Date
July 3, 2025, 11:10 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 20.090391] ================================================================== [ 20.090535] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 20.090613] Read of size 4 at addr fff00000c6674100 by task swapper/0/0 [ 20.090661] [ 20.090704] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.090790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.090818] Hardware name: linux,dummy-virt (DT) [ 20.090855] Call trace: [ 20.090880] show_stack+0x20/0x38 (C) [ 20.090931] dump_stack_lvl+0x8c/0xd0 [ 20.090981] print_report+0x118/0x608 [ 20.091065] kasan_report+0xdc/0x128 [ 20.091172] __asan_report_load4_noabort+0x20/0x30 [ 20.091306] rcu_uaf_reclaim+0x64/0x70 [ 20.091389] rcu_core+0x9f4/0x1e20 [ 20.091472] rcu_core_si+0x18/0x30 [ 20.091556] handle_softirqs+0x374/0xb28 [ 20.091652] __do_softirq+0x1c/0x28 [ 20.091777] ____do_softirq+0x18/0x30 [ 20.091920] call_on_irq_stack+0x24/0x30 [ 20.092077] do_softirq_own_stack+0x24/0x38 [ 20.092226] __irq_exit_rcu+0x1fc/0x318 [ 20.092367] irq_exit_rcu+0x1c/0x80 [ 20.092504] el1_interrupt+0x38/0x58 [ 20.092623] el1h_64_irq_handler+0x18/0x28 [ 20.092732] el1h_64_irq+0x6c/0x70 [ 20.092914] arch_local_irq_enable+0x4/0x8 (P) [ 20.093230] do_idle+0x384/0x4e8 [ 20.093341] cpu_startup_entry+0x68/0x80 [ 20.093434] rest_init+0x160/0x188 [ 20.093514] start_kernel+0x30c/0x3d0 [ 20.093628] __primary_switched+0x8c/0xa0 [ 20.093724] [ 20.093762] Allocated by task 198: [ 20.093815] kasan_save_stack+0x3c/0x68 [ 20.094376] kasan_save_track+0x20/0x40 [ 20.094472] kasan_save_alloc_info+0x40/0x58 [ 20.094561] __kasan_kmalloc+0xd4/0xd8 [ 20.094649] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.094749] rcu_uaf+0xb0/0x2d8 [ 20.094829] kunit_try_run_case+0x170/0x3f0 [ 20.094918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.095071] kthread+0x328/0x630 [ 20.095152] ret_from_fork+0x10/0x20 [ 20.095233] [ 20.095279] Freed by task 0: [ 20.095331] kasan_save_stack+0x3c/0x68 [ 20.095402] kasan_save_track+0x20/0x40 [ 20.095467] kasan_save_free_info+0x4c/0x78 [ 20.095542] __kasan_slab_free+0x6c/0x98 [ 20.095608] kfree+0x214/0x3c8 [ 20.095675] rcu_uaf_reclaim+0x28/0x70 [ 20.095745] rcu_core+0x9f4/0x1e20 [ 20.095817] rcu_core_si+0x18/0x30 [ 20.095896] handle_softirqs+0x374/0xb28 [ 20.095979] __do_softirq+0x1c/0x28 [ 20.096073] [ 20.096143] Last potentially related work creation: [ 20.096214] kasan_save_stack+0x3c/0x68 [ 20.096295] kasan_record_aux_stack+0xb4/0xc8 [ 20.096393] __call_rcu_common.constprop.0+0x74/0x8c8 [ 20.096474] call_rcu+0x18/0x30 [ 20.096564] rcu_uaf+0x14c/0x2d8 [ 20.096661] kunit_try_run_case+0x170/0x3f0 [ 20.096751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.096835] kthread+0x328/0x630 [ 20.096912] ret_from_fork+0x10/0x20 [ 20.097012] [ 20.097093] The buggy address belongs to the object at fff00000c6674100 [ 20.097093] which belongs to the cache kmalloc-32 of size 32 [ 20.097265] The buggy address is located 0 bytes inside of [ 20.097265] freed 32-byte region [fff00000c6674100, fff00000c6674120) [ 20.097440] [ 20.097509] The buggy address belongs to the physical page: [ 20.097600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106674 [ 20.097728] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.097833] page_type: f5(slab) [ 20.098131] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.098254] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.098419] page dumped because: kasan: bad access detected [ 20.098545] [ 20.098639] Memory state around the buggy address: [ 20.098799] fff00000c6674000: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 20.098948] fff00000c6674080: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.099070] >fff00000c6674100: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 20.099152] ^ [ 20.099214] fff00000c6674180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.099312] fff00000c6674200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.099397] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 20.025107] ================================================================== [ 20.025234] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 20.025349] Read of size 1 at addr fff00000c6345f78 by task kunit_try_catch/196 [ 20.025465] [ 20.025534] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.025720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.025780] Hardware name: linux,dummy-virt (DT) [ 20.025847] Call trace: [ 20.026132] show_stack+0x20/0x38 (C) [ 20.026509] dump_stack_lvl+0x8c/0xd0 [ 20.026633] print_report+0x118/0x608 [ 20.026749] kasan_report+0xdc/0x128 [ 20.026841] __asan_report_load1_noabort+0x20/0x30 [ 20.026985] ksize_uaf+0x544/0x5f8 [ 20.027094] kunit_try_run_case+0x170/0x3f0 [ 20.027341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.027523] kthread+0x328/0x630 [ 20.027628] ret_from_fork+0x10/0x20 [ 20.027765] [ 20.027804] Allocated by task 196: [ 20.027905] kasan_save_stack+0x3c/0x68 [ 20.028003] kasan_save_track+0x20/0x40 [ 20.028105] kasan_save_alloc_info+0x40/0x58 [ 20.028198] __kasan_kmalloc+0xd4/0xd8 [ 20.028282] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.028388] ksize_uaf+0xb8/0x5f8 [ 20.028464] kunit_try_run_case+0x170/0x3f0 [ 20.028620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.028772] kthread+0x328/0x630 [ 20.028873] ret_from_fork+0x10/0x20 [ 20.028971] [ 20.029424] Freed by task 196: [ 20.029504] kasan_save_stack+0x3c/0x68 [ 20.029588] kasan_save_track+0x20/0x40 [ 20.029671] kasan_save_free_info+0x4c/0x78 [ 20.029752] __kasan_slab_free+0x6c/0x98 [ 20.030138] kfree+0x214/0x3c8 [ 20.030208] ksize_uaf+0x11c/0x5f8 [ 20.030279] kunit_try_run_case+0x170/0x3f0 [ 20.030350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.030437] kthread+0x328/0x630 [ 20.030504] ret_from_fork+0x10/0x20 [ 20.030583] [ 20.030635] The buggy address belongs to the object at fff00000c6345f00 [ 20.030635] which belongs to the cache kmalloc-128 of size 128 [ 20.030925] The buggy address is located 120 bytes inside of [ 20.030925] freed 128-byte region [fff00000c6345f00, fff00000c6345f80) [ 20.031233] [ 20.031282] The buggy address belongs to the physical page: [ 20.031352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 20.031468] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.031585] page_type: f5(slab) [ 20.031665] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.032085] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.032206] page dumped because: kasan: bad access detected [ 20.032348] [ 20.032412] Memory state around the buggy address: [ 20.032541] fff00000c6345e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.032660] fff00000c6345e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.032765] >fff00000c6345f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.032864] ^ [ 20.033037] fff00000c6345f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.033195] fff00000c6346000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.033328] ================================================================== [ 20.005606] ================================================================== [ 20.006008] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 20.006164] Read of size 1 at addr fff00000c6345f00 by task kunit_try_catch/196 [ 20.006294] [ 20.006383] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.006556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.006785] Hardware name: linux,dummy-virt (DT) [ 20.006865] Call trace: [ 20.006925] show_stack+0x20/0x38 (C) [ 20.007062] dump_stack_lvl+0x8c/0xd0 [ 20.007174] print_report+0x118/0x608 [ 20.007276] kasan_report+0xdc/0x128 [ 20.007373] __kasan_check_byte+0x54/0x70 [ 20.007478] ksize+0x30/0x88 [ 20.007623] ksize_uaf+0x168/0x5f8 [ 20.007758] kunit_try_run_case+0x170/0x3f0 [ 20.007904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.008058] kthread+0x328/0x630 [ 20.008139] ret_from_fork+0x10/0x20 [ 20.008243] [ 20.008287] Allocated by task 196: [ 20.008380] kasan_save_stack+0x3c/0x68 [ 20.008464] kasan_save_track+0x20/0x40 [ 20.008851] kasan_save_alloc_info+0x40/0x58 [ 20.009093] __kasan_kmalloc+0xd4/0xd8 [ 20.009197] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.009288] ksize_uaf+0xb8/0x5f8 [ 20.009358] kunit_try_run_case+0x170/0x3f0 [ 20.009627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.009741] kthread+0x328/0x630 [ 20.009817] ret_from_fork+0x10/0x20 [ 20.009903] [ 20.009945] Freed by task 196: [ 20.009999] kasan_save_stack+0x3c/0x68 [ 20.010088] kasan_save_track+0x20/0x40 [ 20.010169] kasan_save_free_info+0x4c/0x78 [ 20.010252] __kasan_slab_free+0x6c/0x98 [ 20.010512] kfree+0x214/0x3c8 [ 20.010640] ksize_uaf+0x11c/0x5f8 [ 20.010726] kunit_try_run_case+0x170/0x3f0 [ 20.010831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.010972] kthread+0x328/0x630 [ 20.011232] ret_from_fork+0x10/0x20 [ 20.011494] [ 20.011613] The buggy address belongs to the object at fff00000c6345f00 [ 20.011613] which belongs to the cache kmalloc-128 of size 128 [ 20.011785] The buggy address is located 0 bytes inside of [ 20.011785] freed 128-byte region [fff00000c6345f00, fff00000c6345f80) [ 20.011956] [ 20.012045] The buggy address belongs to the physical page: [ 20.012120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 20.012237] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.012584] page_type: f5(slab) [ 20.012730] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.012851] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.012948] page dumped because: kasan: bad access detected [ 20.013015] [ 20.013066] Memory state around the buggy address: [ 20.013137] fff00000c6345e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.013237] fff00000c6345e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.013354] >fff00000c6345f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.013485] ^ [ 20.013571] fff00000c6345f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.013713] fff00000c6346000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.013799] ================================================================== [ 20.015618] ================================================================== [ 20.015738] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 20.015849] Read of size 1 at addr fff00000c6345f00 by task kunit_try_catch/196 [ 20.015961] [ 20.016049] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.016237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.016297] Hardware name: linux,dummy-virt (DT) [ 20.016372] Call trace: [ 20.016420] show_stack+0x20/0x38 (C) [ 20.016544] dump_stack_lvl+0x8c/0xd0 [ 20.016662] print_report+0x118/0x608 [ 20.016763] kasan_report+0xdc/0x128 [ 20.016866] __asan_report_load1_noabort+0x20/0x30 [ 20.016986] ksize_uaf+0x598/0x5f8 [ 20.017488] kunit_try_run_case+0x170/0x3f0 [ 20.017745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.018181] kthread+0x328/0x630 [ 20.018397] ret_from_fork+0x10/0x20 [ 20.018489] [ 20.018529] Allocated by task 196: [ 20.018610] kasan_save_stack+0x3c/0x68 [ 20.018702] kasan_save_track+0x20/0x40 [ 20.018794] kasan_save_alloc_info+0x40/0x58 [ 20.018924] __kasan_kmalloc+0xd4/0xd8 [ 20.019007] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.019288] ksize_uaf+0xb8/0x5f8 [ 20.019373] kunit_try_run_case+0x170/0x3f0 [ 20.019458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.019555] kthread+0x328/0x630 [ 20.019622] ret_from_fork+0x10/0x20 [ 20.019704] [ 20.019748] Freed by task 196: [ 20.019809] kasan_save_stack+0x3c/0x68 [ 20.019895] kasan_save_track+0x20/0x40 [ 20.019978] kasan_save_free_info+0x4c/0x78 [ 20.020090] __kasan_slab_free+0x6c/0x98 [ 20.020716] kfree+0x214/0x3c8 [ 20.020839] ksize_uaf+0x11c/0x5f8 [ 20.020960] kunit_try_run_case+0x170/0x3f0 [ 20.021065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.021194] kthread+0x328/0x630 [ 20.021287] ret_from_fork+0x10/0x20 [ 20.021387] [ 20.021432] The buggy address belongs to the object at fff00000c6345f00 [ 20.021432] which belongs to the cache kmalloc-128 of size 128 [ 20.021648] The buggy address is located 0 bytes inside of [ 20.021648] freed 128-byte region [fff00000c6345f00, fff00000c6345f80) [ 20.021768] [ 20.021806] The buggy address belongs to the physical page: [ 20.022218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 20.022341] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.022486] page_type: f5(slab) [ 20.022599] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.022744] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.022892] page dumped because: kasan: bad access detected [ 20.022967] [ 20.023011] Memory state around the buggy address: [ 20.023101] fff00000c6345e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.023202] fff00000c6345e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.023300] >fff00000c6345f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.023386] ^ [ 20.023455] fff00000c6345f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.023556] fff00000c6346000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.023681] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 19.981033] ================================================================== [ 19.981157] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 19.981270] Read of size 1 at addr fff00000c6345e7f by task kunit_try_catch/194 [ 19.981353] [ 19.981391] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.981482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.981524] Hardware name: linux,dummy-virt (DT) [ 19.981559] Call trace: [ 19.981581] show_stack+0x20/0x38 (C) [ 19.981635] dump_stack_lvl+0x8c/0xd0 [ 19.982798] print_report+0x118/0x608 [ 19.983142] kasan_report+0xdc/0x128 [ 19.983272] __asan_report_load1_noabort+0x20/0x30 [ 19.983387] ksize_unpoisons_memory+0x690/0x740 [ 19.983490] kunit_try_run_case+0x170/0x3f0 [ 19.983594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.984707] kthread+0x328/0x630 [ 19.985168] ret_from_fork+0x10/0x20 [ 19.985533] [ 19.985632] Allocated by task 194: [ 19.985717] kasan_save_stack+0x3c/0x68 [ 19.985813] kasan_save_track+0x20/0x40 [ 19.985950] kasan_save_alloc_info+0x40/0x58 [ 19.986063] __kasan_kmalloc+0xd4/0xd8 [ 19.986146] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.986225] ksize_unpoisons_memory+0xc0/0x740 [ 19.986290] kunit_try_run_case+0x170/0x3f0 [ 19.986367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.986768] kthread+0x328/0x630 [ 19.986895] ret_from_fork+0x10/0x20 [ 19.987171] [ 19.987298] The buggy address belongs to the object at fff00000c6345e00 [ 19.987298] which belongs to the cache kmalloc-128 of size 128 [ 19.987524] The buggy address is located 12 bytes to the right of [ 19.987524] allocated 115-byte region [fff00000c6345e00, fff00000c6345e73) [ 19.987936] [ 19.987996] The buggy address belongs to the physical page: [ 19.988194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.988334] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.988454] page_type: f5(slab) [ 19.988560] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.988777] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.988973] page dumped because: kasan: bad access detected [ 19.989302] [ 19.989344] Memory state around the buggy address: [ 19.989420] fff00000c6345d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.989655] fff00000c6345d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.989832] >fff00000c6345e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.989929] ^ [ 19.990007] fff00000c6345e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.990112] fff00000c6345f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.990530] ================================================================== [ 19.962984] ================================================================== [ 19.963181] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 19.963361] Read of size 1 at addr fff00000c6345e73 by task kunit_try_catch/194 [ 19.963513] [ 19.963615] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.963828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.963911] Hardware name: linux,dummy-virt (DT) [ 19.963998] Call trace: [ 19.964068] show_stack+0x20/0x38 (C) [ 19.964172] dump_stack_lvl+0x8c/0xd0 [ 19.964272] print_report+0x118/0x608 [ 19.964381] kasan_report+0xdc/0x128 [ 19.964504] __asan_report_load1_noabort+0x20/0x30 [ 19.964620] ksize_unpoisons_memory+0x628/0x740 [ 19.964980] kunit_try_run_case+0x170/0x3f0 [ 19.965137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.965308] kthread+0x328/0x630 [ 19.965487] ret_from_fork+0x10/0x20 [ 19.965687] [ 19.965758] Allocated by task 194: [ 19.965821] kasan_save_stack+0x3c/0x68 [ 19.965905] kasan_save_track+0x20/0x40 [ 19.965968] kasan_save_alloc_info+0x40/0x58 [ 19.966063] __kasan_kmalloc+0xd4/0xd8 [ 19.966143] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.966235] ksize_unpoisons_memory+0xc0/0x740 [ 19.966355] kunit_try_run_case+0x170/0x3f0 [ 19.966486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.966624] kthread+0x328/0x630 [ 19.966726] ret_from_fork+0x10/0x20 [ 19.966812] [ 19.966861] The buggy address belongs to the object at fff00000c6345e00 [ 19.966861] which belongs to the cache kmalloc-128 of size 128 [ 19.967049] The buggy address is located 0 bytes to the right of [ 19.967049] allocated 115-byte region [fff00000c6345e00, fff00000c6345e73) [ 19.967230] [ 19.967299] The buggy address belongs to the physical page: [ 19.967397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.967568] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.967689] page_type: f5(slab) [ 19.967770] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.967881] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.967975] page dumped because: kasan: bad access detected [ 19.968050] [ 19.968085] Memory state around the buggy address: [ 19.968153] fff00000c6345d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.968250] fff00000c6345d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.968578] >fff00000c6345e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.968947] ^ [ 19.969146] fff00000c6345e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.969322] fff00000c6345f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.969415] ================================================================== [ 19.970858] ================================================================== [ 19.970966] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 19.971095] Read of size 1 at addr fff00000c6345e78 by task kunit_try_catch/194 [ 19.971199] [ 19.971268] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.971453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.971515] Hardware name: linux,dummy-virt (DT) [ 19.971586] Call trace: [ 19.971634] show_stack+0x20/0x38 (C) [ 19.971745] dump_stack_lvl+0x8c/0xd0 [ 19.971857] print_report+0x118/0x608 [ 19.971963] kasan_report+0xdc/0x128 [ 19.972075] __asan_report_load1_noabort+0x20/0x30 [ 19.972181] ksize_unpoisons_memory+0x618/0x740 [ 19.972292] kunit_try_run_case+0x170/0x3f0 [ 19.972392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.972640] kthread+0x328/0x630 [ 19.972815] ret_from_fork+0x10/0x20 [ 19.973237] [ 19.973284] Allocated by task 194: [ 19.973346] kasan_save_stack+0x3c/0x68 [ 19.973613] kasan_save_track+0x20/0x40 [ 19.973731] kasan_save_alloc_info+0x40/0x58 [ 19.973809] __kasan_kmalloc+0xd4/0xd8 [ 19.973882] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.974245] ksize_unpoisons_memory+0xc0/0x740 [ 19.974388] kunit_try_run_case+0x170/0x3f0 [ 19.974477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.974564] kthread+0x328/0x630 [ 19.974645] ret_from_fork+0x10/0x20 [ 19.974736] [ 19.974775] The buggy address belongs to the object at fff00000c6345e00 [ 19.974775] which belongs to the cache kmalloc-128 of size 128 [ 19.974885] The buggy address is located 5 bytes to the right of [ 19.974885] allocated 115-byte region [fff00000c6345e00, fff00000c6345e73) [ 19.975010] [ 19.975061] The buggy address belongs to the physical page: [ 19.975161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.975411] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.975660] page_type: f5(slab) [ 19.975807] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.975968] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.976115] page dumped because: kasan: bad access detected [ 19.976222] [ 19.976277] Memory state around the buggy address: [ 19.976379] fff00000c6345d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.976475] fff00000c6345d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.976612] >fff00000c6345e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.976752] ^ [ 19.976886] fff00000c6345e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.977221] fff00000c6345f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.977483] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 22.782752] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.948734] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 22.961539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 98.723321] Internal error: Oops: 0000000096000005 [#1] SMP [ 98.728845] Modules linked in: [ 98.729657] CPU: 1 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 98.730160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 98.730402] Hardware name: linux,dummy-virt (DT) [ 98.730802] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 98.731932] pc : kunit_test_null_dereference+0x70/0x170 [ 98.732812] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 98.733457] sp : ffff800080f17d30 [ 98.734119] x29: ffff800080f17d90 x28: 0000000000000000 x27: 0000000000000000 [ 98.734818] x26: 1ffe000018b6de21 x25: 0000000000000000 x24: 0000000000000004 [ 98.735559] x23: fff00000c5b6f10c x22: ffffb07f33e24a78 x21: fff00000c12e4b88 [ 98.736107] x20: 1ffff000101e2fa6 x19: ffff800080087990 x18: 00000000b032b1eb [ 98.736375] x17: 0000000000000001 x16: fff00000da474d28 x15: 000000002028cf41 [ 98.736650] x14: 000000005fc27b87 x13: 1ffe00001b48e989 x12: fffd8000198bc62c [ 98.736895] x11: 1ffe0000198bc62b x10: fffd8000198bc62b x9 : ffffb07f33e1bee0 [ 98.737650] x8 : ffff800080f17c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 98.738741] x5 : ffff7000101e2fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 98.739538] x2 : dfff800000000000 x1 : fff00000cc5e2880 x0 : ffff800080087990 [ 98.740362] Call trace: [ 98.740900] kunit_test_null_dereference+0x70/0x170 (P) [ 98.741459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 98.742013] kthread+0x328/0x630 [ 98.742456] ret_from_fork+0x10/0x20 [ 98.743377] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 98.744132] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 54.143311] ================================================================== [ 54.143392] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 54.143392] [ 54.143495] Use-after-free read at 0x000000002a30b137 (in kfence-#180): [ 54.143551] test_krealloc+0x51c/0x830 [ 54.143601] kunit_try_run_case+0x170/0x3f0 [ 54.143650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.143696] kthread+0x328/0x630 [ 54.143735] ret_from_fork+0x10/0x20 [ 54.143777] [ 54.143803] kfence-#180: 0x000000002a30b137-0x00000000ac83b306, size=32, cache=kmalloc-32 [ 54.143803] [ 54.143860] allocated by task 337 on cpu 1 at 54.142447s (0.001408s ago): [ 54.143934] test_alloc+0x29c/0x628 [ 54.143979] test_krealloc+0xc0/0x830 [ 54.144018] kunit_try_run_case+0x170/0x3f0 [ 54.144077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.144120] kthread+0x328/0x630 [ 54.144190] ret_from_fork+0x10/0x20 [ 54.144230] [ 54.144255] freed by task 337 on cpu 1 at 54.142844s (0.001407s ago): [ 54.144320] krealloc_noprof+0x148/0x360 [ 54.144360] test_krealloc+0x1dc/0x830 [ 54.144400] kunit_try_run_case+0x170/0x3f0 [ 54.144439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.144491] kthread+0x328/0x630 [ 54.144538] ret_from_fork+0x10/0x20 [ 54.144584] [ 54.144640] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 54.144722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 54.144754] Hardware name: linux,dummy-virt (DT) [ 54.144794] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 54.064128] ================================================================== [ 54.064270] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 54.064270] [ 54.064388] Use-after-free read at 0x00000000d4a7c4b6 (in kfence-#179): [ 54.064447] test_memcache_typesafe_by_rcu+0x280/0x560 [ 54.064510] kunit_try_run_case+0x170/0x3f0 [ 54.064565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.064615] kthread+0x328/0x630 [ 54.064660] ret_from_fork+0x10/0x20 [ 54.064706] [ 54.064734] kfence-#179: 0x00000000d4a7c4b6-0x000000008b865c64, size=32, cache=test [ 54.064734] [ 54.064789] allocated by task 335 on cpu 0 at 54.040557s (0.024228s ago): [ 54.064864] test_alloc+0x230/0x628 [ 54.064908] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 54.064953] kunit_try_run_case+0x170/0x3f0 [ 54.064994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.065061] kthread+0x328/0x630 [ 54.065100] ret_from_fork+0x10/0x20 [ 54.065138] [ 54.065165] freed by task 335 on cpu 0 at 54.040702s (0.024458s ago): [ 54.065224] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 54.065270] kunit_try_run_case+0x170/0x3f0 [ 54.065310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.065354] kthread+0x328/0x630 [ 54.065391] ret_from_fork+0x10/0x20 [ 54.065431] [ 54.065483] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 54.065568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 54.065598] Hardware name: linux,dummy-virt (DT) [ 54.065638] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 32.433011] ================================================================== [ 32.433258] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 32.433258] [ 32.433451] Invalid read at 0x00000000a6269d43: [ 32.433680] test_invalid_access+0xdc/0x1f0 [ 32.434135] kunit_try_run_case+0x170/0x3f0 [ 32.435492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.435844] kthread+0x328/0x630 [ 32.436263] ret_from_fork+0x10/0x20 [ 32.436519] [ 32.437181] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 32.439386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.439489] Hardware name: linux,dummy-virt (DT) [ 32.439589] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 32.198805] ================================================================== [ 32.198949] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 32.198949] [ 32.199043] Corrupted memory at 0x00000000dcea4986 [ ! . . . . . . . . . . . . . . . ] (in kfence-#175): [ 32.199355] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 32.199407] kunit_try_run_case+0x170/0x3f0 [ 32.199452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.199496] kthread+0x328/0x630 [ 32.199533] ret_from_fork+0x10/0x20 [ 32.199573] [ 32.199599] kfence-#175: 0x00000000d92d488b-0x00000000616a154e, size=73, cache=kmalloc-96 [ 32.199599] [ 32.199655] allocated by task 325 on cpu 1 at 32.198422s (0.001228s ago): [ 32.199724] test_alloc+0x29c/0x628 [ 32.199767] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 32.199809] kunit_try_run_case+0x170/0x3f0 [ 32.199849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.199892] kthread+0x328/0x630 [ 32.199926] ret_from_fork+0x10/0x20 [ 32.199968] [ 32.199993] freed by task 325 on cpu 1 at 32.198645s (0.001343s ago): [ 32.200077] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 32.200124] kunit_try_run_case+0x170/0x3f0 [ 32.200163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.200207] kthread+0x328/0x630 [ 32.200242] ret_from_fork+0x10/0x20 [ 32.200284] [ 32.200333] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 32.200417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.200446] Hardware name: linux,dummy-virt (DT) [ 32.200492] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 31.990866] ================================================================== [ 31.991047] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 31.991047] [ 31.991171] Out-of-bounds read at 0x000000007d8fd77a (105B right of kfence-#173): [ 31.991239] test_kmalloc_aligned_oob_read+0x238/0x468 [ 31.991292] kunit_try_run_case+0x170/0x3f0 [ 31.991340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.991385] kthread+0x328/0x630 [ 31.991426] ret_from_fork+0x10/0x20 [ 31.991467] [ 31.991494] kfence-#173: 0x000000003993b46c-0x0000000002fc5586, size=73, cache=kmalloc-96 [ 31.991494] [ 31.991551] allocated by task 323 on cpu 1 at 31.990453s (0.001094s ago): [ 31.991629] test_alloc+0x29c/0x628 [ 31.991673] test_kmalloc_aligned_oob_read+0x100/0x468 [ 31.991719] kunit_try_run_case+0x170/0x3f0 [ 31.991759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.991803] kthread+0x328/0x630 [ 31.991840] ret_from_fork+0x10/0x20 [ 31.991883] [ 31.991938] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 31.992039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.992076] Hardware name: linux,dummy-virt (DT) [ 31.992117] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 26.998705] ================================================================== [ 26.998881] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 26.998881] [ 26.998954] Corrupted memory at 0x00000000c425f889 [ ! ] (in kfence-#125): [ 26.999097] test_corruption+0x1d8/0x378 [ 26.999148] kunit_try_run_case+0x170/0x3f0 [ 26.999194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.999237] kthread+0x328/0x630 [ 26.999275] ret_from_fork+0x10/0x20 [ 26.999316] [ 26.999340] kfence-#125: 0x00000000981caff8-0x0000000042922ab0, size=32, cache=test [ 26.999340] [ 26.999397] allocated by task 313 on cpu 1 at 26.998444s (0.000949s ago): [ 26.999461] test_alloc+0x230/0x628 [ 26.999503] test_corruption+0x198/0x378 [ 26.999542] kunit_try_run_case+0x170/0x3f0 [ 26.999582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.999624] kthread+0x328/0x630 [ 26.999658] ret_from_fork+0x10/0x20 [ 26.999697] [ 26.999720] freed by task 313 on cpu 1 at 26.998547s (0.001168s ago): [ 26.999780] test_corruption+0x1d8/0x378 [ 26.999819] kunit_try_run_case+0x170/0x3f0 [ 26.999858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.999899] kthread+0x328/0x630 [ 26.999936] ret_from_fork+0x10/0x20 [ 26.999973] [ 27.000036] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.000120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.000151] Hardware name: linux,dummy-virt (DT) [ 27.000189] ================================================================== [ 26.039049] ================================================================== [ 26.039203] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 26.039203] [ 26.039312] Corrupted memory at 0x000000004cc7d2bd [ ! ] (in kfence-#116): [ 26.039558] test_corruption+0x284/0x378 [ 26.039658] kunit_try_run_case+0x170/0x3f0 [ 26.039744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.039838] kthread+0x328/0x630 [ 26.039913] ret_from_fork+0x10/0x20 [ 26.039997] [ 26.041956] kfence-#116: 0x000000001b18b019-0x00000000ece36b74, size=32, cache=kmalloc-32 [ 26.041956] [ 26.042421] allocated by task 311 on cpu 1 at 26.038575s (0.003835s ago): [ 26.042548] test_alloc+0x29c/0x628 [ 26.043098] test_corruption+0x198/0x378 [ 26.043329] kunit_try_run_case+0x170/0x3f0 [ 26.043467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.043566] kthread+0x328/0x630 [ 26.043648] ret_from_fork+0x10/0x20 [ 26.043731] [ 26.043779] freed by task 311 on cpu 1 at 26.038743s (0.005029s ago): [ 26.043911] test_corruption+0x284/0x378 [ 26.043995] kunit_try_run_case+0x170/0x3f0 [ 26.044097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.044192] kthread+0x328/0x630 [ 26.044266] ret_from_fork+0x10/0x20 [ 26.044353] [ 26.044441] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 26.044628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.044699] Hardware name: linux,dummy-virt (DT) [ 26.046766] ================================================================== [ 25.827731] ================================================================== [ 25.827872] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 25.827872] [ 25.827998] Corrupted memory at 0x0000000006475993 [ ! . . . . . . . . . . . . . . . ] (in kfence-#114): [ 25.831110] test_corruption+0x278/0x378 [ 25.831274] kunit_try_run_case+0x170/0x3f0 [ 25.831398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.831481] kthread+0x328/0x630 [ 25.831564] ret_from_fork+0x10/0x20 [ 25.831643] [ 25.831696] kfence-#114: 0x000000009988ab19-0x0000000002d7c4e0, size=32, cache=kmalloc-32 [ 25.831696] [ 25.832045] allocated by task 311 on cpu 1 at 25.827267s (0.004768s ago): [ 25.832534] test_alloc+0x29c/0x628 [ 25.832773] test_corruption+0xdc/0x378 [ 25.832894] kunit_try_run_case+0x170/0x3f0 [ 25.833069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.833420] kthread+0x328/0x630 [ 25.833729] ret_from_fork+0x10/0x20 [ 25.833905] [ 25.833963] freed by task 311 on cpu 1 at 25.827447s (0.006502s ago): [ 25.834304] test_corruption+0x278/0x378 [ 25.834506] kunit_try_run_case+0x170/0x3f0 [ 25.834882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.835200] kthread+0x328/0x630 [ 25.835325] ret_from_fork+0x10/0x20 [ 25.835565] [ 25.835746] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.835926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.836317] Hardware name: linux,dummy-virt (DT) [ 25.836436] ================================================================== [ 26.582931] ================================================================== [ 26.583148] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 26.583148] [ 26.583313] Corrupted memory at 0x00000000333e2cad [ ! . . . . . . . . . . . . . . . ] (in kfence-#121): [ 26.584244] test_corruption+0x120/0x378 [ 26.584359] kunit_try_run_case+0x170/0x3f0 [ 26.585253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.585441] kthread+0x328/0x630 [ 26.585529] ret_from_fork+0x10/0x20 [ 26.586214] [ 26.586476] kfence-#121: 0x000000005598e5d9-0x000000000d9ade3a, size=32, cache=test [ 26.586476] [ 26.586669] allocated by task 313 on cpu 1 at 26.582634s (0.004025s ago): [ 26.586925] test_alloc+0x230/0x628 [ 26.587019] test_corruption+0xdc/0x378 [ 26.587886] kunit_try_run_case+0x170/0x3f0 [ 26.588099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.588251] kthread+0x328/0x630 [ 26.588963] ret_from_fork+0x10/0x20 [ 26.589203] [ 26.589311] freed by task 313 on cpu 1 at 26.582751s (0.006550s ago): [ 26.589874] test_corruption+0x120/0x378 [ 26.590038] kunit_try_run_case+0x170/0x3f0 [ 26.590332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.590700] kthread+0x328/0x630 [ 26.590846] ret_from_fork+0x10/0x20 [ 26.590937] [ 26.591723] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 26.592140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.592213] Hardware name: linux,dummy-virt (DT) [ 26.592969] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 25.616702] ================================================================== [ 25.617240] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 25.617240] [ 25.617369] Invalid free of 0x000000008fbc9cf9 (in kfence-#112): [ 25.617909] test_invalid_addr_free+0x1ac/0x238 [ 25.618044] kunit_try_run_case+0x170/0x3f0 [ 25.618146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.618251] kthread+0x328/0x630 [ 25.618369] ret_from_fork+0x10/0x20 [ 25.618454] [ 25.618509] kfence-#112: 0x00000000c56d2a3c-0x00000000990dbb65, size=32, cache=kmalloc-32 [ 25.618509] [ 25.618684] allocated by task 307 on cpu 1 at 25.615961s (0.002714s ago): [ 25.618823] test_alloc+0x29c/0x628 [ 25.618952] test_invalid_addr_free+0xd4/0x238 [ 25.619129] kunit_try_run_case+0x170/0x3f0 [ 25.619232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.619331] kthread+0x328/0x630 [ 25.619405] ret_from_fork+0x10/0x20 [ 25.619480] [ 25.619567] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.619760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.619829] Hardware name: linux,dummy-virt (DT) [ 25.619910] ================================================================== [ 25.720107] ================================================================== [ 25.720590] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 25.720590] [ 25.721032] Invalid free of 0x00000000465733f0 (in kfence-#113): [ 25.721760] test_invalid_addr_free+0xec/0x238 [ 25.721873] kunit_try_run_case+0x170/0x3f0 [ 25.721955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.722061] kthread+0x328/0x630 [ 25.722128] ret_from_fork+0x10/0x20 [ 25.722198] [ 25.722251] kfence-#113: 0x00000000cad98865-0x000000002c8f5910, size=32, cache=test [ 25.722251] [ 25.722358] allocated by task 309 on cpu 1 at 25.718958s (0.003393s ago): [ 25.724039] test_alloc+0x230/0x628 [ 25.724503] test_invalid_addr_free+0xd4/0x238 [ 25.725033] kunit_try_run_case+0x170/0x3f0 [ 25.725553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.725762] kthread+0x328/0x630 [ 25.726053] ret_from_fork+0x10/0x20 [ 25.726875] [ 25.727003] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.727521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.727676] Hardware name: linux,dummy-virt (DT) [ 25.727757] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 25.512116] ================================================================== [ 25.512349] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 25.512349] [ 25.512468] Invalid free of 0x000000000a6f87b6 (in kfence-#111): [ 25.512829] test_double_free+0x100/0x238 [ 25.512932] kunit_try_run_case+0x170/0x3f0 [ 25.513036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.513138] kthread+0x328/0x630 [ 25.513743] ret_from_fork+0x10/0x20 [ 25.513974] [ 25.514115] kfence-#111: 0x000000000a6f87b6-0x00000000a69fa236, size=32, cache=test [ 25.514115] [ 25.514275] allocated by task 305 on cpu 1 at 25.511716s (0.002550s ago): [ 25.514431] test_alloc+0x230/0x628 [ 25.514509] test_double_free+0xd4/0x238 [ 25.514579] kunit_try_run_case+0x170/0x3f0 [ 25.515143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.515299] kthread+0x328/0x630 [ 25.515397] ret_from_fork+0x10/0x20 [ 25.515579] [ 25.515662] freed by task 305 on cpu 1 at 25.511816s (0.003837s ago): [ 25.515890] test_double_free+0xf0/0x238 [ 25.515988] kunit_try_run_case+0x170/0x3f0 [ 25.516355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.517080] kthread+0x328/0x630 [ 25.517210] ret_from_fork+0x10/0x20 [ 25.517768] [ 25.517877] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.518195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.518364] Hardware name: linux,dummy-virt (DT) [ 25.518681] ================================================================== [ 25.410521] ================================================================== [ 25.410725] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 25.410725] [ 25.410859] Invalid free of 0x00000000552ae42d (in kfence-#110): [ 25.410981] test_double_free+0x1bc/0x238 [ 25.411104] kunit_try_run_case+0x170/0x3f0 [ 25.411195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.411285] kthread+0x328/0x630 [ 25.411367] ret_from_fork+0x10/0x20 [ 25.411451] [ 25.413803] kfence-#110: 0x00000000552ae42d-0x000000004a358cef, size=32, cache=kmalloc-32 [ 25.413803] [ 25.414131] allocated by task 303 on cpu 1 at 25.408197s (0.005915s ago): [ 25.414328] test_alloc+0x29c/0x628 [ 25.414458] test_double_free+0xd4/0x238 [ 25.414550] kunit_try_run_case+0x170/0x3f0 [ 25.414628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.414951] kthread+0x328/0x630 [ 25.415081] ret_from_fork+0x10/0x20 [ 25.415176] [ 25.415239] freed by task 303 on cpu 1 at 25.409415s (0.005816s ago): [ 25.415441] test_double_free+0x1ac/0x238 [ 25.415568] kunit_try_run_case+0x170/0x3f0 [ 25.415657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.415753] kthread+0x328/0x630 [ 25.415834] ret_from_fork+0x10/0x20 [ 25.415930] [ 25.416329] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.416584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.416652] Hardware name: linux,dummy-virt (DT) [ 25.417102] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 24.992306] ================================================================== [ 24.992913] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 24.992913] [ 24.993380] Use-after-free read at 0x000000005b3eac46 (in kfence-#106): [ 24.993907] test_use_after_free_read+0x114/0x248 [ 24.994109] kunit_try_run_case+0x170/0x3f0 [ 24.994498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.994696] kthread+0x328/0x630 [ 24.994773] ret_from_fork+0x10/0x20 [ 24.994853] [ 24.994907] kfence-#106: 0x000000005b3eac46-0x00000000de4f4352, size=32, cache=kmalloc-32 [ 24.994907] [ 24.995115] allocated by task 295 on cpu 1 at 24.991158s (0.003943s ago): [ 24.995568] test_alloc+0x29c/0x628 [ 24.995797] test_use_after_free_read+0xd0/0x248 [ 24.996183] kunit_try_run_case+0x170/0x3f0 [ 24.996450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.996714] kthread+0x328/0x630 [ 24.996797] ret_from_fork+0x10/0x20 [ 24.997141] [ 24.997769] freed by task 295 on cpu 1 at 24.991448s (0.005856s ago): [ 24.998110] test_use_after_free_read+0x1c0/0x248 [ 24.998203] kunit_try_run_case+0x170/0x3f0 [ 24.998768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.998954] kthread+0x328/0x630 [ 24.999227] ret_from_fork+0x10/0x20 [ 24.999604] [ 24.999820] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.000229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.000504] Hardware name: linux,dummy-virt (DT) [ 25.000600] ================================================================== [ 25.096354] ================================================================== [ 25.096921] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 25.096921] [ 25.097344] Use-after-free read at 0x00000000d4643401 (in kfence-#107): [ 25.097749] test_use_after_free_read+0x114/0x248 [ 25.098183] kunit_try_run_case+0x170/0x3f0 [ 25.098290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.098391] kthread+0x328/0x630 [ 25.098476] ret_from_fork+0x10/0x20 [ 25.098559] [ 25.098616] kfence-#107: 0x00000000d4643401-0x00000000e6b90f94, size=32, cache=test [ 25.098616] [ 25.098730] allocated by task 297 on cpu 1 at 25.095243s (0.003479s ago): [ 25.099223] test_alloc+0x230/0x628 [ 25.099452] test_use_after_free_read+0xd0/0x248 [ 25.099536] kunit_try_run_case+0x170/0x3f0 [ 25.099609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.099693] kthread+0x328/0x630 [ 25.099761] ret_from_fork+0x10/0x20 [ 25.099833] [ 25.099884] freed by task 297 on cpu 1 at 25.095348s (0.004529s ago): [ 25.100195] test_use_after_free_read+0xf0/0x248 [ 25.100455] kunit_try_run_case+0x170/0x3f0 [ 25.100707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.101287] kthread+0x328/0x630 [ 25.101541] ret_from_fork+0x10/0x20 [ 25.101738] [ 25.102169] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.102350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.102702] Hardware name: linux,dummy-virt (DT) [ 25.102784] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 24.887171] ================================================================== [ 24.887335] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 24.887335] [ 24.888298] Out-of-bounds write at 0x0000000072e1e69a (1B left of kfence-#105): [ 24.888995] test_out_of_bounds_write+0x100/0x240 [ 24.889594] kunit_try_run_case+0x170/0x3f0 [ 24.889733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.889822] kthread+0x328/0x630 [ 24.890341] ret_from_fork+0x10/0x20 [ 24.890493] [ 24.890628] kfence-#105: 0x00000000ea4141f3-0x000000003daa2e49, size=32, cache=test [ 24.890628] [ 24.890758] allocated by task 293 on cpu 1 at 24.887004s (0.003745s ago): [ 24.891322] test_alloc+0x230/0x628 [ 24.891798] test_out_of_bounds_write+0xc8/0x240 [ 24.892255] kunit_try_run_case+0x170/0x3f0 [ 24.892368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.892465] kthread+0x328/0x630 [ 24.892566] ret_from_fork+0x10/0x20 [ 24.893092] [ 24.893281] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.893977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.894066] Hardware name: linux,dummy-virt (DT) [ 24.894138] ================================================================== [ 24.783858] ================================================================== [ 24.784050] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 24.784050] [ 24.784264] Out-of-bounds write at 0x00000000537f2a6a (1B left of kfence-#104): [ 24.784380] test_out_of_bounds_write+0x100/0x240 [ 24.784482] kunit_try_run_case+0x170/0x3f0 [ 24.784793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.784986] kthread+0x328/0x630 [ 24.785091] ret_from_fork+0x10/0x20 [ 24.785181] [ 24.785237] kfence-#104: 0x0000000096dca611-0x000000008da84b61, size=32, cache=kmalloc-32 [ 24.785237] [ 24.785539] allocated by task 291 on cpu 1 at 24.783514s (0.001962s ago): [ 24.785783] test_alloc+0x29c/0x628 [ 24.785884] test_out_of_bounds_write+0xc8/0x240 [ 24.785986] kunit_try_run_case+0x170/0x3f0 [ 24.786102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.786199] kthread+0x328/0x630 [ 24.786282] ret_from_fork+0x10/0x20 [ 24.786370] [ 24.786466] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.787047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.787142] Hardware name: linux,dummy-virt (DT) [ 24.787222] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 24.367704] ================================================================== [ 24.368149] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 24.368149] [ 24.368465] Out-of-bounds read at 0x0000000085158143 (32B right of kfence-#100): [ 24.368694] test_out_of_bounds_read+0x1c8/0x3e0 [ 24.368997] kunit_try_run_case+0x170/0x3f0 [ 24.369159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.369292] kthread+0x328/0x630 [ 24.369454] ret_from_fork+0x10/0x20 [ 24.369607] [ 24.369664] kfence-#100: 0x00000000e76f91d0-0x00000000392ea265, size=32, cache=kmalloc-32 [ 24.369664] [ 24.369987] allocated by task 287 on cpu 1 at 24.366774s (0.003202s ago): [ 24.370206] test_alloc+0x29c/0x628 [ 24.370389] test_out_of_bounds_read+0x198/0x3e0 [ 24.370566] kunit_try_run_case+0x170/0x3f0 [ 24.370684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.370851] kthread+0x328/0x630 [ 24.370947] ret_from_fork+0x10/0x20 [ 24.371362] [ 24.371532] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.371785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.371863] Hardware name: linux,dummy-virt (DT) [ 24.371947] ================================================================== [ 24.679271] ================================================================== [ 24.679455] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 24.679455] [ 24.679618] Out-of-bounds read at 0x00000000942fc712 (32B right of kfence-#103): [ 24.679733] test_out_of_bounds_read+0x1c8/0x3e0 [ 24.679838] kunit_try_run_case+0x170/0x3f0 [ 24.679931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.680235] kthread+0x328/0x630 [ 24.680471] ret_from_fork+0x10/0x20 [ 24.680584] [ 24.680654] kfence-#103: 0x0000000044c1167b-0x00000000d3df79e8, size=32, cache=test [ 24.680654] [ 24.680921] allocated by task 289 on cpu 1 at 24.678685s (0.002225s ago): [ 24.681107] test_alloc+0x230/0x628 [ 24.681203] test_out_of_bounds_read+0x198/0x3e0 [ 24.681299] kunit_try_run_case+0x170/0x3f0 [ 24.681403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.681501] kthread+0x328/0x630 [ 24.684033] ret_from_fork+0x10/0x20 [ 24.684167] [ 24.684291] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.685780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.685860] Hardware name: linux,dummy-virt (DT) [ 24.685930] ================================================================== [ 24.267648] ================================================================== [ 24.268411] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 24.268411] [ 24.269237] Out-of-bounds read at 0x0000000065ab9b9f (1B left of kfence-#99): [ 24.270230] test_out_of_bounds_read+0x114/0x3e0 [ 24.270307] kunit_try_run_case+0x170/0x3f0 [ 24.270356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.270402] kthread+0x328/0x630 [ 24.270443] ret_from_fork+0x10/0x20 [ 24.270493] [ 24.270697] kfence-#99: 0x0000000078c6e164-0x00000000e7298153, size=32, cache=kmalloc-32 [ 24.270697] [ 24.270893] allocated by task 287 on cpu 1 at 24.263450s (0.007375s ago): [ 24.271555] test_alloc+0x29c/0x628 [ 24.271667] test_out_of_bounds_read+0xdc/0x3e0 [ 24.271745] kunit_try_run_case+0x170/0x3f0 [ 24.271842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.271927] kthread+0x328/0x630 [ 24.272001] ret_from_fork+0x10/0x20 [ 24.272181] [ 24.272380] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.272579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.272653] Hardware name: linux,dummy-virt (DT) [ 24.272740] ================================================================== [ 24.574710] ================================================================== [ 24.574908] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 24.574908] [ 24.575087] Out-of-bounds read at 0x00000000dda79ff6 (1B left of kfence-#102): [ 24.575231] test_out_of_bounds_read+0x114/0x3e0 [ 24.575363] kunit_try_run_case+0x170/0x3f0 [ 24.575480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.575588] kthread+0x328/0x630 [ 24.575699] ret_from_fork+0x10/0x20 [ 24.575786] [ 24.575836] kfence-#102: 0x00000000458f57f3-0x00000000bce0ab9d, size=32, cache=test [ 24.575836] [ 24.575943] allocated by task 289 on cpu 1 at 24.574571s (0.001365s ago): [ 24.576303] test_alloc+0x230/0x628 [ 24.576435] test_out_of_bounds_read+0xdc/0x3e0 [ 24.576566] kunit_try_run_case+0x170/0x3f0 [ 24.576700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.576824] kthread+0x328/0x630 [ 24.576925] ret_from_fork+0x10/0x20 [ 24.577008] [ 24.577511] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.578081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.578218] Hardware name: linux,dummy-virt (DT) [ 24.578295] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 23.897054] ================================================================== [ 23.897187] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 23.897295] Write of size 1 at addr fff00000c638a078 by task kunit_try_catch/285 [ 23.897394] [ 23.897459] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.897726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.897809] Hardware name: linux,dummy-virt (DT) [ 23.897933] Call trace: [ 23.897987] show_stack+0x20/0x38 (C) [ 23.898175] dump_stack_lvl+0x8c/0xd0 [ 23.898463] print_report+0x118/0x608 [ 23.898608] kasan_report+0xdc/0x128 [ 23.898711] __asan_report_store1_noabort+0x20/0x30 [ 23.898815] strncpy_from_user+0x270/0x2a0 [ 23.898927] copy_user_test_oob+0x5c0/0xec8 [ 23.899102] kunit_try_run_case+0x170/0x3f0 [ 23.899270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.899404] kthread+0x328/0x630 [ 23.899501] ret_from_fork+0x10/0x20 [ 23.899612] [ 23.899658] Allocated by task 285: [ 23.899722] kasan_save_stack+0x3c/0x68 [ 23.899814] kasan_save_track+0x20/0x40 [ 23.899899] kasan_save_alloc_info+0x40/0x58 [ 23.899996] __kasan_kmalloc+0xd4/0xd8 [ 23.900119] __kmalloc_noprof+0x198/0x4c8 [ 23.900241] kunit_kmalloc_array+0x34/0x88 [ 23.900364] copy_user_test_oob+0xac/0xec8 [ 23.900489] kunit_try_run_case+0x170/0x3f0 [ 23.900635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.900761] kthread+0x328/0x630 [ 23.900836] ret_from_fork+0x10/0x20 [ 23.900922] [ 23.900970] The buggy address belongs to the object at fff00000c638a000 [ 23.900970] which belongs to the cache kmalloc-128 of size 128 [ 23.901102] The buggy address is located 0 bytes to the right of [ 23.901102] allocated 120-byte region [fff00000c638a000, fff00000c638a078) [ 23.901268] [ 23.901334] The buggy address belongs to the physical page: [ 23.901429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 23.901548] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.901650] page_type: f5(slab) [ 23.901778] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.901905] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.902011] page dumped because: kasan: bad access detected [ 23.902095] [ 23.902136] Memory state around the buggy address: [ 23.902221] fff00000c6389f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.902448] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.902582] >fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.902661] ^ [ 23.902775] fff00000c638a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.902868] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.902958] ================================================================== [ 23.890146] ================================================================== [ 23.890312] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 23.890491] Write of size 121 at addr fff00000c638a000 by task kunit_try_catch/285 [ 23.890652] [ 23.890758] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.890942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.891001] Hardware name: linux,dummy-virt (DT) [ 23.891080] Call trace: [ 23.891125] show_stack+0x20/0x38 (C) [ 23.891241] dump_stack_lvl+0x8c/0xd0 [ 23.891331] print_report+0x118/0x608 [ 23.891463] kasan_report+0xdc/0x128 [ 23.891573] kasan_check_range+0x100/0x1a8 [ 23.891671] __kasan_check_write+0x20/0x30 [ 23.891764] strncpy_from_user+0x3c/0x2a0 [ 23.891878] copy_user_test_oob+0x5c0/0xec8 [ 23.891979] kunit_try_run_case+0x170/0x3f0 [ 23.892105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.892250] kthread+0x328/0x630 [ 23.892401] ret_from_fork+0x10/0x20 [ 23.892549] [ 23.892617] Allocated by task 285: [ 23.892726] kasan_save_stack+0x3c/0x68 [ 23.892871] kasan_save_track+0x20/0x40 [ 23.892963] kasan_save_alloc_info+0x40/0x58 [ 23.893075] __kasan_kmalloc+0xd4/0xd8 [ 23.893175] __kmalloc_noprof+0x198/0x4c8 [ 23.893276] kunit_kmalloc_array+0x34/0x88 [ 23.893368] copy_user_test_oob+0xac/0xec8 [ 23.893454] kunit_try_run_case+0x170/0x3f0 [ 23.893538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.893637] kthread+0x328/0x630 [ 23.893769] ret_from_fork+0x10/0x20 [ 23.894041] [ 23.894114] The buggy address belongs to the object at fff00000c638a000 [ 23.894114] which belongs to the cache kmalloc-128 of size 128 [ 23.894276] The buggy address is located 0 bytes inside of [ 23.894276] allocated 120-byte region [fff00000c638a000, fff00000c638a078) [ 23.894415] [ 23.894453] The buggy address belongs to the physical page: [ 23.894518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 23.894632] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.894752] page_type: f5(slab) [ 23.894837] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.894966] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.895123] page dumped because: kasan: bad access detected [ 23.895232] [ 23.895273] Memory state around the buggy address: [ 23.895347] fff00000c6389f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.895455] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.895562] >fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.895656] ^ [ 23.895750] fff00000c638a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.895853] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.895946] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 23.858733] ================================================================== [ 23.858858] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 23.858972] Read of size 121 at addr fff00000c638a000 by task kunit_try_catch/285 [ 23.859089] [ 23.859164] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.859359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.859422] Hardware name: linux,dummy-virt (DT) [ 23.859499] Call trace: [ 23.859552] show_stack+0x20/0x38 (C) [ 23.859660] dump_stack_lvl+0x8c/0xd0 [ 23.859760] print_report+0x118/0x608 [ 23.859875] kasan_report+0xdc/0x128 [ 23.859979] kasan_check_range+0x100/0x1a8 [ 23.860993] __kasan_check_read+0x20/0x30 [ 23.861497] copy_user_test_oob+0x3c8/0xec8 [ 23.861663] kunit_try_run_case+0x170/0x3f0 [ 23.861965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.862353] kthread+0x328/0x630 [ 23.862537] ret_from_fork+0x10/0x20 [ 23.862718] [ 23.862767] Allocated by task 285: [ 23.862831] kasan_save_stack+0x3c/0x68 [ 23.863335] kasan_save_track+0x20/0x40 [ 23.863431] kasan_save_alloc_info+0x40/0x58 [ 23.863524] __kasan_kmalloc+0xd4/0xd8 [ 23.863613] __kmalloc_noprof+0x198/0x4c8 [ 23.863692] kunit_kmalloc_array+0x34/0x88 [ 23.864177] copy_user_test_oob+0xac/0xec8 [ 23.864285] kunit_try_run_case+0x170/0x3f0 [ 23.864800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.864911] kthread+0x328/0x630 [ 23.865252] ret_from_fork+0x10/0x20 [ 23.865361] [ 23.865413] The buggy address belongs to the object at fff00000c638a000 [ 23.865413] which belongs to the cache kmalloc-128 of size 128 [ 23.865543] The buggy address is located 0 bytes inside of [ 23.865543] allocated 120-byte region [fff00000c638a000, fff00000c638a078) [ 23.866324] [ 23.866391] The buggy address belongs to the physical page: [ 23.866482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 23.866684] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.867012] page_type: f5(slab) [ 23.867251] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.867385] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.867983] page dumped because: kasan: bad access detected [ 23.868100] [ 23.868148] Memory state around the buggy address: [ 23.868229] fff00000c6389f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.868336] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.868439] >fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.868545] ^ [ 23.868680] fff00000c638a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.869017] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.869374] ================================================================== [ 23.871363] ================================================================== [ 23.871634] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 23.871796] Write of size 121 at addr fff00000c638a000 by task kunit_try_catch/285 [ 23.871927] [ 23.872087] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.872466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.872548] Hardware name: linux,dummy-virt (DT) [ 23.872910] Call trace: [ 23.872982] show_stack+0x20/0x38 (C) [ 23.873331] dump_stack_lvl+0x8c/0xd0 [ 23.873737] print_report+0x118/0x608 [ 23.874129] kasan_report+0xdc/0x128 [ 23.874298] kasan_check_range+0x100/0x1a8 [ 23.874415] __kasan_check_write+0x20/0x30 [ 23.874611] copy_user_test_oob+0x434/0xec8 [ 23.874795] kunit_try_run_case+0x170/0x3f0 [ 23.874899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.874997] kthread+0x328/0x630 [ 23.875105] ret_from_fork+0x10/0x20 [ 23.875204] [ 23.875814] Allocated by task 285: [ 23.875936] kasan_save_stack+0x3c/0x68 [ 23.876058] kasan_save_track+0x20/0x40 [ 23.876699] kasan_save_alloc_info+0x40/0x58 [ 23.876822] __kasan_kmalloc+0xd4/0xd8 [ 23.877127] __kmalloc_noprof+0x198/0x4c8 [ 23.877231] kunit_kmalloc_array+0x34/0x88 [ 23.877524] copy_user_test_oob+0xac/0xec8 [ 23.877703] kunit_try_run_case+0x170/0x3f0 [ 23.877782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.878110] kthread+0x328/0x630 [ 23.878185] ret_from_fork+0x10/0x20 [ 23.878267] [ 23.878399] The buggy address belongs to the object at fff00000c638a000 [ 23.878399] which belongs to the cache kmalloc-128 of size 128 [ 23.878730] The buggy address is located 0 bytes inside of [ 23.878730] allocated 120-byte region [fff00000c638a000, fff00000c638a078) [ 23.878972] [ 23.879348] The buggy address belongs to the physical page: [ 23.879426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 23.879551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.879666] page_type: f5(slab) [ 23.879854] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.880316] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.880614] page dumped because: kasan: bad access detected [ 23.880782] [ 23.881017] Memory state around the buggy address: [ 23.881170] fff00000c6389f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.881388] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.882011] >fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.882105] ^ [ 23.882159] fff00000c638a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.882216] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.882289] ================================================================== [ 23.845452] ================================================================== [ 23.845624] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 23.846323] Write of size 121 at addr fff00000c638a000 by task kunit_try_catch/285 [ 23.846471] [ 23.846545] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.846932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.847068] Hardware name: linux,dummy-virt (DT) [ 23.847160] Call trace: [ 23.847548] show_stack+0x20/0x38 (C) [ 23.847747] dump_stack_lvl+0x8c/0xd0 [ 23.847859] print_report+0x118/0x608 [ 23.848376] kasan_report+0xdc/0x128 [ 23.848491] kasan_check_range+0x100/0x1a8 [ 23.848633] __kasan_check_write+0x20/0x30 [ 23.849113] copy_user_test_oob+0x35c/0xec8 [ 23.849726] kunit_try_run_case+0x170/0x3f0 [ 23.850054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.850245] kthread+0x328/0x630 [ 23.850336] ret_from_fork+0x10/0x20 [ 23.850808] [ 23.850922] Allocated by task 285: [ 23.851004] kasan_save_stack+0x3c/0x68 [ 23.851116] kasan_save_track+0x20/0x40 [ 23.851200] kasan_save_alloc_info+0x40/0x58 [ 23.851293] __kasan_kmalloc+0xd4/0xd8 [ 23.851766] __kmalloc_noprof+0x198/0x4c8 [ 23.851871] kunit_kmalloc_array+0x34/0x88 [ 23.852149] copy_user_test_oob+0xac/0xec8 [ 23.852422] kunit_try_run_case+0x170/0x3f0 [ 23.852922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.853096] kthread+0x328/0x630 [ 23.853329] ret_from_fork+0x10/0x20 [ 23.853433] [ 23.853629] The buggy address belongs to the object at fff00000c638a000 [ 23.853629] which belongs to the cache kmalloc-128 of size 128 [ 23.853842] The buggy address is located 0 bytes inside of [ 23.853842] allocated 120-byte region [fff00000c638a000, fff00000c638a078) [ 23.854177] [ 23.854235] The buggy address belongs to the physical page: [ 23.854348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 23.854702] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.854816] page_type: f5(slab) [ 23.854906] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.855257] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.855566] page dumped because: kasan: bad access detected [ 23.855647] [ 23.855689] Memory state around the buggy address: [ 23.855814] fff00000c6389f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.855923] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.856039] >fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.856130] ^ [ 23.856238] fff00000c638a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.856354] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.856447] ================================================================== [ 23.883166] ================================================================== [ 23.883284] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 23.883398] Read of size 121 at addr fff00000c638a000 by task kunit_try_catch/285 [ 23.883517] [ 23.883588] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.883764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.883827] Hardware name: linux,dummy-virt (DT) [ 23.883903] Call trace: [ 23.883953] show_stack+0x20/0x38 (C) [ 23.884077] dump_stack_lvl+0x8c/0xd0 [ 23.884176] print_report+0x118/0x608 [ 23.884324] kasan_report+0xdc/0x128 [ 23.884431] kasan_check_range+0x100/0x1a8 [ 23.884549] __kasan_check_read+0x20/0x30 [ 23.884647] copy_user_test_oob+0x4a0/0xec8 [ 23.884769] kunit_try_run_case+0x170/0x3f0 [ 23.884893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.885110] kthread+0x328/0x630 [ 23.885213] ret_from_fork+0x10/0x20 [ 23.885367] [ 23.885409] Allocated by task 285: [ 23.885492] kasan_save_stack+0x3c/0x68 [ 23.885603] kasan_save_track+0x20/0x40 [ 23.885679] kasan_save_alloc_info+0x40/0x58 [ 23.885762] __kasan_kmalloc+0xd4/0xd8 [ 23.885885] __kmalloc_noprof+0x198/0x4c8 [ 23.886001] kunit_kmalloc_array+0x34/0x88 [ 23.886120] copy_user_test_oob+0xac/0xec8 [ 23.886239] kunit_try_run_case+0x170/0x3f0 [ 23.886337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.886483] kthread+0x328/0x630 [ 23.886586] ret_from_fork+0x10/0x20 [ 23.886706] [ 23.886776] The buggy address belongs to the object at fff00000c638a000 [ 23.886776] which belongs to the cache kmalloc-128 of size 128 [ 23.886946] The buggy address is located 0 bytes inside of [ 23.886946] allocated 120-byte region [fff00000c638a000, fff00000c638a078) [ 23.887092] [ 23.887134] The buggy address belongs to the physical page: [ 23.887196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 23.887302] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.887410] page_type: f5(slab) [ 23.887523] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.887697] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.887798] page dumped because: kasan: bad access detected [ 23.887882] [ 23.887949] Memory state around the buggy address: [ 23.888304] fff00000c6389f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.888403] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.888511] >fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.888603] ^ [ 23.888756] fff00000c638a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.888865] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.888954] ================================================================== [ 23.799428] ================================================================== [ 23.799613] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 23.799775] Write of size 121 at addr fff00000c638a000 by task kunit_try_catch/285 [ 23.799913] [ 23.800041] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.800252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.800323] Hardware name: linux,dummy-virt (DT) [ 23.800402] Call trace: [ 23.800460] show_stack+0x20/0x38 (C) [ 23.800588] dump_stack_lvl+0x8c/0xd0 [ 23.800699] print_report+0x118/0x608 [ 23.800900] kasan_report+0xdc/0x128 [ 23.801043] kasan_check_range+0x100/0x1a8 [ 23.801160] __kasan_check_write+0x20/0x30 [ 23.801275] copy_user_test_oob+0x234/0xec8 [ 23.801386] kunit_try_run_case+0x170/0x3f0 [ 23.801501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.801804] kthread+0x328/0x630 [ 23.802009] ret_from_fork+0x10/0x20 [ 23.802172] [ 23.802408] Allocated by task 285: [ 23.802573] kasan_save_stack+0x3c/0x68 [ 23.802773] kasan_save_track+0x20/0x40 [ 23.802987] kasan_save_alloc_info+0x40/0x58 [ 23.803458] __kasan_kmalloc+0xd4/0xd8 [ 23.803624] __kmalloc_noprof+0x198/0x4c8 [ 23.803814] kunit_kmalloc_array+0x34/0x88 [ 23.804126] copy_user_test_oob+0xac/0xec8 [ 23.804381] kunit_try_run_case+0x170/0x3f0 [ 23.804544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.804876] kthread+0x328/0x630 [ 23.805151] ret_from_fork+0x10/0x20 [ 23.805265] [ 23.805384] The buggy address belongs to the object at fff00000c638a000 [ 23.805384] which belongs to the cache kmalloc-128 of size 128 [ 23.805760] The buggy address is located 0 bytes inside of [ 23.805760] allocated 120-byte region [fff00000c638a000, fff00000c638a078) [ 23.806380] [ 23.806458] The buggy address belongs to the physical page: [ 23.806536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 23.806900] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.807132] page_type: f5(slab) [ 23.807254] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.807649] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.807794] page dumped because: kasan: bad access detected [ 23.807912] [ 23.807969] Memory state around the buggy address: [ 23.808061] fff00000c6389f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.808166] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.808322] >fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.808467] ^ [ 23.808609] fff00000c638a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.808707] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.808812] ================================================================== [ 23.817508] ================================================================== [ 23.817654] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 23.817794] Read of size 121 at addr fff00000c638a000 by task kunit_try_catch/285 [ 23.817911] [ 23.818010] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.818211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.818275] Hardware name: linux,dummy-virt (DT) [ 23.818395] Call trace: [ 23.818610] show_stack+0x20/0x38 (C) [ 23.818772] dump_stack_lvl+0x8c/0xd0 [ 23.818916] print_report+0x118/0x608 [ 23.819098] kasan_report+0xdc/0x128 [ 23.819202] kasan_check_range+0x100/0x1a8 [ 23.819520] __kasan_check_read+0x20/0x30 [ 23.819625] copy_user_test_oob+0x728/0xec8 [ 23.819735] kunit_try_run_case+0x170/0x3f0 [ 23.819834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.820725] kthread+0x328/0x630 [ 23.820928] ret_from_fork+0x10/0x20 [ 23.821248] [ 23.821303] Allocated by task 285: [ 23.821380] kasan_save_stack+0x3c/0x68 [ 23.821491] kasan_save_track+0x20/0x40 [ 23.821780] kasan_save_alloc_info+0x40/0x58 [ 23.821879] __kasan_kmalloc+0xd4/0xd8 [ 23.822165] __kmalloc_noprof+0x198/0x4c8 [ 23.822436] kunit_kmalloc_array+0x34/0x88 [ 23.822544] copy_user_test_oob+0xac/0xec8 [ 23.822691] kunit_try_run_case+0x170/0x3f0 [ 23.822782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.822900] kthread+0x328/0x630 [ 23.822979] ret_from_fork+0x10/0x20 [ 23.823443] [ 23.823559] The buggy address belongs to the object at fff00000c638a000 [ 23.823559] which belongs to the cache kmalloc-128 of size 128 [ 23.823778] The buggy address is located 0 bytes inside of [ 23.823778] allocated 120-byte region [fff00000c638a000, fff00000c638a078) [ 23.823924] [ 23.823973] The buggy address belongs to the physical page: [ 23.824246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 23.824508] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.824967] page_type: f5(slab) [ 23.825089] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.825420] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.825778] page dumped because: kasan: bad access detected [ 23.825884] [ 23.825987] Memory state around the buggy address: [ 23.826077] fff00000c6389f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.826256] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.826362] >fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.826441] ^ [ 23.826948] fff00000c638a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.827156] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.827259] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 23.709921] ================================================================== [ 23.710424] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 23.711073] Read of size 8 at addr fff00000c659c278 by task kunit_try_catch/281 [ 23.711257] [ 23.711397] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.711833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.711911] Hardware name: linux,dummy-virt (DT) [ 23.712017] Call trace: [ 23.712095] show_stack+0x20/0x38 (C) [ 23.712221] dump_stack_lvl+0x8c/0xd0 [ 23.712343] print_report+0x118/0x608 [ 23.712456] kasan_report+0xdc/0x128 [ 23.712586] __asan_report_load8_noabort+0x20/0x30 [ 23.712709] copy_to_kernel_nofault+0x204/0x250 [ 23.712842] copy_to_kernel_nofault_oob+0x158/0x418 [ 23.712973] kunit_try_run_case+0x170/0x3f0 [ 23.713122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.713321] kthread+0x328/0x630 [ 23.713463] ret_from_fork+0x10/0x20 [ 23.713632] [ 23.713717] Allocated by task 281: [ 23.713786] kasan_save_stack+0x3c/0x68 [ 23.713879] kasan_save_track+0x20/0x40 [ 23.713977] kasan_save_alloc_info+0x40/0x58 [ 23.714124] __kasan_kmalloc+0xd4/0xd8 [ 23.714240] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.714338] copy_to_kernel_nofault_oob+0xc8/0x418 [ 23.714435] kunit_try_run_case+0x170/0x3f0 [ 23.714524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.714638] kthread+0x328/0x630 [ 23.714725] ret_from_fork+0x10/0x20 [ 23.714826] [ 23.714900] The buggy address belongs to the object at fff00000c659c200 [ 23.714900] which belongs to the cache kmalloc-128 of size 128 [ 23.715092] The buggy address is located 0 bytes to the right of [ 23.715092] allocated 120-byte region [fff00000c659c200, fff00000c659c278) [ 23.715286] [ 23.715370] The buggy address belongs to the physical page: [ 23.715463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659c [ 23.715622] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.715772] page_type: f5(slab) [ 23.715883] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.716047] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.716147] page dumped because: kasan: bad access detected [ 23.716227] [ 23.716281] Memory state around the buggy address: [ 23.716398] fff00000c659c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.716575] fff00000c659c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.716746] >fff00000c659c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.716893] ^ [ 23.717070] fff00000c659c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.717221] fff00000c659c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.717327] ================================================================== [ 23.721460] ================================================================== [ 23.721536] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 23.721606] Write of size 8 at addr fff00000c659c278 by task kunit_try_catch/281 [ 23.721676] [ 23.721803] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.721973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.722053] Hardware name: linux,dummy-virt (DT) [ 23.722133] Call trace: [ 23.722921] show_stack+0x20/0x38 (C) [ 23.723113] dump_stack_lvl+0x8c/0xd0 [ 23.723243] print_report+0x118/0x608 [ 23.723357] kasan_report+0xdc/0x128 [ 23.723463] kasan_check_range+0x100/0x1a8 [ 23.723567] __kasan_check_write+0x20/0x30 [ 23.723677] copy_to_kernel_nofault+0x8c/0x250 [ 23.723783] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 23.723898] kunit_try_run_case+0x170/0x3f0 [ 23.724208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.724818] kthread+0x328/0x630 [ 23.725090] ret_from_fork+0x10/0x20 [ 23.725212] [ 23.725356] Allocated by task 281: [ 23.725423] kasan_save_stack+0x3c/0x68 [ 23.725870] kasan_save_track+0x20/0x40 [ 23.725986] kasan_save_alloc_info+0x40/0x58 [ 23.726089] __kasan_kmalloc+0xd4/0xd8 [ 23.726545] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.726841] copy_to_kernel_nofault_oob+0xc8/0x418 [ 23.727138] kunit_try_run_case+0x170/0x3f0 [ 23.727331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.727455] kthread+0x328/0x630 [ 23.727536] ret_from_fork+0x10/0x20 [ 23.727683] [ 23.727744] The buggy address belongs to the object at fff00000c659c200 [ 23.727744] which belongs to the cache kmalloc-128 of size 128 [ 23.728327] The buggy address is located 0 bytes to the right of [ 23.728327] allocated 120-byte region [fff00000c659c200, fff00000c659c278) [ 23.728518] [ 23.728574] The buggy address belongs to the physical page: [ 23.728718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659c [ 23.729279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.729425] page_type: f5(slab) [ 23.729592] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.729843] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.729957] page dumped because: kasan: bad access detected [ 23.730043] [ 23.730115] Memory state around the buggy address: [ 23.730188] fff00000c659c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.730307] fff00000c659c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.730485] >fff00000c659c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.730581] ^ [ 23.730730] fff00000c659c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.730880] fff00000c659c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.731013] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 23.545623] ================================================================== [ 23.546183] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 23.546600] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 23.546796] [ 23.546955] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.547434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.547588] Hardware name: linux,dummy-virt (DT) [ 23.547689] Call trace: [ 23.547810] show_stack+0x20/0x38 (C) [ 23.548267] dump_stack_lvl+0x8c/0xd0 [ 23.548415] print_report+0x310/0x608 [ 23.548536] kasan_report+0xdc/0x128 [ 23.548789] __asan_report_load1_noabort+0x20/0x30 [ 23.548948] vmalloc_oob+0x578/0x5d0 [ 23.549113] kunit_try_run_case+0x170/0x3f0 [ 23.549249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.549414] kthread+0x328/0x630 [ 23.549522] ret_from_fork+0x10/0x20 [ 23.549666] [ 23.549747] The buggy address belongs to the virtual mapping at [ 23.549747] [ffff8000800fe000, ffff800080100000) created by: [ 23.549747] vmalloc_oob+0x98/0x5d0 [ 23.549928] [ 23.549997] The buggy address belongs to the physical page: [ 23.550234] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105630 [ 23.550444] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.550614] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 23.550742] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.550844] page dumped because: kasan: bad access detected [ 23.550942] [ 23.550993] Memory state around the buggy address: [ 23.551117] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.551242] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.551345] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 23.551419] ^ [ 23.551510] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.551987] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.552179] ================================================================== [ 23.554705] ================================================================== [ 23.554845] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 23.555094] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 23.555445] [ 23.555709] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.555936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.556007] Hardware name: linux,dummy-virt (DT) [ 23.556102] Call trace: [ 23.556160] show_stack+0x20/0x38 (C) [ 23.556281] dump_stack_lvl+0x8c/0xd0 [ 23.556385] print_report+0x310/0x608 [ 23.556508] kasan_report+0xdc/0x128 [ 23.556633] __asan_report_load1_noabort+0x20/0x30 [ 23.556765] vmalloc_oob+0x51c/0x5d0 [ 23.556944] kunit_try_run_case+0x170/0x3f0 [ 23.557363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.557660] kthread+0x328/0x630 [ 23.557791] ret_from_fork+0x10/0x20 [ 23.558114] [ 23.558313] The buggy address belongs to the virtual mapping at [ 23.558313] [ffff8000800fe000, ffff800080100000) created by: [ 23.558313] vmalloc_oob+0x98/0x5d0 [ 23.558598] [ 23.558656] The buggy address belongs to the physical page: [ 23.559060] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105630 [ 23.559270] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.559493] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 23.559793] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.559900] page dumped because: kasan: bad access detected [ 23.560068] [ 23.560192] Memory state around the buggy address: [ 23.560278] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.560398] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.560720] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 23.560886] ^ [ 23.561214] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.561322] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.561416] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 23.095635] ================================================================== [ 23.095799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 23.095932] Read of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.096214] [ 23.096302] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.096467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.096859] Hardware name: linux,dummy-virt (DT) [ 23.096946] Call trace: [ 23.096998] show_stack+0x20/0x38 (C) [ 23.097261] dump_stack_lvl+0x8c/0xd0 [ 23.097388] print_report+0x118/0x608 [ 23.097490] kasan_report+0xdc/0x128 [ 23.097692] __asan_report_load4_noabort+0x20/0x30 [ 23.097816] kasan_atomics_helper+0x42d8/0x4858 [ 23.097942] kasan_atomics+0x198/0x2e0 [ 23.098091] kunit_try_run_case+0x170/0x3f0 [ 23.098204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.098326] kthread+0x328/0x630 [ 23.098428] ret_from_fork+0x10/0x20 [ 23.098548] [ 23.098608] Allocated by task 265: [ 23.098670] kasan_save_stack+0x3c/0x68 [ 23.098745] kasan_save_track+0x20/0x40 [ 23.098957] kasan_save_alloc_info+0x40/0x58 [ 23.099067] __kasan_kmalloc+0xd4/0xd8 [ 23.099359] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.099412] kasan_atomics+0xb8/0x2e0 [ 23.099451] kunit_try_run_case+0x170/0x3f0 [ 23.099497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.099558] kthread+0x328/0x630 [ 23.099593] ret_from_fork+0x10/0x20 [ 23.099631] [ 23.099654] The buggy address belongs to the object at fff00000c659e300 [ 23.099654] which belongs to the cache kmalloc-64 of size 64 [ 23.099717] The buggy address is located 0 bytes to the right of [ 23.099717] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.099781] [ 23.099806] The buggy address belongs to the physical page: [ 23.099840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.099896] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.099950] page_type: f5(slab) [ 23.100146] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.100850] ^ [ 23.102050] [ 23.102559] Call trace: [ 23.102612] show_stack+0x20/0x38 (C) [ 23.102705] dump_stack_lvl+0x8c/0xd0 [ 23.102795] print_report+0x118/0x608 [ 23.102898] kasan_report+0xdc/0x128 [ 23.103003] kasan_check_range+0x100/0x1a8 [ 23.104219] __kasan_check_write+0x20/0x30 [ 23.104461] kasan_atomics_helper+0x934/0x4858 [ 23.104661] kasan_atomics+0x198/0x2e0 [ 23.105068] kunit_try_run_case+0x170/0x3f0 [ 23.105294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.105416] kthread+0x328/0x630 [ 23.105729] ret_from_fork+0x10/0x20 [ 23.105900] [ 23.106073] Allocated by task 265: [ 23.106184] kasan_save_stack+0x3c/0x68 [ 23.106292] kasan_save_track+0x20/0x40 [ 23.106364] kasan_save_alloc_info+0x40/0x58 [ 23.106880] __kasan_kmalloc+0xd4/0xd8 [ 23.106995] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.107116] kasan_atomics+0xb8/0x2e0 [ 23.107207] kunit_try_run_case+0x170/0x3f0 [ 23.107325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.107435] kthread+0x328/0x630 [ 23.107684] ret_from_fork+0x10/0x20 [ 23.107913] [ 23.108123] The buggy address belongs to the object at fff00000c659e300 [ 23.108123] which belongs to the cache kmalloc-64 of size 64 [ 23.108250] The buggy address is located 0 bytes to the right of [ 23.108250] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.108534] [ 23.108614] The buggy address belongs to the physical page: [ 23.108721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.108869] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.109032] page_type: f5(slab) [ 23.109136] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.109317] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.109459] page dumped because: kasan: bad access detected [ 23.109536] [ 23.109580] Memory state around the buggy address: [ 23.109668] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.109755] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.109852] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.109952] ^ [ 23.110392] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.110619] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.110700] ================================================================== [ 23.306618] ================================================================== [ 23.306727] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 23.306838] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.306940] [ 23.307000] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.307191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.307256] Hardware name: linux,dummy-virt (DT) [ 23.307325] Call trace: [ 23.307383] show_stack+0x20/0x38 (C) [ 23.307495] dump_stack_lvl+0x8c/0xd0 [ 23.307601] print_report+0x118/0x608 [ 23.307708] kasan_report+0xdc/0x128 [ 23.307812] kasan_check_range+0x100/0x1a8 [ 23.307927] __kasan_check_write+0x20/0x30 [ 23.308048] kasan_atomics_helper+0xff0/0x4858 [ 23.308149] kasan_atomics+0x198/0x2e0 [ 23.308242] kunit_try_run_case+0x170/0x3f0 [ 23.308329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.308444] kthread+0x328/0x630 [ 23.308559] ret_from_fork+0x10/0x20 [ 23.308666] [ 23.308716] Allocated by task 265: [ 23.308784] kasan_save_stack+0x3c/0x68 [ 23.308872] kasan_save_track+0x20/0x40 [ 23.308959] kasan_save_alloc_info+0x40/0x58 [ 23.309063] __kasan_kmalloc+0xd4/0xd8 [ 23.309150] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.309251] kasan_atomics+0xb8/0x2e0 [ 23.309348] kunit_try_run_case+0x170/0x3f0 [ 23.309426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.309517] kthread+0x328/0x630 [ 23.309586] ret_from_fork+0x10/0x20 [ 23.309667] [ 23.309721] The buggy address belongs to the object at fff00000c659e300 [ 23.309721] which belongs to the cache kmalloc-64 of size 64 [ 23.309922] The buggy address is located 0 bytes to the right of [ 23.309922] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.310153] [ 23.310203] The buggy address belongs to the physical page: [ 23.310309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.310433] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.310530] page_type: f5(slab) [ 23.310603] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.311121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.311224] page dumped because: kasan: bad access detected [ 23.311303] [ 23.311351] Memory state around the buggy address: [ 23.311429] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.311543] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.311638] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.311797] ^ [ 23.311877] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.311976] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.312078] ================================================================== [ 23.460652] ================================================================== [ 23.460776] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 23.460918] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.461060] [ 23.461132] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.461340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.461408] Hardware name: linux,dummy-virt (DT) [ 23.461487] Call trace: [ 23.461535] show_stack+0x20/0x38 (C) [ 23.461648] dump_stack_lvl+0x8c/0xd0 [ 23.461794] print_report+0x118/0x608 [ 23.462018] kasan_report+0xdc/0x128 [ 23.462173] kasan_check_range+0x100/0x1a8 [ 23.462305] __kasan_check_write+0x20/0x30 [ 23.462467] kasan_atomics_helper+0x16d0/0x4858 [ 23.462631] kasan_atomics+0x198/0x2e0 [ 23.462756] kunit_try_run_case+0x170/0x3f0 [ 23.462845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.462979] kthread+0x328/0x630 [ 23.463099] ret_from_fork+0x10/0x20 [ 23.463201] [ 23.463257] Allocated by task 265: [ 23.463316] kasan_save_stack+0x3c/0x68 [ 23.463407] kasan_save_track+0x20/0x40 [ 23.463489] kasan_save_alloc_info+0x40/0x58 [ 23.463636] __kasan_kmalloc+0xd4/0xd8 [ 23.463799] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.463936] kasan_atomics+0xb8/0x2e0 [ 23.464039] kunit_try_run_case+0x170/0x3f0 [ 23.464138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.464249] kthread+0x328/0x630 [ 23.464367] ret_from_fork+0x10/0x20 [ 23.464493] [ 23.464550] The buggy address belongs to the object at fff00000c659e300 [ 23.464550] which belongs to the cache kmalloc-64 of size 64 [ 23.464699] The buggy address is located 0 bytes to the right of [ 23.464699] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.464861] [ 23.464918] The buggy address belongs to the physical page: [ 23.465035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.465244] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.465362] page_type: f5(slab) [ 23.465449] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.465589] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.465748] page dumped because: kasan: bad access detected [ 23.465828] [ 23.465878] Memory state around the buggy address: [ 23.465967] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.466079] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.466185] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.466285] ^ [ 23.466483] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.466589] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.466684] ================================================================== [ 23.353482] ================================================================== [ 23.353591] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 23.353697] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.353805] [ 23.353877] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.354082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.354148] Hardware name: linux,dummy-virt (DT) [ 23.354217] Call trace: [ 23.354278] show_stack+0x20/0x38 (C) [ 23.354379] dump_stack_lvl+0x8c/0xd0 [ 23.354491] print_report+0x118/0x608 [ 23.354599] kasan_report+0xdc/0x128 [ 23.354700] kasan_check_range+0x100/0x1a8 [ 23.354808] __kasan_check_write+0x20/0x30 [ 23.354910] kasan_atomics_helper+0x126c/0x4858 [ 23.355037] kasan_atomics+0x198/0x2e0 [ 23.356239] kunit_try_run_case+0x170/0x3f0 [ 23.356672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.356833] kthread+0x328/0x630 [ 23.356937] ret_from_fork+0x10/0x20 [ 23.357294] [ 23.357352] Allocated by task 265: [ 23.357444] kasan_save_stack+0x3c/0x68 [ 23.357549] kasan_save_track+0x20/0x40 [ 23.357639] kasan_save_alloc_info+0x40/0x58 [ 23.357759] __kasan_kmalloc+0xd4/0xd8 [ 23.357918] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.358090] kasan_atomics+0xb8/0x2e0 [ 23.358186] kunit_try_run_case+0x170/0x3f0 [ 23.358313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.358426] kthread+0x328/0x630 [ 23.358533] ret_from_fork+0x10/0x20 [ 23.358610] [ 23.358652] The buggy address belongs to the object at fff00000c659e300 [ 23.358652] which belongs to the cache kmalloc-64 of size 64 [ 23.358792] The buggy address is located 0 bytes to the right of [ 23.358792] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.358930] [ 23.358979] The buggy address belongs to the physical page: [ 23.359122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.359263] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.359368] page_type: f5(slab) [ 23.359452] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.359599] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.359753] page dumped because: kasan: bad access detected [ 23.359865] [ 23.359911] Memory state around the buggy address: [ 23.360217] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.360347] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.360465] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.360570] ^ [ 23.360661] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.360768] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.360867] ================================================================== [ 23.467327] ================================================================== [ 23.467442] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 23.467542] Read of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.467639] [ 23.467695] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.467867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.467928] Hardware name: linux,dummy-virt (DT) [ 23.468006] Call trace: [ 23.468077] show_stack+0x20/0x38 (C) [ 23.468192] dump_stack_lvl+0x8c/0xd0 [ 23.468302] print_report+0x118/0x608 [ 23.468413] kasan_report+0xdc/0x128 [ 23.468537] __asan_report_load8_noabort+0x20/0x30 [ 23.468659] kasan_atomics_helper+0x3e10/0x4858 [ 23.468784] kasan_atomics+0x198/0x2e0 [ 23.468895] kunit_try_run_case+0x170/0x3f0 [ 23.469013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.470529] kthread+0x328/0x630 [ 23.470660] ret_from_fork+0x10/0x20 [ 23.470870] [ 23.470926] Allocated by task 265: [ 23.471326] kasan_save_stack+0x3c/0x68 [ 23.471419] kasan_save_track+0x20/0x40 [ 23.471895] kasan_save_alloc_info+0x40/0x58 [ 23.471990] __kasan_kmalloc+0xd4/0xd8 [ 23.472123] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.472351] kasan_atomics+0xb8/0x2e0 [ 23.472444] kunit_try_run_case+0x170/0x3f0 [ 23.472583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.472704] kthread+0x328/0x630 [ 23.472889] ret_from_fork+0x10/0x20 [ 23.472989] [ 23.473052] The buggy address belongs to the object at fff00000c659e300 [ 23.473052] which belongs to the cache kmalloc-64 of size 64 [ 23.473184] The buggy address is located 0 bytes to the right of [ 23.473184] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.473338] [ 23.473391] The buggy address belongs to the physical page: [ 23.473465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.473589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.473760] page_type: f5(slab) [ 23.473837] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.473966] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.474081] page dumped because: kasan: bad access detected [ 23.474160] [ 23.474208] Memory state around the buggy address: [ 23.474279] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.474369] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.474518] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.474607] ^ [ 23.474717] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.474828] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.474923] ================================================================== [ 23.312549] ================================================================== [ 23.312679] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 23.312784] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.312896] [ 23.312961] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.313216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.313304] Hardware name: linux,dummy-virt (DT) [ 23.313391] Call trace: [ 23.313467] show_stack+0x20/0x38 (C) [ 23.313580] dump_stack_lvl+0x8c/0xd0 [ 23.313764] print_report+0x118/0x608 [ 23.313869] kasan_report+0xdc/0x128 [ 23.313983] kasan_check_range+0x100/0x1a8 [ 23.314115] __kasan_check_write+0x20/0x30 [ 23.314256] kasan_atomics_helper+0x1058/0x4858 [ 23.314362] kasan_atomics+0x198/0x2e0 [ 23.314472] kunit_try_run_case+0x170/0x3f0 [ 23.314593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.314749] kthread+0x328/0x630 [ 23.314866] ret_from_fork+0x10/0x20 [ 23.314959] [ 23.315004] Allocated by task 265: [ 23.315078] kasan_save_stack+0x3c/0x68 [ 23.315155] kasan_save_track+0x20/0x40 [ 23.315226] kasan_save_alloc_info+0x40/0x58 [ 23.315305] __kasan_kmalloc+0xd4/0xd8 [ 23.315384] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.315500] kasan_atomics+0xb8/0x2e0 [ 23.315569] kunit_try_run_case+0x170/0x3f0 [ 23.315718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.315820] kthread+0x328/0x630 [ 23.315888] ret_from_fork+0x10/0x20 [ 23.315972] [ 23.316035] The buggy address belongs to the object at fff00000c659e300 [ 23.316035] which belongs to the cache kmalloc-64 of size 64 [ 23.316179] The buggy address is located 0 bytes to the right of [ 23.316179] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.316332] [ 23.316379] The buggy address belongs to the physical page: [ 23.316452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.316596] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.316706] page_type: f5(slab) [ 23.316788] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.316903] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.317004] page dumped because: kasan: bad access detected [ 23.317096] [ 23.317143] Memory state around the buggy address: [ 23.317225] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.317316] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.317436] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.317546] ^ [ 23.317620] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.317743] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.317872] ================================================================== [ 23.452253] ================================================================== [ 23.452398] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 23.452531] Read of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.452725] [ 23.453109] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.453419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.453491] Hardware name: linux,dummy-virt (DT) [ 23.454595] Call trace: [ 23.455056] show_stack+0x20/0x38 (C) [ 23.455305] dump_stack_lvl+0x8c/0xd0 [ 23.455469] print_report+0x118/0x608 [ 23.455634] kasan_report+0xdc/0x128 [ 23.455771] __asan_report_load8_noabort+0x20/0x30 [ 23.455898] kasan_atomics_helper+0x3df4/0x4858 [ 23.456087] kasan_atomics+0x198/0x2e0 [ 23.456227] kunit_try_run_case+0x170/0x3f0 [ 23.456343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.456476] kthread+0x328/0x630 [ 23.456597] ret_from_fork+0x10/0x20 [ 23.456720] [ 23.456800] Allocated by task 265: [ 23.456898] kasan_save_stack+0x3c/0x68 [ 23.457009] kasan_save_track+0x20/0x40 [ 23.457102] kasan_save_alloc_info+0x40/0x58 [ 23.457199] __kasan_kmalloc+0xd4/0xd8 [ 23.457292] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.457387] kasan_atomics+0xb8/0x2e0 [ 23.457462] kunit_try_run_case+0x170/0x3f0 [ 23.457548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.457657] kthread+0x328/0x630 [ 23.457759] ret_from_fork+0x10/0x20 [ 23.457917] [ 23.457970] The buggy address belongs to the object at fff00000c659e300 [ 23.457970] which belongs to the cache kmalloc-64 of size 64 [ 23.458134] The buggy address is located 0 bytes to the right of [ 23.458134] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.458277] [ 23.458325] The buggy address belongs to the physical page: [ 23.458419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.458574] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.458730] page_type: f5(slab) [ 23.458812] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.458978] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.459084] page dumped because: kasan: bad access detected [ 23.459157] [ 23.459295] Memory state around the buggy address: [ 23.459374] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.459482] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.459598] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.459686] ^ [ 23.459767] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.459873] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.460010] ================================================================== [ 23.278096] ================================================================== [ 23.278377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 23.278689] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.278829] [ 23.278900] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.279094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.279163] Hardware name: linux,dummy-virt (DT) [ 23.279233] Call trace: [ 23.279285] show_stack+0x20/0x38 (C) [ 23.279392] dump_stack_lvl+0x8c/0xd0 [ 23.279497] print_report+0x118/0x608 [ 23.279584] kasan_report+0xdc/0x128 [ 23.279672] __asan_report_store8_noabort+0x20/0x30 [ 23.279780] kasan_atomics_helper+0x3e5c/0x4858 [ 23.279885] kasan_atomics+0x198/0x2e0 [ 23.279995] kunit_try_run_case+0x170/0x3f0 [ 23.280123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.280247] kthread+0x328/0x630 [ 23.280348] ret_from_fork+0x10/0x20 [ 23.280454] [ 23.280512] Allocated by task 265: [ 23.280588] kasan_save_stack+0x3c/0x68 [ 23.280682] kasan_save_track+0x20/0x40 [ 23.280770] kasan_save_alloc_info+0x40/0x58 [ 23.280857] __kasan_kmalloc+0xd4/0xd8 [ 23.280944] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.281823] kasan_atomics+0xb8/0x2e0 [ 23.281940] kunit_try_run_case+0x170/0x3f0 [ 23.282488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.283010] kthread+0x328/0x630 [ 23.283112] ret_from_fork+0x10/0x20 [ 23.283415] [ 23.283563] The buggy address belongs to the object at fff00000c659e300 [ 23.283563] which belongs to the cache kmalloc-64 of size 64 [ 23.283853] The buggy address is located 0 bytes to the right of [ 23.283853] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.284228] [ 23.284328] The buggy address belongs to the physical page: [ 23.284416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.284553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.284675] page_type: f5(slab) [ 23.285081] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.285214] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.285798] page dumped because: kasan: bad access detected [ 23.285889] [ 23.285947] Memory state around the buggy address: [ 23.286046] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.286477] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.286740] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.286873] ^ [ 23.286941] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.287034] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.287117] ================================================================== [ 23.475418] ================================================================== [ 23.475625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 23.475797] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.475911] [ 23.475971] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.476180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.476239] Hardware name: linux,dummy-virt (DT) [ 23.476304] Call trace: [ 23.476356] show_stack+0x20/0x38 (C) [ 23.476534] dump_stack_lvl+0x8c/0xd0 [ 23.476656] print_report+0x118/0x608 [ 23.476752] kasan_report+0xdc/0x128 [ 23.476862] kasan_check_range+0x100/0x1a8 [ 23.477005] __kasan_check_write+0x20/0x30 [ 23.477176] kasan_atomics_helper+0x175c/0x4858 [ 23.477351] kasan_atomics+0x198/0x2e0 [ 23.477499] kunit_try_run_case+0x170/0x3f0 [ 23.477652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.477808] kthread+0x328/0x630 [ 23.478143] ret_from_fork+0x10/0x20 [ 23.478397] [ 23.478753] Allocated by task 265: [ 23.478873] kasan_save_stack+0x3c/0x68 [ 23.479044] kasan_save_track+0x20/0x40 [ 23.479197] kasan_save_alloc_info+0x40/0x58 [ 23.479498] __kasan_kmalloc+0xd4/0xd8 [ 23.479862] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.480161] kasan_atomics+0xb8/0x2e0 [ 23.480211] kunit_try_run_case+0x170/0x3f0 [ 23.480252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480307] kthread+0x328/0x630 [ 23.480371] ret_from_fork+0x10/0x20 [ 23.480494] [ 23.480556] The buggy address belongs to the object at fff00000c659e300 [ 23.480556] which belongs to the cache kmalloc-64 of size 64 [ 23.480887] The buggy address is located 0 bytes to the right of [ 23.480887] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.481410] [ 23.481466] The buggy address belongs to the physical page: [ 23.481739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.481991] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.482112] page_type: f5(slab) [ 23.482199] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.482316] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.482397] page dumped because: kasan: bad access detected [ 23.483175] [ 23.483792] Memory state around the buggy address: [ 23.483907] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.484009] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.484107] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.484181] ^ [ 23.484255] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.484347] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.484423] ================================================================== [ 23.239180] ================================================================== [ 23.239467] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 23.239586] Read of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.239806] [ 23.239912] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.240133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.240194] Hardware name: linux,dummy-virt (DT) [ 23.240306] Call trace: [ 23.240441] show_stack+0x20/0x38 (C) [ 23.240565] dump_stack_lvl+0x8c/0xd0 [ 23.240684] print_report+0x118/0x608 [ 23.240792] kasan_report+0xdc/0x128 [ 23.241322] __asan_report_load4_noabort+0x20/0x30 [ 23.241464] kasan_atomics_helper+0x3dd8/0x4858 [ 23.241571] kasan_atomics+0x198/0x2e0 [ 23.241744] kunit_try_run_case+0x170/0x3f0 [ 23.241861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.242041] kthread+0x328/0x630 [ 23.242144] ret_from_fork+0x10/0x20 [ 23.242256] [ 23.242303] Allocated by task 265: [ 23.242374] kasan_save_stack+0x3c/0x68 [ 23.242479] kasan_save_track+0x20/0x40 [ 23.242546] kasan_save_alloc_info+0x40/0x58 [ 23.242638] __kasan_kmalloc+0xd4/0xd8 [ 23.242709] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.242814] kasan_atomics+0xb8/0x2e0 [ 23.242885] kunit_try_run_case+0x170/0x3f0 [ 23.242964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.243073] kthread+0x328/0x630 [ 23.243149] ret_from_fork+0x10/0x20 [ 23.243225] [ 23.243284] The buggy address belongs to the object at fff00000c659e300 [ 23.243284] which belongs to the cache kmalloc-64 of size 64 [ 23.243418] The buggy address is located 0 bytes to the right of [ 23.243418] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.243570] [ 23.243615] The buggy address belongs to the physical page: [ 23.243683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.243807] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.243908] page_type: f5(slab) [ 23.244001] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.244209] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.244347] page dumped because: kasan: bad access detected [ 23.244457] [ 23.244540] Memory state around the buggy address: [ 23.244658] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.244766] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.244877] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.244995] ^ [ 23.245102] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.245215] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.245316] ================================================================== [ 23.338062] ================================================================== [ 23.338179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 23.338510] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.338642] [ 23.338709] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.338892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.338959] Hardware name: linux,dummy-virt (DT) [ 23.339052] Call trace: [ 23.339271] show_stack+0x20/0x38 (C) [ 23.339390] dump_stack_lvl+0x8c/0xd0 [ 23.339529] print_report+0x118/0x608 [ 23.339645] kasan_report+0xdc/0x128 [ 23.339751] kasan_check_range+0x100/0x1a8 [ 23.339862] __kasan_check_write+0x20/0x30 [ 23.339973] kasan_atomics_helper+0x1190/0x4858 [ 23.340924] kasan_atomics+0x198/0x2e0 [ 23.341101] kunit_try_run_case+0x170/0x3f0 [ 23.342098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.342283] kthread+0x328/0x630 [ 23.342449] ret_from_fork+0x10/0x20 [ 23.342546] [ 23.342647] Allocated by task 265: [ 23.342713] kasan_save_stack+0x3c/0x68 [ 23.342799] kasan_save_track+0x20/0x40 [ 23.342873] kasan_save_alloc_info+0x40/0x58 [ 23.342959] __kasan_kmalloc+0xd4/0xd8 [ 23.343304] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.343447] kasan_atomics+0xb8/0x2e0 [ 23.343560] kunit_try_run_case+0x170/0x3f0 [ 23.343715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.343820] kthread+0x328/0x630 [ 23.343925] ret_from_fork+0x10/0x20 [ 23.344050] [ 23.344118] The buggy address belongs to the object at fff00000c659e300 [ 23.344118] which belongs to the cache kmalloc-64 of size 64 [ 23.344302] The buggy address is located 0 bytes to the right of [ 23.344302] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.344440] [ 23.344514] The buggy address belongs to the physical page: [ 23.344632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.344792] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.344971] page_type: f5(slab) [ 23.345086] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.345204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.345313] page dumped because: kasan: bad access detected [ 23.345387] [ 23.345664] Memory state around the buggy address: [ 23.345910] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.346014] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.346122] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.346203] ^ [ 23.346420] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.346530] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.346649] ================================================================== [ 23.318955] ================================================================== [ 23.319089] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 23.319201] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.319313] [ 23.319385] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.319557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.319620] Hardware name: linux,dummy-virt (DT) [ 23.319694] Call trace: [ 23.319746] show_stack+0x20/0x38 (C) [ 23.319859] dump_stack_lvl+0x8c/0xd0 [ 23.319967] print_report+0x118/0x608 [ 23.321054] kasan_report+0xdc/0x128 [ 23.321219] kasan_check_range+0x100/0x1a8 [ 23.321334] __kasan_check_write+0x20/0x30 [ 23.322008] kasan_atomics_helper+0x10c0/0x4858 [ 23.322243] kasan_atomics+0x198/0x2e0 [ 23.322365] kunit_try_run_case+0x170/0x3f0 [ 23.322485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.322607] kthread+0x328/0x630 [ 23.322729] ret_from_fork+0x10/0x20 [ 23.322969] [ 23.323141] Allocated by task 265: [ 23.323365] kasan_save_stack+0x3c/0x68 [ 23.323779] kasan_save_track+0x20/0x40 [ 23.324073] kasan_save_alloc_info+0x40/0x58 [ 23.324178] __kasan_kmalloc+0xd4/0xd8 [ 23.324361] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.324928] kasan_atomics+0xb8/0x2e0 [ 23.325218] kunit_try_run_case+0x170/0x3f0 [ 23.325575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.325917] kthread+0x328/0x630 [ 23.326071] ret_from_fork+0x10/0x20 [ 23.326336] [ 23.326526] The buggy address belongs to the object at fff00000c659e300 [ 23.326526] which belongs to the cache kmalloc-64 of size 64 [ 23.326657] The buggy address is located 0 bytes to the right of [ 23.326657] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.326908] [ 23.326964] The buggy address belongs to the physical page: [ 23.327069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.327265] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.327432] page_type: f5(slab) [ 23.327533] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.327655] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.327755] page dumped because: kasan: bad access detected [ 23.327832] [ 23.327880] Memory state around the buggy address: [ 23.327955] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.328068] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.328168] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.328258] ^ [ 23.328351] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.328442] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.328589] ================================================================== [ 23.484892] ================================================================== [ 23.484993] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 23.485140] Read of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.485242] [ 23.485299] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.488059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.488135] Hardware name: linux,dummy-virt (DT) [ 23.488205] Call trace: [ 23.488248] show_stack+0x20/0x38 (C) [ 23.488359] dump_stack_lvl+0x8c/0xd0 [ 23.488466] print_report+0x118/0x608 [ 23.488578] kasan_report+0xdc/0x128 [ 23.488678] __asan_report_load8_noabort+0x20/0x30 [ 23.488784] kasan_atomics_helper+0x3e20/0x4858 [ 23.488883] kasan_atomics+0x198/0x2e0 [ 23.488985] kunit_try_run_case+0x170/0x3f0 [ 23.489112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.489239] kthread+0x328/0x630 [ 23.489339] ret_from_fork+0x10/0x20 [ 23.489436] [ 23.489482] Allocated by task 265: [ 23.489543] kasan_save_stack+0x3c/0x68 [ 23.489632] kasan_save_track+0x20/0x40 [ 23.490789] kasan_save_alloc_info+0x40/0x58 [ 23.490937] __kasan_kmalloc+0xd4/0xd8 [ 23.491052] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.491148] kasan_atomics+0xb8/0x2e0 [ 23.491227] kunit_try_run_case+0x170/0x3f0 [ 23.491312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.491404] kthread+0x328/0x630 [ 23.491471] ret_from_fork+0x10/0x20 [ 23.491552] [ 23.491599] The buggy address belongs to the object at fff00000c659e300 [ 23.491599] which belongs to the cache kmalloc-64 of size 64 [ 23.491727] The buggy address is located 0 bytes to the right of [ 23.491727] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.491851] [ 23.491899] The buggy address belongs to the physical page: [ 23.492018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.492177] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.492314] page_type: f5(slab) [ 23.492411] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.492581] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.492737] page dumped because: kasan: bad access detected [ 23.492854] [ 23.492911] Memory state around the buggy address: [ 23.493018] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.493166] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.493260] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.493348] ^ [ 23.493420] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.493509] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.494303] ================================================================== [ 23.158139] ================================================================== [ 23.158230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 23.158336] Read of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.158450] [ 23.158523] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.158704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.158783] Hardware name: linux,dummy-virt (DT) [ 23.158859] Call trace: [ 23.158913] show_stack+0x20/0x38 (C) [ 23.159037] dump_stack_lvl+0x8c/0xd0 [ 23.159152] print_report+0x118/0x608 [ 23.159274] kasan_report+0xdc/0x128 [ 23.159381] __asan_report_load4_noabort+0x20/0x30 [ 23.159502] kasan_atomics_helper+0x3dcc/0x4858 [ 23.159615] kasan_atomics+0x198/0x2e0 [ 23.159723] kunit_try_run_case+0x170/0x3f0 [ 23.159843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.159972] kthread+0x328/0x630 [ 23.160450] ret_from_fork+0x10/0x20 [ 23.161013] [ 23.161137] Allocated by task 265: [ 23.161226] kasan_save_stack+0x3c/0x68 [ 23.161324] kasan_save_track+0x20/0x40 [ 23.161416] kasan_save_alloc_info+0x40/0x58 [ 23.161510] __kasan_kmalloc+0xd4/0xd8 [ 23.161595] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.161682] kasan_atomics+0xb8/0x2e0 [ 23.162045] kunit_try_run_case+0x170/0x3f0 [ 23.162191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.162340] kthread+0x328/0x630 [ 23.162424] ret_from_fork+0x10/0x20 [ 23.162506] [ 23.162559] The buggy address belongs to the object at fff00000c659e300 [ 23.162559] which belongs to the cache kmalloc-64 of size 64 [ 23.162740] The buggy address is located 0 bytes to the right of [ 23.162740] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.162884] [ 23.162944] The buggy address belongs to the physical page: [ 23.163015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.163490] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.163611] page_type: f5(slab) [ 23.163760] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.163939] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.164109] page dumped because: kasan: bad access detected [ 23.164185] [ 23.164229] Memory state around the buggy address: [ 23.164308] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.164411] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.164534] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.164642] ^ [ 23.164731] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.164876] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.165015] ================================================================== [ 23.300996] ================================================================== [ 23.301123] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 23.301233] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.301334] [ 23.301403] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.301587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.301651] Hardware name: linux,dummy-virt (DT) [ 23.301720] Call trace: [ 23.301770] show_stack+0x20/0x38 (C) [ 23.301865] dump_stack_lvl+0x8c/0xd0 [ 23.301957] print_report+0x118/0x608 [ 23.302066] kasan_report+0xdc/0x128 [ 23.302186] kasan_check_range+0x100/0x1a8 [ 23.302326] __kasan_check_write+0x20/0x30 [ 23.302438] kasan_atomics_helper+0xf88/0x4858 [ 23.302565] kasan_atomics+0x198/0x2e0 [ 23.302699] kunit_try_run_case+0x170/0x3f0 [ 23.302858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.303048] kthread+0x328/0x630 [ 23.303145] ret_from_fork+0x10/0x20 [ 23.303231] [ 23.303275] Allocated by task 265: [ 23.303343] kasan_save_stack+0x3c/0x68 [ 23.303431] kasan_save_track+0x20/0x40 [ 23.303551] kasan_save_alloc_info+0x40/0x58 [ 23.303673] __kasan_kmalloc+0xd4/0xd8 [ 23.303783] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.303872] kasan_atomics+0xb8/0x2e0 [ 23.303959] kunit_try_run_case+0x170/0x3f0 [ 23.304079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.304182] kthread+0x328/0x630 [ 23.304259] ret_from_fork+0x10/0x20 [ 23.304342] [ 23.304388] The buggy address belongs to the object at fff00000c659e300 [ 23.304388] which belongs to the cache kmalloc-64 of size 64 [ 23.304536] The buggy address is located 0 bytes to the right of [ 23.304536] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.304697] [ 23.304750] The buggy address belongs to the physical page: [ 23.304826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.304974] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.305109] page_type: f5(slab) [ 23.305193] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.305318] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.305423] page dumped because: kasan: bad access detected [ 23.305487] [ 23.305524] Memory state around the buggy address: [ 23.305591] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.305678] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.305779] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.305876] ^ [ 23.305944] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.306049] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.306142] ================================================================== [ 23.370501] ================================================================== [ 23.370619] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 23.370734] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.370849] [ 23.370922] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.371134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.371204] Hardware name: linux,dummy-virt (DT) [ 23.371276] Call trace: [ 23.371333] show_stack+0x20/0x38 (C) [ 23.371442] dump_stack_lvl+0x8c/0xd0 [ 23.371560] print_report+0x118/0x608 [ 23.371672] kasan_report+0xdc/0x128 [ 23.371778] kasan_check_range+0x100/0x1a8 [ 23.371892] __kasan_check_write+0x20/0x30 [ 23.372000] kasan_atomics_helper+0x1384/0x4858 [ 23.373723] kasan_atomics+0x198/0x2e0 [ 23.373936] kunit_try_run_case+0x170/0x3f0 [ 23.374157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.374292] kthread+0x328/0x630 [ 23.374399] ret_from_fork+0x10/0x20 [ 23.374553] [ 23.374637] Allocated by task 265: [ 23.375038] kasan_save_stack+0x3c/0x68 [ 23.375327] kasan_save_track+0x20/0x40 [ 23.375635] kasan_save_alloc_info+0x40/0x58 [ 23.375938] __kasan_kmalloc+0xd4/0xd8 [ 23.376043] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.376136] kasan_atomics+0xb8/0x2e0 [ 23.376366] kunit_try_run_case+0x170/0x3f0 [ 23.376667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.376999] kthread+0x328/0x630 [ 23.377585] ret_from_fork+0x10/0x20 [ 23.377870] [ 23.377963] The buggy address belongs to the object at fff00000c659e300 [ 23.377963] which belongs to the cache kmalloc-64 of size 64 [ 23.378118] The buggy address is located 0 bytes to the right of [ 23.378118] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.378269] [ 23.378321] The buggy address belongs to the physical page: [ 23.378384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.378483] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.378608] page_type: f5(slab) [ 23.378690] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.378810] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.378914] page dumped because: kasan: bad access detected [ 23.378998] [ 23.379064] Memory state around the buggy address: [ 23.379181] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.379292] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.379402] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.379502] ^ [ 23.379592] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.379684] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.379771] ================================================================== [ 23.446319] ================================================================== [ 23.446426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 23.446533] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.446645] [ 23.446714] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.446900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.446965] Hardware name: linux,dummy-virt (DT) [ 23.447052] Call trace: [ 23.447111] show_stack+0x20/0x38 (C) [ 23.447219] dump_stack_lvl+0x8c/0xd0 [ 23.447332] print_report+0x118/0x608 [ 23.447436] kasan_report+0xdc/0x128 [ 23.447540] kasan_check_range+0x100/0x1a8 [ 23.447655] __kasan_check_write+0x20/0x30 [ 23.447758] kasan_atomics_helper+0x1644/0x4858 [ 23.447869] kasan_atomics+0x198/0x2e0 [ 23.447970] kunit_try_run_case+0x170/0x3f0 [ 23.448083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.448189] kthread+0x328/0x630 [ 23.448334] ret_from_fork+0x10/0x20 [ 23.448449] [ 23.448952] Allocated by task 265: [ 23.449693] kasan_save_stack+0x3c/0x68 [ 23.449854] kasan_save_track+0x20/0x40 [ 23.449955] kasan_save_alloc_info+0x40/0x58 [ 23.450077] __kasan_kmalloc+0xd4/0xd8 [ 23.450241] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.450338] kasan_atomics+0xb8/0x2e0 [ 23.450440] kunit_try_run_case+0x170/0x3f0 [ 23.450530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.450682] kthread+0x328/0x630 [ 23.450750] ret_from_fork+0x10/0x20 [ 23.450948] [ 23.450980] The buggy address belongs to the object at fff00000c659e300 [ 23.450980] which belongs to the cache kmalloc-64 of size 64 [ 23.451097] The buggy address is located 0 bytes to the right of [ 23.451097] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.451169] [ 23.451194] The buggy address belongs to the physical page: [ 23.451227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.451282] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.451334] page_type: f5(slab) [ 23.451376] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.451430] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.451474] page dumped because: kasan: bad access detected [ 23.451508] [ 23.451531] Memory state around the buggy address: [ 23.451565] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.451611] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.451657] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.451696] ^ [ 23.451732] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.451775] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.451814] ================================================================== [ 23.112608] ================================================================== [ 23.112732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 23.112858] Write of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.112987] [ 23.113342] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.113763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.113905] Hardware name: linux,dummy-virt (DT) [ 23.114233] Call trace: [ 23.114297] show_stack+0x20/0x38 (C) [ 23.114422] dump_stack_lvl+0x8c/0xd0 [ 23.114515] print_report+0x118/0x608 [ 23.114614] kasan_report+0xdc/0x128 [ 23.114725] kasan_check_range+0x100/0x1a8 [ 23.114840] __kasan_check_write+0x20/0x30 [ 23.114947] kasan_atomics_helper+0x99c/0x4858 [ 23.115078] kasan_atomics+0x198/0x2e0 [ 23.115187] kunit_try_run_case+0x170/0x3f0 [ 23.115304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.115899] kthread+0x328/0x630 [ 23.116060] ret_from_fork+0x10/0x20 [ 23.116283] [ 23.116366] Allocated by task 265: [ 23.116571] kasan_save_stack+0x3c/0x68 [ 23.116968] kasan_save_track+0x20/0x40 [ 23.117077] kasan_save_alloc_info+0x40/0x58 [ 23.117326] __kasan_kmalloc+0xd4/0xd8 [ 23.117445] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.117537] kasan_atomics+0xb8/0x2e0 [ 23.117713] kunit_try_run_case+0x170/0x3f0 [ 23.117805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.118240] kthread+0x328/0x630 [ 23.118335] ret_from_fork+0x10/0x20 [ 23.118419] [ 23.118460] The buggy address belongs to the object at fff00000c659e300 [ 23.118460] which belongs to the cache kmalloc-64 of size 64 [ 23.118578] The buggy address is located 0 bytes to the right of [ 23.118578] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.118724] [ 23.119396] The buggy address belongs to the physical page: [ 23.119815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.120037] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.120951] page_type: f5(slab) [ 23.121602] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.121886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.121981] page dumped because: kasan: bad access detected [ 23.122063] [ 23.122603] Memory state around the buggy address: [ 23.122897] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.123226] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.123400] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.123504] ^ [ 23.123580] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.123718] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.123817] ================================================================== [ 23.136116] ================================================================== [ 23.136358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 23.136708] Write of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.136952] [ 23.137170] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.137585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.137654] Hardware name: linux,dummy-virt (DT) [ 23.137736] Call trace: [ 23.137789] show_stack+0x20/0x38 (C) [ 23.137904] dump_stack_lvl+0x8c/0xd0 [ 23.138013] print_report+0x118/0x608 [ 23.138130] kasan_report+0xdc/0x128 [ 23.138561] kasan_check_range+0x100/0x1a8 [ 23.138857] __kasan_check_write+0x20/0x30 [ 23.139091] kasan_atomics_helper+0xa6c/0x4858 [ 23.139283] kasan_atomics+0x198/0x2e0 [ 23.139413] kunit_try_run_case+0x170/0x3f0 [ 23.139507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.139608] kthread+0x328/0x630 [ 23.139680] ret_from_fork+0x10/0x20 [ 23.139766] [ 23.139814] Allocated by task 265: [ 23.140282] kasan_save_stack+0x3c/0x68 [ 23.140553] kasan_save_track+0x20/0x40 [ 23.140797] kasan_save_alloc_info+0x40/0x58 [ 23.141042] __kasan_kmalloc+0xd4/0xd8 [ 23.141130] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.141223] kasan_atomics+0xb8/0x2e0 [ 23.141533] kunit_try_run_case+0x170/0x3f0 [ 23.141867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.142253] kthread+0x328/0x630 [ 23.142324] ret_from_fork+0x10/0x20 [ 23.142994] [ 23.143162] The buggy address belongs to the object at fff00000c659e300 [ 23.143162] which belongs to the cache kmalloc-64 of size 64 [ 23.143316] The buggy address is located 0 bytes to the right of [ 23.143316] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.143641] [ 23.143727] The buggy address belongs to the physical page: [ 23.144742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.145166] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.145754] page_type: f5(slab) [ 23.145967] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.146341] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.146444] page dumped because: kasan: bad access detected [ 23.146527] [ 23.146575] Memory state around the buggy address: [ 23.146643] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.146725] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.147313] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.147507] ^ [ 23.147609] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.147703] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.147791] ================================================================== [ 23.271069] ================================================================== [ 23.271168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 23.271294] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.271461] [ 23.271562] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.271831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.271922] Hardware name: linux,dummy-virt (DT) [ 23.272033] Call trace: [ 23.272119] show_stack+0x20/0x38 (C) [ 23.272270] dump_stack_lvl+0x8c/0xd0 [ 23.272425] print_report+0x118/0x608 [ 23.272601] kasan_report+0xdc/0x128 [ 23.272710] kasan_check_range+0x100/0x1a8 [ 23.272834] __kasan_check_write+0x20/0x30 [ 23.272951] kasan_atomics_helper+0xe44/0x4858 [ 23.273078] kasan_atomics+0x198/0x2e0 [ 23.273184] kunit_try_run_case+0x170/0x3f0 [ 23.273373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.273487] kthread+0x328/0x630 [ 23.273608] ret_from_fork+0x10/0x20 [ 23.273719] [ 23.273777] Allocated by task 265: [ 23.273966] kasan_save_stack+0x3c/0x68 [ 23.274188] kasan_save_track+0x20/0x40 [ 23.274496] kasan_save_alloc_info+0x40/0x58 [ 23.274708] __kasan_kmalloc+0xd4/0xd8 [ 23.274805] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.274927] kasan_atomics+0xb8/0x2e0 [ 23.275003] kunit_try_run_case+0x170/0x3f0 [ 23.275124] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.275216] kthread+0x328/0x630 [ 23.275283] ret_from_fork+0x10/0x20 [ 23.275352] [ 23.275523] The buggy address belongs to the object at fff00000c659e300 [ 23.275523] which belongs to the cache kmalloc-64 of size 64 [ 23.275651] The buggy address is located 0 bytes to the right of [ 23.275651] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.275795] [ 23.275854] The buggy address belongs to the physical page: [ 23.275929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.276058] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.276175] page_type: f5(slab) [ 23.276261] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.276385] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.276479] page dumped because: kasan: bad access detected [ 23.276812] [ 23.276903] Memory state around the buggy address: [ 23.277035] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.277157] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.277258] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.277351] ^ [ 23.277465] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.277602] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.277691] ================================================================== [ 23.387284] ================================================================== [ 23.387365] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 23.387427] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.387480] [ 23.387515] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.387599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.387629] Hardware name: linux,dummy-virt (DT) [ 23.387660] Call trace: [ 23.387686] show_stack+0x20/0x38 (C) [ 23.387735] dump_stack_lvl+0x8c/0xd0 [ 23.387786] print_report+0x118/0x608 [ 23.387835] kasan_report+0xdc/0x128 [ 23.387882] kasan_check_range+0x100/0x1a8 [ 23.387933] __kasan_check_write+0x20/0x30 [ 23.387979] kasan_atomics_helper+0x1414/0x4858 [ 23.388057] kasan_atomics+0x198/0x2e0 [ 23.388158] kunit_try_run_case+0x170/0x3f0 [ 23.388260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.388385] kthread+0x328/0x630 [ 23.388482] ret_from_fork+0x10/0x20 [ 23.388617] [ 23.388666] Allocated by task 265: [ 23.388732] kasan_save_stack+0x3c/0x68 [ 23.388823] kasan_save_track+0x20/0x40 [ 23.388910] kasan_save_alloc_info+0x40/0x58 [ 23.388993] __kasan_kmalloc+0xd4/0xd8 [ 23.389269] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.389361] kasan_atomics+0xb8/0x2e0 [ 23.389447] kunit_try_run_case+0x170/0x3f0 [ 23.389532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.389634] kthread+0x328/0x630 [ 23.389942] ret_from_fork+0x10/0x20 [ 23.390065] [ 23.390429] The buggy address belongs to the object at fff00000c659e300 [ 23.390429] which belongs to the cache kmalloc-64 of size 64 [ 23.390700] The buggy address is located 0 bytes to the right of [ 23.390700] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.391380] [ 23.391556] The buggy address belongs to the physical page: [ 23.391730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.392243] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.392367] page_type: f5(slab) [ 23.392456] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.393112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.393282] page dumped because: kasan: bad access detected [ 23.393365] [ 23.393604] Memory state around the buggy address: [ 23.393684] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.393950] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.394059] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.394150] ^ [ 23.394227] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.394779] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.394887] ================================================================== [ 23.407052] ================================================================== [ 23.407160] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 23.407516] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.407647] [ 23.407724] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.407914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.407976] Hardware name: linux,dummy-virt (DT) [ 23.408067] Call trace: [ 23.408122] show_stack+0x20/0x38 (C) [ 23.408232] dump_stack_lvl+0x8c/0xd0 [ 23.408336] print_report+0x118/0x608 [ 23.408442] kasan_report+0xdc/0x128 [ 23.408571] kasan_check_range+0x100/0x1a8 [ 23.408684] __kasan_check_write+0x20/0x30 [ 23.408791] kasan_atomics_helper+0x14e4/0x4858 [ 23.408900] kasan_atomics+0x198/0x2e0 [ 23.409005] kunit_try_run_case+0x170/0x3f0 [ 23.409332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.409456] kthread+0x328/0x630 [ 23.409550] ret_from_fork+0x10/0x20 [ 23.409653] [ 23.409709] Allocated by task 265: [ 23.409774] kasan_save_stack+0x3c/0x68 [ 23.409867] kasan_save_track+0x20/0x40 [ 23.409950] kasan_save_alloc_info+0x40/0x58 [ 23.410054] __kasan_kmalloc+0xd4/0xd8 [ 23.410140] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.410228] kasan_atomics+0xb8/0x2e0 [ 23.410306] kunit_try_run_case+0x170/0x3f0 [ 23.410397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.410495] kthread+0x328/0x630 [ 23.410573] ret_from_fork+0x10/0x20 [ 23.410659] [ 23.410708] The buggy address belongs to the object at fff00000c659e300 [ 23.410708] which belongs to the cache kmalloc-64 of size 64 [ 23.410840] The buggy address is located 0 bytes to the right of [ 23.410840] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.410993] [ 23.413202] The buggy address belongs to the physical page: [ 23.413547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.413679] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.414401] page_type: f5(slab) [ 23.414768] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.414894] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.414988] page dumped because: kasan: bad access detected [ 23.415080] [ 23.415700] Memory state around the buggy address: [ 23.415851] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.415967] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.416287] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.416390] ^ [ 23.416942] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.417226] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.417581] ================================================================== [ 23.329608] ================================================================== [ 23.329773] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 23.329931] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.330116] [ 23.330224] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.330482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.330569] Hardware name: linux,dummy-virt (DT) [ 23.330670] Call trace: [ 23.330745] show_stack+0x20/0x38 (C) [ 23.330904] dump_stack_lvl+0x8c/0xd0 [ 23.331011] print_report+0x118/0x608 [ 23.331112] kasan_report+0xdc/0x128 [ 23.331569] kasan_check_range+0x100/0x1a8 [ 23.331747] __kasan_check_write+0x20/0x30 [ 23.331989] kasan_atomics_helper+0x1128/0x4858 [ 23.332110] kasan_atomics+0x198/0x2e0 [ 23.332451] kunit_try_run_case+0x170/0x3f0 [ 23.332638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.332848] kthread+0x328/0x630 [ 23.332951] ret_from_fork+0x10/0x20 [ 23.333077] [ 23.333147] Allocated by task 265: [ 23.333210] kasan_save_stack+0x3c/0x68 [ 23.333336] kasan_save_track+0x20/0x40 [ 23.333422] kasan_save_alloc_info+0x40/0x58 [ 23.333706] __kasan_kmalloc+0xd4/0xd8 [ 23.333792] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.333874] kasan_atomics+0xb8/0x2e0 [ 23.333955] kunit_try_run_case+0x170/0x3f0 [ 23.334064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.334243] kthread+0x328/0x630 [ 23.334357] ret_from_fork+0x10/0x20 [ 23.334461] [ 23.334539] The buggy address belongs to the object at fff00000c659e300 [ 23.334539] which belongs to the cache kmalloc-64 of size 64 [ 23.334664] The buggy address is located 0 bytes to the right of [ 23.334664] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.334847] [ 23.334921] The buggy address belongs to the physical page: [ 23.335039] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.335396] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.335545] page_type: f5(slab) [ 23.335670] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.335781] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.335878] page dumped because: kasan: bad access detected [ 23.335950] [ 23.335997] Memory state around the buggy address: [ 23.336089] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.336203] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.336302] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.336551] ^ [ 23.336849] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.336968] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.337071] ================================================================== [ 23.288257] ================================================================== [ 23.288393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 23.288719] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.289143] [ 23.289234] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.289433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.289502] Hardware name: linux,dummy-virt (DT) [ 23.289708] Call trace: [ 23.289771] show_stack+0x20/0x38 (C) [ 23.289871] dump_stack_lvl+0x8c/0xd0 [ 23.289979] print_report+0x118/0x608 [ 23.290117] kasan_report+0xdc/0x128 [ 23.290268] kasan_check_range+0x100/0x1a8 [ 23.290385] __kasan_check_write+0x20/0x30 [ 23.290494] kasan_atomics_helper+0xeb8/0x4858 [ 23.290611] kasan_atomics+0x198/0x2e0 [ 23.290697] kunit_try_run_case+0x170/0x3f0 [ 23.290996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.291124] kthread+0x328/0x630 [ 23.291205] ret_from_fork+0x10/0x20 [ 23.291305] [ 23.291378] Allocated by task 265: [ 23.291467] kasan_save_stack+0x3c/0x68 [ 23.291609] kasan_save_track+0x20/0x40 [ 23.291739] kasan_save_alloc_info+0x40/0x58 [ 23.291833] __kasan_kmalloc+0xd4/0xd8 [ 23.291914] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.292006] kasan_atomics+0xb8/0x2e0 [ 23.292104] kunit_try_run_case+0x170/0x3f0 [ 23.292191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.292334] kthread+0x328/0x630 [ 23.292425] ret_from_fork+0x10/0x20 [ 23.292517] [ 23.292570] The buggy address belongs to the object at fff00000c659e300 [ 23.292570] which belongs to the cache kmalloc-64 of size 64 [ 23.292767] The buggy address is located 0 bytes to the right of [ 23.292767] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.292932] [ 23.292985] The buggy address belongs to the physical page: [ 23.293072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.293185] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.293292] page_type: f5(slab) [ 23.293366] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.293471] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.293572] page dumped because: kasan: bad access detected [ 23.293655] [ 23.293693] Memory state around the buggy address: [ 23.293766] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.293853] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.293948] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.294044] ^ [ 23.294120] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.294266] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.294349] ================================================================== [ 23.494809] ================================================================== [ 23.494906] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 23.495016] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.495139] [ 23.495201] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.495364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.495420] Hardware name: linux,dummy-virt (DT) [ 23.495476] Call trace: [ 23.495524] show_stack+0x20/0x38 (C) [ 23.495631] dump_stack_lvl+0x8c/0xd0 [ 23.495729] print_report+0x118/0x608 [ 23.495827] kasan_report+0xdc/0x128 [ 23.495913] kasan_check_range+0x100/0x1a8 [ 23.496003] __kasan_check_write+0x20/0x30 [ 23.496298] kasan_atomics_helper+0x17ec/0x4858 [ 23.496439] kasan_atomics+0x198/0x2e0 [ 23.496624] kunit_try_run_case+0x170/0x3f0 [ 23.496793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.496968] kthread+0x328/0x630 [ 23.497145] ret_from_fork+0x10/0x20 [ 23.497254] [ 23.497308] Allocated by task 265: [ 23.497374] kasan_save_stack+0x3c/0x68 [ 23.497472] kasan_save_track+0x20/0x40 [ 23.497555] kasan_save_alloc_info+0x40/0x58 [ 23.497652] __kasan_kmalloc+0xd4/0xd8 [ 23.497770] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.497858] kasan_atomics+0xb8/0x2e0 [ 23.497943] kunit_try_run_case+0x170/0x3f0 [ 23.498527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.498749] kthread+0x328/0x630 [ 23.498837] ret_from_fork+0x10/0x20 [ 23.499036] [ 23.499242] The buggy address belongs to the object at fff00000c659e300 [ 23.499242] which belongs to the cache kmalloc-64 of size 64 [ 23.499479] The buggy address is located 0 bytes to the right of [ 23.499479] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.499845] [ 23.499900] The buggy address belongs to the physical page: [ 23.499966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.500137] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.500457] page_type: f5(slab) [ 23.500701] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.501176] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.501277] page dumped because: kasan: bad access detected [ 23.501348] [ 23.501400] Memory state around the buggy address: [ 23.501476] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.501840] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.502340] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.502452] ^ [ 23.502524] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.502992] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.503219] ================================================================== [ 23.294807] ================================================================== [ 23.294909] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 23.295008] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.295131] [ 23.295192] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.295360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.295427] Hardware name: linux,dummy-virt (DT) [ 23.295496] Call trace: [ 23.295558] show_stack+0x20/0x38 (C) [ 23.295770] dump_stack_lvl+0x8c/0xd0 [ 23.295952] print_report+0x118/0x608 [ 23.296099] kasan_report+0xdc/0x128 [ 23.296250] kasan_check_range+0x100/0x1a8 [ 23.296404] __kasan_check_write+0x20/0x30 [ 23.296577] kasan_atomics_helper+0xf20/0x4858 [ 23.296741] kasan_atomics+0x198/0x2e0 [ 23.296884] kunit_try_run_case+0x170/0x3f0 [ 23.297052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.297169] kthread+0x328/0x630 [ 23.297282] ret_from_fork+0x10/0x20 [ 23.297434] [ 23.297499] Allocated by task 265: [ 23.297592] kasan_save_stack+0x3c/0x68 [ 23.297722] kasan_save_track+0x20/0x40 [ 23.297802] kasan_save_alloc_info+0x40/0x58 [ 23.297889] __kasan_kmalloc+0xd4/0xd8 [ 23.297974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.298074] kasan_atomics+0xb8/0x2e0 [ 23.298141] kunit_try_run_case+0x170/0x3f0 [ 23.298217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.298323] kthread+0x328/0x630 [ 23.298410] ret_from_fork+0x10/0x20 [ 23.298484] [ 23.298578] The buggy address belongs to the object at fff00000c659e300 [ 23.298578] which belongs to the cache kmalloc-64 of size 64 [ 23.298734] The buggy address is located 0 bytes to the right of [ 23.298734] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.298950] [ 23.299005] The buggy address belongs to the physical page: [ 23.299093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.299195] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.299294] page_type: f5(slab) [ 23.299385] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.299506] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.299611] page dumped because: kasan: bad access detected [ 23.299705] [ 23.299754] Memory state around the buggy address: [ 23.299818] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.299901] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.299995] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.300100] ^ [ 23.300187] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.300291] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.300388] ================================================================== [ 23.433981] ================================================================== [ 23.434095] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 23.434203] Read of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.434312] [ 23.434579] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.434779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.434851] Hardware name: linux,dummy-virt (DT) [ 23.434944] Call trace: [ 23.435047] show_stack+0x20/0x38 (C) [ 23.435250] dump_stack_lvl+0x8c/0xd0 [ 23.435358] print_report+0x118/0x608 [ 23.435460] kasan_report+0xdc/0x128 [ 23.435571] __asan_report_load8_noabort+0x20/0x30 [ 23.435681] kasan_atomics_helper+0x3db0/0x4858 [ 23.435794] kasan_atomics+0x198/0x2e0 [ 23.435896] kunit_try_run_case+0x170/0x3f0 [ 23.436005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.436413] kthread+0x328/0x630 [ 23.436567] ret_from_fork+0x10/0x20 [ 23.436699] [ 23.437052] Allocated by task 265: [ 23.437213] kasan_save_stack+0x3c/0x68 [ 23.437351] kasan_save_track+0x20/0x40 [ 23.437439] kasan_save_alloc_info+0x40/0x58 [ 23.437526] __kasan_kmalloc+0xd4/0xd8 [ 23.437610] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.438002] kasan_atomics+0xb8/0x2e0 [ 23.438213] kunit_try_run_case+0x170/0x3f0 [ 23.438517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.438660] kthread+0x328/0x630 [ 23.438741] ret_from_fork+0x10/0x20 [ 23.438816] [ 23.438867] The buggy address belongs to the object at fff00000c659e300 [ 23.438867] which belongs to the cache kmalloc-64 of size 64 [ 23.439003] The buggy address is located 0 bytes to the right of [ 23.439003] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.439181] [ 23.439234] The buggy address belongs to the physical page: [ 23.440247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.440545] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.440785] page_type: f5(slab) [ 23.440870] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.441896] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.442360] page dumped because: kasan: bad access detected [ 23.442434] [ 23.442474] Memory state around the buggy address: [ 23.442993] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.443349] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.443476] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.443963] ^ [ 23.444294] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.444604] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.444694] ================================================================== [ 23.264232] ================================================================== [ 23.264328] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 23.264889] Read of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.265247] [ 23.265474] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.265852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.265932] Hardware name: linux,dummy-virt (DT) [ 23.266031] Call trace: [ 23.266080] show_stack+0x20/0x38 (C) [ 23.266194] dump_stack_lvl+0x8c/0xd0 [ 23.266286] print_report+0x118/0x608 [ 23.266374] kasan_report+0xdc/0x128 [ 23.266469] __asan_report_load8_noabort+0x20/0x30 [ 23.266577] kasan_atomics_helper+0x3f58/0x4858 [ 23.266889] kasan_atomics+0x198/0x2e0 [ 23.267146] kunit_try_run_case+0x170/0x3f0 [ 23.267345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.267501] kthread+0x328/0x630 [ 23.267747] ret_from_fork+0x10/0x20 [ 23.267948] [ 23.268003] Allocated by task 265: [ 23.268082] kasan_save_stack+0x3c/0x68 [ 23.268182] kasan_save_track+0x20/0x40 [ 23.268268] kasan_save_alloc_info+0x40/0x58 [ 23.268358] __kasan_kmalloc+0xd4/0xd8 [ 23.268436] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.268547] kasan_atomics+0xb8/0x2e0 [ 23.268636] kunit_try_run_case+0x170/0x3f0 [ 23.268732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.268843] kthread+0x328/0x630 [ 23.268939] ret_from_fork+0x10/0x20 [ 23.269040] [ 23.269088] The buggy address belongs to the object at fff00000c659e300 [ 23.269088] which belongs to the cache kmalloc-64 of size 64 [ 23.269322] The buggy address is located 0 bytes to the right of [ 23.269322] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.269788] [ 23.270101] The buggy address belongs to the physical page: [ 23.270152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.270217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.270271] page_type: f5(slab) [ 23.270312] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.270366] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.270410] page dumped because: kasan: bad access detected [ 23.270445] [ 23.270465] Memory state around the buggy address: [ 23.270500] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.270547] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.270592] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.270632] ^ [ 23.270667] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.270712] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.270752] ================================================================== [ 23.246048] ================================================================== [ 23.246157] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 23.246266] Write of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.246390] [ 23.246467] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.246659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.246717] Hardware name: linux,dummy-virt (DT) [ 23.246792] Call trace: [ 23.246843] show_stack+0x20/0x38 (C) [ 23.246952] dump_stack_lvl+0x8c/0xd0 [ 23.247076] print_report+0x118/0x608 [ 23.247180] kasan_report+0xdc/0x128 [ 23.247277] kasan_check_range+0x100/0x1a8 [ 23.247366] __kasan_check_write+0x20/0x30 [ 23.247452] kasan_atomics_helper+0xd3c/0x4858 [ 23.247553] kasan_atomics+0x198/0x2e0 [ 23.247655] kunit_try_run_case+0x170/0x3f0 [ 23.247760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.247880] kthread+0x328/0x630 [ 23.247973] ret_from_fork+0x10/0x20 [ 23.248226] [ 23.248282] Allocated by task 265: [ 23.248346] kasan_save_stack+0x3c/0x68 [ 23.248431] kasan_save_track+0x20/0x40 [ 23.248521] kasan_save_alloc_info+0x40/0x58 [ 23.248618] __kasan_kmalloc+0xd4/0xd8 [ 23.248759] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.248849] kasan_atomics+0xb8/0x2e0 [ 23.248938] kunit_try_run_case+0x170/0x3f0 [ 23.249043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.249194] kthread+0x328/0x630 [ 23.249301] ret_from_fork+0x10/0x20 [ 23.249421] [ 23.249472] The buggy address belongs to the object at fff00000c659e300 [ 23.249472] which belongs to the cache kmalloc-64 of size 64 [ 23.249594] The buggy address is located 0 bytes to the right of [ 23.249594] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.249762] [ 23.249835] The buggy address belongs to the physical page: [ 23.249905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.250014] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.250151] page_type: f5(slab) [ 23.250250] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.250386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.250473] page dumped because: kasan: bad access detected [ 23.250541] [ 23.250582] Memory state around the buggy address: [ 23.250686] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.250829] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.250972] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.251112] ^ [ 23.251233] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.251370] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.251497] ================================================================== [ 23.166464] ================================================================== [ 23.166627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 23.166749] Write of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.166897] [ 23.166968] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.167158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.167229] Hardware name: linux,dummy-virt (DT) [ 23.167310] Call trace: [ 23.167359] show_stack+0x20/0x38 (C) [ 23.167725] dump_stack_lvl+0x8c/0xd0 [ 23.167912] print_report+0x118/0x608 [ 23.168038] kasan_report+0xdc/0x128 [ 23.168276] kasan_check_range+0x100/0x1a8 [ 23.168395] __kasan_check_write+0x20/0x30 [ 23.168519] kasan_atomics_helper+0xb70/0x4858 [ 23.168633] kasan_atomics+0x198/0x2e0 [ 23.168964] kunit_try_run_case+0x170/0x3f0 [ 23.169092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.169218] kthread+0x328/0x630 [ 23.169312] ret_from_fork+0x10/0x20 [ 23.169618] [ 23.169677] Allocated by task 265: [ 23.169762] kasan_save_stack+0x3c/0x68 [ 23.169911] kasan_save_track+0x20/0x40 [ 23.170009] kasan_save_alloc_info+0x40/0x58 [ 23.170120] __kasan_kmalloc+0xd4/0xd8 [ 23.170209] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.170304] kasan_atomics+0xb8/0x2e0 [ 23.170400] kunit_try_run_case+0x170/0x3f0 [ 23.170653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.170967] kthread+0x328/0x630 [ 23.171070] ret_from_fork+0x10/0x20 [ 23.171166] [ 23.171210] The buggy address belongs to the object at fff00000c659e300 [ 23.171210] which belongs to the cache kmalloc-64 of size 64 [ 23.171321] The buggy address is located 0 bytes to the right of [ 23.171321] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.171578] [ 23.171642] The buggy address belongs to the physical page: [ 23.171714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.172037] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.172190] page_type: f5(slab) [ 23.172284] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.172562] page dumped because: kasan: bad access detected [ 23.172776] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.173114] ^ [ 23.175566] Read of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.177767] kasan_atomics_helper+0x3dbc/0x4858 [ 23.179986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.182032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.191729] Call trace: [ 23.200983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.206583] [ 23.209002] ^ [ 23.214942] Call trace: [ 23.219148] kthread+0x328/0x630 [ 23.220432] [ 23.221501] page dumped because: kasan: bad access detected [ 23.226877] ^ [ 23.228898] Write of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.234643] [ 23.234693] The buggy address belongs to the object at fff00000c659e300 [ 23.234693] which belongs to the cache kmalloc-64 of size 64 [ 23.234832] The buggy address is located 0 bytes to the right of [ 23.234832] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.234973] [ 23.235039] The buggy address belongs to the physical page: [ 23.235101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.235225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.235330] page_type: f5(slab) [ 23.235661] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.235824] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.235918] page dumped because: kasan: bad access detected [ 23.235997] [ 23.236069] Memory state around the buggy address: [ 23.236145] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.236268] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.236429] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.236702] ^ [ 23.236858] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.236986] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.237100] ================================================================== [ 23.427677] ================================================================== [ 23.427810] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 23.427925] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.428062] [ 23.428167] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.428357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.428412] Hardware name: linux,dummy-virt (DT) [ 23.428482] Call trace: [ 23.428683] show_stack+0x20/0x38 (C) [ 23.428845] dump_stack_lvl+0x8c/0xd0 [ 23.429000] print_report+0x118/0x608 [ 23.429168] kasan_report+0xdc/0x128 [ 23.429313] kasan_check_range+0x100/0x1a8 [ 23.429461] __kasan_check_write+0x20/0x30 [ 23.429603] kasan_atomics_helper+0x15b4/0x4858 [ 23.429725] kasan_atomics+0x198/0x2e0 [ 23.429823] kunit_try_run_case+0x170/0x3f0 [ 23.429924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.430110] kthread+0x328/0x630 [ 23.430217] ret_from_fork+0x10/0x20 [ 23.430340] [ 23.430390] Allocated by task 265: [ 23.430484] kasan_save_stack+0x3c/0x68 [ 23.430577] kasan_save_track+0x20/0x40 [ 23.430657] kasan_save_alloc_info+0x40/0x58 [ 23.430735] __kasan_kmalloc+0xd4/0xd8 [ 23.430798] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.430875] kasan_atomics+0xb8/0x2e0 [ 23.430953] kunit_try_run_case+0x170/0x3f0 [ 23.431051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.431206] kthread+0x328/0x630 [ 23.431275] ret_from_fork+0x10/0x20 [ 23.431360] [ 23.431418] The buggy address belongs to the object at fff00000c659e300 [ 23.431418] which belongs to the cache kmalloc-64 of size 64 [ 23.431539] The buggy address is located 0 bytes to the right of [ 23.431539] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.431713] [ 23.431759] The buggy address belongs to the physical page: [ 23.431854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.432034] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.432141] page_type: f5(slab) [ 23.432267] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.432378] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.432474] page dumped because: kasan: bad access detected [ 23.432567] [ 23.432616] Memory state around the buggy address: [ 23.432695] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.432846] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.432975] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.433116] ^ [ 23.433216] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.433325] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.433555] ================================================================== [ 23.148607] ================================================================== [ 23.148945] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 23.149099] Write of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.149231] [ 23.149306] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.149795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.149902] Hardware name: linux,dummy-virt (DT) [ 23.149993] Call trace: [ 23.150056] show_stack+0x20/0x38 (C) [ 23.150156] dump_stack_lvl+0x8c/0xd0 [ 23.150258] print_report+0x118/0x608 [ 23.150676] kasan_report+0xdc/0x128 [ 23.150834] kasan_check_range+0x100/0x1a8 [ 23.150950] __kasan_check_write+0x20/0x30 [ 23.151064] kasan_atomics_helper+0xad4/0x4858 [ 23.151445] kasan_atomics+0x198/0x2e0 [ 23.151600] kunit_try_run_case+0x170/0x3f0 [ 23.151720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.152048] kthread+0x328/0x630 [ 23.152286] ret_from_fork+0x10/0x20 [ 23.152425] [ 23.152476] Allocated by task 265: [ 23.152561] kasan_save_stack+0x3c/0x68 [ 23.152879] kasan_save_track+0x20/0x40 [ 23.153126] kasan_save_alloc_info+0x40/0x58 [ 23.153273] __kasan_kmalloc+0xd4/0xd8 [ 23.153376] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.153464] kasan_atomics+0xb8/0x2e0 [ 23.153725] kunit_try_run_case+0x170/0x3f0 [ 23.154088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.154198] kthread+0x328/0x630 [ 23.154263] ret_from_fork+0x10/0x20 [ 23.154351] [ 23.154396] The buggy address belongs to the object at fff00000c659e300 [ 23.154396] which belongs to the cache kmalloc-64 of size 64 [ 23.154528] The buggy address is located 0 bytes to the right of [ 23.154528] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.154723] [ 23.155009] The buggy address belongs to the physical page: [ 23.155118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.155249] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.155369] page_type: f5(slab) [ 23.155453] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.155882] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.156002] page dumped because: kasan: bad access detected [ 23.156106] [ 23.156158] Memory state around the buggy address: [ 23.156269] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.156370] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.156666] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.156974] ^ [ 23.157090] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.157315] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.157605] ================================================================== [ 23.251982] ================================================================== [ 23.252105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 23.252208] Read of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.252349] [ 23.252419] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.252617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.252677] Hardware name: linux,dummy-virt (DT) [ 23.252752] Call trace: [ 23.252801] show_stack+0x20/0x38 (C) [ 23.252915] dump_stack_lvl+0x8c/0xd0 [ 23.253078] print_report+0x118/0x608 [ 23.253242] kasan_report+0xdc/0x128 [ 23.253416] __asan_report_load4_noabort+0x20/0x30 [ 23.253524] kasan_atomics_helper+0x3e04/0x4858 [ 23.253822] kasan_atomics+0x198/0x2e0 [ 23.253980] kunit_try_run_case+0x170/0x3f0 [ 23.254109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.254212] kthread+0x328/0x630 [ 23.254309] ret_from_fork+0x10/0x20 [ 23.254410] [ 23.254475] Allocated by task 265: [ 23.254534] kasan_save_stack+0x3c/0x68 [ 23.254616] kasan_save_track+0x20/0x40 [ 23.254700] kasan_save_alloc_info+0x40/0x58 [ 23.254782] __kasan_kmalloc+0xd4/0xd8 [ 23.254869] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.254964] kasan_atomics+0xb8/0x2e0 [ 23.255062] kunit_try_run_case+0x170/0x3f0 [ 23.255155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.255254] kthread+0x328/0x630 [ 23.255340] ret_from_fork+0x10/0x20 [ 23.255421] [ 23.255486] The buggy address belongs to the object at fff00000c659e300 [ 23.255486] which belongs to the cache kmalloc-64 of size 64 [ 23.255681] The buggy address is located 0 bytes to the right of [ 23.255681] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.255846] [ 23.255892] The buggy address belongs to the physical page: [ 23.255967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.256161] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.256319] page_type: f5(slab) [ 23.256446] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.256644] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.256794] page dumped because: kasan: bad access detected [ 23.256876] [ 23.256922] Memory state around the buggy address: [ 23.257013] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.257138] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.257259] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.257369] ^ [ 23.257433] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.257521] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.257608] ================================================================== [ 23.124686] ================================================================== [ 23.124831] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 23.124941] Write of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.125071] [ 23.125148] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.125342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.125747] Hardware name: linux,dummy-virt (DT) [ 23.125911] Call trace: [ 23.125997] show_stack+0x20/0x38 (C) [ 23.126424] dump_stack_lvl+0x8c/0xd0 [ 23.126602] print_report+0x118/0x608 [ 23.126854] kasan_report+0xdc/0x128 [ 23.127140] kasan_check_range+0x100/0x1a8 [ 23.127268] __kasan_check_write+0x20/0x30 [ 23.127373] kasan_atomics_helper+0xa04/0x4858 [ 23.127861] kasan_atomics+0x198/0x2e0 [ 23.127990] kunit_try_run_case+0x170/0x3f0 [ 23.128369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.128683] kthread+0x328/0x630 [ 23.128961] ret_from_fork+0x10/0x20 [ 23.129425] [ 23.129557] Allocated by task 265: [ 23.129728] kasan_save_stack+0x3c/0x68 [ 23.129884] kasan_save_track+0x20/0x40 [ 23.130105] kasan_save_alloc_info+0x40/0x58 [ 23.130349] __kasan_kmalloc+0xd4/0xd8 [ 23.130437] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.130525] kasan_atomics+0xb8/0x2e0 [ 23.130773] kunit_try_run_case+0x170/0x3f0 [ 23.131051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.131162] kthread+0x328/0x630 [ 23.131382] ret_from_fork+0x10/0x20 [ 23.131570] [ 23.131677] The buggy address belongs to the object at fff00000c659e300 [ 23.131677] which belongs to the cache kmalloc-64 of size 64 [ 23.131898] The buggy address is located 0 bytes to the right of [ 23.131898] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.132253] [ 23.132308] The buggy address belongs to the physical page: [ 23.132383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.132519] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.132640] page_type: f5(slab) [ 23.133068] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.133509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.133718] page dumped because: kasan: bad access detected [ 23.133842] [ 23.133923] Memory state around the buggy address: [ 23.134251] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.134363] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.134453] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.134703] ^ [ 23.134899] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.135169] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.135273] ================================================================== [ 23.347535] ================================================================== [ 23.347607] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 23.347670] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.347781] [ 23.347884] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.348167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.348243] Hardware name: linux,dummy-virt (DT) [ 23.348314] Call trace: [ 23.348369] show_stack+0x20/0x38 (C) [ 23.348479] dump_stack_lvl+0x8c/0xd0 [ 23.348612] print_report+0x118/0x608 [ 23.348725] kasan_report+0xdc/0x128 [ 23.348834] kasan_check_range+0x100/0x1a8 [ 23.348960] __kasan_check_write+0x20/0x30 [ 23.349095] kasan_atomics_helper+0x11f8/0x4858 [ 23.349226] kasan_atomics+0x198/0x2e0 [ 23.349333] kunit_try_run_case+0x170/0x3f0 [ 23.349441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.349561] kthread+0x328/0x630 [ 23.349655] ret_from_fork+0x10/0x20 [ 23.349803] [ 23.349903] Allocated by task 265: [ 23.350039] kasan_save_stack+0x3c/0x68 [ 23.350135] kasan_save_track+0x20/0x40 [ 23.350219] kasan_save_alloc_info+0x40/0x58 [ 23.350312] __kasan_kmalloc+0xd4/0xd8 [ 23.350423] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.350517] kasan_atomics+0xb8/0x2e0 [ 23.350592] kunit_try_run_case+0x170/0x3f0 [ 23.350665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.350757] kthread+0x328/0x630 [ 23.350829] ret_from_fork+0x10/0x20 [ 23.350998] [ 23.351065] The buggy address belongs to the object at fff00000c659e300 [ 23.351065] which belongs to the cache kmalloc-64 of size 64 [ 23.351198] The buggy address is located 0 bytes to the right of [ 23.351198] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.351360] [ 23.351427] The buggy address belongs to the physical page: [ 23.351498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.351622] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.351732] page_type: f5(slab) [ 23.351820] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.351936] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.352046] page dumped because: kasan: bad access detected [ 23.352125] [ 23.352176] Memory state around the buggy address: [ 23.352251] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.352356] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.352459] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.352572] ^ [ 23.352669] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.352766] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.352979] ================================================================== [ 23.380225] ================================================================== [ 23.380361] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 23.380475] Read of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.380603] [ 23.380735] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.381067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.381172] Hardware name: linux,dummy-virt (DT) [ 23.381297] Call trace: [ 23.381371] show_stack+0x20/0x38 (C) [ 23.381536] dump_stack_lvl+0x8c/0xd0 [ 23.381640] print_report+0x118/0x608 [ 23.381775] kasan_report+0xdc/0x128 [ 23.381899] __asan_report_load8_noabort+0x20/0x30 [ 23.382017] kasan_atomics_helper+0x3f04/0x4858 [ 23.382150] kasan_atomics+0x198/0x2e0 [ 23.382264] kunit_try_run_case+0x170/0x3f0 [ 23.382416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.382589] kthread+0x328/0x630 [ 23.382695] ret_from_fork+0x10/0x20 [ 23.382815] [ 23.382863] Allocated by task 265: [ 23.382985] kasan_save_stack+0x3c/0x68 [ 23.383212] kasan_save_track+0x20/0x40 [ 23.383308] kasan_save_alloc_info+0x40/0x58 [ 23.383399] __kasan_kmalloc+0xd4/0xd8 [ 23.383487] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.383575] kasan_atomics+0xb8/0x2e0 [ 23.383659] kunit_try_run_case+0x170/0x3f0 [ 23.383767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.383880] kthread+0x328/0x630 [ 23.383956] ret_from_fork+0x10/0x20 [ 23.384062] [ 23.384111] The buggy address belongs to the object at fff00000c659e300 [ 23.384111] which belongs to the cache kmalloc-64 of size 64 [ 23.384284] The buggy address is located 0 bytes to the right of [ 23.384284] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.384552] [ 23.384642] The buggy address belongs to the physical page: [ 23.384718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.384856] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.384978] page_type: f5(slab) [ 23.385085] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.385242] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.385363] page dumped because: kasan: bad access detected [ 23.385445] [ 23.385491] Memory state around the buggy address: [ 23.385568] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.385746] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.385853] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.385946] ^ [ 23.386079] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.386182] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.386302] ================================================================== [ 23.258237] ================================================================== [ 23.258404] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 23.258559] Read of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.258711] [ 23.258772] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.258941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.259000] Hardware name: linux,dummy-virt (DT) [ 23.259109] Call trace: [ 23.259177] show_stack+0x20/0x38 (C) [ 23.259282] dump_stack_lvl+0x8c/0xd0 [ 23.259393] print_report+0x118/0x608 [ 23.259500] kasan_report+0xdc/0x128 [ 23.259599] kasan_check_range+0x100/0x1a8 [ 23.259704] __kasan_check_read+0x20/0x30 [ 23.259836] kasan_atomics_helper+0xdd4/0x4858 [ 23.259971] kasan_atomics+0x198/0x2e0 [ 23.260144] kunit_try_run_case+0x170/0x3f0 [ 23.260298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.260405] kthread+0x328/0x630 [ 23.260531] ret_from_fork+0x10/0x20 [ 23.260643] [ 23.260689] Allocated by task 265: [ 23.260786] kasan_save_stack+0x3c/0x68 [ 23.260903] kasan_save_track+0x20/0x40 [ 23.261043] kasan_save_alloc_info+0x40/0x58 [ 23.261162] __kasan_kmalloc+0xd4/0xd8 [ 23.261261] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.261385] kasan_atomics+0xb8/0x2e0 [ 23.261484] kunit_try_run_case+0x170/0x3f0 [ 23.261589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.261754] kthread+0x328/0x630 [ 23.261827] ret_from_fork+0x10/0x20 [ 23.261894] [ 23.261931] The buggy address belongs to the object at fff00000c659e300 [ 23.261931] which belongs to the cache kmalloc-64 of size 64 [ 23.262077] The buggy address is located 0 bytes to the right of [ 23.262077] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.262232] [ 23.262276] The buggy address belongs to the physical page: [ 23.262348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.262457] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.262566] page_type: f5(slab) [ 23.262648] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.262801] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.262919] page dumped because: kasan: bad access detected [ 23.263066] [ 23.263130] Memory state around the buggy address: [ 23.263210] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.263319] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.263435] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.263520] ^ [ 23.263647] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.263774] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.263869] ================================================================== [ 23.396384] ================================================================== [ 23.396682] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 23.396803] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.396931] [ 23.397003] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.397197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.397257] Hardware name: linux,dummy-virt (DT) [ 23.397445] Call trace: [ 23.397688] show_stack+0x20/0x38 (C) [ 23.397810] dump_stack_lvl+0x8c/0xd0 [ 23.397925] print_report+0x118/0x608 [ 23.398239] kasan_report+0xdc/0x128 [ 23.398489] kasan_check_range+0x100/0x1a8 [ 23.398601] __kasan_check_write+0x20/0x30 [ 23.398817] kasan_atomics_helper+0x147c/0x4858 [ 23.398916] kasan_atomics+0x198/0x2e0 [ 23.399050] kunit_try_run_case+0x170/0x3f0 [ 23.399212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.399455] kthread+0x328/0x630 [ 23.399632] ret_from_fork+0x10/0x20 [ 23.399909] [ 23.400108] Allocated by task 265: [ 23.400218] kasan_save_stack+0x3c/0x68 [ 23.400340] kasan_save_track+0x20/0x40 [ 23.400424] kasan_save_alloc_info+0x40/0x58 [ 23.400533] __kasan_kmalloc+0xd4/0xd8 [ 23.400632] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.400730] kasan_atomics+0xb8/0x2e0 [ 23.401145] kunit_try_run_case+0x170/0x3f0 [ 23.401499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.401725] kthread+0x328/0x630 [ 23.401921] ret_from_fork+0x10/0x20 [ 23.402220] [ 23.402275] The buggy address belongs to the object at fff00000c659e300 [ 23.402275] which belongs to the cache kmalloc-64 of size 64 [ 23.402658] The buggy address is located 0 bytes to the right of [ 23.402658] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.403176] [ 23.403257] The buggy address belongs to the physical page: [ 23.403394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.403795] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.404007] page_type: f5(slab) [ 23.404101] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.404216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.404309] page dumped because: kasan: bad access detected [ 23.404721] [ 23.404905] Memory state around the buggy address: [ 23.405005] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.405499] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.405615] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.406071] ^ [ 23.406176] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.406297] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.406392] ================================================================== [ 23.418466] ================================================================== [ 23.418634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 23.418785] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.418898] [ 23.418974] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.419140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.419201] Hardware name: linux,dummy-virt (DT) [ 23.419269] Call trace: [ 23.419321] show_stack+0x20/0x38 (C) [ 23.419432] dump_stack_lvl+0x8c/0xd0 [ 23.419541] print_report+0x118/0x608 [ 23.419642] kasan_report+0xdc/0x128 [ 23.419745] kasan_check_range+0x100/0x1a8 [ 23.419849] __kasan_check_write+0x20/0x30 [ 23.419952] kasan_atomics_helper+0x154c/0x4858 [ 23.420065] kasan_atomics+0x198/0x2e0 [ 23.420154] kunit_try_run_case+0x170/0x3f0 [ 23.420255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.420370] kthread+0x328/0x630 [ 23.420460] ret_from_fork+0x10/0x20 [ 23.420590] [ 23.420644] Allocated by task 265: [ 23.420712] kasan_save_stack+0x3c/0x68 [ 23.420816] kasan_save_track+0x20/0x40 [ 23.421324] kasan_save_alloc_info+0x40/0x58 [ 23.421612] __kasan_kmalloc+0xd4/0xd8 [ 23.421915] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.422098] kasan_atomics+0xb8/0x2e0 [ 23.422204] kunit_try_run_case+0x170/0x3f0 [ 23.422285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.422529] kthread+0x328/0x630 [ 23.422619] ret_from_fork+0x10/0x20 [ 23.422702] [ 23.422907] The buggy address belongs to the object at fff00000c659e300 [ 23.422907] which belongs to the cache kmalloc-64 of size 64 [ 23.423064] The buggy address is located 0 bytes to the right of [ 23.423064] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.423428] [ 23.423507] The buggy address belongs to the physical page: [ 23.423607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.423794] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.423904] page_type: f5(slab) [ 23.423988] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.424118] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.424216] page dumped because: kasan: bad access detected [ 23.424291] [ 23.424338] Memory state around the buggy address: [ 23.424411] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.424529] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.424681] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.424784] ^ [ 23.424888] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.425008] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.425421] ================================================================== [ 23.362590] ================================================================== [ 23.362735] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 23.362858] Write of size 8 at addr fff00000c659e330 by task kunit_try_catch/265 [ 23.362970] [ 23.363058] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.363382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.363452] Hardware name: linux,dummy-virt (DT) [ 23.363520] Call trace: [ 23.363595] show_stack+0x20/0x38 (C) [ 23.363763] dump_stack_lvl+0x8c/0xd0 [ 23.363879] print_report+0x118/0x608 [ 23.363986] kasan_report+0xdc/0x128 [ 23.364098] kasan_check_range+0x100/0x1a8 [ 23.364209] __kasan_check_write+0x20/0x30 [ 23.364316] kasan_atomics_helper+0x12d8/0x4858 [ 23.364429] kasan_atomics+0x198/0x2e0 [ 23.364558] kunit_try_run_case+0x170/0x3f0 [ 23.364685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.364830] kthread+0x328/0x630 [ 23.364937] ret_from_fork+0x10/0x20 [ 23.365071] [ 23.365118] Allocated by task 265: [ 23.365193] kasan_save_stack+0x3c/0x68 [ 23.365394] kasan_save_track+0x20/0x40 [ 23.365505] kasan_save_alloc_info+0x40/0x58 [ 23.365600] __kasan_kmalloc+0xd4/0xd8 [ 23.365722] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.365825] kasan_atomics+0xb8/0x2e0 [ 23.365918] kunit_try_run_case+0x170/0x3f0 [ 23.365996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.366108] kthread+0x328/0x630 [ 23.366263] ret_from_fork+0x10/0x20 [ 23.366341] [ 23.366389] The buggy address belongs to the object at fff00000c659e300 [ 23.366389] which belongs to the cache kmalloc-64 of size 64 [ 23.366521] The buggy address is located 0 bytes to the right of [ 23.366521] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 23.366703] [ 23.366795] The buggy address belongs to the physical page: [ 23.366872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659e [ 23.366987] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.367333] page_type: f5(slab) [ 23.367610] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.367741] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.367840] page dumped because: kasan: bad access detected [ 23.368179] [ 23.368424] Memory state around the buggy address: [ 23.368588] fff00000c659e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.368808] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.368925] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.369013] ^ [ 23.369342] fff00000c659e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.369704] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.369904] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 22.809100] ================================================================== [ 22.809978] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 22.812610] kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 22.815458] kthread+0x328/0x630 [ 22.817066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 22.819413] >fff00000c6191580: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.861387] Read of size 4 at addr fff00000c659e330 by task kunit_try_catch/265 [ 22.867606] kasan_save_track+0x20/0x40 [ 22.870373] [ 22.871272] page_type: f5(slab) [ 22.871938] [ 22.872635] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.872932] ^ [ 22.876237] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 22.878168] kasan_report+0xdc/0x128 [ 22.882945] The buggy address is located 0 bytes to the right of [ 22.882945] allocated 48-byte region [fff00000c659e300, fff00000c659e330) [ 22.885501] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.891206] dump_stack_lvl+0x8c/0xd0 [ 22.893284] kasan_save_track+0x20/0x40 [ 22.895497] page_type: f5(slab) [ 22.896341] [ 22.896696] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.897708] fff00000c659e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.904849] kthread+0x328/0x630 [ 22.906580] [ 22.906635] The buggy address belongs to the physical page: [ 22.906942] page_type: f5(slab) [ 22.907710] fff00000c659e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.913713] dump_stack_lvl+0x8c/0xd0 [ 22.917394] kasan_save_track+0x20/0x40 [ 22.919164] ret_from_fork+0x10/0x20 [ 22.920065] [ 22.920557] page_type: f5(slab) [ 22.920958] [ 22.922081] >fff00000c659e300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.922587] ^ [ 22.923089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 22.668048] ================================================================== [ 22.668194] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 22.672318] [ 22.672519] The buggy address is located 8 bytes inside of [ 22.672519] allocated 9-byte region [fff00000c6191580, fff00000c6191589) [ 22.673470] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.674490] fff00000c6191480: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.677868] [ 22.679414] kasan_report+0xdc/0x128 [ 22.682969] kasan_bitops_generic+0xa0/0x1c8 [ 22.685627] page_type: f5(slab) [ 22.686218] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.687679] fff00000c6191680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.692954] __asan_report_load8_noabort+0x20/0x30 [ 22.695302] [ 22.695779] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.702782] ================================================================== [ 22.652799] ================================================================== [ 22.652917] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 22.653105] Write of size 8 at addr fff00000c6191588 by task kunit_try_catch/261 [ 22.653248] [ 22.653318] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.653524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.653600] Hardware name: linux,dummy-virt (DT) [ 22.653674] Call trace: [ 22.653736] show_stack+0x20/0x38 (C) [ 22.653861] dump_stack_lvl+0x8c/0xd0 [ 22.654014] print_report+0x118/0x608 [ 22.654211] kasan_report+0xdc/0x128 [ 22.654356] kasan_check_range+0x100/0x1a8 [ 22.654510] __kasan_check_write+0x20/0x30 [ 22.654625] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 22.654727] kasan_bitops_generic+0x110/0x1c8 [ 22.654832] kunit_try_run_case+0x170/0x3f0 [ 22.654981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.655114] kthread+0x328/0x630 [ 22.655207] ret_from_fork+0x10/0x20 [ 22.655298] [ 22.655337] Allocated by task 261: [ 22.655395] kasan_save_stack+0x3c/0x68 [ 22.655481] kasan_save_track+0x20/0x40 [ 22.655583] kasan_save_alloc_info+0x40/0x58 [ 22.655700] __kasan_kmalloc+0xd4/0xd8 [ 22.655818] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.655935] kasan_bitops_generic+0xa0/0x1c8 [ 22.656037] kunit_try_run_case+0x170/0x3f0 [ 22.656119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.656247] kthread+0x328/0x630 [ 22.656339] ret_from_fork+0x10/0x20 [ 22.656420] [ 22.656480] The buggy address belongs to the object at fff00000c6191580 [ 22.656480] which belongs to the cache kmalloc-16 of size 16 [ 22.656639] The buggy address is located 8 bytes inside of [ 22.656639] allocated 9-byte region [fff00000c6191580, fff00000c6191589) [ 22.656784] [ 22.656834] The buggy address belongs to the physical page: [ 22.656903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 22.657046] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.657182] page_type: f5(slab) [ 22.657281] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.657423] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.657595] page dumped because: kasan: bad access detected [ 22.657683] [ 22.657734] Memory state around the buggy address: [ 22.657829] fff00000c6191480: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.657928] fff00000c6191500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.658012] >fff00000c6191580: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.658110] ^ [ 22.658173] fff00000c6191600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.658256] fff00000c6191680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.658334] ================================================================== [ 22.659832] ================================================================== [ 22.659946] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 22.660100] Read of size 8 at addr fff00000c6191588 by task kunit_try_catch/261 [ 22.660257] [ 22.660363] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.660613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.660702] Hardware name: linux,dummy-virt (DT) [ 22.660778] Call trace: [ 22.660827] show_stack+0x20/0x38 (C) [ 22.660962] dump_stack_lvl+0x8c/0xd0 [ 22.661093] print_report+0x118/0x608 [ 22.661280] kasan_report+0xdc/0x128 [ 22.661403] __asan_report_load8_noabort+0x20/0x30 [ 22.661516] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 22.661636] kasan_bitops_generic+0x110/0x1c8 [ 22.661754] kunit_try_run_case+0x170/0x3f0 [ 22.661869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.662394] kasan_save_stack+0x3c/0x68 [ 22.662892] kasan_bitops_generic+0xa0/0x1c8 [ 22.663005] kunit_try_run_case+0x170/0x3f0 [ 22.663282] kthread+0x328/0x630 [ 22.663371] ret_from_fork+0x10/0x20 [ 22.663863] The buggy address is located 8 bytes inside of [ 22.663863] allocated 9-byte region [fff00000c6191580, fff00000c6191589) [ 22.664087] The buggy address belongs to the physical page: [ 22.664401] page_type: f5(slab) [ 22.664744] page dumped because: kasan: bad access detected [ 22.664963] fff00000c6191480: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.666005] ^ [ 22.666105] fff00000c6191600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.666222] fff00000c6191680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.666310] ================================================================== [ 22.632050] ================================================================== [ 22.632197] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 22.632317] Write of size 8 at addr fff00000c6191588 by task kunit_try_catch/261 [ 22.632425] [ 22.632949] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.633685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.634034] Hardware name: linux,dummy-virt (DT) [ 22.634360] Call trace: [ 22.634423] show_stack+0x20/0x38 (C) [ 22.634925] dump_stack_lvl+0x8c/0xd0 [ 22.635126] print_report+0x118/0x608 [ 22.635271] kasan_report+0xdc/0x128 [ 22.635381] kasan_check_range+0x100/0x1a8 [ 22.635496] __kasan_check_write+0x20/0x30 [ 22.635601] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 22.635715] kasan_bitops_generic+0x110/0x1c8 [ 22.635821] kunit_try_run_case+0x170/0x3f0 [ 22.636663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.637190] kthread+0x328/0x630 [ 22.637381] ret_from_fork+0x10/0x20 [ 22.637569] [ 22.637645] Allocated by task 261: [ 22.637719] kasan_save_stack+0x3c/0x68 [ 22.638226] kasan_save_track+0x20/0x40 [ 22.638373] kasan_save_alloc_info+0x40/0x58 [ 22.638472] __kasan_kmalloc+0xd4/0xd8 [ 22.638635] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.638737] kasan_bitops_generic+0xa0/0x1c8 [ 22.638890] kunit_try_run_case+0x170/0x3f0 [ 22.638984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.639487] kthread+0x328/0x630 [ 22.639608] ret_from_fork+0x10/0x20 [ 22.639696] [ 22.639746] The buggy address belongs to the object at fff00000c6191580 [ 22.639746] which belongs to the cache kmalloc-16 of size 16 [ 22.640259] The buggy address is located 8 bytes inside of [ 22.640259] allocated 9-byte region [fff00000c6191580, fff00000c6191589) [ 22.640465] [ 22.640549] The buggy address belongs to the physical page: [ 22.640721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 22.641066] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.641187] page_type: f5(slab) [ 22.641272] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.641585] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.641776] page dumped because: kasan: bad access detected [ 22.641854] [ 22.642299] Memory state around the buggy address: [ 22.642394] fff00000c6191480: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.642557] fff00000c6191500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.642742] >fff00000c6191580: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.642837] ^ [ 22.642979] fff00000c6191600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.643095] fff00000c6191680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.643597] ================================================================== [ 22.645267] ================================================================== [ 22.645696] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 22.645838] Read of size 8 at addr fff00000c6191588 by task kunit_try_catch/261 [ 22.645961] [ 22.646110] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.646263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.646327] Hardware name: linux,dummy-virt (DT) [ 22.646399] Call trace: [ 22.646455] show_stack+0x20/0x38 (C) [ 22.646569] dump_stack_lvl+0x8c/0xd0 [ 22.646706] print_report+0x118/0x608 [ 22.646812] kasan_report+0xdc/0x128 [ 22.646946] __asan_report_load8_noabort+0x20/0x30 [ 22.647090] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 22.647213] kasan_bitops_generic+0x110/0x1c8 [ 22.647329] kunit_try_run_case+0x170/0x3f0 [ 22.647452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.647577] kthread+0x328/0x630 [ 22.647671] ret_from_fork+0x10/0x20 [ 22.647775] [ 22.647828] Allocated by task 261: [ 22.647893] kasan_save_stack+0x3c/0x68 [ 22.647989] kasan_save_track+0x20/0x40 [ 22.648090] kasan_save_alloc_info+0x40/0x58 [ 22.648185] __kasan_kmalloc+0xd4/0xd8 [ 22.648270] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.648357] kasan_bitops_generic+0xa0/0x1c8 [ 22.648445] kunit_try_run_case+0x170/0x3f0 [ 22.648550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.648662] kthread+0x328/0x630 [ 22.648741] ret_from_fork+0x10/0x20 [ 22.648860] [ 22.648934] The buggy address belongs to the object at fff00000c6191580 [ 22.648934] which belongs to the cache kmalloc-16 of size 16 [ 22.649120] The buggy address is located 8 bytes inside of [ 22.649120] allocated 9-byte region [fff00000c6191580, fff00000c6191589) [ 22.649523] [ 22.649654] The buggy address belongs to the physical page: [ 22.649719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 22.649833] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.649963] page_type: f5(slab) [ 22.650059] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.650166] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.650243] page dumped because: kasan: bad access detected [ 22.650310] [ 22.650352] Memory state around the buggy address: [ 22.650469] fff00000c6191480: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.650613] fff00000c6191500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.650715] >fff00000c6191580: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.650847] ^ [ 22.650942] fff00000c6191600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.651110] fff00000c6191680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.651205] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 22.614422] ================================================================== [ 22.614535] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 22.614677] Read of size 1 at addr fff00000c6376cd0 by task kunit_try_catch/259 [ 22.614789] [ 22.614861] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.615049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.615108] Hardware name: linux,dummy-virt (DT) [ 22.615182] Call trace: [ 22.615239] show_stack+0x20/0x38 (C) [ 22.615363] dump_stack_lvl+0x8c/0xd0 [ 22.615489] print_report+0x118/0x608 [ 22.615651] kasan_report+0xdc/0x128 [ 22.615783] __asan_report_load1_noabort+0x20/0x30 [ 22.615880] strnlen+0x80/0x88 [ 22.615981] kasan_strings+0x478/0xb00 [ 22.616093] kunit_try_run_case+0x170/0x3f0 [ 22.616190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.616301] kthread+0x328/0x630 [ 22.616397] ret_from_fork+0x10/0x20 [ 22.616520] [ 22.616569] Allocated by task 259: [ 22.616687] kasan_save_stack+0x3c/0x68 [ 22.616790] kasan_save_track+0x20/0x40 [ 22.616892] kasan_save_alloc_info+0x40/0x58 [ 22.617005] __kasan_kmalloc+0xd4/0xd8 [ 22.617163] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.617287] kasan_strings+0xc8/0xb00 [ 22.617366] kunit_try_run_case+0x170/0x3f0 [ 22.617445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.617536] kthread+0x328/0x630 [ 22.617606] ret_from_fork+0x10/0x20 [ 22.617720] [ 22.617800] Freed by task 259: [ 22.617973] kasan_save_stack+0x3c/0x68 [ 22.618193] kasan_save_track+0x20/0x40 [ 22.618498] kasan_save_free_info+0x4c/0x78 [ 22.618596] __kasan_slab_free+0x6c/0x98 [ 22.618689] kfree+0x214/0x3c8 [ 22.618792] kasan_strings+0x24c/0xb00 [ 22.618871] kunit_try_run_case+0x170/0x3f0 [ 22.618993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.619154] kthread+0x328/0x630 [ 22.619271] ret_from_fork+0x10/0x20 [ 22.619394] [ 22.619443] The buggy address belongs to the object at fff00000c6376cc0 [ 22.619443] which belongs to the cache kmalloc-32 of size 32 [ 22.619583] The buggy address is located 16 bytes inside of [ 22.619583] freed 32-byte region [fff00000c6376cc0, fff00000c6376ce0) [ 22.619734] [ 22.619787] The buggy address belongs to the physical page: [ 22.619861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106376 [ 22.619988] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.620120] page_type: f5(slab) [ 22.620212] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.620334] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.620438] page dumped because: kasan: bad access detected [ 22.620537] [ 22.620627] Memory state around the buggy address: [ 22.620750] fff00000c6376b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.620860] fff00000c6376c00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.620967] >fff00000c6376c80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.621067] ^ [ 22.621154] fff00000c6376d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.621258] fff00000c6376d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.621345] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 22.609507] ================================================================== [ 22.609633] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 22.609779] Read of size 1 at addr fff00000c6376cd0 by task kunit_try_catch/259 [ 22.609881] [ 22.609952] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.610155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.610257] Hardware name: linux,dummy-virt (DT) [ 22.610369] Call trace: [ 22.610449] show_stack+0x20/0x38 (C) [ 22.610562] dump_stack_lvl+0x8c/0xd0 [ 22.610669] print_report+0x118/0x608 [ 22.610769] kasan_report+0xdc/0x128 [ 22.610873] __asan_report_load1_noabort+0x20/0x30 [ 22.610972] strlen+0xa8/0xb0 [ 22.611082] kasan_strings+0x418/0xb00 [ 22.611137] kunit_try_run_case+0x170/0x3f0 [ 22.611192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.611249] kthread+0x328/0x630 [ 22.611293] ret_from_fork+0x10/0x20 [ 22.611346] [ 22.611368] Allocated by task 259: [ 22.611401] kasan_save_stack+0x3c/0x68 [ 22.611448] kasan_save_track+0x20/0x40 [ 22.611490] kasan_save_alloc_info+0x40/0x58 [ 22.611531] __kasan_kmalloc+0xd4/0xd8 [ 22.611571] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.611611] kasan_strings+0xc8/0xb00 [ 22.611649] kunit_try_run_case+0x170/0x3f0 [ 22.611690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.611736] kthread+0x328/0x630 [ 22.611770] ret_from_fork+0x10/0x20 [ 22.611806] [ 22.611829] Freed by task 259: [ 22.611858] kasan_save_stack+0x3c/0x68 [ 22.611898] kasan_save_track+0x20/0x40 [ 22.611936] kasan_save_free_info+0x4c/0x78 [ 22.611978] __kasan_slab_free+0x6c/0x98 [ 22.612017] kfree+0x214/0x3c8 [ 22.612073] kasan_strings+0x24c/0xb00 [ 22.612110] kunit_try_run_case+0x170/0x3f0 [ 22.612149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.612191] kthread+0x328/0x630 [ 22.612227] ret_from_fork+0x10/0x20 [ 22.612263] [ 22.612284] The buggy address belongs to the object at fff00000c6376cc0 [ 22.612284] which belongs to the cache kmalloc-32 of size 32 [ 22.612344] The buggy address is located 16 bytes inside of [ 22.612344] freed 32-byte region [fff00000c6376cc0, fff00000c6376ce0) [ 22.612408] [ 22.612430] The buggy address belongs to the physical page: [ 22.612465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106376 [ 22.612533] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.612593] page_type: f5(slab) [ 22.612640] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.612696] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.612740] page dumped because: kasan: bad access detected [ 22.612775] [ 22.612794] Memory state around the buggy address: [ 22.612827] fff00000c6376b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.612872] fff00000c6376c00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.612917] >fff00000c6376c80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.612957] ^ [ 22.612995] fff00000c6376d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.613084] fff00000c6376d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.613175] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 22.598686] ================================================================== [ 22.598874] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 22.599014] Read of size 1 at addr fff00000c6376cd0 by task kunit_try_catch/259 [ 22.599265] [ 22.599369] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.599991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.600087] Hardware name: linux,dummy-virt (DT) [ 22.600173] Call trace: [ 22.600232] show_stack+0x20/0x38 (C) [ 22.600344] dump_stack_lvl+0x8c/0xd0 [ 22.600462] print_report+0x118/0x608 [ 22.600594] kasan_report+0xdc/0x128 [ 22.600712] __asan_report_load1_noabort+0x20/0x30 [ 22.600833] kasan_strings+0x95c/0xb00 [ 22.600945] kunit_try_run_case+0x170/0x3f0 [ 22.601069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.601184] kthread+0x328/0x630 [ 22.601291] ret_from_fork+0x10/0x20 [ 22.601404] [ 22.601452] Allocated by task 259: [ 22.601519] kasan_save_stack+0x3c/0x68 [ 22.601617] kasan_save_track+0x20/0x40 [ 22.602255] kasan_save_alloc_info+0x40/0x58 [ 22.602531] __kasan_kmalloc+0xd4/0xd8 [ 22.603244] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.603391] kasan_strings+0xc8/0xb00 [ 22.603483] kunit_try_run_case+0x170/0x3f0 [ 22.603560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.603901] kthread+0x328/0x630 [ 22.604165] ret_from_fork+0x10/0x20 [ 22.604368] [ 22.604535] Freed by task 259: [ 22.604846] kasan_save_stack+0x3c/0x68 [ 22.605335] kasan_save_track+0x20/0x40 [ 22.605461] kasan_save_free_info+0x4c/0x78 [ 22.605558] __kasan_slab_free+0x6c/0x98 [ 22.605654] kfree+0x214/0x3c8 [ 22.605778] kasan_strings+0x24c/0xb00 [ 22.605857] kunit_try_run_case+0x170/0x3f0 [ 22.605927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.606055] kthread+0x328/0x630 [ 22.606125] ret_from_fork+0x10/0x20 [ 22.606192] [ 22.606237] The buggy address belongs to the object at fff00000c6376cc0 [ 22.606237] which belongs to the cache kmalloc-32 of size 32 [ 22.606386] The buggy address is located 16 bytes inside of [ 22.606386] freed 32-byte region [fff00000c6376cc0, fff00000c6376ce0) [ 22.606535] [ 22.606585] The buggy address belongs to the physical page: [ 22.606662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106376 [ 22.606791] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.606953] page_type: f5(slab) [ 22.607080] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.607206] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.607338] page dumped because: kasan: bad access detected [ 22.607414] [ 22.607480] Memory state around the buggy address: [ 22.607599] fff00000c6376b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.607750] fff00000c6376c00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.607855] >fff00000c6376c80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.607947] ^ [ 22.608045] fff00000c6376d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.608142] fff00000c6376d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.608224] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 22.584772] ================================================================== [ 22.584895] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 22.585017] Read of size 1 at addr fff00000c6376cd0 by task kunit_try_catch/259 [ 22.585142] [ 22.585237] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.585430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.585715] Hardware name: linux,dummy-virt (DT) [ 22.585883] Call trace: [ 22.585952] show_stack+0x20/0x38 (C) [ 22.586179] dump_stack_lvl+0x8c/0xd0 [ 22.586292] print_report+0x118/0x608 [ 22.586817] kasan_report+0xdc/0x128 [ 22.586997] __asan_report_load1_noabort+0x20/0x30 [ 22.587220] strcmp+0xc0/0xc8 [ 22.587400] kasan_strings+0x340/0xb00 [ 22.587508] kunit_try_run_case+0x170/0x3f0 [ 22.588003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.588210] kthread+0x328/0x630 [ 22.588338] ret_from_fork+0x10/0x20 [ 22.588536] [ 22.588983] Allocated by task 259: [ 22.589100] kasan_save_stack+0x3c/0x68 [ 22.589258] kasan_save_track+0x20/0x40 [ 22.589449] kasan_save_alloc_info+0x40/0x58 [ 22.589555] __kasan_kmalloc+0xd4/0xd8 [ 22.589717] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.590158] kasan_strings+0xc8/0xb00 [ 22.590264] kunit_try_run_case+0x170/0x3f0 [ 22.590391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.590505] kthread+0x328/0x630 [ 22.590659] ret_from_fork+0x10/0x20 [ 22.591201] [ 22.591299] Freed by task 259: [ 22.591370] kasan_save_stack+0x3c/0x68 [ 22.591556] kasan_save_track+0x20/0x40 [ 22.591720] kasan_save_free_info+0x4c/0x78 [ 22.591813] __kasan_slab_free+0x6c/0x98 [ 22.592464] kfree+0x214/0x3c8 [ 22.592595] kasan_strings+0x24c/0xb00 [ 22.592683] kunit_try_run_case+0x170/0x3f0 [ 22.592950] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.593285] kthread+0x328/0x630 [ 22.593373] ret_from_fork+0x10/0x20 [ 22.593549] [ 22.593600] The buggy address belongs to the object at fff00000c6376cc0 [ 22.593600] which belongs to the cache kmalloc-32 of size 32 [ 22.593802] The buggy address is located 16 bytes inside of [ 22.593802] freed 32-byte region [fff00000c6376cc0, fff00000c6376ce0) [ 22.593922] [ 22.593968] The buggy address belongs to the physical page: [ 22.594214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106376 [ 22.594645] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.594816] page_type: f5(slab) [ 22.594996] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.595124] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.595428] page dumped because: kasan: bad access detected [ 22.595513] [ 22.595560] Memory state around the buggy address: [ 22.595642] fff00000c6376b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.595745] fff00000c6376c00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.596477] >fff00000c6376c80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.596612] ^ [ 22.596720] fff00000c6376d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.596819] fff00000c6376d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.596912] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 22.545108] ================================================================== [ 22.545250] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 22.545741] Read of size 1 at addr fff00000c6376b18 by task kunit_try_catch/257 [ 22.545866] [ 22.545956] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.546159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.546520] Hardware name: linux,dummy-virt (DT) [ 22.547247] Call trace: [ 22.547328] show_stack+0x20/0x38 (C) [ 22.547455] dump_stack_lvl+0x8c/0xd0 [ 22.547563] print_report+0x118/0x608 [ 22.547665] kasan_report+0xdc/0x128 [ 22.548397] __asan_report_load1_noabort+0x20/0x30 [ 22.549242] memcmp+0x198/0x1d8 [ 22.549491] kasan_memcmp+0x16c/0x300 [ 22.549614] kunit_try_run_case+0x170/0x3f0 [ 22.549974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.550237] kthread+0x328/0x630 [ 22.550368] ret_from_fork+0x10/0x20 [ 22.550553] [ 22.550605] Allocated by task 257: [ 22.550683] kasan_save_stack+0x3c/0x68 [ 22.551035] kasan_save_track+0x20/0x40 [ 22.551126] kasan_save_alloc_info+0x40/0x58 [ 22.551277] __kasan_kmalloc+0xd4/0xd8 [ 22.551458] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.551575] kasan_memcmp+0xbc/0x300 [ 22.551745] kunit_try_run_case+0x170/0x3f0 [ 22.551914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.552038] kthread+0x328/0x630 [ 22.552115] ret_from_fork+0x10/0x20 [ 22.552431] [ 22.552674] The buggy address belongs to the object at fff00000c6376b00 [ 22.552674] which belongs to the cache kmalloc-32 of size 32 [ 22.552926] The buggy address is located 0 bytes to the right of [ 22.552926] allocated 24-byte region [fff00000c6376b00, fff00000c6376b18) [ 22.553203] [ 22.553470] The buggy address belongs to the physical page: [ 22.553714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106376 [ 22.553874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.553975] page_type: f5(slab) [ 22.554442] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.554765] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.554873] page dumped because: kasan: bad access detected [ 22.555057] [ 22.555107] Memory state around the buggy address: [ 22.555212] fff00000c6376a00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.555510] fff00000c6376a80: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.555740] >fff00000c6376b00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.555918] ^ [ 22.556007] fff00000c6376b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.556202] fff00000c6376c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.556297] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 22.491829] ================================================================== [ 22.491973] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 22.492122] Read of size 1 at addr ffff800080977b4a by task kunit_try_catch/253 [ 22.492246] [ 22.492325] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.492538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.492614] Hardware name: linux,dummy-virt (DT) [ 22.492700] Call trace: [ 22.492766] show_stack+0x20/0x38 (C) [ 22.492889] dump_stack_lvl+0x8c/0xd0 [ 22.493017] print_report+0x310/0x608 [ 22.495656] kasan_report+0xdc/0x128 [ 22.496090] __asan_report_load1_noabort+0x20/0x30 [ 22.496888] kasan_alloca_oob_right+0x2dc/0x340 [ 22.497060] kunit_try_run_case+0x170/0x3f0 [ 22.497756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.498075] kthread+0x328/0x630 [ 22.498196] ret_from_fork+0x10/0x20 [ 22.498760] [ 22.498925] The buggy address belongs to stack of task kunit_try_catch/253 [ 22.499209] [ 22.499714] The buggy address belongs to the virtual mapping at [ 22.499714] [ffff800080970000, ffff800080979000) created by: [ 22.499714] kernel_clone+0x150/0x7a8 [ 22.500088] [ 22.500340] The buggy address belongs to the physical page: [ 22.500480] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077c7 [ 22.501327] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.502015] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.502171] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.502266] page dumped because: kasan: bad access detected [ 22.502327] [ 22.502367] Memory state around the buggy address: [ 22.502991] ffff800080977a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.503222] ffff800080977a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.503423] >ffff800080977b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 22.503627] ^ [ 22.504235] ffff800080977b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 22.504337] ffff800080977c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 22.504433] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 22.469580] ================================================================== [ 22.470103] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 22.470242] Read of size 1 at addr ffff800080977b5f by task kunit_try_catch/251 [ 22.470300] [ 22.470344] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.470467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.470497] Hardware name: linux,dummy-virt (DT) [ 22.470536] Call trace: [ 22.470563] show_stack+0x20/0x38 (C) [ 22.470620] dump_stack_lvl+0x8c/0xd0 [ 22.470672] print_report+0x310/0x608 [ 22.470722] kasan_report+0xdc/0x128 [ 22.470769] __asan_report_load1_noabort+0x20/0x30 [ 22.470822] kasan_alloca_oob_left+0x2b8/0x310 [ 22.470872] kunit_try_run_case+0x170/0x3f0 [ 22.470922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.470979] kthread+0x328/0x630 [ 22.471039] ret_from_fork+0x10/0x20 [ 22.471138] [ 22.471185] The buggy address belongs to stack of task kunit_try_catch/251 [ 22.471327] [ 22.471386] The buggy address belongs to the virtual mapping at [ 22.471386] [ffff800080970000, ffff800080979000) created by: [ 22.471386] kernel_clone+0x150/0x7a8 [ 22.471557] [ 22.471620] The buggy address belongs to the physical page: [ 22.471695] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077c7 [ 22.471823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.471998] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.472192] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.472339] page dumped because: kasan: bad access detected [ 22.472416] [ 22.472471] Memory state around the buggy address: [ 22.472608] ffff800080977a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.472767] ffff800080977a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.472876] >ffff800080977b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 22.473012] ^ [ 22.473107] ffff800080977b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 22.473202] ffff800080977c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 22.473293] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 22.441600] ================================================================== [ 22.441990] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 22.442144] Read of size 1 at addr ffff800080977c2a by task kunit_try_catch/249 [ 22.442250] [ 22.443054] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.443350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.443406] Hardware name: linux,dummy-virt (DT) [ 22.443478] Call trace: [ 22.443559] show_stack+0x20/0x38 (C) [ 22.443779] dump_stack_lvl+0x8c/0xd0 [ 22.443892] print_report+0x310/0x608 [ 22.444017] kasan_report+0xdc/0x128 [ 22.444145] __asan_report_load1_noabort+0x20/0x30 [ 22.444446] kasan_stack_oob+0x238/0x270 [ 22.444588] kunit_try_run_case+0x170/0x3f0 [ 22.444750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.444882] kthread+0x328/0x630 [ 22.444987] ret_from_fork+0x10/0x20 [ 22.447570] [ 22.448000] The buggy address belongs to stack of task kunit_try_catch/249 [ 22.449557] and is located at offset 138 in frame: [ 22.449851] kasan_stack_oob+0x0/0x270 [ 22.450274] [ 22.450376] This frame has 4 objects: [ 22.450580] [48, 49) '__assertion' [ 22.450832] [64, 72) 'array' [ 22.450926] [96, 112) '__assertion' [ 22.451046] [128, 138) 'stack_array' [ 22.451152] [ 22.451253] The buggy address belongs to the virtual mapping at [ 22.451253] [ffff800080970000, ffff800080979000) created by: [ 22.451253] kernel_clone+0x150/0x7a8 [ 22.451457] [ 22.451553] The buggy address belongs to the physical page: [ 22.451652] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077c7 [ 22.451787] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.451930] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.452110] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.452237] page dumped because: kasan: bad access detected [ 22.452319] [ 22.452367] Memory state around the buggy address: [ 22.452468] ffff800080977b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.452598] ffff800080977b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 22.452743] >ffff800080977c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 22.452867] ^ [ 22.452947] ffff800080977c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 22.453074] ffff800080977d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 22.453182] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 22.400310] ================================================================== [ 22.400502] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 22.400624] Read of size 1 at addr ffffb07f3a74f5cd by task kunit_try_catch/245 [ 22.400736] [ 22.400951] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.401401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.401467] Hardware name: linux,dummy-virt (DT) [ 22.402000] Call trace: [ 22.402069] show_stack+0x20/0x38 (C) [ 22.402201] dump_stack_lvl+0x8c/0xd0 [ 22.402594] print_report+0x310/0x608 [ 22.402803] kasan_report+0xdc/0x128 [ 22.402966] __asan_report_load1_noabort+0x20/0x30 [ 22.403254] kasan_global_oob_right+0x230/0x270 [ 22.403483] kunit_try_run_case+0x170/0x3f0 [ 22.403946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.404203] kthread+0x328/0x630 [ 22.404301] ret_from_fork+0x10/0x20 [ 22.404949] [ 22.405126] The buggy address belongs to the variable: [ 22.405248] global_array+0xd/0x40 [ 22.405356] [ 22.405544] The buggy address belongs to the virtual mapping at [ 22.405544] [ffffb07f38900000, ffffb07f3a801000) created by: [ 22.405544] paging_init+0x66c/0x7d0 [ 22.405728] [ 22.405834] The buggy address belongs to the physical page: [ 22.405909] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 22.406388] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 22.406531] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 22.406732] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.406971] page dumped because: kasan: bad access detected [ 22.407092] [ 22.407139] Memory state around the buggy address: [ 22.407350] ffffb07f3a74f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.407634] ffffb07f3a74f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.408127] >ffffb07f3a74f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 22.408509] ^ [ 22.408796] ffffb07f3a74f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 22.409073] ffffb07f3a74f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 22.409407] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 22.373781] ================================================================== [ 22.374218] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.374741] Free of addr fff00000c795c001 by task kunit_try_catch/243 [ 22.374846] [ 22.374954] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.375203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.375301] Hardware name: linux,dummy-virt (DT) [ 22.375405] Call trace: [ 22.375459] show_stack+0x20/0x38 (C) [ 22.375573] dump_stack_lvl+0x8c/0xd0 [ 22.375692] print_report+0x118/0x608 [ 22.375800] kasan_report_invalid_free+0xc0/0xe8 [ 22.375909] __kasan_mempool_poison_object+0xfc/0x150 [ 22.376044] mempool_free+0x28c/0x328 [ 22.376134] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.376251] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 22.376640] kunit_try_run_case+0x170/0x3f0 [ 22.377140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.377359] kthread+0x328/0x630 [ 22.377451] ret_from_fork+0x10/0x20 [ 22.377549] [ 22.377594] The buggy address belongs to the physical page: [ 22.377913] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10795c [ 22.377996] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.378112] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.378229] page_type: f8(unknown) [ 22.378313] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.378488] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.378597] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.378697] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.378808] head: 0bfffe0000000002 ffffc1ffc31e5701 00000000ffffffff 00000000ffffffff [ 22.378927] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.379035] page dumped because: kasan: bad access detected [ 22.379839] [ 22.379934] Memory state around the buggy address: [ 22.380049] fff00000c795bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.380150] fff00000c795bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.380243] >fff00000c795c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.380475] ^ [ 22.380703] fff00000c795c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.380848] fff00000c795c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.380954] ================================================================== [ 22.355570] ================================================================== [ 22.355696] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.355816] Free of addr fff00000c77efe01 by task kunit_try_catch/241 [ 22.355910] [ 22.355984] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.356281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.356408] Hardware name: linux,dummy-virt (DT) [ 22.356533] Call trace: [ 22.356614] show_stack+0x20/0x38 (C) [ 22.356754] dump_stack_lvl+0x8c/0xd0 [ 22.356880] print_report+0x118/0x608 [ 22.357046] kasan_report_invalid_free+0xc0/0xe8 [ 22.357205] check_slab_allocation+0xfc/0x108 [ 22.357370] __kasan_mempool_poison_object+0x78/0x150 [ 22.357522] mempool_free+0x28c/0x328 [ 22.357653] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.357799] mempool_kmalloc_invalid_free+0xc0/0x118 [ 22.357913] kunit_try_run_case+0x170/0x3f0 [ 22.358268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.358882] kthread+0x328/0x630 [ 22.359097] ret_from_fork+0x10/0x20 [ 22.359242] [ 22.359280] Allocated by task 241: [ 22.359356] kasan_save_stack+0x3c/0x68 [ 22.359437] kasan_save_track+0x20/0x40 [ 22.359508] kasan_save_alloc_info+0x40/0x58 [ 22.359589] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.359727] remove_element+0x130/0x1f8 [ 22.359809] mempool_alloc_preallocated+0x58/0xc0 [ 22.359900] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 22.360046] mempool_kmalloc_invalid_free+0xc0/0x118 [ 22.360157] kunit_try_run_case+0x170/0x3f0 [ 22.360245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.360338] kthread+0x328/0x630 [ 22.360418] ret_from_fork+0x10/0x20 [ 22.360595] [ 22.360661] The buggy address belongs to the object at fff00000c77efe00 [ 22.360661] which belongs to the cache kmalloc-128 of size 128 [ 22.360812] The buggy address is located 1 bytes inside of [ 22.360812] 128-byte region [fff00000c77efe00, fff00000c77efe80) [ 22.360971] [ 22.361040] The buggy address belongs to the physical page: [ 22.361100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ef [ 22.361211] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.361348] page_type: f5(slab) [ 22.361444] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.361549] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.361705] page dumped because: kasan: bad access detected [ 22.361826] [ 22.361883] Memory state around the buggy address: [ 22.361980] fff00000c77efd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.362095] fff00000c77efd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.362196] >fff00000c77efe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.362284] ^ [ 22.362344] fff00000c77efe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.362439] fff00000c77eff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.362510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 22.315591] ================================================================== [ 22.315748] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 22.315881] Free of addr fff00000c7958000 by task kunit_try_catch/237 [ 22.316346] [ 22.316523] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.316741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.316816] Hardware name: linux,dummy-virt (DT) [ 22.316896] Call trace: [ 22.316950] show_stack+0x20/0x38 (C) [ 22.317400] dump_stack_lvl+0x8c/0xd0 [ 22.317613] print_report+0x118/0x608 [ 22.317873] kasan_report_invalid_free+0xc0/0xe8 [ 22.318006] __kasan_mempool_poison_object+0x14c/0x150 [ 22.318353] mempool_free+0x28c/0x328 [ 22.318543] mempool_double_free_helper+0x150/0x2e8 [ 22.318854] mempool_kmalloc_large_double_free+0xc0/0x118 [ 22.319115] kunit_try_run_case+0x170/0x3f0 [ 22.319318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.319614] kthread+0x328/0x630 [ 22.319895] ret_from_fork+0x10/0x20 [ 22.320157] [ 22.320204] The buggy address belongs to the physical page: [ 22.320294] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958 [ 22.320612] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.320946] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.321092] page_type: f8(unknown) [ 22.321186] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.321299] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.321408] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.321750] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.322180] head: 0bfffe0000000002 ffffc1ffc31e5601 00000000ffffffff 00000000ffffffff [ 22.322478] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.322811] page dumped because: kasan: bad access detected [ 22.322883] [ 22.322931] Memory state around the buggy address: [ 22.323001] fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.323136] fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.323231] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.323339] ^ [ 22.323438] fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.323699] fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.323866] ================================================================== [ 22.333371] ================================================================== [ 22.333534] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 22.333718] Free of addr fff00000c7958000 by task kunit_try_catch/239 [ 22.333882] [ 22.333961] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.334156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.334219] Hardware name: linux,dummy-virt (DT) [ 22.334293] Call trace: [ 22.334341] show_stack+0x20/0x38 (C) [ 22.334455] dump_stack_lvl+0x8c/0xd0 [ 22.334550] print_report+0x118/0x608 [ 22.334657] kasan_report_invalid_free+0xc0/0xe8 [ 22.334760] __kasan_mempool_poison_pages+0xe0/0xe8 [ 22.334855] mempool_free+0x24c/0x328 [ 22.334945] mempool_double_free_helper+0x150/0x2e8 [ 22.335062] mempool_page_alloc_double_free+0xbc/0x118 [ 22.335161] kunit_try_run_case+0x170/0x3f0 [ 22.335262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.335366] kthread+0x328/0x630 [ 22.335470] ret_from_fork+0x10/0x20 [ 22.335587] [ 22.335630] The buggy address belongs to the physical page: [ 22.335703] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958 [ 22.335827] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.335962] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.336095] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.336188] page dumped because: kasan: bad access detected [ 22.336257] [ 22.336294] Memory state around the buggy address: [ 22.336370] fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.336460] fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.336560] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.336641] ^ [ 22.336699] fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.336799] fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.336892] ================================================================== [ 22.283973] ================================================================== [ 22.284149] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 22.284290] Free of addr fff00000c77efa00 by task kunit_try_catch/235 [ 22.284388] [ 22.284478] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.284691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.284760] Hardware name: linux,dummy-virt (DT) [ 22.284845] Call trace: [ 22.284907] show_stack+0x20/0x38 (C) [ 22.285277] dump_stack_lvl+0x8c/0xd0 [ 22.285429] print_report+0x118/0x608 [ 22.285541] kasan_report_invalid_free+0xc0/0xe8 [ 22.285653] check_slab_allocation+0xd4/0x108 [ 22.286682] __kasan_mempool_poison_object+0x78/0x150 [ 22.286860] mempool_free+0x28c/0x328 [ 22.286974] mempool_double_free_helper+0x150/0x2e8 [ 22.287119] mempool_kmalloc_double_free+0xc0/0x118 [ 22.287259] kunit_try_run_case+0x170/0x3f0 [ 22.287424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.287558] kthread+0x328/0x630 [ 22.287693] ret_from_fork+0x10/0x20 [ 22.287842] [ 22.287888] Allocated by task 235: [ 22.287962] kasan_save_stack+0x3c/0x68 [ 22.288076] kasan_save_track+0x20/0x40 [ 22.288147] kasan_save_alloc_info+0x40/0x58 [ 22.288231] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.288331] remove_element+0x130/0x1f8 [ 22.288798] mempool_alloc_preallocated+0x58/0xc0 [ 22.289131] mempool_double_free_helper+0x94/0x2e8 [ 22.289223] mempool_kmalloc_double_free+0xc0/0x118 [ 22.289353] kunit_try_run_case+0x170/0x3f0 [ 22.289631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.289786] kthread+0x328/0x630 [ 22.289940] ret_from_fork+0x10/0x20 [ 22.290247] [ 22.290302] Freed by task 235: [ 22.290423] kasan_save_stack+0x3c/0x68 [ 22.290522] kasan_save_track+0x20/0x40 [ 22.290610] kasan_save_free_info+0x4c/0x78 [ 22.290729] __kasan_mempool_poison_object+0xc0/0x150 [ 22.290837] mempool_free+0x28c/0x328 [ 22.290981] mempool_double_free_helper+0x100/0x2e8 [ 22.291323] mempool_kmalloc_double_free+0xc0/0x118 [ 22.291438] kunit_try_run_case+0x170/0x3f0 [ 22.291532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.291631] kthread+0x328/0x630 [ 22.291700] ret_from_fork+0x10/0x20 [ 22.291780] [ 22.291828] The buggy address belongs to the object at fff00000c77efa00 [ 22.291828] which belongs to the cache kmalloc-128 of size 128 [ 22.291969] The buggy address is located 0 bytes inside of [ 22.291969] 128-byte region [fff00000c77efa00, fff00000c77efa80) [ 22.292330] [ 22.292378] The buggy address belongs to the physical page: [ 22.292452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ef [ 22.292614] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.292738] page_type: f5(slab) [ 22.292840] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.292982] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.293104] page dumped because: kasan: bad access detected [ 22.293186] [ 22.293230] Memory state around the buggy address: [ 22.293312] fff00000c77ef900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.293413] fff00000c77ef980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.293509] >fff00000c77efa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.293597] ^ [ 22.294831] fff00000c77efa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.295104] fff00000c77efb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.295213] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 20.181260] ================================================================== [ 20.181431] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 20.181566] Read of size 1 at addr fff00000c63910c8 by task kunit_try_catch/207 [ 20.181716] [ 20.181832] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.182013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.182095] Hardware name: linux,dummy-virt (DT) [ 20.182174] Call trace: [ 20.182223] show_stack+0x20/0x38 (C) [ 20.182329] dump_stack_lvl+0x8c/0xd0 [ 20.182419] print_report+0x118/0x608 [ 20.182540] kasan_report+0xdc/0x128 [ 20.182655] __asan_report_load1_noabort+0x20/0x30 [ 20.182763] kmem_cache_oob+0x344/0x430 [ 20.182869] kunit_try_run_case+0x170/0x3f0 [ 20.183082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.183244] kthread+0x328/0x630 [ 20.183495] ret_from_fork+0x10/0x20 [ 20.183800] [ 20.183852] Allocated by task 207: [ 20.183911] kasan_save_stack+0x3c/0x68 [ 20.184016] kasan_save_track+0x20/0x40 [ 20.184116] kasan_save_alloc_info+0x40/0x58 [ 20.184205] __kasan_slab_alloc+0xa8/0xb0 [ 20.184792] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.185056] kmem_cache_oob+0x12c/0x430 [ 20.185333] kunit_try_run_case+0x170/0x3f0 [ 20.185833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.186285] kthread+0x328/0x630 [ 20.186379] ret_from_fork+0x10/0x20 [ 20.186460] [ 20.186513] The buggy address belongs to the object at fff00000c6391000 [ 20.186513] which belongs to the cache test_cache of size 200 [ 20.186822] The buggy address is located 0 bytes to the right of [ 20.186822] allocated 200-byte region [fff00000c6391000, fff00000c63910c8) [ 20.187166] [ 20.187233] The buggy address belongs to the physical page: [ 20.187516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106391 [ 20.187780] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.188459] page_type: f5(slab) [ 20.188572] raw: 0bfffe0000000000 fff00000c6de6000 dead000000000122 0000000000000000 [ 20.188692] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.188792] page dumped because: kasan: bad access detected [ 20.188867] [ 20.188907] Memory state around the buggy address: [ 20.188984] fff00000c6390f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.189102] fff00000c6391000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.189194] >fff00000c6391080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.189846] ^ [ 20.190272] fff00000c6391100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.190647] fff00000c6391180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.190841] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 20.129738] ================================================================== [ 20.130074] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 20.130276] Read of size 8 at addr fff00000c6674300 by task kunit_try_catch/200 [ 20.130375] [ 20.130655] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.130837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.130895] Hardware name: linux,dummy-virt (DT) [ 20.130963] Call trace: [ 20.131251] show_stack+0x20/0x38 (C) [ 20.131446] dump_stack_lvl+0x8c/0xd0 [ 20.131566] print_report+0x118/0x608 [ 20.131745] kasan_report+0xdc/0x128 [ 20.131853] __asan_report_load8_noabort+0x20/0x30 [ 20.132171] workqueue_uaf+0x480/0x4a8 [ 20.132279] kunit_try_run_case+0x170/0x3f0 [ 20.132389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.132519] kthread+0x328/0x630 [ 20.132812] ret_from_fork+0x10/0x20 [ 20.132919] [ 20.133414] Allocated by task 200: [ 20.133506] kasan_save_stack+0x3c/0x68 [ 20.133669] kasan_save_track+0x20/0x40 [ 20.133761] kasan_save_alloc_info+0x40/0x58 [ 20.133850] __kasan_kmalloc+0xd4/0xd8 [ 20.134140] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.134463] workqueue_uaf+0x13c/0x4a8 [ 20.134543] kunit_try_run_case+0x170/0x3f0 [ 20.134652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.134751] kthread+0x328/0x630 [ 20.134898] ret_from_fork+0x10/0x20 [ 20.134989] [ 20.135048] Freed by task 75: [ 20.135197] kasan_save_stack+0x3c/0x68 [ 20.135364] kasan_save_track+0x20/0x40 [ 20.135444] kasan_save_free_info+0x4c/0x78 [ 20.135544] __kasan_slab_free+0x6c/0x98 [ 20.135627] kfree+0x214/0x3c8 [ 20.135932] workqueue_uaf_work+0x18/0x30 [ 20.136381] process_one_work+0x530/0xf98 [ 20.136497] worker_thread+0x618/0xf38 [ 20.136584] kthread+0x328/0x630 [ 20.136668] ret_from_fork+0x10/0x20 [ 20.137603] [ 20.137668] Last potentially related work creation: [ 20.137929] kasan_save_stack+0x3c/0x68 [ 20.138055] kasan_record_aux_stack+0xb4/0xc8 [ 20.138147] __queue_work+0x65c/0x1008 [ 20.138439] queue_work_on+0xbc/0xf8 [ 20.138540] workqueue_uaf+0x210/0x4a8 [ 20.138779] kunit_try_run_case+0x170/0x3f0 [ 20.139470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.139745] kthread+0x328/0x630 [ 20.139830] ret_from_fork+0x10/0x20 [ 20.139956] [ 20.140002] The buggy address belongs to the object at fff00000c6674300 [ 20.140002] which belongs to the cache kmalloc-32 of size 32 [ 20.140539] The buggy address is located 0 bytes inside of [ 20.140539] freed 32-byte region [fff00000c6674300, fff00000c6674320) [ 20.140735] [ 20.140795] The buggy address belongs to the physical page: [ 20.140877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106674 [ 20.141260] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.141703] page_type: f5(slab) [ 20.141806] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.142109] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.142245] page dumped because: kasan: bad access detected [ 20.142321] [ 20.142354] Memory state around the buggy address: [ 20.142600] fff00000c6674200: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.142715] fff00000c6674280: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 20.142968] >fff00000c6674300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.143067] ^ [ 20.143132] fff00000c6674380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.143641] fff00000c6674400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.143966] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 22.253636] ================================================================== [ 22.253840] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 22.253992] Read of size 1 at addr fff00000c7958000 by task kunit_try_catch/233 [ 22.254106] [ 22.254281] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.254546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.254626] Hardware name: linux,dummy-virt (DT) [ 22.254703] Call trace: [ 22.254774] show_stack+0x20/0x38 (C) [ 22.254917] dump_stack_lvl+0x8c/0xd0 [ 22.255045] print_report+0x118/0x608 [ 22.255154] kasan_report+0xdc/0x128 [ 22.255255] __asan_report_load1_noabort+0x20/0x30 [ 22.255352] mempool_uaf_helper+0x314/0x340 [ 22.255623] mempool_page_alloc_uaf+0xc0/0x118 [ 22.255758] kunit_try_run_case+0x170/0x3f0 [ 22.255867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.255965] kthread+0x328/0x630 [ 22.256068] ret_from_fork+0x10/0x20 [ 22.256207] [ 22.256296] The buggy address belongs to the physical page: [ 22.256373] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958 [ 22.256525] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.256779] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.256907] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.257012] page dumped because: kasan: bad access detected [ 22.257111] [ 22.257156] Memory state around the buggy address: [ 22.257236] fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.257360] fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.257452] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.257792] ^ [ 22.257911] fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.258190] fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.258286] ================================================================== [ 22.160837] ================================================================== [ 22.161212] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 22.161491] Read of size 1 at addr fff00000c7958000 by task kunit_try_catch/229 [ 22.161699] [ 22.161786] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.162361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.162424] Hardware name: linux,dummy-virt (DT) [ 22.162490] Call trace: [ 22.162729] show_stack+0x20/0x38 (C) [ 22.163488] dump_stack_lvl+0x8c/0xd0 [ 22.163989] print_report+0x118/0x608 [ 22.164581] kasan_report+0xdc/0x128 [ 22.164680] __asan_report_load1_noabort+0x20/0x30 [ 22.164781] mempool_uaf_helper+0x314/0x340 [ 22.164869] mempool_kmalloc_large_uaf+0xc4/0x120 [ 22.164964] kunit_try_run_case+0x170/0x3f0 [ 22.165086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.165191] kthread+0x328/0x630 [ 22.165276] ret_from_fork+0x10/0x20 [ 22.165376] [ 22.165419] The buggy address belongs to the physical page: [ 22.165486] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958 [ 22.165580] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.165664] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.166904] page_type: f8(unknown) [ 22.166999] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.167374] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.167696] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.168008] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.168113] head: 0bfffe0000000002 ffffc1ffc31e5601 00000000ffffffff 00000000ffffffff [ 22.168208] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.168279] page dumped because: kasan: bad access detected [ 22.168336] [ 22.168366] Memory state around the buggy address: [ 22.168428] fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.168515] fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.168612] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.168690] ^ [ 22.168746] fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.168831] fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.168898] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 22.196315] ================================================================== [ 22.196639] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 22.197076] Read of size 1 at addr fff00000c636e240 by task kunit_try_catch/231 [ 22.197279] [ 22.197380] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.197936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.198157] Hardware name: linux,dummy-virt (DT) [ 22.198290] Call trace: [ 22.198348] show_stack+0x20/0x38 (C) [ 22.198661] dump_stack_lvl+0x8c/0xd0 [ 22.198827] print_report+0x118/0x608 [ 22.199089] kasan_report+0xdc/0x128 [ 22.199326] __asan_report_load1_noabort+0x20/0x30 [ 22.199605] mempool_uaf_helper+0x314/0x340 [ 22.199777] mempool_slab_uaf+0xc0/0x118 [ 22.199982] kunit_try_run_case+0x170/0x3f0 [ 22.200218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.200572] kthread+0x328/0x630 [ 22.200689] ret_from_fork+0x10/0x20 [ 22.200868] [ 22.201104] Allocated by task 231: [ 22.201275] kasan_save_stack+0x3c/0x68 [ 22.201414] kasan_save_track+0x20/0x40 [ 22.201501] kasan_save_alloc_info+0x40/0x58 [ 22.201939] __kasan_mempool_unpoison_object+0xbc/0x180 [ 22.202058] remove_element+0x16c/0x1f8 [ 22.202284] mempool_alloc_preallocated+0x58/0xc0 [ 22.202451] mempool_uaf_helper+0xa4/0x340 [ 22.202764] mempool_slab_uaf+0xc0/0x118 [ 22.202946] kunit_try_run_case+0x170/0x3f0 [ 22.203101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.203319] kthread+0x328/0x630 [ 22.203387] ret_from_fork+0x10/0x20 [ 22.203685] [ 22.203742] Freed by task 231: [ 22.203877] kasan_save_stack+0x3c/0x68 [ 22.204115] kasan_save_track+0x20/0x40 [ 22.204318] kasan_save_free_info+0x4c/0x78 [ 22.204480] __kasan_mempool_poison_object+0xc0/0x150 [ 22.204637] mempool_free+0x28c/0x328 [ 22.205062] mempool_uaf_helper+0x104/0x340 [ 22.205173] mempool_slab_uaf+0xc0/0x118 [ 22.205301] kunit_try_run_case+0x170/0x3f0 [ 22.205544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.205741] kthread+0x328/0x630 [ 22.205976] ret_from_fork+0x10/0x20 [ 22.206061] [ 22.206298] The buggy address belongs to the object at fff00000c636e240 [ 22.206298] which belongs to the cache test_cache of size 123 [ 22.206502] The buggy address is located 0 bytes inside of [ 22.206502] freed 123-byte region [fff00000c636e240, fff00000c636e2bb) [ 22.206763] [ 22.206908] The buggy address belongs to the physical page: [ 22.207011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10636e [ 22.207148] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.207555] page_type: f5(slab) [ 22.207667] raw: 0bfffe0000000000 fff00000c6de68c0 dead000000000122 0000000000000000 [ 22.207870] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 22.208139] page dumped because: kasan: bad access detected [ 22.208239] [ 22.208517] Memory state around the buggy address: [ 22.208668] fff00000c636e100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.208763] fff00000c636e180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.208955] >fff00000c636e200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 22.209134] ^ [ 22.209233] fff00000c636e280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.209415] fff00000c636e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.209508] ================================================================== [ 22.131373] ================================================================== [ 22.131524] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 22.131673] Read of size 1 at addr fff00000c77ef600 by task kunit_try_catch/227 [ 22.131791] [ 22.131884] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.132478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.132622] Hardware name: linux,dummy-virt (DT) [ 22.132744] Call trace: [ 22.132828] show_stack+0x20/0x38 (C) [ 22.133011] dump_stack_lvl+0x8c/0xd0 [ 22.133205] print_report+0x118/0x608 [ 22.133358] kasan_report+0xdc/0x128 [ 22.133508] __asan_report_load1_noabort+0x20/0x30 [ 22.133610] mempool_uaf_helper+0x314/0x340 [ 22.133739] mempool_kmalloc_uaf+0xc4/0x120 [ 22.133839] kunit_try_run_case+0x170/0x3f0 [ 22.134013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.134149] kthread+0x328/0x630 [ 22.134251] ret_from_fork+0x10/0x20 [ 22.134368] [ 22.134437] Allocated by task 227: [ 22.134524] kasan_save_stack+0x3c/0x68 [ 22.134611] kasan_save_track+0x20/0x40 [ 22.134741] kasan_save_alloc_info+0x40/0x58 [ 22.134849] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.134948] remove_element+0x130/0x1f8 [ 22.135041] mempool_alloc_preallocated+0x58/0xc0 [ 22.135118] mempool_uaf_helper+0xa4/0x340 [ 22.135223] mempool_kmalloc_uaf+0xc4/0x120 [ 22.135300] kunit_try_run_case+0x170/0x3f0 [ 22.135417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.135560] kthread+0x328/0x630 [ 22.135650] ret_from_fork+0x10/0x20 [ 22.135735] [ 22.135779] Freed by task 227: [ 22.135873] kasan_save_stack+0x3c/0x68 [ 22.135972] kasan_save_track+0x20/0x40 [ 22.136086] kasan_save_free_info+0x4c/0x78 [ 22.136177] __kasan_mempool_poison_object+0xc0/0x150 [ 22.136270] mempool_free+0x28c/0x328 [ 22.136351] mempool_uaf_helper+0x104/0x340 [ 22.136437] mempool_kmalloc_uaf+0xc4/0x120 [ 22.136585] kunit_try_run_case+0x170/0x3f0 [ 22.136712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.136817] kthread+0x328/0x630 [ 22.136892] ret_from_fork+0x10/0x20 [ 22.136973] [ 22.137019] The buggy address belongs to the object at fff00000c77ef600 [ 22.137019] which belongs to the cache kmalloc-128 of size 128 [ 22.137158] The buggy address is located 0 bytes inside of [ 22.137158] freed 128-byte region [fff00000c77ef600, fff00000c77ef680) [ 22.137406] [ 22.137456] The buggy address belongs to the physical page: [ 22.137616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ef [ 22.137798] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.137921] page_type: f5(slab) [ 22.138007] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.138134] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.138271] page dumped because: kasan: bad access detected [ 22.138336] [ 22.138377] Memory state around the buggy address: [ 22.138455] fff00000c77ef500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.138594] fff00000c77ef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.138908] >fff00000c77ef600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.139000] ^ [ 22.139075] fff00000c77ef680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.139167] fff00000c77ef700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.139258] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 22.025449] ================================================================== [ 22.025590] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 22.026037] Read of size 1 at addr fff00000c7952001 by task kunit_try_catch/223 [ 22.026195] [ 22.026273] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.026425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.026481] Hardware name: linux,dummy-virt (DT) [ 22.026545] Call trace: [ 22.026592] show_stack+0x20/0x38 (C) [ 22.026747] dump_stack_lvl+0x8c/0xd0 [ 22.026851] print_report+0x118/0x608 [ 22.026960] kasan_report+0xdc/0x128 [ 22.027080] __asan_report_load1_noabort+0x20/0x30 [ 22.027223] mempool_oob_right_helper+0x2ac/0x2f0 [ 22.027457] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 22.027650] kunit_try_run_case+0x170/0x3f0 [ 22.027768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.028182] kthread+0x328/0x630 [ 22.028365] ret_from_fork+0x10/0x20 [ 22.028505] [ 22.028832] The buggy address belongs to the physical page: [ 22.028943] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107950 [ 22.029098] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.029276] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.029402] page_type: f8(unknown) [ 22.029573] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.029684] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.029790] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.030195] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.030363] head: 0bfffe0000000002 ffffc1ffc31e5401 00000000ffffffff 00000000ffffffff [ 22.030471] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.030672] page dumped because: kasan: bad access detected [ 22.030795] [ 22.030877] Memory state around the buggy address: [ 22.031520] fff00000c7951f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.031928] fff00000c7951f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.032472] >fff00000c7952000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.032584] ^ [ 22.033129] fff00000c7952080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.033918] fff00000c7952100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.034015] ================================================================== [ 22.068751] ================================================================== [ 22.068901] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 22.069543] Read of size 1 at addr fff00000c77ec2bb by task kunit_try_catch/225 [ 22.069845] [ 22.069971] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.070255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.070333] Hardware name: linux,dummy-virt (DT) [ 22.070631] Call trace: [ 22.070704] show_stack+0x20/0x38 (C) [ 22.070912] dump_stack_lvl+0x8c/0xd0 [ 22.071087] print_report+0x118/0x608 [ 22.071223] kasan_report+0xdc/0x128 [ 22.071333] __asan_report_load1_noabort+0x20/0x30 [ 22.071449] mempool_oob_right_helper+0x2ac/0x2f0 [ 22.071565] mempool_slab_oob_right+0xc0/0x118 [ 22.071678] kunit_try_run_case+0x170/0x3f0 [ 22.071791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.072481] kthread+0x328/0x630 [ 22.072735] ret_from_fork+0x10/0x20 [ 22.072922] [ 22.072975] Allocated by task 225: [ 22.073064] kasan_save_stack+0x3c/0x68 [ 22.073376] kasan_save_track+0x20/0x40 [ 22.073633] kasan_save_alloc_info+0x40/0x58 [ 22.073836] __kasan_mempool_unpoison_object+0xbc/0x180 [ 22.073934] remove_element+0x16c/0x1f8 [ 22.074411] mempool_alloc_preallocated+0x58/0xc0 [ 22.074575] mempool_oob_right_helper+0x98/0x2f0 [ 22.074677] mempool_slab_oob_right+0xc0/0x118 [ 22.075039] kunit_try_run_case+0x170/0x3f0 [ 22.075224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.075564] kthread+0x328/0x630 [ 22.075667] ret_from_fork+0x10/0x20 [ 22.075749] [ 22.076111] The buggy address belongs to the object at fff00000c77ec240 [ 22.076111] which belongs to the cache test_cache of size 123 [ 22.076278] The buggy address is located 0 bytes to the right of [ 22.076278] allocated 123-byte region [fff00000c77ec240, fff00000c77ec2bb) [ 22.076431] [ 22.076482] The buggy address belongs to the physical page: [ 22.076660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 22.077150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.077349] page_type: f5(slab) [ 22.077466] raw: 0bfffe0000000000 fff00000c6de6780 dead000000000122 0000000000000000 [ 22.077683] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 22.077884] page dumped because: kasan: bad access detected [ 22.077956] [ 22.077998] Memory state around the buggy address: [ 22.078084] fff00000c77ec180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.078525] fff00000c77ec200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 22.078630] >fff00000c77ec280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 22.078783] ^ [ 22.078976] fff00000c77ec300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.079166] fff00000c77ec380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.079474] ================================================================== [ 22.008984] ================================================================== [ 22.009106] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 22.009197] Read of size 1 at addr fff00000c77ef273 by task kunit_try_catch/221 [ 22.009247] [ 22.009296] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.009385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.009416] Hardware name: linux,dummy-virt (DT) [ 22.009454] Call trace: [ 22.009481] show_stack+0x20/0x38 (C) [ 22.009537] dump_stack_lvl+0x8c/0xd0 [ 22.009591] print_report+0x118/0x608 [ 22.009640] kasan_report+0xdc/0x128 [ 22.009742] __asan_report_load1_noabort+0x20/0x30 [ 22.009834] mempool_oob_right_helper+0x2ac/0x2f0 [ 22.009930] mempool_kmalloc_oob_right+0xc4/0x120 [ 22.010038] kunit_try_run_case+0x170/0x3f0 [ 22.010115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.010169] kthread+0x328/0x630 [ 22.010212] ret_from_fork+0x10/0x20 [ 22.010261] [ 22.010283] Allocated by task 221: [ 22.010314] kasan_save_stack+0x3c/0x68 [ 22.010359] kasan_save_track+0x20/0x40 [ 22.010396] kasan_save_alloc_info+0x40/0x58 [ 22.010436] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.010477] remove_element+0x130/0x1f8 [ 22.010515] mempool_alloc_preallocated+0x58/0xc0 [ 22.010553] mempool_oob_right_helper+0x98/0x2f0 [ 22.010594] mempool_kmalloc_oob_right+0xc4/0x120 [ 22.010632] kunit_try_run_case+0x170/0x3f0 [ 22.010668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.010710] kthread+0x328/0x630 [ 22.010741] ret_from_fork+0x10/0x20 [ 22.010777] [ 22.010799] The buggy address belongs to the object at fff00000c77ef200 [ 22.010799] which belongs to the cache kmalloc-128 of size 128 [ 22.010858] The buggy address is located 0 bytes to the right of [ 22.010858] allocated 115-byte region [fff00000c77ef200, fff00000c77ef273) [ 22.010919] [ 22.010944] The buggy address belongs to the physical page: [ 22.010976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ef [ 22.011051] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.011109] page_type: f5(slab) [ 22.011154] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.011204] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.011246] page dumped because: kasan: bad access detected [ 22.011278] [ 22.011296] Memory state around the buggy address: [ 22.011331] fff00000c77ef100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.011375] fff00000c77ef180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.011419] >fff00000c77ef200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.011458] ^ [ 22.011498] fff00000c77ef280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.011540] fff00000c77ef300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.011578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 21.420681] ================================================================== [ 21.421269] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 21.421475] Read of size 1 at addr fff00000c6de6500 by task kunit_try_catch/215 [ 21.421600] [ 21.422105] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.422334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.422402] Hardware name: linux,dummy-virt (DT) [ 21.422480] Call trace: [ 21.422539] show_stack+0x20/0x38 (C) [ 21.423124] dump_stack_lvl+0x8c/0xd0 [ 21.423266] print_report+0x118/0x608 [ 21.423363] kasan_report+0xdc/0x128 [ 21.423439] __kasan_check_byte+0x54/0x70 [ 21.423524] kmem_cache_destroy+0x34/0x218 [ 21.423625] kmem_cache_double_destroy+0x174/0x300 [ 21.423722] kunit_try_run_case+0x170/0x3f0 [ 21.424523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.425121] kthread+0x328/0x630 [ 21.425263] ret_from_fork+0x10/0x20 [ 21.425381] [ 21.425424] Allocated by task 215: [ 21.425488] kasan_save_stack+0x3c/0x68 [ 21.425686] kasan_save_track+0x20/0x40 [ 21.425740] kasan_save_alloc_info+0x40/0x58 [ 21.425782] __kasan_slab_alloc+0xa8/0xb0 [ 21.425858] kmem_cache_alloc_noprof+0x10c/0x398 [ 21.425948] __kmem_cache_create_args+0x178/0x280 [ 21.426108] kmem_cache_double_destroy+0xc0/0x300 [ 21.426204] kunit_try_run_case+0x170/0x3f0 [ 21.426287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.426370] kthread+0x328/0x630 [ 21.426425] ret_from_fork+0x10/0x20 [ 21.426495] [ 21.426536] Freed by task 215: [ 21.426592] kasan_save_stack+0x3c/0x68 [ 21.426672] kasan_save_track+0x20/0x40 [ 21.426787] kasan_save_free_info+0x4c/0x78 [ 21.427063] __kasan_slab_free+0x6c/0x98 [ 21.427438] kmem_cache_free+0x260/0x468 [ 21.427577] slab_kmem_cache_release+0x38/0x50 [ 21.427770] kmem_cache_release+0x1c/0x30 [ 21.427880] kobject_put+0x17c/0x420 [ 21.428295] sysfs_slab_release+0x1c/0x30 [ 21.428855] kmem_cache_destroy+0x118/0x218 [ 21.429076] kmem_cache_double_destroy+0x128/0x300 [ 21.429617] kunit_try_run_case+0x170/0x3f0 [ 21.430201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.430288] kthread+0x328/0x630 [ 21.430487] ret_from_fork+0x10/0x20 [ 21.430626] [ 21.430938] The buggy address belongs to the object at fff00000c6de6500 [ 21.430938] which belongs to the cache kmem_cache of size 208 [ 21.431091] The buggy address is located 0 bytes inside of [ 21.431091] freed 208-byte region [fff00000c6de6500, fff00000c6de65d0) [ 21.431217] [ 21.432099] The buggy address belongs to the physical page: [ 21.432246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106de6 [ 21.432940] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.433102] page_type: f5(slab) [ 21.433722] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 21.434128] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 21.434284] page dumped because: kasan: bad access detected [ 21.434357] [ 21.434390] Memory state around the buggy address: [ 21.434816] fff00000c6de6400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.435188] fff00000c6de6480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.435380] >fff00000c6de6500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.435463] ^ [ 21.435527] fff00000c6de6580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 21.435629] fff00000c6de6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.435719] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 21.106227] ================================================================== [ 21.106527] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 21.106747] Read of size 1 at addr fff00000c636b000 by task kunit_try_catch/213 [ 21.106867] [ 21.107008] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.107189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.107254] Hardware name: linux,dummy-virt (DT) [ 21.107576] Call trace: [ 21.107643] show_stack+0x20/0x38 (C) [ 21.107764] dump_stack_lvl+0x8c/0xd0 [ 21.108164] print_report+0x118/0x608 [ 21.108302] kasan_report+0xdc/0x128 [ 21.108409] __asan_report_load1_noabort+0x20/0x30 [ 21.108536] kmem_cache_rcu_uaf+0x388/0x468 [ 21.108660] kunit_try_run_case+0x170/0x3f0 [ 21.108793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.108927] kthread+0x328/0x630 [ 21.109080] ret_from_fork+0x10/0x20 [ 21.109240] [ 21.109293] Allocated by task 213: [ 21.109360] kasan_save_stack+0x3c/0x68 [ 21.109454] kasan_save_track+0x20/0x40 [ 21.109536] kasan_save_alloc_info+0x40/0x58 [ 21.109623] __kasan_slab_alloc+0xa8/0xb0 [ 21.109697] kmem_cache_alloc_noprof+0x10c/0x398 [ 21.109777] kmem_cache_rcu_uaf+0x12c/0x468 [ 21.109853] kunit_try_run_case+0x170/0x3f0 [ 21.111238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.111345] kthread+0x328/0x630 [ 21.111412] ret_from_fork+0x10/0x20 [ 21.111812] [ 21.111954] Freed by task 0: [ 21.113197] kasan_save_stack+0x3c/0x68 [ 21.113326] kasan_save_track+0x20/0x40 [ 21.113394] kasan_save_free_info+0x4c/0x78 [ 21.113899] __kasan_slab_free+0x6c/0x98 [ 21.114016] slab_free_after_rcu_debug+0xd4/0x2f8 [ 21.114120] rcu_core+0x9f4/0x1e20 [ 21.114203] rcu_core_si+0x18/0x30 [ 21.114277] handle_softirqs+0x374/0xb28 [ 21.114352] __do_softirq+0x1c/0x28 [ 21.114424] [ 21.114465] Last potentially related work creation: [ 21.114518] kasan_save_stack+0x3c/0x68 [ 21.114595] kasan_record_aux_stack+0xb4/0xc8 [ 21.114678] kmem_cache_free+0x120/0x468 [ 21.114750] kmem_cache_rcu_uaf+0x16c/0x468 [ 21.114826] kunit_try_run_case+0x170/0x3f0 [ 21.114901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.114973] kthread+0x328/0x630 [ 21.115919] ret_from_fork+0x10/0x20 [ 21.116019] [ 21.116330] The buggy address belongs to the object at fff00000c636b000 [ 21.116330] which belongs to the cache test_cache of size 200 [ 21.116929] The buggy address is located 0 bytes inside of [ 21.116929] freed 200-byte region [fff00000c636b000, fff00000c636b0c8) [ 21.117381] [ 21.117738] The buggy address belongs to the physical page: [ 21.118083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10636b [ 21.119049] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.119188] page_type: f5(slab) [ 21.119284] raw: 0bfffe0000000000 fff00000c6de63c0 dead000000000122 0000000000000000 [ 21.119395] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 21.119481] page dumped because: kasan: bad access detected [ 21.119548] [ 21.119582] Memory state around the buggy address: [ 21.119652] fff00000c636af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.119748] fff00000c636af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.119842] >fff00000c636b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.119922] ^ [ 21.119978] fff00000c636b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 21.120083] fff00000c636b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.120165] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 20.530899] ================================================================== [ 20.531357] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 20.532182] Free of addr fff00000c6368001 by task kunit_try_catch/211 [ 20.532309] [ 20.532402] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.532610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.532676] Hardware name: linux,dummy-virt (DT) [ 20.532759] Call trace: [ 20.532819] show_stack+0x20/0x38 (C) [ 20.532947] dump_stack_lvl+0x8c/0xd0 [ 20.534050] print_report+0x118/0x608 [ 20.534363] kasan_report_invalid_free+0xc0/0xe8 [ 20.534754] check_slab_allocation+0xfc/0x108 [ 20.534936] __kasan_slab_pre_free+0x2c/0x48 [ 20.535423] kmem_cache_free+0xf0/0x468 [ 20.535545] kmem_cache_invalid_free+0x184/0x3c8 [ 20.535646] kunit_try_run_case+0x170/0x3f0 [ 20.535763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.536423] kthread+0x328/0x630 [ 20.536768] ret_from_fork+0x10/0x20 [ 20.537217] [ 20.537263] Allocated by task 211: [ 20.537412] kasan_save_stack+0x3c/0x68 [ 20.537503] kasan_save_track+0x20/0x40 [ 20.537640] kasan_save_alloc_info+0x40/0x58 [ 20.537960] __kasan_slab_alloc+0xa8/0xb0 [ 20.538380] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.538767] kmem_cache_invalid_free+0x12c/0x3c8 [ 20.538876] kunit_try_run_case+0x170/0x3f0 [ 20.538970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.539081] kthread+0x328/0x630 [ 20.539157] ret_from_fork+0x10/0x20 [ 20.539234] [ 20.539276] The buggy address belongs to the object at fff00000c6368000 [ 20.539276] which belongs to the cache test_cache of size 200 [ 20.539414] The buggy address is located 1 bytes inside of [ 20.539414] 200-byte region [fff00000c6368000, fff00000c63680c8) [ 20.539546] [ 20.539593] The buggy address belongs to the physical page: [ 20.539662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106368 [ 20.539841] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.539956] page_type: f5(slab) [ 20.541178] raw: 0bfffe0000000000 fff00000c6de6280 dead000000000122 0000000000000000 [ 20.541519] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.541809] page dumped because: kasan: bad access detected [ 20.541951] [ 20.541993] Memory state around the buggy address: [ 20.542103] fff00000c6367f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.542194] fff00000c6367f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.542466] >fff00000c6368000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.543146] ^ [ 20.543291] fff00000c6368080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.543395] fff00000c6368100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.543873] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 20.481123] ================================================================== [ 20.481301] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 20.481492] Free of addr fff00000c6393000 by task kunit_try_catch/209 [ 20.481590] [ 20.481799] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.481969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.482041] Hardware name: linux,dummy-virt (DT) [ 20.482118] Call trace: [ 20.482189] show_stack+0x20/0x38 (C) [ 20.482312] dump_stack_lvl+0x8c/0xd0 [ 20.482413] print_report+0x118/0x608 [ 20.482529] kasan_report_invalid_free+0xc0/0xe8 [ 20.482637] check_slab_allocation+0xd4/0x108 [ 20.482752] __kasan_slab_pre_free+0x2c/0x48 [ 20.482859] kmem_cache_free+0xf0/0x468 [ 20.482964] kmem_cache_double_free+0x190/0x3c8 [ 20.483084] kunit_try_run_case+0x170/0x3f0 [ 20.483199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.483316] kthread+0x328/0x630 [ 20.483422] ret_from_fork+0x10/0x20 [ 20.483525] [ 20.483584] Allocated by task 209: [ 20.483674] kasan_save_stack+0x3c/0x68 [ 20.483768] kasan_save_track+0x20/0x40 [ 20.483861] kasan_save_alloc_info+0x40/0x58 [ 20.483994] __kasan_slab_alloc+0xa8/0xb0 [ 20.484104] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.484230] kmem_cache_double_free+0x12c/0x3c8 [ 20.484328] kunit_try_run_case+0x170/0x3f0 [ 20.484408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.484562] kthread+0x328/0x630 [ 20.484671] ret_from_fork+0x10/0x20 [ 20.484757] [ 20.484821] Freed by task 209: [ 20.484891] kasan_save_stack+0x3c/0x68 [ 20.485033] kasan_save_track+0x20/0x40 [ 20.485111] kasan_save_free_info+0x4c/0x78 [ 20.485198] __kasan_slab_free+0x6c/0x98 [ 20.485307] kmem_cache_free+0x260/0x468 [ 20.485389] kmem_cache_double_free+0x140/0x3c8 [ 20.485469] kunit_try_run_case+0x170/0x3f0 [ 20.485560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.485649] kthread+0x328/0x630 [ 20.485799] ret_from_fork+0x10/0x20 [ 20.485885] [ 20.485956] The buggy address belongs to the object at fff00000c6393000 [ 20.485956] which belongs to the cache test_cache of size 200 [ 20.486151] The buggy address is located 0 bytes inside of [ 20.486151] 200-byte region [fff00000c6393000, fff00000c63930c8) [ 20.486307] [ 20.486359] The buggy address belongs to the physical page: [ 20.486419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106393 [ 20.486533] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.486665] page_type: f5(slab) [ 20.486774] raw: 0bfffe0000000000 fff00000c6de6140 dead000000000122 0000000000000000 [ 20.486886] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.486977] page dumped because: kasan: bad access detected [ 20.487088] [ 20.487161] Memory state around the buggy address: [ 20.487265] fff00000c6392f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.487368] fff00000c6392f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.487470] >fff00000c6393000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.487560] ^ [ 20.487624] fff00000c6393080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.487723] fff00000c6393100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.487808] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 19.929088] ================================================================== [ 19.929234] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 19.929347] Free of addr fff00000c6191560 by task kunit_try_catch/192 [ 19.929435] [ 19.929513] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.929739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.929799] Hardware name: linux,dummy-virt (DT) [ 19.929865] Call trace: [ 19.929916] show_stack+0x20/0x38 (C) [ 19.930245] dump_stack_lvl+0x8c/0xd0 [ 19.930368] print_report+0x118/0x608 [ 19.930482] kasan_report_invalid_free+0xc0/0xe8 [ 19.930686] check_slab_allocation+0xd4/0x108 [ 19.930847] __kasan_slab_pre_free+0x2c/0x48 [ 19.930976] kfree+0xe8/0x3c8 [ 19.931255] kfree_sensitive+0x3c/0xb0 [ 19.931354] kmalloc_double_kzfree+0x168/0x308 [ 19.931715] kunit_try_run_case+0x170/0x3f0 [ 19.932092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.932411] kthread+0x328/0x630 [ 19.932584] ret_from_fork+0x10/0x20 [ 19.932709] [ 19.932761] Allocated by task 192: [ 19.933070] kasan_save_stack+0x3c/0x68 [ 19.933174] kasan_save_track+0x20/0x40 [ 19.933270] kasan_save_alloc_info+0x40/0x58 [ 19.934100] __kasan_kmalloc+0xd4/0xd8 [ 19.934205] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.934420] kmalloc_double_kzfree+0xb8/0x308 [ 19.934545] kunit_try_run_case+0x170/0x3f0 [ 19.934635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.934734] kthread+0x328/0x630 [ 19.934807] ret_from_fork+0x10/0x20 [ 19.934884] [ 19.934929] Freed by task 192: [ 19.935374] kasan_save_stack+0x3c/0x68 [ 19.935482] kasan_save_track+0x20/0x40 [ 19.935815] kasan_save_free_info+0x4c/0x78 [ 19.936206] __kasan_slab_free+0x6c/0x98 [ 19.936300] kfree+0x214/0x3c8 [ 19.936384] kfree_sensitive+0x80/0xb0 [ 19.936468] kmalloc_double_kzfree+0x11c/0x308 [ 19.936778] kunit_try_run_case+0x170/0x3f0 [ 19.936897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.937002] kthread+0x328/0x630 [ 19.937436] ret_from_fork+0x10/0x20 [ 19.937544] [ 19.937596] The buggy address belongs to the object at fff00000c6191560 [ 19.937596] which belongs to the cache kmalloc-16 of size 16 [ 19.937725] The buggy address is located 0 bytes inside of [ 19.937725] 16-byte region [fff00000c6191560, fff00000c6191570) [ 19.937861] [ 19.938240] The buggy address belongs to the physical page: [ 19.938316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 19.938422] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.938530] page_type: f5(slab) [ 19.938616] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.939489] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.939630] page dumped because: kasan: bad access detected [ 19.939714] [ 19.939954] Memory state around the buggy address: [ 19.940173] fff00000c6191400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.940544] fff00000c6191480: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.940674] >fff00000c6191500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.940768] ^ [ 19.941423] fff00000c6191580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.941569] fff00000c6191600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.941955] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 19.916981] ================================================================== [ 19.917375] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 19.917686] Read of size 1 at addr fff00000c6191560 by task kunit_try_catch/192 [ 19.918160] [ 19.918260] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.918563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.918622] Hardware name: linux,dummy-virt (DT) [ 19.918693] Call trace: [ 19.918908] show_stack+0x20/0x38 (C) [ 19.919103] dump_stack_lvl+0x8c/0xd0 [ 19.919264] print_report+0x118/0x608 [ 19.919412] kasan_report+0xdc/0x128 [ 19.919527] __kasan_check_byte+0x54/0x70 [ 19.919624] kfree_sensitive+0x30/0xb0 [ 19.919731] kmalloc_double_kzfree+0x168/0x308 [ 19.919862] kunit_try_run_case+0x170/0x3f0 [ 19.919974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.920095] kthread+0x328/0x630 [ 19.920182] ret_from_fork+0x10/0x20 [ 19.920643] [ 19.920695] Allocated by task 192: [ 19.920763] kasan_save_stack+0x3c/0x68 [ 19.920855] kasan_save_track+0x20/0x40 [ 19.920930] kasan_save_alloc_info+0x40/0x58 [ 19.921283] __kasan_kmalloc+0xd4/0xd8 [ 19.921408] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.921497] kmalloc_double_kzfree+0xb8/0x308 [ 19.921605] kunit_try_run_case+0x170/0x3f0 [ 19.921785] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.921905] kthread+0x328/0x630 [ 19.922084] ret_from_fork+0x10/0x20 [ 19.922195] [ 19.922731] Freed by task 192: [ 19.922831] kasan_save_stack+0x3c/0x68 [ 19.922931] kasan_save_track+0x20/0x40 [ 19.923015] kasan_save_free_info+0x4c/0x78 [ 19.923119] __kasan_slab_free+0x6c/0x98 [ 19.923203] kfree+0x214/0x3c8 [ 19.923270] kfree_sensitive+0x80/0xb0 [ 19.923350] kmalloc_double_kzfree+0x11c/0x308 [ 19.923436] kunit_try_run_case+0x170/0x3f0 [ 19.923522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.924761] kthread+0x328/0x630 [ 19.925443] ret_from_fork+0x10/0x20 [ 19.925768] [ 19.925834] The buggy address belongs to the object at fff00000c6191560 [ 19.925834] which belongs to the cache kmalloc-16 of size 16 [ 19.926010] The buggy address is located 0 bytes inside of [ 19.926010] freed 16-byte region [fff00000c6191560, fff00000c6191570) [ 19.926274] [ 19.926346] The buggy address belongs to the physical page: [ 19.926456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 19.926642] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.926744] page_type: f5(slab) [ 19.926818] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.926935] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.927019] page dumped because: kasan: bad access detected [ 19.927111] [ 19.927155] Memory state around the buggy address: [ 19.927237] fff00000c6191400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.927338] fff00000c6191480: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.927424] >fff00000c6191500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.927494] ^ [ 19.927575] fff00000c6191580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.927687] fff00000c6191600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.927809] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 19.880758] ================================================================== [ 19.880943] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 19.881113] Read of size 1 at addr fff00000c667a228 by task kunit_try_catch/188 [ 19.881224] [ 19.881380] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.881587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.881653] Hardware name: linux,dummy-virt (DT) [ 19.881780] Call trace: [ 19.881841] show_stack+0x20/0x38 (C) [ 19.882003] dump_stack_lvl+0x8c/0xd0 [ 19.882159] print_report+0x118/0x608 [ 19.882254] kasan_report+0xdc/0x128 [ 19.882344] __asan_report_load1_noabort+0x20/0x30 [ 19.882455] kmalloc_uaf2+0x3f4/0x468 [ 19.882595] kunit_try_run_case+0x170/0x3f0 [ 19.882712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.882857] kthread+0x328/0x630 [ 19.882975] ret_from_fork+0x10/0x20 [ 19.883157] [ 19.883257] Allocated by task 188: [ 19.883334] kasan_save_stack+0x3c/0x68 [ 19.883450] kasan_save_track+0x20/0x40 [ 19.883548] kasan_save_alloc_info+0x40/0x58 [ 19.883662] __kasan_kmalloc+0xd4/0xd8 [ 19.883744] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.883850] kmalloc_uaf2+0xc4/0x468 [ 19.883931] kunit_try_run_case+0x170/0x3f0 [ 19.884010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.884163] kthread+0x328/0x630 [ 19.884277] ret_from_fork+0x10/0x20 [ 19.884372] [ 19.884429] Freed by task 188: [ 19.884501] kasan_save_stack+0x3c/0x68 [ 19.884614] kasan_save_track+0x20/0x40 [ 19.884706] kasan_save_free_info+0x4c/0x78 [ 19.884796] __kasan_slab_free+0x6c/0x98 [ 19.884881] kfree+0x214/0x3c8 [ 19.884961] kmalloc_uaf2+0x134/0x468 [ 19.885066] kunit_try_run_case+0x170/0x3f0 [ 19.885148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.885241] kthread+0x328/0x630 [ 19.885329] ret_from_fork+0x10/0x20 [ 19.885417] [ 19.885480] The buggy address belongs to the object at fff00000c667a200 [ 19.885480] which belongs to the cache kmalloc-64 of size 64 [ 19.885638] The buggy address is located 40 bytes inside of [ 19.885638] freed 64-byte region [fff00000c667a200, fff00000c667a240) [ 19.885780] [ 19.885830] The buggy address belongs to the physical page: [ 19.885927] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10667a [ 19.886103] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.886284] page_type: f5(slab) [ 19.886394] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.886513] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.886595] page dumped because: kasan: bad access detected [ 19.886651] [ 19.886706] Memory state around the buggy address: [ 19.886771] fff00000c667a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.886866] fff00000c667a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.886964] >fff00000c667a200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.887078] ^ [ 19.887153] fff00000c667a280: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 19.887244] fff00000c667a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.887358] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 19.856655] ================================================================== [ 19.856792] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 19.856908] Write of size 33 at addr fff00000c667a080 by task kunit_try_catch/186 [ 19.858582] [ 19.858687] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.858876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.859042] Hardware name: linux,dummy-virt (DT) [ 19.859124] Call trace: [ 19.859186] show_stack+0x20/0x38 (C) [ 19.859285] dump_stack_lvl+0x8c/0xd0 [ 19.859405] print_report+0x118/0x608 [ 19.859505] kasan_report+0xdc/0x128 [ 19.860051] kasan_check_range+0x100/0x1a8 [ 19.860343] __asan_memset+0x34/0x78 [ 19.860460] kmalloc_uaf_memset+0x170/0x310 [ 19.860578] kunit_try_run_case+0x170/0x3f0 [ 19.860710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.860845] kthread+0x328/0x630 [ 19.860954] ret_from_fork+0x10/0x20 [ 19.861089] [ 19.861137] Allocated by task 186: [ 19.861211] kasan_save_stack+0x3c/0x68 [ 19.861303] kasan_save_track+0x20/0x40 [ 19.861390] kasan_save_alloc_info+0x40/0x58 [ 19.861479] __kasan_kmalloc+0xd4/0xd8 [ 19.862035] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.862130] kmalloc_uaf_memset+0xb8/0x310 [ 19.862203] kunit_try_run_case+0x170/0x3f0 [ 19.862282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.862367] kthread+0x328/0x630 [ 19.862430] ret_from_fork+0x10/0x20 [ 19.862509] [ 19.862601] Freed by task 186: [ 19.862681] kasan_save_stack+0x3c/0x68 [ 19.862768] kasan_save_track+0x20/0x40 [ 19.862834] kasan_save_free_info+0x4c/0x78 [ 19.862914] __kasan_slab_free+0x6c/0x98 [ 19.863000] kfree+0x214/0x3c8 [ 19.863093] kmalloc_uaf_memset+0x11c/0x310 [ 19.863180] kunit_try_run_case+0x170/0x3f0 [ 19.863263] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.863360] kthread+0x328/0x630 [ 19.863433] ret_from_fork+0x10/0x20 [ 19.863510] [ 19.863553] The buggy address belongs to the object at fff00000c667a080 [ 19.863553] which belongs to the cache kmalloc-64 of size 64 [ 19.863717] The buggy address is located 0 bytes inside of [ 19.863717] freed 64-byte region [fff00000c667a080, fff00000c667a0c0) [ 19.863865] [ 19.863910] The buggy address belongs to the physical page: [ 19.863983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10667a [ 19.864123] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.864239] page_type: f5(slab) [ 19.864327] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.864447] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.865219] page dumped because: kasan: bad access detected [ 19.865296] [ 19.865339] Memory state around the buggy address: [ 19.865410] fff00000c6679f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.865876] fff00000c667a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.866190] >fff00000c667a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.866294] ^ [ 19.866354] fff00000c667a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.866442] fff00000c667a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.866533] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 19.831288] ================================================================== [ 19.831422] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 19.831685] Read of size 1 at addr fff00000c6191548 by task kunit_try_catch/184 [ 19.831979] [ 19.832066] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.832246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.832304] Hardware name: linux,dummy-virt (DT) [ 19.832369] Call trace: [ 19.832412] show_stack+0x20/0x38 (C) [ 19.832526] dump_stack_lvl+0x8c/0xd0 [ 19.832668] print_report+0x118/0x608 [ 19.832943] kasan_report+0xdc/0x128 [ 19.833170] __asan_report_load1_noabort+0x20/0x30 [ 19.833357] kmalloc_uaf+0x300/0x338 [ 19.833649] kunit_try_run_case+0x170/0x3f0 [ 19.834347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.835065] kthread+0x328/0x630 [ 19.835722] ret_from_fork+0x10/0x20 [ 19.836264] [ 19.836644] Allocated by task 184: [ 19.836907] kasan_save_stack+0x3c/0x68 [ 19.837007] kasan_save_track+0x20/0x40 [ 19.838103] kasan_save_alloc_info+0x40/0x58 [ 19.838196] __kasan_kmalloc+0xd4/0xd8 [ 19.838285] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.838377] kmalloc_uaf+0xb8/0x338 [ 19.838653] kunit_try_run_case+0x170/0x3f0 [ 19.838846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.838990] kthread+0x328/0x630 [ 19.839111] ret_from_fork+0x10/0x20 [ 19.839222] [ 19.839264] Freed by task 184: [ 19.839315] kasan_save_stack+0x3c/0x68 [ 19.839404] kasan_save_track+0x20/0x40 [ 19.839478] kasan_save_free_info+0x4c/0x78 [ 19.839556] __kasan_slab_free+0x6c/0x98 [ 19.839629] kfree+0x214/0x3c8 [ 19.839696] kmalloc_uaf+0x11c/0x338 [ 19.840046] kunit_try_run_case+0x170/0x3f0 [ 19.840139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.840233] kthread+0x328/0x630 [ 19.840311] ret_from_fork+0x10/0x20 [ 19.840500] [ 19.840668] The buggy address belongs to the object at fff00000c6191540 [ 19.840668] which belongs to the cache kmalloc-16 of size 16 [ 19.840990] The buggy address is located 8 bytes inside of [ 19.840990] freed 16-byte region [fff00000c6191540, fff00000c6191550) [ 19.841185] [ 19.841239] The buggy address belongs to the physical page: [ 19.841358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 19.841487] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.841595] page_type: f5(slab) [ 19.841714] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.841821] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.842147] page dumped because: kasan: bad access detected [ 19.842245] [ 19.842347] Memory state around the buggy address: [ 19.842430] fff00000c6191400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.842524] fff00000c6191480: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.842711] >fff00000c6191500: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 19.842795] ^ [ 19.842873] fff00000c6191580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.843134] fff00000c6191600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.843193] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 19.808951] ================================================================== [ 19.809650] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.809823] Read of size 64 at addr fff00000c77ced84 by task kunit_try_catch/182 [ 19.809965] [ 19.810067] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.810256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.810314] Hardware name: linux,dummy-virt (DT) [ 19.810377] Call trace: [ 19.810430] show_stack+0x20/0x38 (C) [ 19.810541] dump_stack_lvl+0x8c/0xd0 [ 19.810647] print_report+0x118/0x608 [ 19.810748] kasan_report+0xdc/0x128 [ 19.810843] kasan_check_range+0x100/0x1a8 [ 19.810942] __asan_memmove+0x3c/0x98 [ 19.811119] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.811284] kunit_try_run_case+0x170/0x3f0 [ 19.811398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.811518] kthread+0x328/0x630 [ 19.811611] ret_from_fork+0x10/0x20 [ 19.811737] [ 19.811799] Allocated by task 182: [ 19.811885] kasan_save_stack+0x3c/0x68 [ 19.811978] kasan_save_track+0x20/0x40 [ 19.812074] kasan_save_alloc_info+0x40/0x58 [ 19.812170] __kasan_kmalloc+0xd4/0xd8 [ 19.812252] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.812346] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 19.812482] kunit_try_run_case+0x170/0x3f0 [ 19.812597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.812737] kthread+0x328/0x630 [ 19.812845] ret_from_fork+0x10/0x20 [ 19.812958] [ 19.813035] The buggy address belongs to the object at fff00000c77ced80 [ 19.813035] which belongs to the cache kmalloc-64 of size 64 [ 19.813158] The buggy address is located 4 bytes inside of [ 19.813158] allocated 64-byte region [fff00000c77ced80, fff00000c77cedc0) [ 19.813292] [ 19.813337] The buggy address belongs to the physical page: [ 19.813403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ce [ 19.813514] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.813684] page_type: f5(slab) [ 19.813782] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.813886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.813985] page dumped because: kasan: bad access detected [ 19.814074] [ 19.814117] Memory state around the buggy address: [ 19.814193] fff00000c77cec80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.814297] fff00000c77ced00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.814399] >fff00000c77ced80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.814486] ^ [ 19.814590] fff00000c77cee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.814684] fff00000c77cee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.814774] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 19.774126] ================================================================== [ 19.774573] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.775200] Read of size 18446744073709551614 at addr fff00000c77ceb84 by task kunit_try_catch/180 [ 19.775533] [ 19.775768] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.775905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.775944] Hardware name: linux,dummy-virt (DT) [ 19.775978] Call trace: [ 19.776004] show_stack+0x20/0x38 (C) [ 19.776161] dump_stack_lvl+0x8c/0xd0 [ 19.776294] print_report+0x118/0x608 [ 19.776397] kasan_report+0xdc/0x128 [ 19.776526] kasan_check_range+0x100/0x1a8 [ 19.776648] __asan_memmove+0x3c/0x98 [ 19.776744] kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.776864] kunit_try_run_case+0x170/0x3f0 [ 19.776984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.777161] kthread+0x328/0x630 [ 19.777289] ret_from_fork+0x10/0x20 [ 19.777404] [ 19.777467] Allocated by task 180: [ 19.777557] kasan_save_stack+0x3c/0x68 [ 19.777647] kasan_save_track+0x20/0x40 [ 19.777974] kasan_save_alloc_info+0x40/0x58 [ 19.778095] __kasan_kmalloc+0xd4/0xd8 [ 19.778179] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.778669] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 19.778826] kunit_try_run_case+0x170/0x3f0 [ 19.778928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.779016] kthread+0x328/0x630 [ 19.779104] ret_from_fork+0x10/0x20 [ 19.779181] [ 19.779225] The buggy address belongs to the object at fff00000c77ceb80 [ 19.779225] which belongs to the cache kmalloc-64 of size 64 [ 19.779440] The buggy address is located 4 bytes inside of [ 19.779440] 64-byte region [fff00000c77ceb80, fff00000c77cebc0) [ 19.779618] [ 19.779661] The buggy address belongs to the physical page: [ 19.779766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ce [ 19.779915] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.780062] page_type: f5(slab) [ 19.780189] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.780308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.780405] page dumped because: kasan: bad access detected [ 19.780478] [ 19.780532] Memory state around the buggy address: [ 19.780652] fff00000c77cea80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 19.780777] fff00000c77ceb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.780886] >fff00000c77ceb80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.780999] ^ [ 19.781342] fff00000c77cec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.781437] fff00000c77cec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.781525] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 19.751647] ================================================================== [ 19.751957] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 19.752087] Write of size 16 at addr fff00000c6345d69 by task kunit_try_catch/178 [ 19.752196] [ 19.752318] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.752824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.753149] Hardware name: linux,dummy-virt (DT) [ 19.753330] Call trace: [ 19.753458] show_stack+0x20/0x38 (C) [ 19.753831] dump_stack_lvl+0x8c/0xd0 [ 19.754104] print_report+0x118/0x608 [ 19.754338] kasan_report+0xdc/0x128 [ 19.754534] kasan_check_range+0x100/0x1a8 [ 19.754855] __asan_memset+0x34/0x78 [ 19.754943] kmalloc_oob_memset_16+0x150/0x2f8 [ 19.755045] kunit_try_run_case+0x170/0x3f0 [ 19.755133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.755279] kthread+0x328/0x630 [ 19.755376] ret_from_fork+0x10/0x20 [ 19.755492] [ 19.755531] Allocated by task 178: [ 19.755591] kasan_save_stack+0x3c/0x68 [ 19.755678] kasan_save_track+0x20/0x40 [ 19.755760] kasan_save_alloc_info+0x40/0x58 [ 19.755845] __kasan_kmalloc+0xd4/0xd8 [ 19.755952] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.756060] kmalloc_oob_memset_16+0xb0/0x2f8 [ 19.756146] kunit_try_run_case+0x170/0x3f0 [ 19.756226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.756330] kthread+0x328/0x630 [ 19.756398] ret_from_fork+0x10/0x20 [ 19.756474] [ 19.756531] The buggy address belongs to the object at fff00000c6345d00 [ 19.756531] which belongs to the cache kmalloc-128 of size 128 [ 19.756676] The buggy address is located 105 bytes inside of [ 19.756676] allocated 120-byte region [fff00000c6345d00, fff00000c6345d78) [ 19.756825] [ 19.756869] The buggy address belongs to the physical page: [ 19.756939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.757080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.757202] page_type: f5(slab) [ 19.757285] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.757389] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.757478] page dumped because: kasan: bad access detected [ 19.757545] [ 19.757584] Memory state around the buggy address: [ 19.757656] fff00000c6345c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.758281] fff00000c6345c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.758636] >fff00000c6345d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.758737] ^ [ 19.758833] fff00000c6345d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.758941] fff00000c6345e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.759078] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 19.733474] ================================================================== [ 19.733726] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 19.733834] Write of size 8 at addr fff00000c6345c71 by task kunit_try_catch/176 [ 19.734152] [ 19.734274] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.734514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.734589] Hardware name: linux,dummy-virt (DT) [ 19.734651] Call trace: [ 19.734693] show_stack+0x20/0x38 (C) [ 19.734814] dump_stack_lvl+0x8c/0xd0 [ 19.734910] print_report+0x118/0x608 [ 19.735057] kasan_report+0xdc/0x128 [ 19.735187] kasan_check_range+0x100/0x1a8 [ 19.735286] __asan_memset+0x34/0x78 [ 19.735382] kmalloc_oob_memset_8+0x150/0x2f8 [ 19.735511] kunit_try_run_case+0x170/0x3f0 [ 19.735665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.735827] kthread+0x328/0x630 [ 19.735922] ret_from_fork+0x10/0x20 [ 19.736042] [ 19.736088] Allocated by task 176: [ 19.736151] kasan_save_stack+0x3c/0x68 [ 19.736239] kasan_save_track+0x20/0x40 [ 19.736317] kasan_save_alloc_info+0x40/0x58 [ 19.736406] __kasan_kmalloc+0xd4/0xd8 [ 19.736495] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.736598] kmalloc_oob_memset_8+0xb0/0x2f8 [ 19.736728] kunit_try_run_case+0x170/0x3f0 [ 19.736847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.736946] kthread+0x328/0x630 [ 19.737016] ret_from_fork+0x10/0x20 [ 19.737100] [ 19.737141] The buggy address belongs to the object at fff00000c6345c00 [ 19.737141] which belongs to the cache kmalloc-128 of size 128 [ 19.737500] The buggy address is located 113 bytes inside of [ 19.737500] allocated 120-byte region [fff00000c6345c00, fff00000c6345c78) [ 19.737630] [ 19.737837] The buggy address belongs to the physical page: [ 19.737931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.738068] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.738176] page_type: f5(slab) [ 19.738258] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.738367] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.738458] page dumped because: kasan: bad access detected [ 19.738680] [ 19.738757] Memory state around the buggy address: [ 19.738849] fff00000c6345b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.738999] fff00000c6345b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.739162] >fff00000c6345c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.739248] ^ [ 19.739387] fff00000c6345c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.739493] fff00000c6345d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.739576] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 19.710004] ================================================================== [ 19.710552] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 19.710732] Write of size 4 at addr fff00000c6345b75 by task kunit_try_catch/174 [ 19.711056] [ 19.711168] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.711400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.711453] Hardware name: linux,dummy-virt (DT) [ 19.711518] Call trace: [ 19.711566] show_stack+0x20/0x38 (C) [ 19.711924] dump_stack_lvl+0x8c/0xd0 [ 19.712078] print_report+0x118/0x608 [ 19.712203] kasan_report+0xdc/0x128 [ 19.712365] kasan_check_range+0x100/0x1a8 [ 19.712494] __asan_memset+0x34/0x78 [ 19.712600] kmalloc_oob_memset_4+0x150/0x300 [ 19.712753] kunit_try_run_case+0x170/0x3f0 [ 19.712902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.713014] kthread+0x328/0x630 [ 19.713120] ret_from_fork+0x10/0x20 [ 19.713220] [ 19.713271] Allocated by task 174: [ 19.713359] kasan_save_stack+0x3c/0x68 [ 19.713479] kasan_save_track+0x20/0x40 [ 19.713587] kasan_save_alloc_info+0x40/0x58 [ 19.713686] __kasan_kmalloc+0xd4/0xd8 [ 19.713751] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.713828] kmalloc_oob_memset_4+0xb0/0x300 [ 19.713904] kunit_try_run_case+0x170/0x3f0 [ 19.714370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.714497] kthread+0x328/0x630 [ 19.714564] ret_from_fork+0x10/0x20 [ 19.714795] [ 19.714913] The buggy address belongs to the object at fff00000c6345b00 [ 19.714913] which belongs to the cache kmalloc-128 of size 128 [ 19.715088] The buggy address is located 117 bytes inside of [ 19.715088] allocated 120-byte region [fff00000c6345b00, fff00000c6345b78) [ 19.715261] [ 19.715326] The buggy address belongs to the physical page: [ 19.715400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.715506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.715838] page_type: f5(slab) [ 19.715928] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.716053] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.716145] page dumped because: kasan: bad access detected [ 19.716212] [ 19.716249] Memory state around the buggy address: [ 19.716317] fff00000c6345a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.716413] fff00000c6345a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.716670] >fff00000c6345b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.716772] ^ [ 19.716892] fff00000c6345b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.717439] fff00000c6345c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.717598] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 19.679988] ================================================================== [ 19.680143] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 19.680253] Write of size 2 at addr fff00000c6345a77 by task kunit_try_catch/172 [ 19.680353] [ 19.680422] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.680614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.680675] Hardware name: linux,dummy-virt (DT) [ 19.680753] Call trace: [ 19.680807] show_stack+0x20/0x38 (C) [ 19.680914] dump_stack_lvl+0x8c/0xd0 [ 19.681039] print_report+0x118/0x608 [ 19.681127] kasan_report+0xdc/0x128 [ 19.681218] kasan_check_range+0x100/0x1a8 [ 19.681322] __asan_memset+0x34/0x78 [ 19.681601] kmalloc_oob_memset_2+0x150/0x2f8 [ 19.682040] kunit_try_run_case+0x170/0x3f0 [ 19.682317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.682525] kthread+0x328/0x630 [ 19.682654] ret_from_fork+0x10/0x20 [ 19.682801] [ 19.682860] Allocated by task 172: [ 19.682950] kasan_save_stack+0x3c/0x68 [ 19.683351] kasan_save_track+0x20/0x40 [ 19.683626] kasan_save_alloc_info+0x40/0x58 [ 19.683752] __kasan_kmalloc+0xd4/0xd8 [ 19.683965] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.684063] kmalloc_oob_memset_2+0xb0/0x2f8 [ 19.684237] kunit_try_run_case+0x170/0x3f0 [ 19.684346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.684630] kthread+0x328/0x630 [ 19.684979] ret_from_fork+0x10/0x20 [ 19.685605] [ 19.685719] The buggy address belongs to the object at fff00000c6345a00 [ 19.685719] which belongs to the cache kmalloc-128 of size 128 [ 19.685868] The buggy address is located 119 bytes inside of [ 19.685868] allocated 120-byte region [fff00000c6345a00, fff00000c6345a78) [ 19.686006] [ 19.686058] The buggy address belongs to the physical page: [ 19.686112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.686219] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.686322] page_type: f5(slab) [ 19.686404] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.686514] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.686602] page dumped because: kasan: bad access detected [ 19.686670] [ 19.687912] Memory state around the buggy address: [ 19.688554] fff00000c6345900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.688907] fff00000c6345980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.689017] >fff00000c6345a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.689214] ^ [ 19.689429] fff00000c6345a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.689930] fff00000c6345b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.690042] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 19.659798] ================================================================== [ 19.659933] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 19.661623] Write of size 128 at addr fff00000c6345900 by task kunit_try_catch/170 [ 19.661814] [ 19.661896] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.662096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.662160] Hardware name: linux,dummy-virt (DT) [ 19.662236] Call trace: [ 19.662292] show_stack+0x20/0x38 (C) [ 19.662432] dump_stack_lvl+0x8c/0xd0 [ 19.662596] print_report+0x118/0x608 [ 19.662698] kasan_report+0xdc/0x128 [ 19.662784] kasan_check_range+0x100/0x1a8 [ 19.662893] __asan_memset+0x34/0x78 [ 19.662978] kmalloc_oob_in_memset+0x144/0x2d0 [ 19.663089] kunit_try_run_case+0x170/0x3f0 [ 19.663186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.663414] kthread+0x328/0x630 [ 19.663700] ret_from_fork+0x10/0x20 [ 19.663864] [ 19.663928] Allocated by task 170: [ 19.664017] kasan_save_stack+0x3c/0x68 [ 19.664162] kasan_save_track+0x20/0x40 [ 19.664247] kasan_save_alloc_info+0x40/0x58 [ 19.664349] __kasan_kmalloc+0xd4/0xd8 [ 19.664428] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.664521] kmalloc_oob_in_memset+0xb0/0x2d0 [ 19.664615] kunit_try_run_case+0x170/0x3f0 [ 19.664696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.664788] kthread+0x328/0x630 [ 19.664868] ret_from_fork+0x10/0x20 [ 19.664977] [ 19.665043] The buggy address belongs to the object at fff00000c6345900 [ 19.665043] which belongs to the cache kmalloc-128 of size 128 [ 19.665153] The buggy address is located 0 bytes inside of [ 19.665153] allocated 120-byte region [fff00000c6345900, fff00000c6345978) [ 19.665283] [ 19.665332] The buggy address belongs to the physical page: [ 19.665597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.666154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.666471] page_type: f5(slab) [ 19.666561] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.666664] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.666949] page dumped because: kasan: bad access detected [ 19.667037] [ 19.667077] Memory state around the buggy address: [ 19.667174] fff00000c6345800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.667294] fff00000c6345880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.667424] >fff00000c6345900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.667526] ^ [ 19.667677] fff00000c6345980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.667825] fff00000c6345a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.667906] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 19.640177] ================================================================== [ 19.640317] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 19.640442] Read of size 16 at addr fff00000c6191520 by task kunit_try_catch/168 [ 19.640913] [ 19.641102] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.641301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.641363] Hardware name: linux,dummy-virt (DT) [ 19.641429] Call trace: [ 19.641474] show_stack+0x20/0x38 (C) [ 19.641902] dump_stack_lvl+0x8c/0xd0 [ 19.642139] print_report+0x118/0x608 [ 19.642327] kasan_report+0xdc/0x128 [ 19.642518] __asan_report_load16_noabort+0x20/0x30 [ 19.642618] kmalloc_uaf_16+0x3bc/0x438 [ 19.642922] kunit_try_run_case+0x170/0x3f0 [ 19.643047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.643167] kthread+0x328/0x630 [ 19.643344] ret_from_fork+0x10/0x20 [ 19.643525] [ 19.643583] Allocated by task 168: [ 19.643749] kasan_save_stack+0x3c/0x68 [ 19.643847] kasan_save_track+0x20/0x40 [ 19.643988] kasan_save_alloc_info+0x40/0x58 [ 19.644406] __kasan_kmalloc+0xd4/0xd8 [ 19.644526] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.644626] kmalloc_uaf_16+0x140/0x438 [ 19.644833] kunit_try_run_case+0x170/0x3f0 [ 19.645122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.645543] kthread+0x328/0x630 [ 19.645994] ret_from_fork+0x10/0x20 [ 19.646093] [ 19.646309] Freed by task 168: [ 19.646579] kasan_save_stack+0x3c/0x68 [ 19.646666] kasan_save_track+0x20/0x40 [ 19.646748] kasan_save_free_info+0x4c/0x78 [ 19.646894] __kasan_slab_free+0x6c/0x98 [ 19.647145] kfree+0x214/0x3c8 [ 19.647439] kmalloc_uaf_16+0x190/0x438 [ 19.647530] kunit_try_run_case+0x170/0x3f0 [ 19.647610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.647797] kthread+0x328/0x630 [ 19.647882] ret_from_fork+0x10/0x20 [ 19.648051] [ 19.648105] The buggy address belongs to the object at fff00000c6191520 [ 19.648105] which belongs to the cache kmalloc-16 of size 16 [ 19.648243] The buggy address is located 0 bytes inside of [ 19.648243] freed 16-byte region [fff00000c6191520, fff00000c6191530) [ 19.648372] [ 19.648414] The buggy address belongs to the physical page: [ 19.648494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 19.648637] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.648748] page_type: f5(slab) [ 19.648832] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.648950] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.649058] page dumped because: kasan: bad access detected [ 19.649127] [ 19.649166] Memory state around the buggy address: [ 19.649241] fff00000c6191400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.649344] fff00000c6191480: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.649443] >fff00000c6191500: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 19.649526] ^ [ 19.649601] fff00000c6191580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.649861] fff00000c6191600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.649948] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 19.615462] ================================================================== [ 19.615617] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 19.615866] Write of size 16 at addr fff00000c61914c0 by task kunit_try_catch/166 [ 19.615968] [ 19.616057] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.616210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.616267] Hardware name: linux,dummy-virt (DT) [ 19.616333] Call trace: [ 19.616638] show_stack+0x20/0x38 (C) [ 19.616779] dump_stack_lvl+0x8c/0xd0 [ 19.616895] print_report+0x118/0x608 [ 19.616994] kasan_report+0xdc/0x128 [ 19.617107] __asan_report_store16_noabort+0x20/0x30 [ 19.617548] kmalloc_oob_16+0x3a0/0x3f8 [ 19.617665] kunit_try_run_case+0x170/0x3f0 [ 19.617777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.618510] kthread+0x328/0x630 [ 19.618938] ret_from_fork+0x10/0x20 [ 19.619071] [ 19.619110] Allocated by task 166: [ 19.619168] kasan_save_stack+0x3c/0x68 [ 19.619426] kasan_save_track+0x20/0x40 [ 19.619516] kasan_save_alloc_info+0x40/0x58 [ 19.619598] __kasan_kmalloc+0xd4/0xd8 [ 19.619831] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.619946] kmalloc_oob_16+0xb4/0x3f8 [ 19.620039] kunit_try_run_case+0x170/0x3f0 [ 19.620307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.620409] kthread+0x328/0x630 [ 19.620502] ret_from_fork+0x10/0x20 [ 19.620589] [ 19.620635] The buggy address belongs to the object at fff00000c61914c0 [ 19.620635] which belongs to the cache kmalloc-16 of size 16 [ 19.620758] The buggy address is located 0 bytes inside of [ 19.620758] allocated 13-byte region [fff00000c61914c0, fff00000c61914cd) [ 19.620892] [ 19.620998] The buggy address belongs to the physical page: [ 19.621080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 19.621506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.621618] page_type: f5(slab) [ 19.621969] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.622099] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.622240] page dumped because: kasan: bad access detected [ 19.622378] [ 19.622419] Memory state around the buggy address: [ 19.622554] fff00000c6191380: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.622708] fff00000c6191400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.622798] >fff00000c6191480: 00 04 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 19.622888] ^ [ 19.622967] fff00000c6191500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.623462] fff00000c6191580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.623563] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 19.592355] ================================================================== [ 19.592469] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 19.592587] Read of size 1 at addr fff00000c17b3400 by task kunit_try_catch/164 [ 19.592698] [ 19.592774] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.592968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.593057] Hardware name: linux,dummy-virt (DT) [ 19.593132] Call trace: [ 19.593203] show_stack+0x20/0x38 (C) [ 19.593363] dump_stack_lvl+0x8c/0xd0 [ 19.593479] print_report+0x118/0x608 [ 19.593645] kasan_report+0xdc/0x128 [ 19.594165] __asan_report_load1_noabort+0x20/0x30 [ 19.594841] krealloc_uaf+0x4c8/0x520 [ 19.595332] kunit_try_run_case+0x170/0x3f0 [ 19.595544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.595734] kthread+0x328/0x630 [ 19.595854] ret_from_fork+0x10/0x20 [ 19.595960] [ 19.595999] Allocated by task 164: [ 19.596094] kasan_save_stack+0x3c/0x68 [ 19.596221] kasan_save_track+0x20/0x40 [ 19.596334] kasan_save_alloc_info+0x40/0x58 [ 19.596455] __kasan_kmalloc+0xd4/0xd8 [ 19.596583] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.596713] krealloc_uaf+0xc8/0x520 [ 19.596797] kunit_try_run_case+0x170/0x3f0 [ 19.596882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.596987] kthread+0x328/0x630 [ 19.597117] ret_from_fork+0x10/0x20 [ 19.597241] [ 19.597282] Freed by task 164: [ 19.597339] kasan_save_stack+0x3c/0x68 [ 19.597419] kasan_save_track+0x20/0x40 [ 19.597497] kasan_save_free_info+0x4c/0x78 [ 19.597581] __kasan_slab_free+0x6c/0x98 [ 19.597660] kfree+0x214/0x3c8 [ 19.597765] krealloc_uaf+0x12c/0x520 [ 19.597837] kunit_try_run_case+0x170/0x3f0 [ 19.597917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.598095] kthread+0x328/0x630 [ 19.598165] ret_from_fork+0x10/0x20 [ 19.598267] [ 19.598307] The buggy address belongs to the object at fff00000c17b3400 [ 19.598307] which belongs to the cache kmalloc-256 of size 256 [ 19.598427] The buggy address is located 0 bytes inside of [ 19.598427] freed 256-byte region [fff00000c17b3400, fff00000c17b3500) [ 19.598567] [ 19.598605] The buggy address belongs to the physical page: [ 19.598665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b2 [ 19.598764] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.598854] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.598967] page_type: f5(slab) [ 19.599053] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.599155] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.599263] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.599365] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.599487] head: 0bfffe0000000001 ffffc1ffc305ec81 00000000ffffffff 00000000ffffffff [ 19.599638] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.599728] page dumped because: kasan: bad access detected [ 19.599798] [ 19.599832] Memory state around the buggy address: [ 19.599916] fff00000c17b3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.600102] fff00000c17b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.600266] >fff00000c17b3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.600349] ^ [ 19.600448] fff00000c17b3480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.600567] fff00000c17b3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.600648] ================================================================== [ 19.582582] ================================================================== [ 19.582771] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 19.582884] Read of size 1 at addr fff00000c17b3400 by task kunit_try_catch/164 [ 19.582988] [ 19.583358] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.583599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.583681] Hardware name: linux,dummy-virt (DT) [ 19.583760] Call trace: [ 19.583818] show_stack+0x20/0x38 (C) [ 19.583933] dump_stack_lvl+0x8c/0xd0 [ 19.584064] print_report+0x118/0x608 [ 19.584170] kasan_report+0xdc/0x128 [ 19.584266] __kasan_check_byte+0x54/0x70 [ 19.584367] krealloc_noprof+0x44/0x360 [ 19.584458] krealloc_uaf+0x180/0x520 [ 19.584682] kunit_try_run_case+0x170/0x3f0 [ 19.585727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.585877] kthread+0x328/0x630 [ 19.586008] ret_from_fork+0x10/0x20 [ 19.586103] [ 19.586125] Allocated by task 164: [ 19.586160] kasan_save_stack+0x3c/0x68 [ 19.586206] kasan_save_track+0x20/0x40 [ 19.586266] kasan_save_alloc_info+0x40/0x58 [ 19.586307] __kasan_kmalloc+0xd4/0xd8 [ 19.586343] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.586382] krealloc_uaf+0xc8/0x520 [ 19.586416] kunit_try_run_case+0x170/0x3f0 [ 19.586453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.586494] kthread+0x328/0x630 [ 19.586526] ret_from_fork+0x10/0x20 [ 19.586561] [ 19.586603] Freed by task 164: [ 19.586645] kasan_save_stack+0x3c/0x68 [ 19.586684] kasan_save_track+0x20/0x40 [ 19.586720] kasan_save_free_info+0x4c/0x78 [ 19.586758] __kasan_slab_free+0x6c/0x98 [ 19.586795] kfree+0x214/0x3c8 [ 19.586827] krealloc_uaf+0x12c/0x520 [ 19.586861] kunit_try_run_case+0x170/0x3f0 [ 19.586897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.586938] kthread+0x328/0x630 [ 19.586970] ret_from_fork+0x10/0x20 [ 19.587012] [ 19.587083] The buggy address belongs to the object at fff00000c17b3400 [ 19.587083] which belongs to the cache kmalloc-256 of size 256 [ 19.587301] The buggy address is located 0 bytes inside of [ 19.587301] freed 256-byte region [fff00000c17b3400, fff00000c17b3500) [ 19.587434] [ 19.587476] The buggy address belongs to the physical page: [ 19.587530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b2 [ 19.587628] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.587737] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.587895] page_type: f5(slab) [ 19.588010] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.588187] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.588302] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.588445] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.588630] head: 0bfffe0000000001 ffffc1ffc305ec81 00000000ffffffff 00000000ffffffff [ 19.588800] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.588911] page dumped because: kasan: bad access detected [ 19.588993] [ 19.590181] Memory state around the buggy address: [ 19.590295] fff00000c17b3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.590507] fff00000c17b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.590603] >fff00000c17b3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.590673] ^ [ 19.590756] fff00000c17b3480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.590858] fff00000c17b3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.590947] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 19.519998] ================================================================== [ 19.520143] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.520282] Write of size 1 at addr fff00000c656e0c9 by task kunit_try_catch/162 [ 19.520400] [ 19.520531] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.520748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.520810] Hardware name: linux,dummy-virt (DT) [ 19.520882] Call trace: [ 19.520927] show_stack+0x20/0x38 (C) [ 19.521017] dump_stack_lvl+0x8c/0xd0 [ 19.521131] print_report+0x118/0x608 [ 19.521230] kasan_report+0xdc/0x128 [ 19.521333] __asan_report_store1_noabort+0x20/0x30 [ 19.521440] krealloc_less_oob_helper+0xa48/0xc50 [ 19.521914] krealloc_large_less_oob+0x20/0x38 [ 19.522059] kunit_try_run_case+0x170/0x3f0 [ 19.522173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.522278] kthread+0x328/0x630 [ 19.522370] ret_from_fork+0x10/0x20 [ 19.522466] [ 19.522510] The buggy address belongs to the physical page: [ 19.522578] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656c [ 19.522772] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.522879] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.523005] page_type: f8(unknown) [ 19.523181] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.523309] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.523424] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.523532] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.523632] head: 0bfffe0000000002 ffffc1ffc3195b01 00000000ffffffff 00000000ffffffff [ 19.524201] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.524301] page dumped because: kasan: bad access detected [ 19.524413] [ 19.524550] Memory state around the buggy address: [ 19.524645] fff00000c656df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.524757] fff00000c656e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.524848] >fff00000c656e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.525264] ^ [ 19.525666] fff00000c656e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.525983] fff00000c656e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.526091] ================================================================== [ 19.442641] ================================================================== [ 19.442798] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.442935] Write of size 1 at addr fff00000c17b32ea by task kunit_try_catch/158 [ 19.443068] [ 19.443130] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.443282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.443675] Hardware name: linux,dummy-virt (DT) [ 19.443771] Call trace: [ 19.443818] show_stack+0x20/0x38 (C) [ 19.443920] dump_stack_lvl+0x8c/0xd0 [ 19.444036] print_report+0x118/0x608 [ 19.444143] kasan_report+0xdc/0x128 [ 19.444243] __asan_report_store1_noabort+0x20/0x30 [ 19.444348] krealloc_less_oob_helper+0xae4/0xc50 [ 19.444455] krealloc_less_oob+0x20/0x38 [ 19.444570] kunit_try_run_case+0x170/0x3f0 [ 19.444683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.444804] kthread+0x328/0x630 [ 19.444894] ret_from_fork+0x10/0x20 [ 19.444995] [ 19.445051] Allocated by task 158: [ 19.445123] kasan_save_stack+0x3c/0x68 [ 19.445204] kasan_save_track+0x20/0x40 [ 19.445402] kasan_save_alloc_info+0x40/0x58 [ 19.445745] __kasan_krealloc+0x118/0x178 [ 19.446003] krealloc_noprof+0x128/0x360 [ 19.446190] krealloc_less_oob_helper+0x168/0xc50 [ 19.446320] krealloc_less_oob+0x20/0x38 [ 19.446554] kunit_try_run_case+0x170/0x3f0 [ 19.446659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.446768] kthread+0x328/0x630 [ 19.446845] ret_from_fork+0x10/0x20 [ 19.446956] [ 19.447046] The buggy address belongs to the object at fff00000c17b3200 [ 19.447046] which belongs to the cache kmalloc-256 of size 256 [ 19.447224] The buggy address is located 33 bytes to the right of [ 19.447224] allocated 201-byte region [fff00000c17b3200, fff00000c17b32c9) [ 19.447358] [ 19.447403] The buggy address belongs to the physical page: [ 19.447469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b2 [ 19.447586] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.447687] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.447797] page_type: f5(slab) [ 19.447876] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.447992] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.448115] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.448232] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.448333] head: 0bfffe0000000001 ffffc1ffc305ec81 00000000ffffffff 00000000ffffffff [ 19.448840] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.449101] page dumped because: kasan: bad access detected [ 19.449350] [ 19.449445] Memory state around the buggy address: [ 19.449541] fff00000c17b3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.449629] fff00000c17b3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.449717] >fff00000c17b3280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.450061] ^ [ 19.450158] fff00000c17b3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.450235] fff00000c17b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.450449] ================================================================== [ 19.565328] ================================================================== [ 19.565411] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.565514] Write of size 1 at addr fff00000c656e0eb by task kunit_try_catch/162 [ 19.565630] [ 19.565751] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.565910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.565960] Hardware name: linux,dummy-virt (DT) [ 19.566056] Call trace: [ 19.566101] show_stack+0x20/0x38 (C) [ 19.566200] dump_stack_lvl+0x8c/0xd0 [ 19.566289] print_report+0x118/0x608 [ 19.566376] kasan_report+0xdc/0x128 [ 19.566470] __asan_report_store1_noabort+0x20/0x30 [ 19.566552] krealloc_less_oob_helper+0xa58/0xc50 [ 19.566624] krealloc_large_less_oob+0x20/0x38 [ 19.566717] kunit_try_run_case+0x170/0x3f0 [ 19.566831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.567011] kthread+0x328/0x630 [ 19.567158] ret_from_fork+0x10/0x20 [ 19.567306] [ 19.567367] The buggy address belongs to the physical page: [ 19.567457] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656c [ 19.567577] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.567716] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.567826] page_type: f8(unknown) [ 19.567924] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.568098] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.568344] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.568763] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.568864] head: 0bfffe0000000002 ffffc1ffc3195b01 00000000ffffffff 00000000ffffffff [ 19.569184] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.569275] page dumped because: kasan: bad access detected [ 19.569350] [ 19.569409] Memory state around the buggy address: [ 19.569563] fff00000c656df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.569658] fff00000c656e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.569764] >fff00000c656e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.569846] ^ [ 19.569989] fff00000c656e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.570153] fff00000c656e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.570231] ================================================================== [ 19.413629] ================================================================== [ 19.413809] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.413909] Write of size 1 at addr fff00000c17b32c9 by task kunit_try_catch/158 [ 19.414046] [ 19.414150] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.414391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.414466] Hardware name: linux,dummy-virt (DT) [ 19.414645] Call trace: [ 19.414712] show_stack+0x20/0x38 (C) [ 19.414824] dump_stack_lvl+0x8c/0xd0 [ 19.414927] print_report+0x118/0x608 [ 19.415078] kasan_report+0xdc/0x128 [ 19.415194] __asan_report_store1_noabort+0x20/0x30 [ 19.415378] krealloc_less_oob_helper+0xa48/0xc50 [ 19.415557] krealloc_less_oob+0x20/0x38 [ 19.415644] kunit_try_run_case+0x170/0x3f0 [ 19.415734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.415840] kthread+0x328/0x630 [ 19.415959] ret_from_fork+0x10/0x20 [ 19.416223] [ 19.416265] Allocated by task 158: [ 19.416344] kasan_save_stack+0x3c/0x68 [ 19.416438] kasan_save_track+0x20/0x40 [ 19.416530] kasan_save_alloc_info+0x40/0x58 [ 19.416625] __kasan_krealloc+0x118/0x178 [ 19.416711] krealloc_noprof+0x128/0x360 [ 19.416790] krealloc_less_oob_helper+0x168/0xc50 [ 19.416876] krealloc_less_oob+0x20/0x38 [ 19.416947] kunit_try_run_case+0x170/0x3f0 [ 19.417042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.417139] kthread+0x328/0x630 [ 19.417210] ret_from_fork+0x10/0x20 [ 19.417286] [ 19.417325] The buggy address belongs to the object at fff00000c17b3200 [ 19.417325] which belongs to the cache kmalloc-256 of size 256 [ 19.417457] The buggy address is located 0 bytes to the right of [ 19.417457] allocated 201-byte region [fff00000c17b3200, fff00000c17b32c9) [ 19.417656] [ 19.418114] The buggy address belongs to the physical page: [ 19.418452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b2 [ 19.418615] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.418730] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.418874] page_type: f5(slab) [ 19.418960] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.419069] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.419169] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.419464] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.419616] head: 0bfffe0000000001 ffffc1ffc305ec81 00000000ffffffff 00000000ffffffff [ 19.419793] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.419889] page dumped because: kasan: bad access detected [ 19.419978] [ 19.420079] Memory state around the buggy address: [ 19.420202] fff00000c17b3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.420342] fff00000c17b3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.420440] >fff00000c17b3280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.420527] ^ [ 19.420606] fff00000c17b3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.420709] fff00000c17b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.420811] ================================================================== [ 19.432735] ================================================================== [ 19.432889] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.433036] Write of size 1 at addr fff00000c17b32da by task kunit_try_catch/158 [ 19.433190] [ 19.433272] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.433440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.433499] Hardware name: linux,dummy-virt (DT) [ 19.433568] Call trace: [ 19.433612] show_stack+0x20/0x38 (C) [ 19.433714] dump_stack_lvl+0x8c/0xd0 [ 19.433802] print_report+0x118/0x608 [ 19.433897] kasan_report+0xdc/0x128 [ 19.434341] __asan_report_store1_noabort+0x20/0x30 [ 19.434450] krealloc_less_oob_helper+0xa80/0xc50 [ 19.434559] krealloc_less_oob+0x20/0x38 [ 19.434663] kunit_try_run_case+0x170/0x3f0 [ 19.435713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.435916] kthread+0x328/0x630 [ 19.436006] ret_from_fork+0x10/0x20 [ 19.436132] [ 19.436199] Allocated by task 158: [ 19.436288] kasan_save_stack+0x3c/0x68 [ 19.436409] kasan_save_track+0x20/0x40 [ 19.436697] kasan_save_alloc_info+0x40/0x58 [ 19.436889] __kasan_krealloc+0x118/0x178 [ 19.437014] krealloc_noprof+0x128/0x360 [ 19.437142] krealloc_less_oob_helper+0x168/0xc50 [ 19.437230] krealloc_less_oob+0x20/0x38 [ 19.437301] kunit_try_run_case+0x170/0x3f0 [ 19.437378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.437473] kthread+0x328/0x630 [ 19.437542] ret_from_fork+0x10/0x20 [ 19.437618] [ 19.437660] The buggy address belongs to the object at fff00000c17b3200 [ 19.437660] which belongs to the cache kmalloc-256 of size 256 [ 19.437780] The buggy address is located 17 bytes to the right of [ 19.437780] allocated 201-byte region [fff00000c17b3200, fff00000c17b32c9) [ 19.437922] [ 19.437962] The buggy address belongs to the physical page: [ 19.438051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b2 [ 19.438156] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.438825] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.438993] page_type: f5(slab) [ 19.439078] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.439371] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.439488] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.439630] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.439740] head: 0bfffe0000000001 ffffc1ffc305ec81 00000000ffffffff 00000000ffffffff [ 19.439849] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.439937] page dumped because: kasan: bad access detected [ 19.440002] [ 19.440052] Memory state around the buggy address: [ 19.440121] fff00000c17b3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.440219] fff00000c17b3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.440316] >fff00000c17b3280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.440399] ^ [ 19.440481] fff00000c17b3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.440591] fff00000c17b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.440683] ================================================================== [ 19.425208] ================================================================== [ 19.425452] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.425906] Write of size 1 at addr fff00000c17b32d0 by task kunit_try_catch/158 [ 19.426222] [ 19.426385] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.426660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.426935] Hardware name: linux,dummy-virt (DT) [ 19.427016] Call trace: [ 19.427091] show_stack+0x20/0x38 (C) [ 19.427224] dump_stack_lvl+0x8c/0xd0 [ 19.427313] print_report+0x118/0x608 [ 19.427380] kasan_report+0xdc/0x128 [ 19.427433] __asan_report_store1_noabort+0x20/0x30 [ 19.427480] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.427528] krealloc_less_oob+0x20/0x38 [ 19.427572] kunit_try_run_case+0x170/0x3f0 [ 19.427620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.427671] kthread+0x328/0x630 [ 19.427712] ret_from_fork+0x10/0x20 [ 19.427759] [ 19.427779] Allocated by task 158: [ 19.427809] kasan_save_stack+0x3c/0x68 [ 19.427853] kasan_save_track+0x20/0x40 [ 19.427890] kasan_save_alloc_info+0x40/0x58 [ 19.427928] __kasan_krealloc+0x118/0x178 [ 19.427964] krealloc_noprof+0x128/0x360 [ 19.428000] krealloc_less_oob_helper+0x168/0xc50 [ 19.428070] krealloc_less_oob+0x20/0x38 [ 19.428142] kunit_try_run_case+0x170/0x3f0 [ 19.428243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.428334] kthread+0x328/0x630 [ 19.428402] ret_from_fork+0x10/0x20 [ 19.428474] [ 19.428522] The buggy address belongs to the object at fff00000c17b3200 [ 19.428522] which belongs to the cache kmalloc-256 of size 256 [ 19.428669] The buggy address is located 7 bytes to the right of [ 19.428669] allocated 201-byte region [fff00000c17b3200, fff00000c17b32c9) [ 19.428871] [ 19.428929] The buggy address belongs to the physical page: [ 19.428990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b2 [ 19.429139] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.429258] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.429417] page_type: f5(slab) [ 19.429528] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.429639] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.429731] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.429829] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.430193] head: 0bfffe0000000001 ffffc1ffc305ec81 00000000ffffffff 00000000ffffffff [ 19.430289] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.430372] page dumped because: kasan: bad access detected [ 19.430432] [ 19.430463] Memory state around the buggy address: [ 19.430835] fff00000c17b3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.430993] fff00000c17b3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.431143] >fff00000c17b3280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.431231] ^ [ 19.431311] fff00000c17b3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.431404] fff00000c17b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.431486] ================================================================== [ 19.529695] ================================================================== [ 19.529820] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.529934] Write of size 1 at addr fff00000c656e0d0 by task kunit_try_catch/162 [ 19.530055] [ 19.530123] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.530306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.530371] Hardware name: linux,dummy-virt (DT) [ 19.530438] Call trace: [ 19.530497] show_stack+0x20/0x38 (C) [ 19.530616] dump_stack_lvl+0x8c/0xd0 [ 19.532386] print_report+0x118/0x608 [ 19.533331] kasan_report+0xdc/0x128 [ 19.534491] __asan_report_store1_noabort+0x20/0x30 [ 19.534614] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.535633] krealloc_large_less_oob+0x20/0x38 [ 19.535790] kunit_try_run_case+0x170/0x3f0 [ 19.537879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.538002] kthread+0x328/0x630 [ 19.539984] ret_from_fork+0x10/0x20 [ 19.540940] [ 19.541782] The buggy address belongs to the physical page: [ 19.541863] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656c [ 19.541988] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.544051] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.545051] page_type: f8(unknown) [ 19.545572] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.545933] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.546203] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.546894] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.547513] head: 0bfffe0000000002 ffffc1ffc3195b01 00000000ffffffff 00000000ffffffff [ 19.547763] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.548242] page dumped because: kasan: bad access detected [ 19.548522] [ 19.548578] Memory state around the buggy address: [ 19.548664] fff00000c656df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.549712] fff00000c656e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.549921] >fff00000c656e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.549990] ^ [ 19.550101] fff00000c656e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.551684] fff00000c656e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.551806] ================================================================== [ 19.554598] ================================================================== [ 19.554805] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.554936] Write of size 1 at addr fff00000c656e0da by task kunit_try_catch/162 [ 19.555446] [ 19.555608] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.555880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.555940] Hardware name: linux,dummy-virt (DT) [ 19.556398] Call trace: [ 19.556522] show_stack+0x20/0x38 (C) [ 19.556675] dump_stack_lvl+0x8c/0xd0 [ 19.556847] print_report+0x118/0x608 [ 19.556950] kasan_report+0xdc/0x128 [ 19.557056] __asan_report_store1_noabort+0x20/0x30 [ 19.557167] krealloc_less_oob_helper+0xa80/0xc50 [ 19.557305] krealloc_large_less_oob+0x20/0x38 [ 19.557451] kunit_try_run_case+0x170/0x3f0 [ 19.557596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.557758] kthread+0x328/0x630 [ 19.557844] ret_from_fork+0x10/0x20 [ 19.557946] [ 19.558010] The buggy address belongs to the physical page: [ 19.558099] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656c [ 19.558219] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.558324] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.558429] page_type: f8(unknown) [ 19.558497] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.558620] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.558718] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.558805] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.558896] head: 0bfffe0000000002 ffffc1ffc3195b01 00000000ffffffff 00000000ffffffff [ 19.558990] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.559147] page dumped because: kasan: bad access detected [ 19.559216] [ 19.559256] Memory state around the buggy address: [ 19.559325] fff00000c656df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.559419] fff00000c656e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.559510] >fff00000c656e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.559599] ^ [ 19.559712] fff00000c656e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.559819] fff00000c656e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.559909] ================================================================== [ 19.560903] ================================================================== [ 19.561038] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.561152] Write of size 1 at addr fff00000c656e0ea by task kunit_try_catch/162 [ 19.561263] [ 19.561338] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.561510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.561567] Hardware name: linux,dummy-virt (DT) [ 19.561633] Call trace: [ 19.561734] show_stack+0x20/0x38 (C) [ 19.561832] dump_stack_lvl+0x8c/0xd0 [ 19.561916] print_report+0x118/0x608 [ 19.561999] kasan_report+0xdc/0x128 [ 19.562110] __asan_report_store1_noabort+0x20/0x30 [ 19.562241] krealloc_less_oob_helper+0xae4/0xc50 [ 19.562387] krealloc_large_less_oob+0x20/0x38 [ 19.562517] kunit_try_run_case+0x170/0x3f0 [ 19.562604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.562719] kthread+0x328/0x630 [ 19.562798] ret_from_fork+0x10/0x20 [ 19.562891] [ 19.562928] The buggy address belongs to the physical page: [ 19.562981] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656c [ 19.563102] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.563187] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.563285] page_type: f8(unknown) [ 19.563399] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.563520] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.563648] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.563772] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.563918] head: 0bfffe0000000002 ffffc1ffc3195b01 00000000ffffffff 00000000ffffffff [ 19.564080] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.564200] page dumped because: kasan: bad access detected [ 19.564260] [ 19.564296] Memory state around the buggy address: [ 19.564366] fff00000c656df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.564509] fff00000c656e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.564610] >fff00000c656e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.564729] ^ [ 19.564850] fff00000c656e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.564942] fff00000c656e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.565036] ================================================================== [ 19.451862] ================================================================== [ 19.451968] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.452093] Write of size 1 at addr fff00000c17b32eb by task kunit_try_catch/158 [ 19.452200] [ 19.452261] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.452437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.452509] Hardware name: linux,dummy-virt (DT) [ 19.452586] Call trace: [ 19.452636] show_stack+0x20/0x38 (C) [ 19.452745] dump_stack_lvl+0x8c/0xd0 [ 19.452861] print_report+0x118/0x608 [ 19.452974] kasan_report+0xdc/0x128 [ 19.453790] __asan_report_store1_noabort+0x20/0x30 [ 19.454115] krealloc_less_oob_helper+0xa58/0xc50 [ 19.454220] krealloc_less_oob+0x20/0x38 [ 19.454355] kunit_try_run_case+0x170/0x3f0 [ 19.454502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.454686] kthread+0x328/0x630 [ 19.454800] ret_from_fork+0x10/0x20 [ 19.454982] [ 19.455042] Allocated by task 158: [ 19.455104] kasan_save_stack+0x3c/0x68 [ 19.455190] kasan_save_track+0x20/0x40 [ 19.455292] kasan_save_alloc_info+0x40/0x58 [ 19.455379] __kasan_krealloc+0x118/0x178 [ 19.455463] krealloc_noprof+0x128/0x360 [ 19.455574] krealloc_less_oob_helper+0x168/0xc50 [ 19.455656] krealloc_less_oob+0x20/0x38 [ 19.455730] kunit_try_run_case+0x170/0x3f0 [ 19.455811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.455925] kthread+0x328/0x630 [ 19.455999] ret_from_fork+0x10/0x20 [ 19.456129] [ 19.456188] The buggy address belongs to the object at fff00000c17b3200 [ 19.456188] which belongs to the cache kmalloc-256 of size 256 [ 19.456334] The buggy address is located 34 bytes to the right of [ 19.456334] allocated 201-byte region [fff00000c17b3200, fff00000c17b32c9) [ 19.456510] [ 19.456559] The buggy address belongs to the physical page: [ 19.456630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b2 [ 19.456748] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.456850] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.456957] page_type: f5(slab) [ 19.457048] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.457148] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.457950] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.458142] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.458244] head: 0bfffe0000000001 ffffc1ffc305ec81 00000000ffffffff 00000000ffffffff [ 19.458556] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.458672] page dumped because: kasan: bad access detected [ 19.458740] [ 19.458777] Memory state around the buggy address: [ 19.458846] fff00000c17b3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.458941] fff00000c17b3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.459042] >fff00000c17b3280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.459137] ^ [ 19.459217] fff00000c17b3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.459430] fff00000c17b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.459511] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 19.396308] ================================================================== [ 19.396416] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.396537] Write of size 1 at addr fff00000c17b30f0 by task kunit_try_catch/156 [ 19.396650] [ 19.396718] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.396890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.396948] Hardware name: linux,dummy-virt (DT) [ 19.397017] Call trace: [ 19.397535] show_stack+0x20/0x38 (C) [ 19.397890] dump_stack_lvl+0x8c/0xd0 [ 19.398088] print_report+0x118/0x608 [ 19.398199] kasan_report+0xdc/0x128 [ 19.398360] __asan_report_store1_noabort+0x20/0x30 [ 19.398467] krealloc_more_oob_helper+0x5c0/0x678 [ 19.398554] krealloc_more_oob+0x20/0x38 [ 19.398645] kunit_try_run_case+0x170/0x3f0 [ 19.398744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.399293] kthread+0x328/0x630 [ 19.399741] ret_from_fork+0x10/0x20 [ 19.399871] [ 19.399936] Allocated by task 156: [ 19.399998] kasan_save_stack+0x3c/0x68 [ 19.400100] kasan_save_track+0x20/0x40 [ 19.400200] kasan_save_alloc_info+0x40/0x58 [ 19.400289] __kasan_krealloc+0x118/0x178 [ 19.400371] krealloc_noprof+0x128/0x360 [ 19.400463] krealloc_more_oob_helper+0x168/0x678 [ 19.400570] krealloc_more_oob+0x20/0x38 [ 19.400705] kunit_try_run_case+0x170/0x3f0 [ 19.400825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.400936] kthread+0x328/0x630 [ 19.401008] ret_from_fork+0x10/0x20 [ 19.401107] [ 19.401177] The buggy address belongs to the object at fff00000c17b3000 [ 19.401177] which belongs to the cache kmalloc-256 of size 256 [ 19.401319] The buggy address is located 5 bytes to the right of [ 19.401319] allocated 235-byte region [fff00000c17b3000, fff00000c17b30eb) [ 19.401486] [ 19.401549] The buggy address belongs to the physical page: [ 19.401653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b2 [ 19.401798] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.401922] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.402068] page_type: f5(slab) [ 19.402154] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.402627] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.402769] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.402891] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.403034] head: 0bfffe0000000001 ffffc1ffc305ec81 00000000ffffffff 00000000ffffffff [ 19.403184] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.403272] page dumped because: kasan: bad access detected [ 19.403341] [ 19.403380] Memory state around the buggy address: [ 19.403447] fff00000c17b2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.403537] fff00000c17b3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.403666] >fff00000c17b3080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.403751] ^ [ 19.403837] fff00000c17b3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.403929] fff00000c17b3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.404012] ================================================================== [ 19.473628] ================================================================== [ 19.474093] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.474479] Write of size 1 at addr fff00000c656e0eb by task kunit_try_catch/160 [ 19.474660] [ 19.474721] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.475005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.475086] Hardware name: linux,dummy-virt (DT) [ 19.475152] Call trace: [ 19.475198] show_stack+0x20/0x38 (C) [ 19.475592] dump_stack_lvl+0x8c/0xd0 [ 19.475790] print_report+0x118/0x608 [ 19.476113] kasan_report+0xdc/0x128 [ 19.476167] __asan_report_store1_noabort+0x20/0x30 [ 19.476217] krealloc_more_oob_helper+0x60c/0x678 [ 19.476286] krealloc_large_more_oob+0x20/0x38 [ 19.476347] kunit_try_run_case+0x170/0x3f0 [ 19.476397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.476449] kthread+0x328/0x630 [ 19.476507] ret_from_fork+0x10/0x20 [ 19.476564] [ 19.476589] The buggy address belongs to the physical page: [ 19.476623] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656c [ 19.476676] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.476723] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.476776] page_type: f8(unknown) [ 19.476817] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.476867] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.476914] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.476961] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.477008] head: 0bfffe0000000002 ffffc1ffc3195b01 00000000ffffffff 00000000ffffffff [ 19.477072] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.477111] page dumped because: kasan: bad access detected [ 19.477142] [ 19.477159] Memory state around the buggy address: [ 19.477191] fff00000c656df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.477232] fff00000c656e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.477273] >fff00000c656e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.477309] ^ [ 19.477347] fff00000c656e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.477387] fff00000c656e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.477423] ================================================================== [ 19.485296] ================================================================== [ 19.485406] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.485516] Write of size 1 at addr fff00000c656e0f0 by task kunit_try_catch/160 [ 19.485623] [ 19.487677] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.487915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.487984] Hardware name: linux,dummy-virt (DT) [ 19.488076] Call trace: [ 19.488132] show_stack+0x20/0x38 (C) [ 19.488262] dump_stack_lvl+0x8c/0xd0 [ 19.488384] print_report+0x118/0x608 [ 19.488603] kasan_report+0xdc/0x128 [ 19.488967] __asan_report_store1_noabort+0x20/0x30 [ 19.489169] krealloc_more_oob_helper+0x5c0/0x678 [ 19.489595] krealloc_large_more_oob+0x20/0x38 [ 19.490003] kunit_try_run_case+0x170/0x3f0 [ 19.490182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.490317] kthread+0x328/0x630 [ 19.490446] ret_from_fork+0x10/0x20 [ 19.490543] [ 19.490862] The buggy address belongs to the physical page: [ 19.490944] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656c [ 19.491284] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.491383] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.491840] page_type: f8(unknown) [ 19.491926] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.492099] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.492207] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.492317] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.492435] head: 0bfffe0000000002 ffffc1ffc3195b01 00000000ffffffff 00000000ffffffff [ 19.492561] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.492658] page dumped because: kasan: bad access detected [ 19.492732] [ 19.492778] Memory state around the buggy address: [ 19.492853] fff00000c656df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.492957] fff00000c656e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.493593] >fff00000c656e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.493714] ^ [ 19.493796] fff00000c656e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.493874] fff00000c656e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.493950] ================================================================== [ 19.384135] ================================================================== [ 19.384266] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.384382] Write of size 1 at addr fff00000c17b30eb by task kunit_try_catch/156 [ 19.384500] [ 19.384575] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.384761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.384821] Hardware name: linux,dummy-virt (DT) [ 19.384897] Call trace: [ 19.384947] show_stack+0x20/0x38 (C) [ 19.385063] dump_stack_lvl+0x8c/0xd0 [ 19.385161] print_report+0x118/0x608 [ 19.385261] kasan_report+0xdc/0x128 [ 19.385369] __asan_report_store1_noabort+0x20/0x30 [ 19.385475] krealloc_more_oob_helper+0x60c/0x678 [ 19.385567] krealloc_more_oob+0x20/0x38 [ 19.385659] kunit_try_run_case+0x170/0x3f0 [ 19.385767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.386497] kthread+0x328/0x630 [ 19.386660] ret_from_fork+0x10/0x20 [ 19.386793] [ 19.386836] Allocated by task 156: [ 19.386959] kasan_save_stack+0x3c/0x68 [ 19.387099] kasan_save_track+0x20/0x40 [ 19.387189] kasan_save_alloc_info+0x40/0x58 [ 19.387668] __kasan_krealloc+0x118/0x178 [ 19.387809] krealloc_noprof+0x128/0x360 [ 19.387901] krealloc_more_oob_helper+0x168/0x678 [ 19.388042] krealloc_more_oob+0x20/0x38 [ 19.388493] kunit_try_run_case+0x170/0x3f0 [ 19.388654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.388771] kthread+0x328/0x630 [ 19.388858] ret_from_fork+0x10/0x20 [ 19.388931] [ 19.388974] The buggy address belongs to the object at fff00000c17b3000 [ 19.388974] which belongs to the cache kmalloc-256 of size 256 [ 19.389623] The buggy address is located 0 bytes to the right of [ 19.389623] allocated 235-byte region [fff00000c17b3000, fff00000c17b30eb) [ 19.390115] [ 19.390204] The buggy address belongs to the physical page: [ 19.390292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b2 [ 19.390655] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.390808] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.391138] page_type: f5(slab) [ 19.391389] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.391706] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.391855] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.391964] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.392507] head: 0bfffe0000000001 ffffc1ffc305ec81 00000000ffffffff 00000000ffffffff [ 19.392640] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.392725] page dumped because: kasan: bad access detected [ 19.393204] [ 19.393285] Memory state around the buggy address: [ 19.393409] fff00000c17b2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.393499] fff00000c17b3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.393867] >fff00000c17b3080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.394069] ^ [ 19.394168] fff00000c17b3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.394267] fff00000c17b3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.394337] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 19.363601] ================================================================== [ 19.363727] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 19.363841] Read of size 1 at addr fff00000c78c0000 by task kunit_try_catch/154 [ 19.363942] [ 19.364010] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.364201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.364260] Hardware name: linux,dummy-virt (DT) [ 19.364328] Call trace: [ 19.364374] show_stack+0x20/0x38 (C) [ 19.364481] dump_stack_lvl+0x8c/0xd0 [ 19.364609] print_report+0x118/0x608 [ 19.364707] kasan_report+0xdc/0x128 [ 19.364803] __asan_report_load1_noabort+0x20/0x30 [ 19.364918] page_alloc_uaf+0x328/0x350 [ 19.365019] kunit_try_run_case+0x170/0x3f0 [ 19.365143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.365294] kthread+0x328/0x630 [ 19.365429] ret_from_fork+0x10/0x20 [ 19.365579] [ 19.365645] The buggy address belongs to the physical page: [ 19.365993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0 [ 19.366171] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.366498] page_type: f0(buddy) [ 19.366584] raw: 0bfffe0000000000 fff00000ff616170 fff00000ff616170 0000000000000000 [ 19.366741] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 19.366962] page dumped because: kasan: bad access detected [ 19.367089] [ 19.367152] Memory state around the buggy address: [ 19.367325] fff00000c78bff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.367533] fff00000c78bff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.367676] >fff00000c78c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.367831] ^ [ 19.368121] fff00000c78c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.368220] fff00000c78c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.368373] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 19.328301] ================================================================== [ 19.328479] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 19.328624] Free of addr fff00000c6564001 by task kunit_try_catch/150 [ 19.328728] [ 19.328807] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.328989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.329087] Hardware name: linux,dummy-virt (DT) [ 19.329170] Call trace: [ 19.329230] show_stack+0x20/0x38 (C) [ 19.329829] dump_stack_lvl+0x8c/0xd0 [ 19.330194] print_report+0x118/0x608 [ 19.330298] kasan_report_invalid_free+0xc0/0xe8 [ 19.330393] __kasan_kfree_large+0x5c/0xa8 [ 19.330489] free_large_kmalloc+0x64/0x190 [ 19.330590] kfree+0x270/0x3c8 [ 19.330923] kmalloc_large_invalid_free+0x108/0x270 [ 19.331126] kunit_try_run_case+0x170/0x3f0 [ 19.331516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.331677] kthread+0x328/0x630 [ 19.331938] ret_from_fork+0x10/0x20 [ 19.332123] [ 19.332198] The buggy address belongs to the physical page: [ 19.332392] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 19.332538] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.332864] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.333140] page_type: f8(unknown) [ 19.333258] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.333366] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.333783] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.333894] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.334309] head: 0bfffe0000000002 ffffc1ffc3195901 00000000ffffffff 00000000ffffffff [ 19.334365] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.334404] page dumped because: kasan: bad access detected [ 19.334437] [ 19.334456] Memory state around the buggy address: [ 19.334490] fff00000c6563f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.334536] fff00000c6563f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.334577] >fff00000c6564000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.334613] ^ [ 19.334642] fff00000c6564080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.334681] fff00000c6564100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.334736] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 19.309762] ================================================================== [ 19.310209] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 19.310601] Read of size 1 at addr fff00000c6564000 by task kunit_try_catch/148 [ 19.310721] [ 19.310870] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.311082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.311141] Hardware name: linux,dummy-virt (DT) [ 19.311208] Call trace: [ 19.311256] show_stack+0x20/0x38 (C) [ 19.311902] dump_stack_lvl+0x8c/0xd0 [ 19.312053] print_report+0x118/0x608 [ 19.312301] kasan_report+0xdc/0x128 [ 19.312819] __asan_report_load1_noabort+0x20/0x30 [ 19.312936] kmalloc_large_uaf+0x2cc/0x2f8 [ 19.313147] kunit_try_run_case+0x170/0x3f0 [ 19.313247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.313348] kthread+0x328/0x630 [ 19.313429] ret_from_fork+0x10/0x20 [ 19.313526] [ 19.313570] The buggy address belongs to the physical page: [ 19.313626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 19.313737] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.313858] raw: 0bfffe0000000000 ffffc1ffc3195a08 fff00000da456c40 0000000000000000 [ 19.314057] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 19.314189] page dumped because: kasan: bad access detected [ 19.314257] [ 19.314321] Memory state around the buggy address: [ 19.314400] fff00000c6563f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.314486] fff00000c6563f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.314577] >fff00000c6564000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.314671] ^ [ 19.314842] fff00000c6564080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.314921] fff00000c6564100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.314996] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 19.289121] ================================================================== [ 19.289302] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 19.289440] Write of size 1 at addr fff00000c656600a by task kunit_try_catch/146 [ 19.289549] [ 19.289637] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.290492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.290623] Hardware name: linux,dummy-virt (DT) [ 19.290902] Call trace: [ 19.290979] show_stack+0x20/0x38 (C) [ 19.291165] dump_stack_lvl+0x8c/0xd0 [ 19.291263] print_report+0x118/0x608 [ 19.291429] kasan_report+0xdc/0x128 [ 19.291653] __asan_report_store1_noabort+0x20/0x30 [ 19.292150] kmalloc_large_oob_right+0x278/0x2b8 [ 19.292356] kunit_try_run_case+0x170/0x3f0 [ 19.292712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.292950] kthread+0x328/0x630 [ 19.293168] ret_from_fork+0x10/0x20 [ 19.293371] [ 19.293855] The buggy address belongs to the physical page: [ 19.293923] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 19.293989] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.294056] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.294134] page_type: f8(unknown) [ 19.294180] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.294229] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.294276] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.294323] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.294369] head: 0bfffe0000000002 ffffc1ffc3195901 00000000ffffffff 00000000ffffffff [ 19.294415] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.294453] page dumped because: kasan: bad access detected [ 19.294483] [ 19.294502] Memory state around the buggy address: [ 19.294536] fff00000c6565f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.294578] fff00000c6565f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.294618] >fff00000c6566000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.294654] ^ [ 19.294683] fff00000c6566080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.294722] fff00000c6566100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.294758] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 19.252203] ================================================================== [ 19.252345] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.252672] Write of size 1 at addr fff00000c65bdf00 by task kunit_try_catch/144 [ 19.252990] [ 19.253094] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.253392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.253653] Hardware name: linux,dummy-virt (DT) [ 19.253783] Call trace: [ 19.253874] show_stack+0x20/0x38 (C) [ 19.254000] dump_stack_lvl+0x8c/0xd0 [ 19.254134] print_report+0x118/0x608 [ 19.254253] kasan_report+0xdc/0x128 [ 19.254382] __asan_report_store1_noabort+0x20/0x30 [ 19.254493] kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.254588] kunit_try_run_case+0x170/0x3f0 [ 19.254673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.254791] kthread+0x328/0x630 [ 19.254935] ret_from_fork+0x10/0x20 [ 19.255247] [ 19.255312] Allocated by task 144: [ 19.255418] kasan_save_stack+0x3c/0x68 [ 19.255521] kasan_save_track+0x20/0x40 [ 19.255633] kasan_save_alloc_info+0x40/0x58 [ 19.255722] __kasan_kmalloc+0xd4/0xd8 [ 19.255806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.255900] kmalloc_big_oob_right+0xb8/0x2f0 [ 19.255988] kunit_try_run_case+0x170/0x3f0 [ 19.256083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.256189] kthread+0x328/0x630 [ 19.256271] ret_from_fork+0x10/0x20 [ 19.256366] [ 19.256411] The buggy address belongs to the object at fff00000c65bc000 [ 19.256411] which belongs to the cache kmalloc-8k of size 8192 [ 19.256545] The buggy address is located 0 bytes to the right of [ 19.256545] allocated 7936-byte region [fff00000c65bc000, fff00000c65bdf00) [ 19.256701] [ 19.256761] The buggy address belongs to the physical page: [ 19.256838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b8 [ 19.256957] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.257570] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.257861] page_type: f5(slab) [ 19.257949] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 19.258067] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.258172] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 19.258400] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.258632] head: 0bfffe0000000003 ffffc1ffc3196e01 00000000ffffffff 00000000ffffffff [ 19.258750] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.258835] page dumped because: kasan: bad access detected [ 19.258906] [ 19.258947] Memory state around the buggy address: [ 19.259056] fff00000c65bde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.259190] fff00000c65bde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.259285] >fff00000c65bdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.259371] ^ [ 19.259429] fff00000c65bdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.259522] fff00000c65be000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.259608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 19.228872] ================================================================== [ 19.228996] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 19.229136] Write of size 1 at addr fff00000c6345878 by task kunit_try_catch/142 [ 19.229257] [ 19.229334] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.229511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.229570] Hardware name: linux,dummy-virt (DT) [ 19.229641] Call trace: [ 19.229699] show_stack+0x20/0x38 (C) [ 19.229807] dump_stack_lvl+0x8c/0xd0 [ 19.229912] print_report+0x118/0x608 [ 19.230646] kasan_report+0xdc/0x128 [ 19.231068] __asan_report_store1_noabort+0x20/0x30 [ 19.231227] kmalloc_track_caller_oob_right+0x418/0x488 [ 19.231403] kunit_try_run_case+0x170/0x3f0 [ 19.231556] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.231715] kthread+0x328/0x630 [ 19.231817] ret_from_fork+0x10/0x20 [ 19.231972] [ 19.232054] Allocated by task 142: [ 19.232152] kasan_save_stack+0x3c/0x68 [ 19.232280] kasan_save_track+0x20/0x40 [ 19.232383] kasan_save_alloc_info+0x40/0x58 [ 19.232482] __kasan_kmalloc+0xd4/0xd8 [ 19.232584] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.232683] kmalloc_track_caller_oob_right+0x184/0x488 [ 19.232771] kunit_try_run_case+0x170/0x3f0 [ 19.232850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.232941] kthread+0x328/0x630 [ 19.233009] ret_from_fork+0x10/0x20 [ 19.233094] [ 19.233134] The buggy address belongs to the object at fff00000c6345800 [ 19.233134] which belongs to the cache kmalloc-128 of size 128 [ 19.233876] The buggy address is located 0 bytes to the right of [ 19.233876] allocated 120-byte region [fff00000c6345800, fff00000c6345878) [ 19.234053] [ 19.234120] The buggy address belongs to the physical page: [ 19.234182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.234524] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.234695] page_type: f5(slab) [ 19.234788] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.234896] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.234993] page dumped because: kasan: bad access detected [ 19.235077] [ 19.235117] Memory state around the buggy address: [ 19.235187] fff00000c6345700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.235285] fff00000c6345780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.235380] >fff00000c6345800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.235464] ^ [ 19.235557] fff00000c6345880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.235661] fff00000c6345900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.235785] ================================================================== [ 19.220041] ================================================================== [ 19.220650] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 19.220838] Write of size 1 at addr fff00000c6345778 by task kunit_try_catch/142 [ 19.220975] [ 19.221124] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.221383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.221468] Hardware name: linux,dummy-virt (DT) [ 19.221573] Call trace: [ 19.221646] show_stack+0x20/0x38 (C) [ 19.221798] dump_stack_lvl+0x8c/0xd0 [ 19.222125] print_report+0x118/0x608 [ 19.222253] kasan_report+0xdc/0x128 [ 19.222356] __asan_report_store1_noabort+0x20/0x30 [ 19.222595] kmalloc_track_caller_oob_right+0x40c/0x488 [ 19.223121] kunit_try_run_case+0x170/0x3f0 [ 19.223312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.223487] kthread+0x328/0x630 [ 19.223634] ret_from_fork+0x10/0x20 [ 19.223790] [ 19.223855] Allocated by task 142: [ 19.223929] kasan_save_stack+0x3c/0x68 [ 19.224042] kasan_save_track+0x20/0x40 [ 19.224114] kasan_save_alloc_info+0x40/0x58 [ 19.224192] __kasan_kmalloc+0xd4/0xd8 [ 19.224271] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.224786] kmalloc_track_caller_oob_right+0xa8/0x488 [ 19.224976] kunit_try_run_case+0x170/0x3f0 [ 19.225078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.225174] kthread+0x328/0x630 [ 19.225245] ret_from_fork+0x10/0x20 [ 19.225320] [ 19.225362] The buggy address belongs to the object at fff00000c6345700 [ 19.225362] which belongs to the cache kmalloc-128 of size 128 [ 19.225481] The buggy address is located 0 bytes to the right of [ 19.225481] allocated 120-byte region [fff00000c6345700, fff00000c6345778) [ 19.225619] [ 19.225699] The buggy address belongs to the physical page: [ 19.225765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.226168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.226291] page_type: f5(slab) [ 19.226376] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.226597] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.226683] page dumped because: kasan: bad access detected [ 19.226898] [ 19.226942] Memory state around the buggy address: [ 19.227015] fff00000c6345600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.227130] fff00000c6345680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.227221] >fff00000c6345700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.227323] ^ [ 19.227456] fff00000c6345780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.227597] fff00000c6345800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.227681] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 19.195075] ================================================================== [ 19.195273] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 19.195585] Read of size 1 at addr fff00000c6363000 by task kunit_try_catch/140 [ 19.195685] [ 19.195768] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.195985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.196067] Hardware name: linux,dummy-virt (DT) [ 19.196169] Call trace: [ 19.196235] show_stack+0x20/0x38 (C) [ 19.196382] dump_stack_lvl+0x8c/0xd0 [ 19.196523] print_report+0x118/0x608 [ 19.196635] kasan_report+0xdc/0x128 [ 19.196734] __asan_report_load1_noabort+0x20/0x30 [ 19.196827] kmalloc_node_oob_right+0x2f4/0x330 [ 19.196908] kunit_try_run_case+0x170/0x3f0 [ 19.197001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.197119] kthread+0x328/0x630 [ 19.197220] ret_from_fork+0x10/0x20 [ 19.197315] [ 19.197352] Allocated by task 140: [ 19.197494] kasan_save_stack+0x3c/0x68 [ 19.197578] kasan_save_track+0x20/0x40 [ 19.197645] kasan_save_alloc_info+0x40/0x58 [ 19.197730] __kasan_kmalloc+0xd4/0xd8 [ 19.197801] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 19.197853] kmalloc_node_oob_right+0xbc/0x330 [ 19.197891] kunit_try_run_case+0x170/0x3f0 [ 19.197927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.197967] kthread+0x328/0x630 [ 19.197998] ret_from_fork+0x10/0x20 [ 19.198070] [ 19.198126] The buggy address belongs to the object at fff00000c6362000 [ 19.198126] which belongs to the cache kmalloc-4k of size 4096 [ 19.198277] The buggy address is located 0 bytes to the right of [ 19.198277] allocated 4096-byte region [fff00000c6362000, fff00000c6363000) [ 19.198455] [ 19.198508] The buggy address belongs to the physical page: [ 19.198679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106360 [ 19.199113] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.199228] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.199393] page_type: f5(slab) [ 19.199513] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 19.199679] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.199806] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 19.199949] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.200076] head: 0bfffe0000000003 ffffc1ffc318d801 00000000ffffffff 00000000ffffffff [ 19.200168] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.200247] page dumped because: kasan: bad access detected [ 19.200308] [ 19.200343] Memory state around the buggy address: [ 19.200429] fff00000c6362f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.200552] fff00000c6362f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.200653] >fff00000c6363000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.200744] ^ [ 19.200816] fff00000c6363080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.200967] fff00000c6363100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.201070] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 19.159342] ================================================================== [ 19.159482] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 19.159677] Read of size 1 at addr fff00000c619149f by task kunit_try_catch/138 [ 19.159866] [ 19.160310] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.160795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.160852] Hardware name: linux,dummy-virt (DT) [ 19.160924] Call trace: [ 19.160974] show_stack+0x20/0x38 (C) [ 19.161104] dump_stack_lvl+0x8c/0xd0 [ 19.161212] print_report+0x118/0x608 [ 19.161313] kasan_report+0xdc/0x128 [ 19.161905] __asan_report_load1_noabort+0x20/0x30 [ 19.162509] kmalloc_oob_left+0x2ec/0x320 [ 19.162966] kunit_try_run_case+0x170/0x3f0 [ 19.163341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.163911] kthread+0x328/0x630 [ 19.164092] ret_from_fork+0x10/0x20 [ 19.164220] [ 19.164261] Allocated by task 10: [ 19.164573] kasan_save_stack+0x3c/0x68 [ 19.165151] kasan_save_track+0x20/0x40 [ 19.165265] kasan_save_alloc_info+0x40/0x58 [ 19.165708] __kasan_kmalloc+0xd4/0xd8 [ 19.165988] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.166130] kvasprintf+0xe0/0x180 [ 19.166203] __kthread_create_on_node+0x16c/0x350 [ 19.166526] kthread_create_on_node+0xe4/0x130 [ 19.166631] create_worker+0x380/0x6b8 [ 19.166712] worker_thread+0x808/0xf38 [ 19.167097] kthread+0x328/0x630 [ 19.167214] ret_from_fork+0x10/0x20 [ 19.167295] [ 19.167337] The buggy address belongs to the object at fff00000c6191480 [ 19.167337] which belongs to the cache kmalloc-16 of size 16 [ 19.167954] The buggy address is located 19 bytes to the right of [ 19.167954] allocated 12-byte region [fff00000c6191480, fff00000c619148c) [ 19.168395] [ 19.168514] The buggy address belongs to the physical page: [ 19.168771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106191 [ 19.168900] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.169098] page_type: f5(slab) [ 19.169192] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.169574] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.169919] page dumped because: kasan: bad access detected [ 19.170014] [ 19.170072] Memory state around the buggy address: [ 19.170137] fff00000c6191380: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.170217] fff00000c6191400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.170304] >fff00000c6191480: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 19.170911] ^ [ 19.171093] fff00000c6191500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.171446] fff00000c6191580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.171554] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 19.130805] ================================================================== [ 19.130912] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 19.131018] Read of size 1 at addr fff00000c6345680 by task kunit_try_catch/136 [ 19.131148] [ 19.131252] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.131439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.131487] Hardware name: linux,dummy-virt (DT) [ 19.131571] Call trace: [ 19.131620] show_stack+0x20/0x38 (C) [ 19.131718] dump_stack_lvl+0x8c/0xd0 [ 19.131818] print_report+0x118/0x608 [ 19.131911] kasan_report+0xdc/0x128 [ 19.132006] __asan_report_load1_noabort+0x20/0x30 [ 19.132128] kmalloc_oob_right+0x5d0/0x660 [ 19.132225] kunit_try_run_case+0x170/0x3f0 [ 19.132324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.132429] kthread+0x328/0x630 [ 19.132524] ret_from_fork+0x10/0x20 [ 19.132626] [ 19.132666] Allocated by task 136: [ 19.132728] kasan_save_stack+0x3c/0x68 [ 19.132810] kasan_save_track+0x20/0x40 [ 19.132885] kasan_save_alloc_info+0x40/0x58 [ 19.133001] __kasan_kmalloc+0xd4/0xd8 [ 19.133120] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.133250] kmalloc_oob_right+0xb0/0x660 [ 19.133332] kunit_try_run_case+0x170/0x3f0 [ 19.133430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.133564] kthread+0x328/0x630 [ 19.133728] ret_from_fork+0x10/0x20 [ 19.133847] [ 19.133946] The buggy address belongs to the object at fff00000c6345600 [ 19.133946] which belongs to the cache kmalloc-128 of size 128 [ 19.134092] The buggy address is located 13 bytes to the right of [ 19.134092] allocated 115-byte region [fff00000c6345600, fff00000c6345673) [ 19.134214] [ 19.134271] The buggy address belongs to the physical page: [ 19.134329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.134435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.134521] page_type: f5(slab) [ 19.134596] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.134701] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.134782] page dumped because: kasan: bad access detected [ 19.134879] [ 19.134931] Memory state around the buggy address: [ 19.135000] fff00000c6345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.135115] fff00000c6345600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.135207] >fff00000c6345680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.135297] ^ [ 19.135371] fff00000c6345700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.135511] fff00000c6345780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.135636] ================================================================== [ 19.125306] ================================================================== [ 19.125403] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 19.125651] Write of size 1 at addr fff00000c6345678 by task kunit_try_catch/136 [ 19.125772] [ 19.125856] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.126052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.126107] Hardware name: linux,dummy-virt (DT) [ 19.126175] Call trace: [ 19.126219] show_stack+0x20/0x38 (C) [ 19.126314] dump_stack_lvl+0x8c/0xd0 [ 19.126405] print_report+0x118/0x608 [ 19.126507] kasan_report+0xdc/0x128 [ 19.126602] __asan_report_store1_noabort+0x20/0x30 [ 19.126703] kmalloc_oob_right+0x538/0x660 [ 19.126798] kunit_try_run_case+0x170/0x3f0 [ 19.126917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.127075] kthread+0x328/0x630 [ 19.127182] ret_from_fork+0x10/0x20 [ 19.127312] [ 19.127348] Allocated by task 136: [ 19.127419] kasan_save_stack+0x3c/0x68 [ 19.127538] kasan_save_track+0x20/0x40 [ 19.127607] kasan_save_alloc_info+0x40/0x58 [ 19.127679] __kasan_kmalloc+0xd4/0xd8 [ 19.127745] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.127826] kmalloc_oob_right+0xb0/0x660 [ 19.127901] kunit_try_run_case+0x170/0x3f0 [ 19.127974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.128064] kthread+0x328/0x630 [ 19.128130] ret_from_fork+0x10/0x20 [ 19.128193] [ 19.128231] The buggy address belongs to the object at fff00000c6345600 [ 19.128231] which belongs to the cache kmalloc-128 of size 128 [ 19.128351] The buggy address is located 5 bytes to the right of [ 19.128351] allocated 115-byte region [fff00000c6345600, fff00000c6345673) [ 19.128535] [ 19.128586] The buggy address belongs to the physical page: [ 19.128659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.128776] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.128874] page_type: f5(slab) [ 19.128955] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.129083] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.129178] page dumped because: kasan: bad access detected [ 19.129277] [ 19.129332] Memory state around the buggy address: [ 19.129433] fff00000c6345500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.129528] fff00000c6345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.129621] >fff00000c6345600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.129731] ^ [ 19.129811] fff00000c6345680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.129903] fff00000c6345700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.129983] ================================================================== [ 19.116806] ================================================================== [ 19.117219] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 19.118506] Write of size 1 at addr fff00000c6345673 by task kunit_try_catch/136 [ 19.118632] [ 19.119562] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 19.119723] Tainted: [N]=TEST [ 19.119761] Hardware name: linux,dummy-virt (DT) [ 19.120016] Call trace: [ 19.120233] show_stack+0x20/0x38 (C) [ 19.120408] dump_stack_lvl+0x8c/0xd0 [ 19.120480] print_report+0x118/0x608 [ 19.120553] kasan_report+0xdc/0x128 [ 19.120605] __asan_report_store1_noabort+0x20/0x30 [ 19.120655] kmalloc_oob_right+0x5a4/0x660 [ 19.120704] kunit_try_run_case+0x170/0x3f0 [ 19.120760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.120816] kthread+0x328/0x630 [ 19.120865] ret_from_fork+0x10/0x20 [ 19.121064] [ 19.121114] Allocated by task 136: [ 19.121278] kasan_save_stack+0x3c/0x68 [ 19.121354] kasan_save_track+0x20/0x40 [ 19.121395] kasan_save_alloc_info+0x40/0x58 [ 19.121435] __kasan_kmalloc+0xd4/0xd8 [ 19.121471] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.121511] kmalloc_oob_right+0xb0/0x660 [ 19.121545] kunit_try_run_case+0x170/0x3f0 [ 19.121582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.121622] kthread+0x328/0x630 [ 19.121654] ret_from_fork+0x10/0x20 [ 19.121781] [ 19.121882] The buggy address belongs to the object at fff00000c6345600 [ 19.121882] which belongs to the cache kmalloc-128 of size 128 [ 19.122004] The buggy address is located 0 bytes to the right of [ 19.122004] allocated 115-byte region [fff00000c6345600, fff00000c6345673) [ 19.122094] [ 19.122186] The buggy address belongs to the physical page: [ 19.122432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106345 [ 19.122736] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.123073] page_type: f5(slab) [ 19.123433] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.123500] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.123629] page dumped because: kasan: bad access detected [ 19.123676] [ 19.123704] Memory state around the buggy address: [ 19.123941] fff00000c6345500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.124016] fff00000c6345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.124093] >fff00000c6345600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.124150] ^ [ 19.124245] fff00000c6345680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.124288] fff00000c6345700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.124354] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 99.917755] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 99.920332] Modules linked in: [ 99.921127] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 99.921752] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 99.922149] Hardware name: linux,dummy-virt (DT) [ 99.922382] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 99.922787] pc : intlog10+0x38/0x48 [ 99.923061] lr : intlog10_test+0xe4/0x200 [ 99.923334] sp : ffff800082307c10 [ 99.923563] x29: ffff800082307c90 x28: 0000000000000000 x27: 0000000000000000 [ 99.924739] x26: 1ffe0000198ba661 x25: 0000000000000000 x24: ffff800082307ce0 [ 99.925441] x23: ffff800082307d00 x22: 0000000000000000 x21: 1ffff00010460f82 [ 99.926303] x20: ffffb07f36889840 x19: ffff800080087990 x18: 000000003a5b8288 [ 99.926882] x17: 00000000de571154 x16: fff00000c097583c x15: fff00000ff616b08 [ 99.927462] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff760fe74e3381 [ 99.928065] x11: 1ffff60fe74e3380 x10: ffff760fe74e3380 x9 : ffffb07f33e3749c [ 99.928686] x8 : ffffb07f3a719c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 99.929411] x5 : ffff700010460f82 x4 : 1ffff00010010f3a x3 : 1ffff60fe6d11308 [ 99.930168] x2 : 1ffff60fe6d11308 x1 : 0000000000000003 x0 : 0000000000000000 [ 99.930892] Call trace: [ 99.931153] intlog10+0x38/0x48 (P) [ 99.931465] kunit_try_run_case+0x170/0x3f0 [ 99.931744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 99.932110] kthread+0x328/0x630 [ 99.932360] ret_from_fork+0x10/0x20 [ 99.932668] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 99.847695] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 99.849738] Modules linked in: [ 99.850957] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 99.851620] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 99.852091] Hardware name: linux,dummy-virt (DT) [ 99.852366] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 99.853088] pc : intlog2+0xd8/0xf8 [ 99.853481] lr : intlog2_test+0xe4/0x200 [ 99.853832] sp : ffff800082277c10 [ 99.854114] x29: ffff800082277c90 x28: 0000000000000000 x27: 0000000000000000 [ 99.854732] x26: 1ffe000019978ac1 x25: 0000000000000000 x24: ffff800082277ce0 [ 99.855490] x23: ffff800082277d00 x22: 0000000000000000 x21: 1ffff0001044ef82 [ 99.856228] x20: ffffb07f36889740 x19: ffff800080087990 x18: 000000001d45f7c0 [ 99.856860] x17: 00000000c40bfbfd x16: fff00000c097583c x15: fff00000ff616b08 [ 99.857781] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff760fe74e3381 [ 99.858614] x11: 1ffff60fe74e3380 x10: ffff760fe74e3380 x9 : ffffb07f33e3769c [ 99.859246] x8 : ffffb07f3a719c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 99.859818] x5 : ffff70001044ef82 x4 : 1ffff00010010f3a x3 : 1ffff60fe6d112e8 [ 99.860426] x2 : 1ffff60fe6d112e8 x1 : 0000000000000003 x0 : 0000000000000000 [ 99.861068] Call trace: [ 99.861381] intlog2+0xd8/0xf8 (P) [ 99.861952] kunit_try_run_case+0x170/0x3f0 [ 99.862546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 99.862931] kthread+0x328/0x630 [ 99.863366] ret_from_fork+0x10/0x20 [ 99.863869] ---[ end trace 0000000000000000 ]---