [ 20.885537] Memory state around the buggy address: [ 20.885986] ffff00000e1a3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.886652] ffff00000e1a3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.887317] >ffff00000e1a3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.887978] ^ [ 20.888611] ffff00000e1a3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.889276] ffff00000e1a3200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.889937] ================================================================== [ 20.915256] ================================================================== [ 20.915914] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 20.916590] Read of size 1 at addr ffff00000e1a317f by task kunit_try_catch/247 [ 20.917253] [ 20.917407] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.917442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.917452] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.917465] Call trace: [ 20.917472] show_stack+0x20/0x38 (C) [ 20.917495] dump_stack_lvl+0x8c/0xd0 [ 20.917521] print_report+0x118/0x608 [ 20.917544] kasan_report+0xdc/0x128 [ 20.917566] __asan_report_load1_noabort+0x20/0x30 [ 20.917593] ksize_unpoisons_memory+0x690/0x740 [ 20.917615] kunit_try_run_case+0x170/0x3f0 [ 20.917638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.917665] kthread+0x328/0x630 [ 20.917684] ret_from_fork+0x10/0x20 [ 20.917706] [ 20.923274] Allocated by task 247: [ 20.923592] kasan_save_stack+0x3c/0x68 [ 20.923955] kasan_save_track+0x20/0x40 [ 20.924318] kasan_save_alloc_info+0x40/0x58 [ 20.924722] __kasan_kmalloc+0xd4/0xd8 [ 20.925076] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.925501] ksize_unpoisons_memory+0xc0/0x740 [ 20.925917] kunit_try_run_case+0x170/0x3f0 [ 20.926310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.926820] kthread+0x328/0x630 [ 20.927125] ret_from_fork+0x10/0x20 [ 20.927464] [ 20.927611] The buggy address belongs to the object at ffff00000e1a3100 [ 20.927611] which belongs to the cache kmalloc-128 of size 128 [ 20.928729] The buggy address is located 12 bytes to the right of [ 20.928729] allocated 115-byte region [ffff00000e1a3100, ffff00000e1a3173) [ 20.929896] [ 20.930043] The buggy address belongs to the physical page: [ 20.930547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe1a3 [ 20.931258] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.931856] page_type: f5(slab) [ 20.932156] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.932857] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.933554] page dumped because: kasan: bad access detected [ 20.934059] [ 20.934206] Memory state around the buggy address: [ 20.934644] ffff00000e1a3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.935297] ffff00000e1a3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.935952] >ffff00000e1a3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.936602] ^ [ 20.937247] ffff00000e1a3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.937902] ffff00000e1a3200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.938552] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 20.832283] ================================================================== [ 20.832956] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 20.833543] Free of addr ffff000001e6e700 by task kunit_try_catch/245 [ 20.834139] [ 20.834297] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.834334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.834344] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.834358] Call trace: [ 20.834366] show_stack+0x20/0x38 (C) [ 20.834391] dump_stack_lvl+0x8c/0xd0 [ 20.834417] print_report+0x118/0x608 [ 20.834442] kasan_report_invalid_free+0xc0/0xe8 [ 20.834467] check_slab_allocation+0xd4/0x108 [ 20.834490] __kasan_slab_pre_free+0x2c/0x48 [ 20.834514] kfree+0xe8/0x3c8 [ 20.834534] kfree_sensitive+0x3c/0xb0 [ 20.834555] kmalloc_double_kzfree+0x168/0x308 [ 20.834580] kunit_try_run_case+0x170/0x3f0 [ 20.834603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.834631] kthread+0x328/0x630 [ 20.834650] ret_from_fork+0x10/0x20 [ 20.834673] [ 20.841260] Allocated by task 245: [ 20.841582] kasan_save_stack+0x3c/0x68 [ 20.841952] kasan_save_track+0x20/0x40 [ 20.842316] kasan_save_alloc_info+0x40/0x58 [ 20.842720] __kasan_kmalloc+0xd4/0xd8 [ 20.843075] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.843500] kmalloc_double_kzfree+0xb8/0x308 [ 20.843909] kunit_try_run_case+0x170/0x3f0 [ 20.844302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.844812] kthread+0x328/0x630 [ 20.845117] ret_from_fork+0x10/0x20 [ 20.845457] [ 20.845604] Freed by task 245: [ 20.845889] kasan_save_stack+0x3c/0x68 [ 20.846252] kasan_save_track+0x20/0x40 [ 20.846614] kasan_save_free_info+0x4c/0x78 [ 20.847009] __kasan_slab_free+0x6c/0x98 [ 20.847378] kfree+0x214/0x3c8 [ 20.847670] kfree_sensitive+0x80/0xb0 [ 20.848024] kmalloc_double_kzfree+0x11c/0x308 [ 20.848439] kunit_try_run_case+0x170/0x3f0 [ 20.848833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.849342] kthread+0x328/0x630 [ 20.849649] ret_from_fork+0x10/0x20 [ 20.849988] [ 20.850135] The buggy address belongs to the object at ffff000001e6e700 [ 20.850135] which belongs to the cache kmalloc-16 of size 16 [ 20.851240] The buggy address is located 0 bytes inside of [ 20.851240] 16-byte region [ffff000001e6e700, ffff000001e6e710) [ 20.852269] [ 20.852416] The buggy address belongs to the physical page: [ 20.852922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e6e [ 20.853633] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.854233] page_type: f5(slab) [ 20.854536] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 20.855239] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.855937] page dumped because: kasan: bad access detected [ 20.856442] [ 20.856589] Memory state around the buggy address: [ 20.857029] ffff000001e6e600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.857682] ffff000001e6e680: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.858337] >ffff000001e6e700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.858988] ^ [ 20.859290] ffff000001e6e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.859944] ffff000001e6e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.860596] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 20.802398] ================================================================== [ 20.803751] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 20.804455] Read of size 1 at addr ffff000001e6e700 by task kunit_try_catch/245 [ 20.805134] [ 20.805299] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.805348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.805363] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.805380] Call trace: [ 20.805391] show_stack+0x20/0x38 (C) [ 20.805428] dump_stack_lvl+0x8c/0xd0 [ 20.805463] print_report+0x118/0x608 [ 20.805497] kasan_report+0xdc/0x128 [ 20.805530] __kasan_check_byte+0x54/0x70 [ 20.805562] kfree_sensitive+0x30/0xb0 [ 20.805594] kmalloc_double_kzfree+0x168/0x308 [ 20.805626] kunit_try_run_case+0x170/0x3f0 [ 20.805659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.805698] kthread+0x328/0x630 [ 20.805725] ret_from_fork+0x10/0x20 [ 20.805757] [ 20.811626] Allocated by task 245: [ 20.811950] kasan_save_stack+0x3c/0x68 [ 20.812328] kasan_save_track+0x20/0x40 [ 20.812704] kasan_save_alloc_info+0x40/0x58 [ 20.813121] __kasan_kmalloc+0xd4/0xd8 [ 20.813488] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.813925] kmalloc_double_kzfree+0xb8/0x308 [ 20.814345] kunit_try_run_case+0x170/0x3f0 [ 20.814751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.815274] kthread+0x328/0x630 [ 20.815589] ret_from_fork+0x10/0x20 [ 20.815940] [ 20.816093] Freed by task 245: [ 20.816386] kasan_save_stack+0x3c/0x68 [ 20.816763] kasan_save_track+0x20/0x40 [ 20.817138] kasan_save_free_info+0x4c/0x78 [ 20.817545] __kasan_slab_free+0x6c/0x98 [ 20.817927] kfree+0x214/0x3c8 [ 20.818230] kfree_sensitive+0x80/0xb0 [ 20.818596] kmalloc_double_kzfree+0x11c/0x308 [ 20.819023] kunit_try_run_case+0x170/0x3f0 [ 20.819429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.819952] kthread+0x328/0x630 [ 20.820267] ret_from_fork+0x10/0x20 [ 20.820619] [ 20.820771] The buggy address belongs to the object at ffff000001e6e700 [ 20.820771] which belongs to the cache kmalloc-16 of size 16 [ 20.821888] The buggy address is located 0 bytes inside of [ 20.821888] freed 16-byte region [ffff000001e6e700, ffff000001e6e710) [ 20.822977] [ 20.823130] The buggy address belongs to the physical page: [ 20.823645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e6e [ 20.824369] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.824982] page_type: f5(slab) [ 20.825297] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 20.826012] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.826719] page dumped because: kasan: bad access detected [ 20.827234] [ 20.827386] Memory state around the buggy address: [ 20.827835] ffff000001e6e600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.828500] ffff000001e6e680: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.829165] >ffff000001e6e700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.829826] ^ [ 20.830137] ffff000001e6e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.830802] ffff000001e6e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.831463] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 20.767626] ================================================================== [ 20.768669] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 20.769326] Read of size 1 at addr ffff00000e2e8e28 by task kunit_try_catch/241 [ 20.770008] [ 20.770172] CPU: 3 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.770222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.770237] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.770255] Call trace: [ 20.770266] show_stack+0x20/0x38 (C) [ 20.770300] dump_stack_lvl+0x8c/0xd0 [ 20.770335] print_report+0x118/0x608 [ 20.770369] kasan_report+0xdc/0x128 [ 20.770401] __asan_report_load1_noabort+0x20/0x30 [ 20.770439] kmalloc_uaf2+0x3f4/0x468 [ 20.770467] kunit_try_run_case+0x170/0x3f0 [ 20.770501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.770539] kthread+0x328/0x630 [ 20.770566] ret_from_fork+0x10/0x20 [ 20.770598] [ 20.776133] Allocated by task 241: [ 20.776458] kasan_save_stack+0x3c/0x68 [ 20.776839] kasan_save_track+0x20/0x40 [ 20.777215] kasan_save_alloc_info+0x40/0x58 [ 20.777632] __kasan_kmalloc+0xd4/0xd8 [ 20.777999] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.778437] kmalloc_uaf2+0xc4/0x468 [ 20.778785] kunit_try_run_case+0x170/0x3f0 [ 20.779192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.779715] kthread+0x328/0x630 [ 20.780031] ret_from_fork+0x10/0x20 [ 20.780382] [ 20.780537] Freed by task 241: [ 20.780830] kasan_save_stack+0x3c/0x68 [ 20.781206] kasan_save_track+0x20/0x40 [ 20.781581] kasan_save_free_info+0x4c/0x78 [ 20.781988] __kasan_slab_free+0x6c/0x98 [ 20.782371] kfree+0x214/0x3c8 [ 20.782674] kmalloc_uaf2+0x134/0x468 [ 20.783030] kunit_try_run_case+0x170/0x3f0 [ 20.783434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.783957] kthread+0x328/0x630 [ 20.784273] ret_from_fork+0x10/0x20 [ 20.784622] [ 20.784776] The buggy address belongs to the object at ffff00000e2e8e00 [ 20.784776] which belongs to the cache kmalloc-64 of size 64 [ 20.785893] The buggy address is located 40 bytes inside of [ 20.785893] freed 64-byte region [ffff00000e2e8e00, ffff00000e2e8e40) [ 20.786990] [ 20.787144] The buggy address belongs to the physical page: [ 20.787658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe2e8 [ 20.788385] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.788999] page_type: f5(slab) [ 20.789312] raw: 03fffe0000000000 ffff0000004028c0 dead000000000122 0000000000000000 [ 20.790029] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.790736] page dumped because: kasan: bad access detected [ 20.791251] [ 20.791403] Memory state around the buggy address: [ 20.791852] ffff00000e2e8d00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 20.792518] ffff00000e2e8d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.793184] >ffff00000e2e8e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.793845] ^ [ 20.794269] ffff00000e2e8e80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 20.794935] ffff00000e2e8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.795596] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 20.736176] ================================================================== [ 20.737182] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 20.737868] Write of size 33 at addr ffff00000101c980 by task kunit_try_catch/239 [ 20.738560] [ 20.738724] CPU: 2 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.738775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.738790] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.738806] Call trace: [ 20.738818] show_stack+0x20/0x38 (C) [ 20.738852] dump_stack_lvl+0x8c/0xd0 [ 20.738887] print_report+0x118/0x608 [ 20.738921] kasan_report+0xdc/0x128 [ 20.738953] kasan_check_range+0x100/0x1a8 [ 20.738987] __asan_memset+0x34/0x78 [ 20.739013] kmalloc_uaf_memset+0x170/0x310 [ 20.739042] kunit_try_run_case+0x170/0x3f0 [ 20.739076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.739115] kthread+0x328/0x630 [ 20.739141] ret_from_fork+0x10/0x20 [ 20.739172] [ 20.745007] Allocated by task 239: [ 20.745332] kasan_save_stack+0x3c/0x68 [ 20.745710] kasan_save_track+0x20/0x40 [ 20.746085] kasan_save_alloc_info+0x40/0x58 [ 20.746500] __kasan_kmalloc+0xd4/0xd8 [ 20.746867] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.747304] kmalloc_uaf_memset+0xb8/0x310 [ 20.747699] kunit_try_run_case+0x170/0x3f0 [ 20.748104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.748627] kthread+0x328/0x630 [ 20.748942] ret_from_fork+0x10/0x20 [ 20.749292] [ 20.749445] Freed by task 239: [ 20.749738] kasan_save_stack+0x3c/0x68 [ 20.750113] kasan_save_track+0x20/0x40 [ 20.750488] kasan_save_free_info+0x4c/0x78 [ 20.750895] __kasan_slab_free+0x6c/0x98 [ 20.751277] kfree+0x214/0x3c8 [ 20.751580] kmalloc_uaf_memset+0x11c/0x310 [ 20.751982] kunit_try_run_case+0x170/0x3f0 [ 20.752387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.752910] kthread+0x328/0x630 [ 20.753226] ret_from_fork+0x10/0x20 [ 20.753576] [ 20.753728] The buggy address belongs to the object at ffff00000101c980 [ 20.753728] which belongs to the cache kmalloc-64 of size 64 [ 20.754844] The buggy address is located 0 bytes inside of [ 20.754844] freed 64-byte region [ffff00000101c980, ffff00000101c9c0) [ 20.755933] [ 20.756087] The buggy address belongs to the physical page: [ 20.756600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c [ 20.757324] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.757935] page_type: f5(slab) [ 20.758250] raw: 03fffe0000000000 ffff0000004028c0 dead000000000122 0000000000000000 [ 20.758965] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.759671] page dumped because: kasan: bad access detected [ 20.760186] [ 20.760338] Memory state around the buggy address: [ 20.760786] ffff00000101c880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.761452] ffff00000101c900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.762117] >ffff00000101c980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.762778] ^ [ 20.763088] ffff00000101ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.763754] ffff00000101ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.764415] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 20.704225] ================================================================== [ 20.705366] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 20.705994] Read of size 1 at addr ffff000001e6e6e8 by task kunit_try_catch/237 [ 20.706672] [ 20.706836] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.706887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.706901] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.706918] Call trace: [ 20.706930] show_stack+0x20/0x38 (C) [ 20.706963] dump_stack_lvl+0x8c/0xd0 [ 20.706999] print_report+0x118/0x608 [ 20.707033] kasan_report+0xdc/0x128 [ 20.707064] __asan_report_load1_noabort+0x20/0x30 [ 20.707101] kmalloc_uaf+0x300/0x338 [ 20.707129] kunit_try_run_case+0x170/0x3f0 [ 20.707163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.707200] kthread+0x328/0x630 [ 20.707227] ret_from_fork+0x10/0x20 [ 20.707259] [ 20.712785] Allocated by task 237: [ 20.713111] kasan_save_stack+0x3c/0x68 [ 20.713489] kasan_save_track+0x20/0x40 [ 20.713863] kasan_save_alloc_info+0x40/0x58 [ 20.714278] __kasan_kmalloc+0xd4/0xd8 [ 20.714647] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.715083] kmalloc_uaf+0xb8/0x338 [ 20.715424] kunit_try_run_case+0x170/0x3f0 [ 20.715829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.716353] kthread+0x328/0x630 [ 20.716670] ret_from_fork+0x10/0x20 [ 20.717020] [ 20.717172] Freed by task 237: [ 20.717466] kasan_save_stack+0x3c/0x68 [ 20.717842] kasan_save_track+0x20/0x40 [ 20.718217] kasan_save_free_info+0x4c/0x78 [ 20.718625] __kasan_slab_free+0x6c/0x98 [ 20.719009] kfree+0x214/0x3c8 [ 20.719312] kmalloc_uaf+0x11c/0x338 [ 20.719660] kunit_try_run_case+0x170/0x3f0 [ 20.720066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.720589] kthread+0x328/0x630 [ 20.720905] ret_from_fork+0x10/0x20 [ 20.721254] [ 20.721407] The buggy address belongs to the object at ffff000001e6e6e0 [ 20.721407] which belongs to the cache kmalloc-16 of size 16 [ 20.722524] The buggy address is located 8 bytes inside of [ 20.722524] freed 16-byte region [ffff000001e6e6e0, ffff000001e6e6f0) [ 20.723613] [ 20.723767] The buggy address belongs to the physical page: [ 20.724282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e6e [ 20.725007] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.725618] page_type: f5(slab) [ 20.725931] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 20.726647] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.727354] page dumped because: kasan: bad access detected [ 20.727869] [ 20.728020] Memory state around the buggy address: [ 20.728469] ffff000001e6e580: 00 05 fc fc 00 05 fc fc 00 05 fc fc fa fb fc fc [ 20.729135] ffff000001e6e600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.729800] >ffff000001e6e680: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.730462] ^ [ 20.731070] ffff000001e6e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.731735] ffff000001e6e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.732396] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 20.674758] ================================================================== [ 20.675901] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 20.676652] Read of size 64 at addr ffff00000101c904 by task kunit_try_catch/235 [ 20.677339] [ 20.677505] CPU: 2 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.677556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.677570] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.677588] Call trace: [ 20.677599] show_stack+0x20/0x38 (C) [ 20.677633] dump_stack_lvl+0x8c/0xd0 [ 20.677669] print_report+0x118/0x608 [ 20.677704] kasan_report+0xdc/0x128 [ 20.677735] kasan_check_range+0x100/0x1a8 [ 20.677768] __asan_memmove+0x3c/0x98 [ 20.677795] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 20.677828] kunit_try_run_case+0x170/0x3f0 [ 20.677862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.677899] kthread+0x328/0x630 [ 20.677926] ret_from_fork+0x10/0x20 [ 20.677958] [ 20.683880] Allocated by task 235: [ 20.684204] kasan_save_stack+0x3c/0x68 [ 20.684582] kasan_save_track+0x20/0x40 [ 20.684959] kasan_save_alloc_info+0x40/0x58 [ 20.685374] __kasan_kmalloc+0xd4/0xd8 [ 20.685741] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.686177] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 20.686651] kunit_try_run_case+0x170/0x3f0 [ 20.687058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.687580] kthread+0x328/0x630 [ 20.687897] ret_from_fork+0x10/0x20 [ 20.688247] [ 20.688400] The buggy address belongs to the object at ffff00000101c900 [ 20.688400] which belongs to the cache kmalloc-64 of size 64 [ 20.689518] The buggy address is located 4 bytes inside of [ 20.689518] allocated 64-byte region [ffff00000101c900, ffff00000101c940) [ 20.690638] [ 20.690793] The buggy address belongs to the physical page: [ 20.691308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c [ 20.692033] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.692644] page_type: f5(slab) [ 20.692957] raw: 03fffe0000000000 ffff0000004028c0 dead000000000122 0000000000000000 [ 20.693674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.694381] page dumped because: kasan: bad access detected [ 20.694896] [ 20.695047] Memory state around the buggy address: [ 20.695496] ffff00000101c800: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.696162] ffff00000101c880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.696827] >ffff00000101c900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 20.697490] ^ [ 20.697984] ffff00000101c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.698651] ffff00000101ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.699312] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 20.646950] ================================================================== [ 20.648011] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 20.648720] Read of size 18446744073709551614 at addr ffff00000e2e8a84 by task kunit_try_catch/233 [ 20.649551] [ 20.649719] CPU: 3 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.649770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.649786] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.649803] Call trace: [ 20.649814] show_stack+0x20/0x38 (C) [ 20.649852] dump_stack_lvl+0x8c/0xd0 [ 20.649888] print_report+0x118/0x608 [ 20.649923] kasan_report+0xdc/0x128 [ 20.649954] kasan_check_range+0x100/0x1a8 [ 20.649990] __asan_memmove+0x3c/0x98 [ 20.650016] kmalloc_memmove_negative_size+0x154/0x2e0 [ 20.650050] kunit_try_run_case+0x170/0x3f0 [ 20.650084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.650121] kthread+0x328/0x630 [ 20.650148] ret_from_fork+0x10/0x20 [ 20.650179] [ 20.656109] Allocated by task 233: [ 20.656435] kasan_save_stack+0x3c/0x68 [ 20.656814] kasan_save_track+0x20/0x40 [ 20.657189] kasan_save_alloc_info+0x40/0x58 [ 20.657605] __kasan_kmalloc+0xd4/0xd8 [ 20.657971] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.658408] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 20.658890] kunit_try_run_case+0x170/0x3f0 [ 20.659297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.659820] kthread+0x328/0x630 [ 20.660136] ret_from_fork+0x10/0x20 [ 20.660488] [ 20.660641] The buggy address belongs to the object at ffff00000e2e8a80 [ 20.660641] which belongs to the cache kmalloc-64 of size 64 [ 20.661758] The buggy address is located 4 bytes inside of [ 20.661758] 64-byte region [ffff00000e2e8a80, ffff00000e2e8ac0) [ 20.662801] [ 20.662956] The buggy address belongs to the physical page: [ 20.663470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe2e8 [ 20.664196] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.664807] page_type: f5(slab) [ 20.665119] raw: 03fffe0000000000 ffff0000004028c0 dead000000000122 0000000000000000 [ 20.665835] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.666542] page dumped because: kasan: bad access detected [ 20.667056] [ 20.667210] Memory state around the buggy address: [ 20.667658] ffff00000e2e8980: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 20.668323] ffff00000e2e8a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.668989] >ffff00000e2e8a80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 20.669650] ^ [ 20.669960] ffff00000e2e8b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.670625] ffff00000e2e8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.671286] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 20.619116] ================================================================== [ 20.620194] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 20.620888] Write of size 16 at addr ffff00000e1a3069 by task kunit_try_catch/231 [ 20.621586] [ 20.621749] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.621800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.621815] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.621832] Call trace: [ 20.621843] show_stack+0x20/0x38 (C) [ 20.621879] dump_stack_lvl+0x8c/0xd0 [ 20.621915] print_report+0x118/0x608 [ 20.621948] kasan_report+0xdc/0x128 [ 20.621979] kasan_check_range+0x100/0x1a8 [ 20.622014] __asan_memset+0x34/0x78 [ 20.622040] kmalloc_oob_memset_16+0x150/0x2f8 [ 20.622070] kunit_try_run_case+0x170/0x3f0 [ 20.622104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.622142] kthread+0x328/0x630 [ 20.622168] ret_from_fork+0x10/0x20 [ 20.622200] [ 20.628059] Allocated by task 231: [ 20.628383] kasan_save_stack+0x3c/0x68 [ 20.628761] kasan_save_track+0x20/0x40 [ 20.629137] kasan_save_alloc_info+0x40/0x58 [ 20.629554] __kasan_kmalloc+0xd4/0xd8 [ 20.629920] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.630358] kmalloc_oob_memset_16+0xb0/0x2f8 [ 20.630775] kunit_try_run_case+0x170/0x3f0 [ 20.631181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.631705] kthread+0x328/0x630 [ 20.632020] ret_from_fork+0x10/0x20 [ 20.632369] [ 20.632522] The buggy address belongs to the object at ffff00000e1a3000 [ 20.632522] which belongs to the cache kmalloc-128 of size 128 [ 20.633654] The buggy address is located 105 bytes inside of [ 20.633654] allocated 120-byte region [ffff00000e1a3000, ffff00000e1a3078) [ 20.634798] [ 20.634952] The buggy address belongs to the physical page: [ 20.635467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe1a3 [ 20.636191] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.636802] page_type: f5(slab) [ 20.637114] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.637829] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.638536] page dumped because: kasan: bad access detected [ 20.639050] [ 20.639202] Memory state around the buggy address: [ 20.639650] ffff00000e1a2f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.640316] ffff00000e1a2f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.640982] >ffff00000e1a3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.641642] ^ [ 20.642299] ffff00000e1a3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.642964] ffff00000e1a3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.643627] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 20.589720] ================================================================== [ 20.590800] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 20.591487] Write of size 8 at addr ffff00000ba33f71 by task kunit_try_catch/229 [ 20.592170] [ 20.592338] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.592389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.592403] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.592421] Call trace: [ 20.592432] show_stack+0x20/0x38 (C) [ 20.592468] dump_stack_lvl+0x8c/0xd0 [ 20.592504] print_report+0x118/0x608 [ 20.592539] kasan_report+0xdc/0x128 [ 20.592571] kasan_check_range+0x100/0x1a8 [ 20.592605] __asan_memset+0x34/0x78 [ 20.592631] kmalloc_oob_memset_8+0x150/0x2f8 [ 20.592661] kunit_try_run_case+0x170/0x3f0 [ 20.592695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.592734] kthread+0x328/0x630 [ 20.592760] ret_from_fork+0x10/0x20 [ 20.592792] [ 20.598648] Allocated by task 229: [ 20.598973] kasan_save_stack+0x3c/0x68 [ 20.599351] kasan_save_track+0x20/0x40 [ 20.599725] kasan_save_alloc_info+0x40/0x58 [ 20.600141] __kasan_kmalloc+0xd4/0xd8 [ 20.600506] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.600943] kmalloc_oob_memset_8+0xb0/0x2f8 [ 20.601354] kunit_try_run_case+0x170/0x3f0 [ 20.601760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.602284] kthread+0x328/0x630 [ 20.602599] ret_from_fork+0x10/0x20 [ 20.602949] [ 20.603102] The buggy address belongs to the object at ffff00000ba33f00 [ 20.603102] which belongs to the cache kmalloc-128 of size 128 [ 20.604235] The buggy address is located 113 bytes inside of [ 20.604235] allocated 120-byte region [ffff00000ba33f00, ffff00000ba33f78) [ 20.605376] [ 20.605531] The buggy address belongs to the physical page: [ 20.606044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xba33 [ 20.606767] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.607379] page_type: f5(slab) [ 20.607690] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.608405] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.609112] page dumped because: kasan: bad access detected [ 20.609626] [ 20.609778] Memory state around the buggy address: [ 20.610226] ffff00000ba33e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.610892] ffff00000ba33e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.611558] >ffff00000ba33f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.612218] ^ [ 20.612874] ffff00000ba33f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.613539] ffff00000ba34000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 20.614200] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 20.561416] ================================================================== [ 20.562493] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 20.563178] Write of size 4 at addr ffff00000e2f8375 by task kunit_try_catch/227 [ 20.563861] [ 20.564025] CPU: 2 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.564074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.564088] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.564105] Call trace: [ 20.564116] show_stack+0x20/0x38 (C) [ 20.564148] dump_stack_lvl+0x8c/0xd0 [ 20.564183] print_report+0x118/0x608 [ 20.564216] kasan_report+0xdc/0x128 [ 20.564247] kasan_check_range+0x100/0x1a8 [ 20.564280] __asan_memset+0x34/0x78 [ 20.564306] kmalloc_oob_memset_4+0x150/0x300 [ 20.564335] kunit_try_run_case+0x170/0x3f0 [ 20.564369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.564406] kthread+0x328/0x630 [ 20.564433] ret_from_fork+0x10/0x20 [ 20.564467] [ 20.570324] Allocated by task 227: [ 20.570653] kasan_save_stack+0x3c/0x68 [ 20.571032] kasan_save_track+0x20/0x40 [ 20.571406] kasan_save_alloc_info+0x40/0x58 [ 20.571822] __kasan_kmalloc+0xd4/0xd8 [ 20.572189] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.572626] kmalloc_oob_memset_4+0xb0/0x300 [ 20.573039] kunit_try_run_case+0x170/0x3f0 [ 20.573445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.573969] kthread+0x328/0x630 [ 20.574285] ret_from_fork+0x10/0x20 [ 20.574635] [ 20.574787] The buggy address belongs to the object at ffff00000e2f8300 [ 20.574787] which belongs to the cache kmalloc-128 of size 128 [ 20.575920] The buggy address is located 117 bytes inside of [ 20.575920] allocated 120-byte region [ffff00000e2f8300, ffff00000e2f8378) [ 20.577064] [ 20.577218] The buggy address belongs to the physical page: [ 20.577734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe2f8 [ 20.578457] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.579068] page_type: f5(slab) [ 20.579381] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.580096] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.580803] page dumped because: kasan: bad access detected [ 20.581319] [ 20.581471] Memory state around the buggy address: [ 20.581920] ffff00000e2f8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.582585] ffff00000e2f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.583252] >ffff00000e2f8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.583913] ^ [ 20.584568] ffff00000e2f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.585233] ffff00000e2f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.585896] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 20.532700] ================================================================== [ 20.533791] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 20.534477] Write of size 2 at addr ffff00000e2f8277 by task kunit_try_catch/225 [ 20.535161] [ 20.535324] CPU: 2 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.535374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.535387] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.535405] Call trace: [ 20.535416] show_stack+0x20/0x38 (C) [ 20.535449] dump_stack_lvl+0x8c/0xd0 [ 20.535484] print_report+0x118/0x608 [ 20.535518] kasan_report+0xdc/0x128 [ 20.535548] kasan_check_range+0x100/0x1a8 [ 20.535582] __asan_memset+0x34/0x78 [ 20.535608] kmalloc_oob_memset_2+0x150/0x2f8 [ 20.535636] kunit_try_run_case+0x170/0x3f0 [ 20.535670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.535707] kthread+0x328/0x630 [ 20.535733] ret_from_fork+0x10/0x20 [ 20.535765] [ 20.541620] Allocated by task 225: [ 20.541953] kasan_save_stack+0x3c/0x68 [ 20.542336] kasan_save_track+0x20/0x40 [ 20.542711] kasan_save_alloc_info+0x40/0x58 [ 20.543127] __kasan_kmalloc+0xd4/0xd8 [ 20.543493] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.543929] kmalloc_oob_memset_2+0xb0/0x2f8 [ 20.544341] kunit_try_run_case+0x170/0x3f0 [ 20.544747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.545270] kthread+0x328/0x630 [ 20.545585] ret_from_fork+0x10/0x20 [ 20.545935] [ 20.546089] The buggy address belongs to the object at ffff00000e2f8200 [ 20.546089] which belongs to the cache kmalloc-128 of size 128 [ 20.547219] The buggy address is located 119 bytes inside of [ 20.547219] allocated 120-byte region [ffff00000e2f8200, ffff00000e2f8278) [ 20.548362] [ 20.548517] The buggy address belongs to the physical page: [ 20.549031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe2f8 [ 20.549755] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.550364] page_type: f5(slab) [ 20.550677] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.551393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.552099] page dumped because: kasan: bad access detected [ 20.552612] [ 20.552765] Memory state around the buggy address: [ 20.553213] ffff00000e2f8100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.553878] ffff00000e2f8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.554543] >ffff00000e2f8200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.555203] ^ [ 20.555857] ffff00000e2f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.556521] ffff00000e2f8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.557182] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 20.505181] ================================================================== [ 20.506213] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 20.506907] Write of size 128 at addr ffff00000ba33e00 by task kunit_try_catch/223 [ 20.507606] [ 20.507770] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.507820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.507833] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.507850] Call trace: [ 20.507860] show_stack+0x20/0x38 (C) [ 20.507895] dump_stack_lvl+0x8c/0xd0 [ 20.507930] print_report+0x118/0x608 [ 20.507963] kasan_report+0xdc/0x128 [ 20.507995] kasan_check_range+0x100/0x1a8 [ 20.508028] __asan_memset+0x34/0x78 [ 20.508053] kmalloc_oob_in_memset+0x144/0x2d0 [ 20.508083] kunit_try_run_case+0x170/0x3f0 [ 20.508116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.508154] kthread+0x328/0x630 [ 20.508180] ret_from_fork+0x10/0x20 [ 20.508211] [ 20.514071] Allocated by task 223: [ 20.514395] kasan_save_stack+0x3c/0x68 [ 20.514772] kasan_save_track+0x20/0x40 [ 20.515147] kasan_save_alloc_info+0x40/0x58 [ 20.515562] __kasan_kmalloc+0xd4/0xd8 [ 20.515928] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.516365] kmalloc_oob_in_memset+0xb0/0x2d0 [ 20.516782] kunit_try_run_case+0x170/0x3f0 [ 20.517188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.517710] kthread+0x328/0x630 [ 20.518025] ret_from_fork+0x10/0x20 [ 20.518374] [ 20.518526] The buggy address belongs to the object at ffff00000ba33e00 [ 20.518526] which belongs to the cache kmalloc-128 of size 128 [ 20.519657] The buggy address is located 0 bytes inside of [ 20.519657] allocated 120-byte region [ffff00000ba33e00, ffff00000ba33e78) [ 20.520783] [ 20.520937] The buggy address belongs to the physical page: [ 20.521451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xba33 [ 20.522174] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.522784] page_type: f5(slab) [ 20.523097] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 20.523810] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.524516] page dumped because: kasan: bad access detected [ 20.525030] [ 20.525181] Memory state around the buggy address: [ 20.525629] ffff00000ba33d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.526294] ffff00000ba33d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.526959] >ffff00000ba33e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.527619] ^ [ 20.528274] ffff00000ba33e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.528938] ffff00000ba33f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.529598] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 20.471508] ================================================================== [ 20.472573] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 20.473253] Read of size 16 at addr ffff00000101a200 by task kunit_try_catch/221 [ 20.473967] [ 20.474148] CPU: 2 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.474227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.474249] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.474276] Call trace: [ 20.474294] show_stack+0x20/0x38 (C) [ 20.474347] dump_stack_lvl+0x8c/0xd0 [ 20.474403] print_report+0x118/0x608 [ 20.474458] kasan_report+0xdc/0x128 [ 20.474509] __asan_report_load16_noabort+0x20/0x30 [ 20.474572] kmalloc_uaf_16+0x3bc/0x438 [ 20.474619] kunit_try_run_case+0x170/0x3f0 [ 20.474674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.474736] kthread+0x328/0x630 [ 20.474778] ret_from_fork+0x10/0x20 [ 20.474829] [ 20.480489] Allocated by task 221: [ 20.480835] kasan_save_stack+0x3c/0x68 [ 20.481244] kasan_save_track+0x20/0x40 [ 20.481648] kasan_save_alloc_info+0x40/0x58 [ 20.482094] __kasan_kmalloc+0xd4/0xd8 [ 20.482489] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.482955] kmalloc_uaf_16+0x140/0x438 [ 20.483352] kunit_try_run_case+0x170/0x3f0 [ 20.483786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.484342] kthread+0x328/0x630 [ 20.484684] ret_from_fork+0x10/0x20 [ 20.485061] [ 20.485229] Freed by task 221: [ 20.485541] kasan_save_stack+0x3c/0x68 [ 20.485945] kasan_save_track+0x20/0x40 [ 20.486346] kasan_save_free_info+0x4c/0x78 [ 20.486785] __kasan_slab_free+0x6c/0x98 [ 20.487196] kfree+0x214/0x3c8 [ 20.487524] kmalloc_uaf_16+0x190/0x438 [ 20.487922] kunit_try_run_case+0x170/0x3f0 [ 20.488355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.488911] kthread+0x328/0x630 [ 20.489251] ret_from_fork+0x10/0x20 [ 20.489627] [ 20.489795] The buggy address belongs to the object at ffff00000101a200 [ 20.489795] which belongs to the cache kmalloc-16 of size 16 [ 20.490942] The buggy address is located 0 bytes inside of [ 20.490942] freed 16-byte region [ffff00000101a200, ffff00000101a210) [ 20.492063] [ 20.492232] The buggy address belongs to the physical page: [ 20.492766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a [ 20.493520] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.494159] page_type: f5(slab) [ 20.494496] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 20.495241] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.495972] page dumped because: kasan: bad access detected [ 20.496506] [ 20.496673] Memory state around the buggy address: [ 20.497141] ffff00000101a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.497833] ffff00000101a180: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 20.498524] >ffff00000101a200: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.499208] ^ [ 20.499539] ffff00000101a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.500230] ffff00000101a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.500915] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 20.442999] ================================================================== [ 20.444045] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 20.444713] Write of size 16 at addr ffff000001e6e6a0 by task kunit_try_catch/219 [ 20.445430] [ 20.445595] CPU: 1 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.445644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.445657] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.445674] Call trace: [ 20.445685] show_stack+0x20/0x38 (C) [ 20.445719] dump_stack_lvl+0x8c/0xd0 [ 20.445754] print_report+0x118/0x608 [ 20.445788] kasan_report+0xdc/0x128 [ 20.445819] __asan_report_store16_noabort+0x20/0x30 [ 20.445849] kmalloc_oob_16+0x3a0/0x3f8 [ 20.445877] kunit_try_run_case+0x170/0x3f0 [ 20.445911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.445948] kthread+0x328/0x630 [ 20.445974] ret_from_fork+0x10/0x20 [ 20.446005] [ 20.451570] Allocated by task 219: [ 20.451894] kasan_save_stack+0x3c/0x68 [ 20.452271] kasan_save_track+0x20/0x40 [ 20.452646] kasan_save_alloc_info+0x40/0x58 [ 20.453062] __kasan_kmalloc+0xd4/0xd8 [ 20.453428] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.453865] kmalloc_oob_16+0xb4/0x3f8 [ 20.454228] kunit_try_run_case+0x170/0x3f0 [ 20.454634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.455156] kthread+0x328/0x630 [ 20.455471] ret_from_fork+0x10/0x20 [ 20.455820] [ 20.455973] The buggy address belongs to the object at ffff000001e6e6a0 [ 20.455973] which belongs to the cache kmalloc-16 of size 16 [ 20.457088] The buggy address is located 0 bytes inside of [ 20.457088] allocated 13-byte region [ffff000001e6e6a0, ffff000001e6e6ad) [ 20.458206] [ 20.458360] The buggy address belongs to the physical page: [ 20.458874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e6e [ 20.459598] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 20.460207] page_type: f5(slab) [ 20.460521] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 20.461235] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.461941] page dumped because: kasan: bad access detected [ 20.462454] [ 20.462606] Memory state around the buggy address: [ 20.463054] ffff000001e6e580: 00 05 fc fc 00 05 fc fc 00 05 fc fc fa fb fc fc [ 20.463719] ffff000001e6e600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.464383] >ffff000001e6e680: 00 05 fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 20.465043] ^ [ 20.465468] ffff000001e6e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.466133] ffff000001e6e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.466793] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 20.407968] ================================================================== [ 20.408642] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 20.409274] Read of size 1 at addr ffff00000b7bf200 by task kunit_try_catch/217 [ 20.409943] [ 20.410098] CPU: 3 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.410134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.410144] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.410157] Call trace: [ 20.410166] show_stack+0x20/0x38 (C) [ 20.410191] dump_stack_lvl+0x8c/0xd0 [ 20.410217] print_report+0x118/0x608 [ 20.410241] kasan_report+0xdc/0x128 [ 20.410263] __asan_report_load1_noabort+0x20/0x30 [ 20.410289] krealloc_uaf+0x4c8/0x520 [ 20.410310] kunit_try_run_case+0x170/0x3f0 [ 20.410334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.410361] kthread+0x328/0x630 [ 20.410380] ret_from_fork+0x10/0x20 [ 20.410403] [ 20.415895] Allocated by task 217: [ 20.416211] kasan_save_stack+0x3c/0x68 [ 20.416575] kasan_save_track+0x20/0x40 [ 20.416937] kasan_save_alloc_info+0x40/0x58 [ 20.417339] __kasan_kmalloc+0xd4/0xd8 [ 20.417694] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.418117] krealloc_uaf+0xc8/0x520 [ 20.418455] kunit_try_run_case+0x170/0x3f0 [ 20.418848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.419357] kthread+0x328/0x630 [ 20.419662] ret_from_fork+0x10/0x20 [ 20.420000] [ 20.420146] Freed by task 217: [ 20.420431] kasan_save_stack+0x3c/0x68 [ 20.420795] kasan_save_track+0x20/0x40 [ 20.421158] kasan_save_free_info+0x4c/0x78 [ 20.421553] __kasan_slab_free+0x6c/0x98 [ 20.421923] kfree+0x214/0x3c8 [ 20.422215] krealloc_uaf+0x12c/0x520 [ 20.422561] kunit_try_run_case+0x170/0x3f0 [ 20.422954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.423462] kthread+0x328/0x630 [ 20.423767] ret_from_fork+0x10/0x20 [ 20.424105] [ 20.424252] The buggy address belongs to the object at ffff00000b7bf200 [ 20.424252] which belongs to the cache kmalloc-256 of size 256 [ 20.425369] The buggy address is located 0 bytes inside of [ 20.425369] freed 256-byte region [ffff00000b7bf200, ffff00000b7bf300) [ 20.426450] [ 20.426598] The buggy address belongs to the physical page: [ 20.427103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xb7be [ 20.427812] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.428504] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.429143] page_type: f5(slab) [ 20.429443] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.430146] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.430848] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.431557] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.432267] head: 03fffe0000000001 fffffdffc02def81 00000000ffffffff 00000000ffffffff [ 20.432975] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.433678] page dumped because: kasan: bad access detected [ 20.434182] [ 20.434329] Memory state around the buggy address: [ 20.434766] ffff00000b7bf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.435419] ffff00000b7bf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.436072] >ffff00000b7bf200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.436722] ^ [ 20.437024] ffff00000b7bf280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.437676] ffff00000b7bf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.438327] ================================================================== [ 20.375372] ================================================================== [ 20.376476] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 20.377108] Read of size 1 at addr ffff00000b7bf200 by task kunit_try_catch/217 [ 20.377784] [ 20.377946] CPU: 3 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.377993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.378007] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.378023] Call trace: [ 20.378033] show_stack+0x20/0x38 (C) [ 20.378065] dump_stack_lvl+0x8c/0xd0 [ 20.378099] print_report+0x118/0x608 [ 20.378132] kasan_report+0xdc/0x128 [ 20.378162] __kasan_check_byte+0x54/0x70 [ 20.378194] krealloc_noprof+0x44/0x360 [ 20.378226] krealloc_uaf+0x180/0x520 [ 20.378254] kunit_try_run_case+0x170/0x3f0 [ 20.378286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.378323] kthread+0x328/0x630 [ 20.378348] ret_from_fork+0x10/0x20 [ 20.378379] [ 20.384186] Allocated by task 217: [ 20.384510] kasan_save_stack+0x3c/0x68 [ 20.384888] kasan_save_track+0x20/0x40 [ 20.385261] kasan_save_alloc_info+0x40/0x58 [ 20.385676] __kasan_kmalloc+0xd4/0xd8 [ 20.386041] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.386477] krealloc_uaf+0xc8/0x520 [ 20.386826] kunit_try_run_case+0x170/0x3f0 [ 20.387231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.387753] kthread+0x328/0x630 [ 20.388068] ret_from_fork+0x10/0x20 [ 20.388417] [ 20.388570] Freed by task 217: [ 20.388863] kasan_save_stack+0x3c/0x68 [ 20.389238] kasan_save_track+0x20/0x40 [ 20.389611] kasan_save_free_info+0x4c/0x78 [ 20.390019] __kasan_slab_free+0x6c/0x98 [ 20.390401] kfree+0x214/0x3c8 [ 20.390704] krealloc_uaf+0x12c/0x520 [ 20.391061] kunit_try_run_case+0x170/0x3f0 [ 20.391465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.391987] kthread+0x328/0x630 [ 20.392302] ret_from_fork+0x10/0x20 [ 20.392651] [ 20.392804] The buggy address belongs to the object at ffff00000b7bf200 [ 20.392804] which belongs to the cache kmalloc-256 of size 256 [ 20.393935] The buggy address is located 0 bytes inside of [ 20.393935] freed 256-byte region [ffff00000b7bf200, ffff00000b7bf300) [ 20.395029] [ 20.395183] The buggy address belongs to the physical page: [ 20.395697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xb7be [ 20.396420] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.397125] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.397777] page_type: f5(slab) [ 20.398089] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.398804] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.399518] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.400240] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.400962] head: 03fffe0000000001 fffffdffc02def81 00000000ffffffff 00000000ffffffff [ 20.401683] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.402397] page dumped because: kasan: bad access detected [ 20.402910] [ 20.403062] Memory state around the buggy address: [ 20.403508] ffff00000b7bf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.404173] ffff00000b7bf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.404837] >ffff00000b7bf200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.405497] ^ [ 20.405807] ffff00000b7bf280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.406471] ffff00000b7bf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.407132] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 20.181325] ================================================================== [ 20.181978] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 20.182666] Write of size 1 at addr ffff000001b868eb by task kunit_try_catch/211 [ 20.183334] [ 20.183483] CPU: 4 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.183514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.183522] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.183532] Call trace: [ 20.183538] show_stack+0x20/0x38 (C) [ 20.183558] dump_stack_lvl+0x8c/0xd0 [ 20.183579] print_report+0x118/0x608 [ 20.183600] kasan_report+0xdc/0x128 [ 20.183621] __asan_report_store1_noabort+0x20/0x30 [ 20.183639] krealloc_less_oob_helper+0xa58/0xc50 [ 20.183659] krealloc_less_oob+0x20/0x38 [ 20.183678] kunit_try_run_case+0x170/0x3f0 [ 20.183698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.183722] kthread+0x328/0x630 [ 20.183737] ret_from_fork+0x10/0x20 [ 20.183756] [ 20.189683] Allocated by task 211: [ 20.189996] kasan_save_stack+0x3c/0x68 [ 20.190357] kasan_save_track+0x20/0x40 [ 20.190718] kasan_save_alloc_info+0x40/0x58 [ 20.191120] __kasan_krealloc+0x118/0x178 [ 20.191496] krealloc_noprof+0x128/0x360 [ 20.191864] krealloc_less_oob_helper+0x168/0xc50 [ 20.192300] krealloc_less_oob+0x20/0x38 [ 20.192666] kunit_try_run_case+0x170/0x3f0 [ 20.193056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.193563] kthread+0x328/0x630 [ 20.193866] ret_from_fork+0x10/0x20 [ 20.194203] [ 20.194348] The buggy address belongs to the object at ffff000001b86800 [ 20.194348] which belongs to the cache kmalloc-256 of size 256 [ 20.195461] The buggy address is located 34 bytes to the right of [ 20.195461] allocated 201-byte region [ffff000001b86800, ffff000001b868c9) [ 20.196624] [ 20.196770] The buggy address belongs to the physical page: [ 20.197273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1b86 [ 20.197978] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.198668] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.199299] page_type: f5(slab) [ 20.199595] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.200294] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.200992] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.201699] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.202405] head: 03fffe0000000001 fffffdffc006e181 00000000ffffffff 00000000ffffffff [ 20.203111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.203812] page dumped because: kasan: bad access detected [ 20.204315] [ 20.204460] Memory state around the buggy address: [ 20.204894] ffff000001b86780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.205545] ffff000001b86800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.206196] >ffff000001b86880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.206843] ^ [ 20.207439] ffff000001b86900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.208091] ffff000001b86980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.208739] ================================================================== [ 20.124823] ================================================================== [ 20.125498] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 20.126197] Write of size 1 at addr ffff000001b868da by task kunit_try_catch/211 [ 20.126867] [ 20.127021] CPU: 4 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.127057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.127066] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.127077] Call trace: [ 20.127086] show_stack+0x20/0x38 (C) [ 20.127110] dump_stack_lvl+0x8c/0xd0 [ 20.127133] print_report+0x118/0x608 [ 20.127155] kasan_report+0xdc/0x128 [ 20.127176] __asan_report_store1_noabort+0x20/0x30 [ 20.127195] krealloc_less_oob_helper+0xa80/0xc50 [ 20.127215] krealloc_less_oob+0x20/0x38 [ 20.127234] kunit_try_run_case+0x170/0x3f0 [ 20.127256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.127280] kthread+0x328/0x630 [ 20.127297] ret_from_fork+0x10/0x20 [ 20.127317] [ 20.133246] Allocated by task 211: [ 20.133562] kasan_save_stack+0x3c/0x68 [ 20.133926] kasan_save_track+0x20/0x40 [ 20.134287] kasan_save_alloc_info+0x40/0x58 [ 20.134689] __kasan_krealloc+0x118/0x178 [ 20.135066] krealloc_noprof+0x128/0x360 [ 20.135435] krealloc_less_oob_helper+0x168/0xc50 [ 20.135870] krealloc_less_oob+0x20/0x38 [ 20.136237] kunit_try_run_case+0x170/0x3f0 [ 20.136627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.137135] kthread+0x328/0x630 [ 20.137437] ret_from_fork+0x10/0x20 [ 20.137773] [ 20.137919] The buggy address belongs to the object at ffff000001b86800 [ 20.137919] which belongs to the cache kmalloc-256 of size 256 [ 20.139034] The buggy address is located 17 bytes to the right of [ 20.139034] allocated 201-byte region [ffff000001b86800, ffff000001b868c9) [ 20.140198] [ 20.140344] The buggy address belongs to the physical page: [ 20.140848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1b86 [ 20.141557] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.142248] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.142884] page_type: f5(slab) [ 20.143182] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.143882] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.144581] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.145286] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.145992] head: 03fffe0000000001 fffffdffc006e181 00000000ffffffff 00000000ffffffff [ 20.146698] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.147399] page dumped because: kasan: bad access detected [ 20.147902] [ 20.148047] Memory state around the buggy address: [ 20.148484] ffff000001b86780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.149137] ffff000001b86800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.149788] >ffff000001b86880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.150436] ^ [ 20.150988] ffff000001b86900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.151639] ffff000001b86980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.152288] ================================================================== [ 20.306902] ================================================================== [ 20.307592] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 20.308311] Write of size 1 at addr ffff00000dafa0da by task kunit_try_catch/215 [ 20.308983] [ 20.309140] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.309176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.309186] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.309199] Call trace: [ 20.309207] show_stack+0x20/0x38 (C) [ 20.309232] dump_stack_lvl+0x8c/0xd0 [ 20.309258] print_report+0x118/0x608 [ 20.309282] kasan_report+0xdc/0x128 [ 20.309304] __asan_report_store1_noabort+0x20/0x30 [ 20.309326] krealloc_less_oob_helper+0xa80/0xc50 [ 20.309349] krealloc_large_less_oob+0x20/0x38 [ 20.309370] kunit_try_run_case+0x170/0x3f0 [ 20.309395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.309421] kthread+0x328/0x630 [ 20.309441] ret_from_fork+0x10/0x20 [ 20.309463] [ 20.315447] The buggy address belongs to the physical page: [ 20.315952] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaf8 [ 20.316662] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.317354] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.317992] page_type: f8(unknown) [ 20.318316] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.319017] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.319719] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.320428] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.321137] head: 03fffe0000000002 fffffdffc036be01 00000000ffffffff 00000000ffffffff [ 20.321845] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.322549] page dumped because: kasan: bad access detected [ 20.323053] [ 20.323198] Memory state around the buggy address: [ 20.323636] ffff00000daf9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.324289] ffff00000dafa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.324943] >ffff00000dafa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.325594] ^ [ 20.326147] ffff00000dafa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.326800] ffff00000dafa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.327451] ================================================================== [ 20.067308] ================================================================== [ 20.068340] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 20.069046] Write of size 1 at addr ffff000001b868c9 by task kunit_try_catch/211 [ 20.069718] [ 20.069873] CPU: 2 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.069909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.069919] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.069932] Call trace: [ 20.069940] show_stack+0x20/0x38 (C) [ 20.069965] dump_stack_lvl+0x8c/0xd0 [ 20.069991] print_report+0x118/0x608 [ 20.070016] kasan_report+0xdc/0x128 [ 20.070038] __asan_report_store1_noabort+0x20/0x30 [ 20.070059] krealloc_less_oob_helper+0xa48/0xc50 [ 20.070082] krealloc_less_oob+0x20/0x38 [ 20.070103] kunit_try_run_case+0x170/0x3f0 [ 20.070128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.070155] kthread+0x328/0x630 [ 20.070174] ret_from_fork+0x10/0x20 [ 20.070197] [ 20.076131] Allocated by task 211: [ 20.076448] kasan_save_stack+0x3c/0x68 [ 20.076811] kasan_save_track+0x20/0x40 [ 20.077173] kasan_save_alloc_info+0x40/0x58 [ 20.077576] __kasan_krealloc+0x118/0x178 [ 20.077954] krealloc_noprof+0x128/0x360 [ 20.078325] krealloc_less_oob_helper+0x168/0xc50 [ 20.078763] krealloc_less_oob+0x20/0x38 [ 20.079131] kunit_try_run_case+0x170/0x3f0 [ 20.079523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.080032] kthread+0x328/0x630 [ 20.080337] ret_from_fork+0x10/0x20 [ 20.080676] [ 20.080822] The buggy address belongs to the object at ffff000001b86800 [ 20.080822] which belongs to the cache kmalloc-256 of size 256 [ 20.081940] The buggy address is located 0 bytes to the right of [ 20.081940] allocated 201-byte region [ffff000001b86800, ffff000001b868c9) [ 20.083097] [ 20.083245] The buggy address belongs to the physical page: [ 20.083750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1b86 [ 20.084461] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.085153] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.085791] page_type: f5(slab) [ 20.086093] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.086795] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.087497] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.088206] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.088916] head: 03fffe0000000001 fffffdffc006e181 00000000ffffffff 00000000ffffffff [ 20.089625] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.090328] page dumped because: kasan: bad access detected [ 20.090832] [ 20.090976] Memory state around the buggy address: [ 20.091415] ffff000001b86780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.092069] ffff000001b86800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.092722] >ffff000001b86880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.093373] ^ [ 20.093879] ffff000001b86900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.094533] ffff000001b86980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.095183] ================================================================== [ 20.153124] ================================================================== [ 20.153779] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 20.154465] Write of size 1 at addr ffff000001b868ea by task kunit_try_catch/211 [ 20.155133] [ 20.155282] CPU: 4 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.155313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.155322] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.155332] Call trace: [ 20.155338] show_stack+0x20/0x38 (C) [ 20.155359] dump_stack_lvl+0x8c/0xd0 [ 20.155380] print_report+0x118/0x608 [ 20.155401] kasan_report+0xdc/0x128 [ 20.155422] __asan_report_store1_noabort+0x20/0x30 [ 20.155440] krealloc_less_oob_helper+0xae4/0xc50 [ 20.155460] krealloc_less_oob+0x20/0x38 [ 20.155479] kunit_try_run_case+0x170/0x3f0 [ 20.155499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.155523] kthread+0x328/0x630 [ 20.155538] ret_from_fork+0x10/0x20 [ 20.155557] [ 20.161485] Allocated by task 211: [ 20.161799] kasan_save_stack+0x3c/0x68 [ 20.162159] kasan_save_track+0x20/0x40 [ 20.162520] kasan_save_alloc_info+0x40/0x58 [ 20.162920] __kasan_krealloc+0x118/0x178 [ 20.163297] krealloc_noprof+0x128/0x360 [ 20.163664] krealloc_less_oob_helper+0x168/0xc50 [ 20.164099] krealloc_less_oob+0x20/0x38 [ 20.164465] kunit_try_run_case+0x170/0x3f0 [ 20.164856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.165363] kthread+0x328/0x630 [ 20.165667] ret_from_fork+0x10/0x20 [ 20.166003] [ 20.166147] The buggy address belongs to the object at ffff000001b86800 [ 20.166147] which belongs to the cache kmalloc-256 of size 256 [ 20.167261] The buggy address is located 33 bytes to the right of [ 20.167261] allocated 201-byte region [ffff000001b86800, ffff000001b868c9) [ 20.168423] [ 20.168568] The buggy address belongs to the physical page: [ 20.169072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1b86 [ 20.169778] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.170467] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.171098] page_type: f5(slab) [ 20.171394] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.172092] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.172790] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.173497] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.174203] head: 03fffe0000000001 fffffdffc006e181 00000000ffffffff 00000000ffffffff [ 20.174909] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.175609] page dumped because: kasan: bad access detected [ 20.176112] [ 20.176256] Memory state around the buggy address: [ 20.176693] ffff000001b86780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.177344] ffff000001b86800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.177994] >ffff000001b86880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.178643] ^ [ 20.179239] ffff000001b86900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.179889] ffff000001b86980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.180538] ================================================================== [ 20.261344] ================================================================== [ 20.262484] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 20.263234] Write of size 1 at addr ffff00000dafa0c9 by task kunit_try_catch/215 [ 20.263947] [ 20.264130] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.264208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.264230] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.264257] Call trace: [ 20.264274] show_stack+0x20/0x38 (C) [ 20.264330] dump_stack_lvl+0x8c/0xd0 [ 20.264386] print_report+0x118/0x608 [ 20.264442] kasan_report+0xdc/0x128 [ 20.264494] __asan_report_store1_noabort+0x20/0x30 [ 20.264544] krealloc_less_oob_helper+0xa48/0xc50 [ 20.264596] krealloc_large_less_oob+0x20/0x38 [ 20.264647] kunit_try_run_case+0x170/0x3f0 [ 20.264703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.264764] kthread+0x328/0x630 [ 20.264807] ret_from_fork+0x10/0x20 [ 20.264858] [ 20.270993] The buggy address belongs to the physical page: [ 20.271528] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaf8 [ 20.272281] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.273013] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.273694] page_type: f8(unknown) [ 20.274055] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.274800] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.275545] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.276297] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.277050] head: 03fffe0000000002 fffffdffc036be01 00000000ffffffff 00000000ffffffff [ 20.277803] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.278542] page dumped because: kasan: bad access detected [ 20.279076] [ 20.279243] Memory state around the buggy address: [ 20.279711] ffff00000daf9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.280404] ffff00000dafa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.281095] >ffff00000dafa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.281778] ^ [ 20.282318] ffff00000dafa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.283009] ffff00000dafa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.283693] ================================================================== [ 20.284821] ================================================================== [ 20.285521] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 20.286251] Write of size 1 at addr ffff00000dafa0d0 by task kunit_try_catch/215 [ 20.286935] [ 20.287098] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.287146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.287160] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.287176] Call trace: [ 20.287187] show_stack+0x20/0x38 (C) [ 20.287220] dump_stack_lvl+0x8c/0xd0 [ 20.287255] print_report+0x118/0x608 [ 20.287288] kasan_report+0xdc/0x128 [ 20.287319] __asan_report_store1_noabort+0x20/0x30 [ 20.287348] krealloc_less_oob_helper+0xb9c/0xc50 [ 20.287380] krealloc_large_less_oob+0x20/0x38 [ 20.287411] kunit_try_run_case+0x170/0x3f0 [ 20.287444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.287481] kthread+0x328/0x630 [ 20.287507] ret_from_fork+0x10/0x20 [ 20.287538] [ 20.293565] The buggy address belongs to the physical page: [ 20.294080] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaf8 [ 20.294801] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.295506] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.296156] page_type: f8(unknown) [ 20.296490] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.297204] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.297919] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.298640] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.299362] head: 03fffe0000000002 fffffdffc036be01 00000000ffffffff 00000000ffffffff [ 20.300083] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.300797] page dumped because: kasan: bad access detected [ 20.301311] [ 20.301463] Memory state around the buggy address: [ 20.301910] ffff00000daf9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.302574] ffff00000dafa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.303238] >ffff00000dafa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.303898] ^ [ 20.304439] ffff00000dafa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.305103] ffff00000dafa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.305763] ================================================================== [ 20.328197] ================================================================== [ 20.328853] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 20.329545] Write of size 1 at addr ffff00000dafa0ea by task kunit_try_catch/215 [ 20.330215] [ 20.330370] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.330403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.330413] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.330424] Call trace: [ 20.330432] show_stack+0x20/0x38 (C) [ 20.330455] dump_stack_lvl+0x8c/0xd0 [ 20.330480] print_report+0x118/0x608 [ 20.330503] kasan_report+0xdc/0x128 [ 20.330525] __asan_report_store1_noabort+0x20/0x30 [ 20.330546] krealloc_less_oob_helper+0xae4/0xc50 [ 20.330568] krealloc_large_less_oob+0x20/0x38 [ 20.330590] kunit_try_run_case+0x170/0x3f0 [ 20.330613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.330640] kthread+0x328/0x630 [ 20.330658] ret_from_fork+0x10/0x20 [ 20.330680] [ 20.336662] The buggy address belongs to the physical page: [ 20.337166] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaf8 [ 20.337876] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.338567] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.339202] page_type: f8(unknown) [ 20.339524] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.340226] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.340928] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.341636] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.342345] head: 03fffe0000000002 fffffdffc036be01 00000000ffffffff 00000000ffffffff [ 20.343054] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.343757] page dumped because: kasan: bad access detected [ 20.344261] [ 20.344406] Memory state around the buggy address: [ 20.344843] ffff00000daf9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.345497] ffff00000dafa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.346150] >ffff00000dafa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.346800] ^ [ 20.347399] ffff00000dafa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.348052] ffff00000dafa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.348702] ================================================================== [ 20.095991] ================================================================== [ 20.096651] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 20.097365] Write of size 1 at addr ffff000001b868d0 by task kunit_try_catch/211 [ 20.098038] [ 20.098194] CPU: 2 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.098231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.098241] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.098253] Call trace: [ 20.098261] show_stack+0x20/0x38 (C) [ 20.098285] dump_stack_lvl+0x8c/0xd0 [ 20.098311] print_report+0x118/0x608 [ 20.098335] kasan_report+0xdc/0x128 [ 20.098358] __asan_report_store1_noabort+0x20/0x30 [ 20.098379] krealloc_less_oob_helper+0xb9c/0xc50 [ 20.098401] krealloc_less_oob+0x20/0x38 [ 20.098422] kunit_try_run_case+0x170/0x3f0 [ 20.098447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.098473] kthread+0x328/0x630 [ 20.098492] ret_from_fork+0x10/0x20 [ 20.098515] [ 20.104453] Allocated by task 211: [ 20.104771] kasan_save_stack+0x3c/0x68 [ 20.105137] kasan_save_track+0x20/0x40 [ 20.105500] kasan_save_alloc_info+0x40/0x58 [ 20.105902] __kasan_krealloc+0x118/0x178 [ 20.106280] krealloc_noprof+0x128/0x360 [ 20.106652] krealloc_less_oob_helper+0x168/0xc50 [ 20.107090] krealloc_less_oob+0x20/0x38 [ 20.107459] kunit_try_run_case+0x170/0x3f0 [ 20.107851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.108360] kthread+0x328/0x630 [ 20.108666] ret_from_fork+0x10/0x20 [ 20.109006] [ 20.109153] The buggy address belongs to the object at ffff000001b86800 [ 20.109153] which belongs to the cache kmalloc-256 of size 256 [ 20.110271] The buggy address is located 7 bytes to the right of [ 20.110271] allocated 201-byte region [ffff000001b86800, ffff000001b868c9) [ 20.111429] [ 20.111576] The buggy address belongs to the physical page: [ 20.112082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1b86 [ 20.112792] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.113484] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.114121] page_type: f5(slab) [ 20.114423] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.115124] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.115826] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.116535] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.117245] head: 03fffe0000000001 fffffdffc006e181 00000000ffffffff 00000000ffffffff [ 20.117955] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.118658] page dumped because: kasan: bad access detected [ 20.119163] [ 20.119310] Memory state around the buggy address: [ 20.119748] ffff000001b86780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.120402] ffff000001b86800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.121056] >ffff000001b86880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 20.121705] ^ [ 20.122235] ffff000001b86900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.122888] ffff000001b86980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.123538] ================================================================== [ 20.350025] ================================================================== [ 20.350700] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 20.351398] Write of size 1 at addr ffff00000dafa0eb by task kunit_try_catch/215 [ 20.352070] [ 20.352223] CPU: 4 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.352258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.352268] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.352279] Call trace: [ 20.352287] show_stack+0x20/0x38 (C) [ 20.352312] dump_stack_lvl+0x8c/0xd0 [ 20.352335] print_report+0x118/0x608 [ 20.352357] kasan_report+0xdc/0x128 [ 20.352378] __asan_report_store1_noabort+0x20/0x30 [ 20.352396] krealloc_less_oob_helper+0xa58/0xc50 [ 20.352417] krealloc_large_less_oob+0x20/0x38 [ 20.352436] kunit_try_run_case+0x170/0x3f0 [ 20.352459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.352483] kthread+0x328/0x630 [ 20.352500] ret_from_fork+0x10/0x20 [ 20.352520] [ 20.358496] The buggy address belongs to the physical page: [ 20.359000] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaf8 [ 20.359709] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.360400] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.361035] page_type: f8(unknown) [ 20.361357] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.362056] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.362756] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.363462] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.364169] head: 03fffe0000000002 fffffdffc036be01 00000000ffffffff 00000000ffffffff [ 20.364874] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.365576] page dumped because: kasan: bad access detected [ 20.366078] [ 20.366222] Memory state around the buggy address: [ 20.366659] ffff00000daf9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.367311] ffff00000dafa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.367961] >ffff00000dafa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 20.368610] ^ [ 20.369207] ffff00000dafa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.369858] ffff00000dafa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.370506] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 20.213369] ================================================================== [ 20.214429] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 20.215171] Write of size 1 at addr ffff00000dafa0eb by task kunit_try_catch/213 [ 20.215883] [ 20.216062] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.216138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.216161] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.216187] Call trace: [ 20.216204] show_stack+0x20/0x38 (C) [ 20.216256] dump_stack_lvl+0x8c/0xd0 [ 20.216310] print_report+0x118/0x608 [ 20.216365] kasan_report+0xdc/0x128 [ 20.216417] __asan_report_store1_noabort+0x20/0x30 [ 20.216466] krealloc_more_oob_helper+0x60c/0x678 [ 20.216520] krealloc_large_more_oob+0x20/0x38 [ 20.216572] kunit_try_run_case+0x170/0x3f0 [ 20.216627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.216689] kthread+0x328/0x630 [ 20.216732] ret_from_fork+0x10/0x20 [ 20.216783] [ 20.222925] The buggy address belongs to the physical page: [ 20.223459] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaf8 [ 20.224211] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.224942] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.225621] page_type: f8(unknown) [ 20.225981] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.226726] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.227470] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.228223] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.228976] head: 03fffe0000000002 fffffdffc036be01 00000000ffffffff 00000000ffffffff [ 20.229726] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.230466] page dumped because: kasan: bad access detected [ 20.230999] [ 20.231166] Memory state around the buggy address: [ 20.231636] ffff00000daf9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.232327] ffff00000dafa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.233019] >ffff00000dafa080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 20.233704] ^ [ 20.234338] ffff00000dafa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.235030] ffff00000dafa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.235714] ================================================================== [ 20.236734] ================================================================== [ 20.237431] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 20.238170] Write of size 1 at addr ffff00000dafa0f0 by task kunit_try_catch/213 [ 20.238855] [ 20.239017] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.239065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.239079] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.239095] Call trace: [ 20.239106] show_stack+0x20/0x38 (C) [ 20.239139] dump_stack_lvl+0x8c/0xd0 [ 20.239174] print_report+0x118/0x608 [ 20.239207] kasan_report+0xdc/0x128 [ 20.239238] __asan_report_store1_noabort+0x20/0x30 [ 20.239268] krealloc_more_oob_helper+0x5c0/0x678 [ 20.239300] krealloc_large_more_oob+0x20/0x38 [ 20.239330] kunit_try_run_case+0x170/0x3f0 [ 20.239364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.239401] kthread+0x328/0x630 [ 20.239427] ret_from_fork+0x10/0x20 [ 20.239459] [ 20.245484] The buggy address belongs to the physical page: [ 20.245999] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaf8 [ 20.246722] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.247426] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.248075] page_type: f8(unknown) [ 20.248410] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.249124] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.249837] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.250557] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.251279] head: 03fffe0000000002 fffffdffc036be01 00000000ffffffff 00000000ffffffff [ 20.252001] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.252715] page dumped because: kasan: bad access detected [ 20.253228] [ 20.253382] Memory state around the buggy address: [ 20.253829] ffff00000daf9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.254494] ffff00000dafa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.255158] >ffff00000dafa080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 20.255818] ^ [ 20.256451] ffff00000dafa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.257115] ffff00000dafa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.257776] ================================================================== [ 20.005702] ================================================================== [ 20.006738] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 20.007456] Write of size 1 at addr ffff00000daa04eb by task kunit_try_catch/209 [ 20.008139] [ 20.008303] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.008352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.008366] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.008383] Call trace: [ 20.008395] show_stack+0x20/0x38 (C) [ 20.008429] dump_stack_lvl+0x8c/0xd0 [ 20.008465] print_report+0x118/0x608 [ 20.008498] kasan_report+0xdc/0x128 [ 20.008530] __asan_report_store1_noabort+0x20/0x30 [ 20.008560] krealloc_more_oob_helper+0x60c/0x678 [ 20.008592] krealloc_more_oob+0x20/0x38 [ 20.008621] kunit_try_run_case+0x170/0x3f0 [ 20.008654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.008691] kthread+0x328/0x630 [ 20.008717] ret_from_fork+0x10/0x20 [ 20.008749] [ 20.014727] Allocated by task 209: [ 20.015052] kasan_save_stack+0x3c/0x68 [ 20.015428] kasan_save_track+0x20/0x40 [ 20.015803] kasan_save_alloc_info+0x40/0x58 [ 20.016218] __kasan_krealloc+0x118/0x178 [ 20.016608] krealloc_noprof+0x128/0x360 [ 20.016992] krealloc_more_oob_helper+0x168/0x678 [ 20.017442] krealloc_more_oob+0x20/0x38 [ 20.017823] kunit_try_run_case+0x170/0x3f0 [ 20.018227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.018750] kthread+0x328/0x630 [ 20.019065] ret_from_fork+0x10/0x20 [ 20.019415] [ 20.019567] The buggy address belongs to the object at ffff00000daa0400 [ 20.019567] which belongs to the cache kmalloc-256 of size 256 [ 20.020697] The buggy address is located 0 bytes to the right of [ 20.020697] allocated 235-byte region [ffff00000daa0400, ffff00000daa04eb) [ 20.021870] [ 20.022023] The buggy address belongs to the physical page: [ 20.022537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaa0 [ 20.023259] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.023964] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.024613] page_type: f5(slab) [ 20.024926] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.025640] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.026354] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.027075] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.027797] head: 03fffe0000000001 fffffdffc036a801 00000000ffffffff 00000000ffffffff [ 20.028519] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.029238] page dumped because: kasan: bad access detected [ 20.029775] [ 20.029942] Memory state around the buggy address: [ 20.030412] ffff00000daa0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.031103] ffff00000daa0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.031796] >ffff00000daa0480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 20.032480] ^ [ 20.033114] ffff00000daa0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.033806] ffff00000daa0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.034491] ================================================================== [ 20.035439] ================================================================== [ 20.036133] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 20.036857] Write of size 1 at addr ffff00000daa04f0 by task kunit_try_catch/209 [ 20.037552] [ 20.037722] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 20.037780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.037797] Hardware name: Radxa ROCK Pi 4B (DT) [ 20.037817] Call trace: [ 20.037830] show_stack+0x20/0x38 (C) [ 20.037869] dump_stack_lvl+0x8c/0xd0 [ 20.037911] print_report+0x118/0x608 [ 20.037950] kasan_report+0xdc/0x128 [ 20.037988] __asan_report_store1_noabort+0x20/0x30 [ 20.038025] krealloc_more_oob_helper+0x5c0/0x678 [ 20.038064] krealloc_more_oob+0x20/0x38 [ 20.038100] kunit_try_run_case+0x170/0x3f0 [ 20.038140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.038184] kthread+0x328/0x630 [ 20.038216] ret_from_fork+0x10/0x20 [ 20.038254] [ 20.044268] Allocated by task 209: [ 20.044598] kasan_save_stack+0x3c/0x68 [ 20.044984] kasan_save_track+0x20/0x40 [ 20.045368] kasan_save_alloc_info+0x40/0x58 [ 20.045795] __kasan_krealloc+0x118/0x178 [ 20.046195] krealloc_noprof+0x128/0x360 [ 20.046589] krealloc_more_oob_helper+0x168/0x678 [ 20.047049] krealloc_more_oob+0x20/0x38 [ 20.047438] kunit_try_run_case+0x170/0x3f0 [ 20.047854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.048386] kthread+0x328/0x630 [ 20.048712] ret_from_fork+0x10/0x20 [ 20.049071] [ 20.049228] The buggy address belongs to the object at ffff00000daa0400 [ 20.049228] which belongs to the cache kmalloc-256 of size 256 [ 20.050370] The buggy address is located 5 bytes to the right of [ 20.050370] allocated 235-byte region [ffff00000daa0400, ffff00000daa04eb) [ 20.051553] [ 20.051712] The buggy address belongs to the physical page: [ 20.052232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaa0 [ 20.052963] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.053677] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 20.054336] page_type: f5(slab) [ 20.054656] raw: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.055380] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.056104] head: 03fffe0000000040 ffff000000402b40 dead000000000122 0000000000000000 [ 20.056836] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.057568] head: 03fffe0000000001 fffffdffc036a801 00000000ffffffff 00000000ffffffff [ 20.058300] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.059022] page dumped because: kasan: bad access detected [ 20.059542] [ 20.059700] Memory state around the buggy address: [ 20.060154] ffff00000daa0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.060828] ffff00000daa0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.061501] >ffff00000daa0480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 20.062170] ^ [ 20.062810] ffff00000daa0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.063483] ffff00000daa0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.064151] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 19.982745] ================================================================== [ 19.984177] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 19.984818] Read of size 1 at addr ffff00000f350000 by task kunit_try_catch/207 [ 19.985524] [ 19.985706] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.985785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.985808] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.985834] Call trace: [ 19.985851] show_stack+0x20/0x38 (C) [ 19.985906] dump_stack_lvl+0x8c/0xd0 [ 19.985962] print_report+0x118/0x608 [ 19.986016] kasan_report+0xdc/0x128 [ 19.986068] __asan_report_load1_noabort+0x20/0x30 [ 19.986130] page_alloc_uaf+0x328/0x350 [ 19.986178] kunit_try_run_case+0x170/0x3f0 [ 19.986232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.986293] kthread+0x328/0x630 [ 19.986336] ret_from_fork+0x10/0x20 [ 19.986387] [ 19.992047] The buggy address belongs to the physical page: [ 19.992582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xf350 [ 19.993335] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 19.993974] page_type: f0(buddy) [ 19.994318] raw: 03fffe0000000000 ffff0000f75f2720 ffff0000f75f2720 0000000000000000 [ 19.995062] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 19.995794] page dumped because: kasan: bad access detected [ 19.996327] [ 19.996495] Memory state around the buggy address: [ 19.996964] ffff00000f34ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.997656] ffff00000f34ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.998347] >ffff00000f350000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.999031] ^ [ 19.999361] ffff00000f350080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.000053] ffff00000f350100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.000738] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 19.954003] ================================================================== [ 19.955054] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 19.955582] Free of addr ffff00000dbd4001 by task kunit_try_catch/203 [ 19.956177] [ 19.956341] CPU: 2 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.956390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.956405] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.956422] Call trace: [ 19.956433] show_stack+0x20/0x38 (C) [ 19.956466] dump_stack_lvl+0x8c/0xd0 [ 19.956502] print_report+0x118/0x608 [ 19.956537] kasan_report_invalid_free+0xc0/0xe8 [ 19.956572] __kasan_kfree_large+0x5c/0xa8 [ 19.956604] free_large_kmalloc+0x64/0x190 [ 19.956633] kfree+0x270/0x3c8 [ 19.956659] kmalloc_large_invalid_free+0x108/0x270 [ 19.956691] kunit_try_run_case+0x170/0x3f0 [ 19.956725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.956763] kthread+0x328/0x630 [ 19.956790] ret_from_fork+0x10/0x20 [ 19.956822] [ 19.963137] The buggy address belongs to the physical page: [ 19.963653] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdbd4 [ 19.964377] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.965082] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 19.965734] page_type: f8(unknown) [ 19.966070] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.966784] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.967498] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.968219] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.968941] head: 03fffe0000000002 fffffdffc036f501 00000000ffffffff 00000000ffffffff [ 19.969663] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.970376] page dumped because: kasan: bad access detected [ 19.970888] [ 19.971041] Memory state around the buggy address: [ 19.971490] ffff00000dbd3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.972154] ffff00000dbd3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.972818] >ffff00000dbd4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.973479] ^ [ 19.973789] ffff00000dbd4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.974453] ffff00000dbd4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.975113] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 19.932596] ================================================================== [ 19.933705] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 19.934347] Read of size 1 at addr ffff00000daf8000 by task kunit_try_catch/201 [ 19.935032] [ 19.935202] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.935261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.935278] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.935298] Call trace: [ 19.935312] show_stack+0x20/0x38 (C) [ 19.935352] dump_stack_lvl+0x8c/0xd0 [ 19.935394] print_report+0x118/0x608 [ 19.935435] kasan_report+0xdc/0x128 [ 19.935474] __asan_report_load1_noabort+0x20/0x30 [ 19.935519] kmalloc_large_uaf+0x2cc/0x2f8 [ 19.935554] kunit_try_run_case+0x170/0x3f0 [ 19.935596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.935641] kthread+0x328/0x630 [ 19.935674] ret_from_fork+0x10/0x20 [ 19.935712] [ 19.941322] The buggy address belongs to the physical page: [ 19.941847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaf8 [ 19.942579] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 19.943213] raw: 03fffe0000000000 fffffdffc036bf08 ffff0000d16ec640 0000000000000000 [ 19.943938] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 19.944653] page dumped because: kasan: bad access detected [ 19.945173] [ 19.945331] Memory state around the buggy address: [ 19.945786] ffff00000daf7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.946460] ffff00000daf7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.947133] >ffff00000daf8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.947801] ^ [ 19.948118] ffff00000daf8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.948792] ffff00000daf8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.949461] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 19.905718] ================================================================== [ 19.906835] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 19.907575] Write of size 1 at addr ffff00000dafa00a by task kunit_try_catch/199 [ 19.908288] [ 19.908472] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.908551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.908574] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.908600] Call trace: [ 19.908618] show_stack+0x20/0x38 (C) [ 19.908673] dump_stack_lvl+0x8c/0xd0 [ 19.908730] print_report+0x118/0x608 [ 19.908786] kasan_report+0xdc/0x128 [ 19.908838] __asan_report_store1_noabort+0x20/0x30 [ 19.908887] kmalloc_large_oob_right+0x278/0x2b8 [ 19.908937] kunit_try_run_case+0x170/0x3f0 [ 19.908992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.909053] kthread+0x328/0x630 [ 19.909096] ret_from_fork+0x10/0x20 [ 19.909148] [ 19.914882] The buggy address belongs to the physical page: [ 19.915416] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdaf8 [ 19.916169] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.916900] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 19.917581] page_type: f8(unknown) [ 19.917941] raw: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.918685] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.919430] head: 03fffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.920181] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.920935] head: 03fffe0000000002 fffffdffc036be01 00000000ffffffff 00000000ffffffff [ 19.921687] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.922426] page dumped because: kasan: bad access detected [ 19.922960] [ 19.923127] Memory state around the buggy address: [ 19.923596] ffff00000daf9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.924287] ffff00000daf9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.924980] >ffff00000dafa000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.925664] ^ [ 19.926017] ffff00000dafa080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.926708] ffff00000dafa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.927392] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 19.874335] ================================================================== [ 19.875486] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.876178] Write of size 1 at addr ffff00000e5e1f00 by task kunit_try_catch/197 [ 19.876861] [ 19.877026] CPU: 2 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.877076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.877090] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.877107] Call trace: [ 19.877117] show_stack+0x20/0x38 (C) [ 19.877152] dump_stack_lvl+0x8c/0xd0 [ 19.877187] print_report+0x118/0x608 [ 19.877220] kasan_report+0xdc/0x128 [ 19.877252] __asan_report_store1_noabort+0x20/0x30 [ 19.877281] kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.877311] kunit_try_run_case+0x170/0x3f0 [ 19.877344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.877381] kthread+0x328/0x630 [ 19.877408] ret_from_fork+0x10/0x20 [ 19.877439] [ 19.883049] Allocated by task 197: [ 19.883373] kasan_save_stack+0x3c/0x68 [ 19.883750] kasan_save_track+0x20/0x40 [ 19.884124] kasan_save_alloc_info+0x40/0x58 [ 19.884540] __kasan_kmalloc+0xd4/0xd8 [ 19.884906] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.885343] kmalloc_big_oob_right+0xb8/0x2f0 [ 19.885761] kunit_try_run_case+0x170/0x3f0 [ 19.886167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.886690] kthread+0x328/0x630 [ 19.887005] ret_from_fork+0x10/0x20 [ 19.887355] [ 19.887507] The buggy address belongs to the object at ffff00000e5e0000 [ 19.887507] which belongs to the cache kmalloc-8k of size 8192 [ 19.888638] The buggy address is located 0 bytes to the right of [ 19.888638] allocated 7936-byte region [ffff00000e5e0000, ffff00000e5e1f00) [ 19.889819] [ 19.889973] The buggy address belongs to the physical page: [ 19.890487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe5e0 [ 19.891210] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.891914] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 19.892564] page_type: f5(slab) [ 19.892879] raw: 03fffe0000000040 ffff000000403180 dead000000000122 0000000000000000 [ 19.893594] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.894308] head: 03fffe0000000040 ffff000000403180 dead000000000122 0000000000000000 [ 19.895030] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.895752] head: 03fffe0000000003 fffffdffc0397801 00000000ffffffff 00000000ffffffff [ 19.896474] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.897189] page dumped because: kasan: bad access detected [ 19.897703] [ 19.897854] Memory state around the buggy address: [ 19.898302] ffff00000e5e1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.898966] ffff00000e5e1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.899631] >ffff00000e5e1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.900291] ^ [ 19.900601] ffff00000e5e1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.901265] ffff00000e5e2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.901925] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 19.818710] ================================================================== [ 19.819784] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 19.820557] Write of size 1 at addr ffff00000ba33c78 by task kunit_try_catch/195 [ 19.821256] [ 19.821428] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.821488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.821506] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.821525] Call trace: [ 19.821539] show_stack+0x20/0x38 (C) [ 19.821582] dump_stack_lvl+0x8c/0xd0 [ 19.821624] print_report+0x118/0x608 [ 19.821666] kasan_report+0xdc/0x128 [ 19.821704] __asan_report_store1_noabort+0x20/0x30 [ 19.821740] kmalloc_track_caller_oob_right+0x40c/0x488 [ 19.821782] kunit_try_run_case+0x170/0x3f0 [ 19.821823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.821868] kthread+0x328/0x630 [ 19.821900] ret_from_fork+0x10/0x20 [ 19.821939] [ 19.827651] Allocated by task 195: [ 19.827981] kasan_save_stack+0x3c/0x68 [ 19.828368] kasan_save_track+0x20/0x40 [ 19.828753] kasan_save_alloc_info+0x40/0x58 [ 19.829178] __kasan_kmalloc+0xd4/0xd8 [ 19.829554] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.830096] kmalloc_track_caller_oob_right+0xa8/0x488 [ 19.830597] kunit_try_run_case+0x170/0x3f0 [ 19.831012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.831545] kthread+0x328/0x630 [ 19.831869] ret_from_fork+0x10/0x20 [ 19.832228] [ 19.832387] The buggy address belongs to the object at ffff00000ba33c00 [ 19.832387] which belongs to the cache kmalloc-128 of size 128 [ 19.833529] The buggy address is located 0 bytes to the right of [ 19.833529] allocated 120-byte region [ffff00000ba33c00, ffff00000ba33c78) [ 19.834713] [ 19.834873] The buggy address belongs to the physical page: [ 19.835394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xba33 [ 19.836125] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 19.836745] page_type: f5(slab) [ 19.837083] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 19.837830] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.838563] page dumped because: kasan: bad access detected [ 19.839097] [ 19.839264] Memory state around the buggy address: [ 19.839734] ffff00000ba33b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.840425] ffff00000ba33b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.841118] >ffff00000ba33c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.841802] ^ [ 19.842481] ffff00000ba33c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.843173] ffff00000ba33d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.843858] ================================================================== [ 19.844834] ================================================================== [ 19.845534] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 19.846322] Write of size 1 at addr ffff00000ba33d78 by task kunit_try_catch/195 [ 19.847035] [ 19.847217] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.847294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.847316] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.847342] Call trace: [ 19.847360] show_stack+0x20/0x38 (C) [ 19.847412] dump_stack_lvl+0x8c/0xd0 [ 19.847468] print_report+0x118/0x608 [ 19.847522] kasan_report+0xdc/0x128 [ 19.847573] __asan_report_store1_noabort+0x20/0x30 [ 19.847622] kmalloc_track_caller_oob_right+0x418/0x488 [ 19.847678] kunit_try_run_case+0x170/0x3f0 [ 19.847732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.847793] kthread+0x328/0x630 [ 19.847835] ret_from_fork+0x10/0x20 [ 19.847885] [ 19.853672] Allocated by task 195: [ 19.854016] kasan_save_stack+0x3c/0x68 [ 19.854421] kasan_save_track+0x20/0x40 [ 19.854823] kasan_save_alloc_info+0x40/0x58 [ 19.855270] __kasan_kmalloc+0xd4/0xd8 [ 19.855666] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.856228] kmalloc_track_caller_oob_right+0x184/0x488 [ 19.856756] kunit_try_run_case+0x170/0x3f0 [ 19.857192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.857747] kthread+0x328/0x630 [ 19.858086] ret_from_fork+0x10/0x20 [ 19.858462] [ 19.858631] The buggy address belongs to the object at ffff00000ba33d00 [ 19.858631] which belongs to the cache kmalloc-128 of size 128 [ 19.859793] The buggy address is located 0 bytes to the right of [ 19.859793] allocated 120-byte region [ffff00000ba33d00, ffff00000ba33d78) [ 19.861001] [ 19.861170] The buggy address belongs to the physical page: [ 19.861703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xba33 [ 19.862455] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 19.863092] page_type: f5(slab) [ 19.863428] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 19.864172] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.864903] page dumped because: kasan: bad access detected [ 19.865437] [ 19.865604] Memory state around the buggy address: [ 19.866072] ffff00000ba33c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.866764] ffff00000ba33c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.867455] >ffff00000ba33d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.868139] ^ [ 19.868819] ffff00000ba33d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.869510] ffff00000ba33e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.870194] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 19.787825] ================================================================== [ 19.788862] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 19.789582] Read of size 1 at addr ffff00000e3f9000 by task kunit_try_catch/193 [ 19.790260] [ 19.790425] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.790473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.790487] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.790504] Call trace: [ 19.790515] show_stack+0x20/0x38 (C) [ 19.790549] dump_stack_lvl+0x8c/0xd0 [ 19.790584] print_report+0x118/0x608 [ 19.790617] kasan_report+0xdc/0x128 [ 19.790648] __asan_report_load1_noabort+0x20/0x30 [ 19.790685] kmalloc_node_oob_right+0x2f4/0x330 [ 19.790716] kunit_try_run_case+0x170/0x3f0 [ 19.790750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.790788] kthread+0x328/0x630 [ 19.790814] ret_from_fork+0x10/0x20 [ 19.790845] [ 19.796454] Allocated by task 193: [ 19.796779] kasan_save_stack+0x3c/0x68 [ 19.797156] kasan_save_track+0x20/0x40 [ 19.797531] kasan_save_alloc_info+0x40/0x58 [ 19.797947] __kasan_kmalloc+0xd4/0xd8 [ 19.798312] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 19.798788] kmalloc_node_oob_right+0xbc/0x330 [ 19.799216] kunit_try_run_case+0x170/0x3f0 [ 19.799622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.800144] kthread+0x328/0x630 [ 19.800459] ret_from_fork+0x10/0x20 [ 19.800809] [ 19.800962] The buggy address belongs to the object at ffff00000e3f8000 [ 19.800962] which belongs to the cache kmalloc-4k of size 4096 [ 19.802093] The buggy address is located 0 bytes to the right of [ 19.802093] allocated 4096-byte region [ffff00000e3f8000, ffff00000e3f9000) [ 19.803274] [ 19.803427] The buggy address belongs to the physical page: [ 19.803941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe3f8 [ 19.804664] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.805368] flags: 0x3fffe0000000040(head|node=0|zone=0|lastcpupid=0x1ffff) [ 19.806019] page_type: f5(slab) [ 19.806332] raw: 03fffe0000000040 ffff000000403040 dead000000000122 0000000000000000 [ 19.807046] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.807760] head: 03fffe0000000040 ffff000000403040 dead000000000122 0000000000000000 [ 19.808482] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.809205] head: 03fffe0000000003 fffffdffc038fe01 00000000ffffffff 00000000ffffffff [ 19.809926] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.810640] page dumped because: kasan: bad access detected [ 19.811153] [ 19.811305] Memory state around the buggy address: [ 19.811753] ffff00000e3f8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.812418] ffff00000e3f8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.813084] >ffff00000e3f9000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.813744] ^ [ 19.814054] ffff00000e3f9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.814718] ffff00000e3f9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.815379] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 19.743117] ================================================================== [ 19.744175] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 19.744841] Read of size 1 at addr ffff00000251e77f by task kunit_try_catch/191 [ 19.745530] [ 19.745701] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.745759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.745776] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.745796] Call trace: [ 19.745809] show_stack+0x20/0x38 (C) [ 19.745851] dump_stack_lvl+0x8c/0xd0 [ 19.745894] print_report+0x118/0x608 [ 19.745935] kasan_report+0xdc/0x128 [ 19.745973] __asan_report_load1_noabort+0x20/0x30 [ 19.746018] kmalloc_oob_left+0x2ec/0x320 [ 19.746053] kunit_try_run_case+0x170/0x3f0 [ 19.746094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.746139] kthread+0x328/0x630 [ 19.746171] ret_from_fork+0x10/0x20 [ 19.746210] [ 19.751809] Allocated by task 11: [ 19.752133] kasan_save_stack+0x3c/0x68 [ 19.752519] kasan_save_track+0x20/0x40 [ 19.752903] kasan_save_alloc_info+0x40/0x58 [ 19.753329] __kasan_kmalloc+0xd4/0xd8 [ 19.753704] __kmalloc_noprof+0x198/0x4c8 [ 19.754105] usb_hcd_submit_urb+0x444/0x1a58 [ 19.754534] usb_submit_urb+0x53c/0x1568 [ 19.754921] usb_start_wait_urb+0x120/0x3e8 [ 19.755330] usb_control_msg+0x2b4/0x3e0 [ 19.755716] hub_ext_port_status+0x114/0x580 [ 19.756138] hub_activate+0x2a4/0x1338 [ 19.756513] hub_resume+0xa8/0x380 [ 19.756858] usb_resume_interface.isra.0+0x1f8/0x348 [ 19.757342] usb_suspend_both+0x250/0x6f0 [ 19.757739] usb_runtime_suspend+0x3c/0xf8 [ 19.758145] __rpm_callback+0xa0/0x470 [ 19.758525] rpm_callback+0x168/0x1b0 [ 19.758894] rpm_suspend+0x1bc/0xcd8 [ 19.759255] __pm_runtime_suspend+0x5c/0x1e8 [ 19.759680] usb_runtime_idle+0x48/0x68 [ 19.760062] rpm_idle+0x13c/0x708 [ 19.760399] pm_runtime_work+0x110/0x170 [ 19.760793] process_one_work+0x530/0xf98 [ 19.761192] worker_thread+0x618/0xf38 [ 19.761563] kthread+0x328/0x630 [ 19.761887] ret_from_fork+0x10/0x20 [ 19.762245] [ 19.762403] Freed by task 11: [ 19.762695] kasan_save_stack+0x3c/0x68 [ 19.763080] kasan_save_track+0x20/0x40 [ 19.763465] kasan_save_free_info+0x4c/0x78 [ 19.763882] __kasan_slab_free+0x6c/0x98 [ 19.764273] kfree+0x214/0x3c8 [ 19.764585] usb_hcd_submit_urb+0x518/0x1a58 [ 19.765012] usb_submit_urb+0x53c/0x1568 [ 19.765397] usb_start_wait_urb+0x120/0x3e8 [ 19.765806] usb_control_msg+0x2b4/0x3e0 [ 19.766192] hub_ext_port_status+0x114/0x580 [ 19.766613] hub_activate+0x2a4/0x1338 [ 19.766988] hub_resume+0xa8/0x380 [ 19.767332] usb_resume_interface.isra.0+0x1f8/0x348 [ 19.767814] usb_suspend_both+0x250/0x6f0 [ 19.768210] usb_runtime_suspend+0x3c/0xf8 [ 19.768615] __rpm_callback+0xa0/0x470 [ 19.768992] rpm_callback+0x168/0x1b0 [ 19.769361] rpm_suspend+0x1bc/0xcd8 [ 19.769722] __pm_runtime_suspend+0x5c/0x1e8 [ 19.770145] usb_runtime_idle+0x48/0x68 [ 19.770526] rpm_idle+0x13c/0x708 [ 19.770864] pm_runtime_work+0x110/0x170 [ 19.771256] process_one_work+0x530/0xf98 [ 19.771654] worker_thread+0x618/0xf38 [ 19.772028] kthread+0x328/0x630 [ 19.772351] ret_from_fork+0x10/0x20 [ 19.772709] [ 19.772869] The buggy address belongs to the object at ffff00000251e760 [ 19.772869] which belongs to the cache kmalloc-16 of size 16 [ 19.773996] The buggy address is located 15 bytes to the right of [ 19.773996] allocated 16-byte region [ffff00000251e760, ffff00000251e770) [ 19.775180] [ 19.775339] The buggy address belongs to the physical page: [ 19.775860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x251e [ 19.776595] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 19.777215] page_type: f5(slab) [ 19.777537] raw: 03fffe0000000000 ffff000000402640 dead000000000122 0000000000000000 [ 19.778262] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.778977] page dumped because: kasan: bad access detected [ 19.779497] [ 19.779654] Memory state around the buggy address: [ 19.780108] ffff00000251e600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.780782] ffff00000251e680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.781455] >ffff00000251e700: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.782125] ^ [ 19.782789] ffff00000251e780: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.783462] ffff00000251e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.784132] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 19.666686] ================================================================== [ 19.667393] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 19.668056] Write of size 1 at addr ffff00000cef7473 by task kunit_try_catch/189 [ 19.668739] [ 19.668906] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G N 6.16.0-rc1 #1 PREEMPT [ 19.668954] Tainted: [N]=TEST [ 19.668965] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.668982] Call trace: [ 19.668993] show_stack+0x20/0x38 (C) [ 19.669029] dump_stack_lvl+0x8c/0xd0 [ 19.669063] print_report+0x118/0x608 [ 19.669097] kasan_report+0xdc/0x128 [ 19.669128] __asan_report_store1_noabort+0x20/0x30 [ 19.669158] kmalloc_oob_right+0x5a4/0x660 [ 19.669186] kunit_try_run_case+0x170/0x3f0 [ 19.669220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.669258] kthread+0x328/0x630 [ 19.669284] ret_from_fork+0x10/0x20 [ 19.669315] [ 19.674793] Allocated by task 189: [ 19.675120] kasan_save_stack+0x3c/0x68 [ 19.675499] kasan_save_track+0x20/0x40 [ 19.675875] kasan_save_alloc_info+0x40/0x58 [ 19.676292] __kasan_kmalloc+0xd4/0xd8 [ 19.676658] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.677095] kmalloc_oob_right+0xb0/0x660 [ 19.677483] kunit_try_run_case+0x170/0x3f0 [ 19.677889] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.678412] kthread+0x328/0x630 [ 19.678728] ret_from_fork+0x10/0x20 [ 19.679078] [ 19.679230] The buggy address belongs to the object at ffff00000cef7400 [ 19.679230] which belongs to the cache kmalloc-128 of size 128 [ 19.680362] The buggy address is located 0 bytes to the right of [ 19.680362] allocated 115-byte region [ffff00000cef7400, ffff00000cef7473) [ 19.681535] [ 19.681689] The buggy address belongs to the physical page: [ 19.682203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xcef7 [ 19.682925] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 19.683535] page_type: f5(slab) [ 19.683848] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 19.684563] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.685271] page dumped because: kasan: bad access detected [ 19.685784] [ 19.685936] Memory state around the buggy address: [ 19.686385] ffff00000cef7300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.687050] ffff00000cef7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.687714] >ffff00000cef7400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.688374] ^ [ 19.689006] ffff00000cef7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.689671] ffff00000cef7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.690331] ================================================================== [ 19.716600] ================================================================== [ 19.717273] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 19.717916] Read of size 1 at addr ffff00000cef7480 by task kunit_try_catch/189 [ 19.718579] [ 19.718733] CPU: 4 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.718768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.718778] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.718789] Call trace: [ 19.718798] show_stack+0x20/0x38 (C) [ 19.718822] dump_stack_lvl+0x8c/0xd0 [ 19.718845] print_report+0x118/0x608 [ 19.718867] kasan_report+0xdc/0x128 [ 19.718888] __asan_report_load1_noabort+0x20/0x30 [ 19.718912] kmalloc_oob_right+0x5d0/0x660 [ 19.718931] kunit_try_run_case+0x170/0x3f0 [ 19.718953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.718977] kthread+0x328/0x630 [ 19.718994] ret_from_fork+0x10/0x20 [ 19.719015] [ 19.724538] Allocated by task 189: [ 19.724853] kasan_save_stack+0x3c/0x68 [ 19.725216] kasan_save_track+0x20/0x40 [ 19.725577] kasan_save_alloc_info+0x40/0x58 [ 19.725977] __kasan_kmalloc+0xd4/0xd8 [ 19.726329] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.726750] kmalloc_oob_right+0xb0/0x660 [ 19.727124] kunit_try_run_case+0x170/0x3f0 [ 19.727515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.728022] kthread+0x328/0x630 [ 19.728325] ret_from_fork+0x10/0x20 [ 19.728662] [ 19.728808] The buggy address belongs to the object at ffff00000cef7400 [ 19.728808] which belongs to the cache kmalloc-128 of size 128 [ 19.729923] The buggy address is located 13 bytes to the right of [ 19.729923] allocated 115-byte region [ffff00000cef7400, ffff00000cef7473) [ 19.731086] [ 19.731233] The buggy address belongs to the physical page: [ 19.731736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xcef7 [ 19.732446] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 19.733042] page_type: f5(slab) [ 19.733341] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 19.734042] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.734736] page dumped because: kasan: bad access detected [ 19.735239] [ 19.735384] Memory state around the buggy address: [ 19.735821] ffff00000cef7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.736474] ffff00000cef7400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.737126] >ffff00000cef7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.737774] ^ [ 19.738074] ffff00000cef7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.738726] ffff00000cef7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.739375] ================================================================== [ 19.691851] ================================================================== [ 19.692514] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 19.693171] Write of size 1 at addr ffff00000cef7478 by task kunit_try_catch/189 [ 19.693854] [ 19.694018] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 19.694066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.694079] Hardware name: Radxa ROCK Pi 4B (DT) [ 19.694096] Call trace: [ 19.694107] show_stack+0x20/0x38 (C) [ 19.694139] dump_stack_lvl+0x8c/0xd0 [ 19.694174] print_report+0x118/0x608 [ 19.694207] kasan_report+0xdc/0x128 [ 19.694238] __asan_report_store1_noabort+0x20/0x30 [ 19.694268] kmalloc_oob_right+0x538/0x660 [ 19.694296] kunit_try_run_case+0x170/0x3f0 [ 19.694330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.694366] kthread+0x328/0x630 [ 19.694392] ret_from_fork+0x10/0x20 [ 19.694423] [ 19.700003] Allocated by task 189: [ 19.700327] kasan_save_stack+0x3c/0x68 [ 19.700703] kasan_save_track+0x20/0x40 [ 19.701078] kasan_save_alloc_info+0x40/0x58 [ 19.701492] __kasan_kmalloc+0xd4/0xd8 [ 19.701858] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.702294] kmalloc_oob_right+0xb0/0x660 [ 19.702682] kunit_try_run_case+0x170/0x3f0 [ 19.703087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.703609] kthread+0x328/0x630 [ 19.703924] ret_from_fork+0x10/0x20 [ 19.704274] [ 19.704427] The buggy address belongs to the object at ffff00000cef7400 [ 19.704427] which belongs to the cache kmalloc-128 of size 128 [ 19.705557] The buggy address is located 5 bytes to the right of [ 19.705557] allocated 115-byte region [ffff00000cef7400, ffff00000cef7473) [ 19.706730] [ 19.706884] The buggy address belongs to the physical page: [ 19.707398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xcef7 [ 19.708120] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff) [ 19.708730] page_type: f5(slab) [ 19.709042] raw: 03fffe0000000000 ffff000000402a00 dead000000000122 0000000000000000 [ 19.709755] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.710461] page dumped because: kasan: bad access detected [ 19.710974] [ 19.711126] Memory state around the buggy address: [ 19.711573] ffff00000cef7300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.712238] ffff00000cef7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.712902] >ffff00000cef7400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.713562] ^ [ 19.714217] ffff00000cef7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.714881] ffff00000cef7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.715541] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 64.510072] WARNING: CPU: 0 PID: 757 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 64.510822] Modules linked in: [ 64.511165] CPU: 0 UID: 0 PID: 757 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT [ 64.512118] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 64.512670] Hardware name: Radxa ROCK Pi 4B (DT) [ 64.513119] pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 64.513787] pc : intlog10+0x38/0x48 [ 64.514155] lr : intlog10_test+0xe4/0x200 [ 64.514570] sp : ffff80008a637c10 [ 64.514903] x29: ffff80008a637c90 x28: 0000000000000000 x27: 0000000000000000 [ 64.515634] x26: 1fffe00001984b21 x25: 0000000000000000 x24: ffff80008a637ce0 [ 64.516366] x23: ffff80008a637d00 x22: 0000000000000000 x21: 1ffff000114c6f82 [ 64.517095] x20: ffff800083cd2fc0 x19: ffff800087e17990 x18: 00000000cd7bf305 [ 64.517827] x17: 0000000000000001 x16: ffff0000d16c4d28 x15: ffff000000da0420 [ 64.518556] x14: 00000000000c8000 x13: ffff800085bea308 x12: ffff700010f6f381 [ 64.519287] x11: 1ffff00010f6f380 x10: ffff700010f6f380 x9 : ffff80008126a2dc [ 64.520018] x8 : ffff800087b79c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 64.520747] x5 : ffff7000114c6f82 x4 : 1ffff00010fc2f3a x3 : 1ffff0001079a5f8 [ 64.521477] x2 : 1ffff0001079a5f8 x1 : 0000000000000003 x0 : 0000000000000000 [ 64.522205] Call trace: [ 64.522462] intlog10+0x38/0x48 (P) [ 64.522842] kunit_try_run_case+0x170/0x3f0 [ 64.523286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.523846] kthread+0x328/0x630 [ 64.524197] ret_from_fork+0x10/0x20 [ 64.524586] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 64.470990] WARNING: CPU: 0 PID: 739 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 64.471701] Modules linked in: [ 64.472025] CPU: 0 UID: 0 PID: 739 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc1 #1 PREEMPT [ 64.472951] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 64.473418] Hardware name: Radxa ROCK Pi 4B (DT) [ 64.473857] pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 64.474508] pc : intlog2+0xd8/0xf8 [ 64.474857] lr : intlog2_test+0xe4/0x200 [ 64.475246] sp : ffff80008ac17c10 [ 64.475567] x29: ffff80008ac17c90 x28: 0000000000000000 x27: 0000000000000000 [ 64.476272] x26: 1fffe0000198bd01 x25: 0000000000000000 x24: ffff80008ac17ce0 [ 64.476973] x23: ffff80008ac17d00 x22: 0000000000000000 x21: 1ffff00011582f82 [ 64.477673] x20: ffff800083cd2ec0 x19: ffff800087e17990 x18: 000000004d897dcd [ 64.478375] x17: 0000000000000001 x16: ffff0000d16c4d28 x15: ffff000000da0420 [ 64.479077] x14: 00000000000c8000 x13: ffff00000f196548 x12: ffff700010f6f381 [ 64.479779] x11: 1ffff00010f6f380 x10: ffff700010f6f380 x9 : ffff80008126a4dc [ 64.480481] x8 : ffff800087b79c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 64.481182] x5 : ffff700011582f82 x4 : 1ffff00010fc2f3a x3 : 1ffff0001079a5d8 [ 64.481883] x2 : 1ffff0001079a5d8 x1 : 0000000000000003 x0 : 0000000000000000 [ 64.482582] Call trace: [ 64.482829] intlog2+0xd8/0xf8 (P) [ 64.483182] kunit_try_run_case+0x170/0x3f0 [ 64.483603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.484142] kthread+0x328/0x630 [ 64.484474] ret_from_fork+0x10/0x20 [ 64.484844] ---[ end trace 0000000000000000 ]---
Failure - lava - job
(no logs available)
Failure - lava - uboot-action
(no logs available)
Failure - lava - uboot-commands
(no logs available)
Failure - lava - auto-login-action
(no logs available)
Failure - lava - login-action
(no logs available)
Failure - boot - gcc-13-lkftconfig-kunit
(no logs available)