Date
July 1, 2025, 11:08 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.609078] ================================================================== [ 18.609782] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 18.609927] Read of size 1 at addr fff00000c7732778 by task kunit_try_catch/197 [ 18.610198] [ 18.610397] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.610675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.610726] Hardware name: linux,dummy-virt (DT) [ 18.610766] Call trace: [ 18.610792] show_stack+0x20/0x38 (C) [ 18.610866] dump_stack_lvl+0x8c/0xd0 [ 18.610981] print_report+0x118/0x608 [ 18.611036] kasan_report+0xdc/0x128 [ 18.611560] __asan_report_load1_noabort+0x20/0x30 [ 18.611651] ksize_uaf+0x544/0x5f8 [ 18.611703] kunit_try_run_case+0x170/0x3f0 [ 18.611896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.611971] kthread+0x328/0x630 [ 18.612023] ret_from_fork+0x10/0x20 [ 18.612200] [ 18.612253] Allocated by task 197: [ 18.612296] kasan_save_stack+0x3c/0x68 [ 18.612348] kasan_save_track+0x20/0x40 [ 18.612389] kasan_save_alloc_info+0x40/0x58 [ 18.612448] __kasan_kmalloc+0xd4/0xd8 [ 18.612487] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.612538] ksize_uaf+0xb8/0x5f8 [ 18.612584] kunit_try_run_case+0x170/0x3f0 [ 18.612625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.612685] kthread+0x328/0x630 [ 18.612734] ret_from_fork+0x10/0x20 [ 18.612781] [ 18.612802] Freed by task 197: [ 18.612833] kasan_save_stack+0x3c/0x68 [ 18.612875] kasan_save_track+0x20/0x40 [ 18.612914] kasan_save_free_info+0x4c/0x78 [ 18.612969] __kasan_slab_free+0x6c/0x98 [ 18.613018] kfree+0x214/0x3c8 [ 18.613065] ksize_uaf+0x11c/0x5f8 [ 18.613113] kunit_try_run_case+0x170/0x3f0 [ 18.613577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.613950] kthread+0x328/0x630 [ 18.614329] ret_from_fork+0x10/0x20 [ 18.614419] [ 18.614467] The buggy address belongs to the object at fff00000c7732700 [ 18.614467] which belongs to the cache kmalloc-128 of size 128 [ 18.614721] The buggy address is located 120 bytes inside of [ 18.614721] freed 128-byte region [fff00000c7732700, fff00000c7732780) [ 18.614957] [ 18.615441] The buggy address belongs to the physical page: [ 18.615547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.615734] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.615836] page_type: f5(slab) [ 18.616157] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.616384] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.616590] page dumped because: kasan: bad access detected [ 18.616686] [ 18.616806] Memory state around the buggy address: [ 18.616897] fff00000c7732600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.616980] fff00000c7732680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.617312] >fff00000c7732700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.617558] ^ [ 18.617662] fff00000c7732780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.617832] fff00000c7732800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.617929] ================================================================== [ 18.583234] ================================================================== [ 18.583333] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 18.583409] Read of size 1 at addr fff00000c7732700 by task kunit_try_catch/197 [ 18.583466] [ 18.583513] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.583609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.583639] Hardware name: linux,dummy-virt (DT) [ 18.583674] Call trace: [ 18.583700] show_stack+0x20/0x38 (C) [ 18.583756] dump_stack_lvl+0x8c/0xd0 [ 18.583807] print_report+0x118/0x608 [ 18.583855] kasan_report+0xdc/0x128 [ 18.583902] __kasan_check_byte+0x54/0x70 [ 18.583954] ksize+0x30/0x88 [ 18.584021] ksize_uaf+0x168/0x5f8 [ 18.584069] kunit_try_run_case+0x170/0x3f0 [ 18.584143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.584202] kthread+0x328/0x630 [ 18.584247] ret_from_fork+0x10/0x20 [ 18.584301] [ 18.584321] Allocated by task 197: [ 18.584350] kasan_save_stack+0x3c/0x68 [ 18.584396] kasan_save_track+0x20/0x40 [ 18.584436] kasan_save_alloc_info+0x40/0x58 [ 18.584491] __kasan_kmalloc+0xd4/0xd8 [ 18.584531] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.584954] ksize_uaf+0xb8/0x5f8 [ 18.585004] kunit_try_run_case+0x170/0x3f0 [ 18.585124] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.585187] kthread+0x328/0x630 [ 18.585223] ret_from_fork+0x10/0x20 [ 18.585262] [ 18.585285] Freed by task 197: [ 18.585323] kasan_save_stack+0x3c/0x68 [ 18.585376] kasan_save_track+0x20/0x40 [ 18.585417] kasan_save_free_info+0x4c/0x78 [ 18.585461] __kasan_slab_free+0x6c/0x98 [ 18.585500] kfree+0x214/0x3c8 [ 18.585535] ksize_uaf+0x11c/0x5f8 [ 18.585692] kunit_try_run_case+0x170/0x3f0 [ 18.585740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.585789] kthread+0x328/0x630 [ 18.585825] ret_from_fork+0x10/0x20 [ 18.585891] [ 18.585936] The buggy address belongs to the object at fff00000c7732700 [ 18.585936] which belongs to the cache kmalloc-128 of size 128 [ 18.586022] The buggy address is located 0 bytes inside of [ 18.586022] freed 128-byte region [fff00000c7732700, fff00000c7732780) [ 18.586160] [ 18.586267] The buggy address belongs to the physical page: [ 18.586452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.586567] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.586666] page_type: f5(slab) [ 18.586756] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.586814] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.586892] page dumped because: kasan: bad access detected [ 18.586956] [ 18.587149] Memory state around the buggy address: [ 18.587201] fff00000c7732600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.587248] fff00000c7732680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.587607] >fff00000c7732700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.587659] ^ [ 18.587691] fff00000c7732780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.587740] fff00000c7732800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.587785] ================================================================== [ 18.589906] ================================================================== [ 18.589986] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 18.590052] Read of size 1 at addr fff00000c7732700 by task kunit_try_catch/197 [ 18.590108] [ 18.590170] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.590263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.590291] Hardware name: linux,dummy-virt (DT) [ 18.590329] Call trace: [ 18.590353] show_stack+0x20/0x38 (C) [ 18.590409] dump_stack_lvl+0x8c/0xd0 [ 18.590460] print_report+0x118/0x608 [ 18.590510] kasan_report+0xdc/0x128 [ 18.590557] __asan_report_load1_noabort+0x20/0x30 [ 18.590612] ksize_uaf+0x598/0x5f8 [ 18.590658] kunit_try_run_case+0x170/0x3f0 [ 18.590707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.590763] kthread+0x328/0x630 [ 18.590808] ret_from_fork+0x10/0x20 [ 18.590860] [ 18.590879] Allocated by task 197: [ 18.590912] kasan_save_stack+0x3c/0x68 [ 18.590957] kasan_save_track+0x20/0x40 [ 18.590997] kasan_save_alloc_info+0x40/0x58 [ 18.591040] __kasan_kmalloc+0xd4/0xd8 [ 18.591078] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.591788] ksize_uaf+0xb8/0x5f8 [ 18.591949] kunit_try_run_case+0x170/0x3f0 [ 18.591996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.592425] kthread+0x328/0x630 [ 18.592740] ret_from_fork+0x10/0x20 [ 18.593076] [ 18.593320] Freed by task 197: [ 18.593733] kasan_save_stack+0x3c/0x68 [ 18.593966] kasan_save_track+0x20/0x40 [ 18.594233] kasan_save_free_info+0x4c/0x78 [ 18.594398] __kasan_slab_free+0x6c/0x98 [ 18.595220] kfree+0x214/0x3c8 [ 18.595758] ksize_uaf+0x11c/0x5f8 [ 18.596016] kunit_try_run_case+0x170/0x3f0 [ 18.596123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.596257] kthread+0x328/0x630 [ 18.596744] ret_from_fork+0x10/0x20 [ 18.596849] [ 18.597172] The buggy address belongs to the object at fff00000c7732700 [ 18.597172] which belongs to the cache kmalloc-128 of size 128 [ 18.597267] The buggy address is located 0 bytes inside of [ 18.597267] freed 128-byte region [fff00000c7732700, fff00000c7732780) [ 18.597353] [ 18.597859] The buggy address belongs to the physical page: [ 18.598314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.598572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.598775] page_type: f5(slab) [ 18.598982] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.599061] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.599329] page dumped because: kasan: bad access detected [ 18.599436] [ 18.599558] Memory state around the buggy address: [ 18.599680] fff00000c7732600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.599735] fff00000c7732680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.599785] >fff00000c7732700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.599838] ^ [ 18.600272] fff00000c7732780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.600538] fff00000c7732800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.600775] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 21.360267] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 21.436940] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 21.442884] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7cc/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 21.292335] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 21.259632] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.557186] ================================================================== [ 18.557276] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 18.557358] Read of size 1 at addr fff00000c7732673 by task kunit_try_catch/195 [ 18.557416] [ 18.557534] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.557786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.557830] Hardware name: linux,dummy-virt (DT) [ 18.557870] Call trace: [ 18.557897] show_stack+0x20/0x38 (C) [ 18.557961] dump_stack_lvl+0x8c/0xd0 [ 18.558018] print_report+0x118/0x608 [ 18.558070] kasan_report+0xdc/0x128 [ 18.558122] __asan_report_load1_noabort+0x20/0x30 [ 18.558196] ksize_unpoisons_memory+0x628/0x740 [ 18.558298] kunit_try_run_case+0x170/0x3f0 [ 18.558353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.558719] kthread+0x328/0x630 [ 18.558812] ret_from_fork+0x10/0x20 [ 18.558900] [ 18.558943] Allocated by task 195: [ 18.558980] kasan_save_stack+0x3c/0x68 [ 18.559027] kasan_save_track+0x20/0x40 [ 18.559071] kasan_save_alloc_info+0x40/0x58 [ 18.559162] __kasan_kmalloc+0xd4/0xd8 [ 18.559205] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.559348] ksize_unpoisons_memory+0xc0/0x740 [ 18.559428] kunit_try_run_case+0x170/0x3f0 [ 18.559505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.559554] kthread+0x328/0x630 [ 18.559618] ret_from_fork+0x10/0x20 [ 18.559661] [ 18.559682] The buggy address belongs to the object at fff00000c7732600 [ 18.559682] which belongs to the cache kmalloc-128 of size 128 [ 18.559753] The buggy address is located 0 bytes to the right of [ 18.559753] allocated 115-byte region [fff00000c7732600, fff00000c7732673) [ 18.559916] [ 18.559941] The buggy address belongs to the physical page: [ 18.560069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.560160] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.560289] page_type: f5(slab) [ 18.560399] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.560495] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.560603] page dumped because: kasan: bad access detected [ 18.560704] [ 18.560792] Memory state around the buggy address: [ 18.560854] fff00000c7732500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.560946] fff00000c7732580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.561028] >fff00000c7732600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.561150] ^ [ 18.561282] fff00000c7732680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.561392] fff00000c7732700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.561453] ================================================================== [ 18.564775] ================================================================== [ 18.564858] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 18.565103] Read of size 1 at addr fff00000c7732678 by task kunit_try_catch/195 [ 18.565206] [ 18.565258] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.565369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.565514] Hardware name: linux,dummy-virt (DT) [ 18.565555] Call trace: [ 18.565579] show_stack+0x20/0x38 (C) [ 18.565639] dump_stack_lvl+0x8c/0xd0 [ 18.565694] print_report+0x118/0x608 [ 18.565746] kasan_report+0xdc/0x128 [ 18.565796] __asan_report_load1_noabort+0x20/0x30 [ 18.565997] ksize_unpoisons_memory+0x618/0x740 [ 18.566086] kunit_try_run_case+0x170/0x3f0 [ 18.566157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.566218] kthread+0x328/0x630 [ 18.566266] ret_from_fork+0x10/0x20 [ 18.566321] [ 18.566342] Allocated by task 195: [ 18.566517] kasan_save_stack+0x3c/0x68 [ 18.566575] kasan_save_track+0x20/0x40 [ 18.566637] kasan_save_alloc_info+0x40/0x58 [ 18.566695] __kasan_kmalloc+0xd4/0xd8 [ 18.566736] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.566809] ksize_unpoisons_memory+0xc0/0x740 [ 18.566853] kunit_try_run_case+0x170/0x3f0 [ 18.566895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.566945] kthread+0x328/0x630 [ 18.566979] ret_from_fork+0x10/0x20 [ 18.569146] [ 18.569314] The buggy address belongs to the object at fff00000c7732600 [ 18.569314] which belongs to the cache kmalloc-128 of size 128 [ 18.569394] The buggy address is located 5 bytes to the right of [ 18.569394] allocated 115-byte region [fff00000c7732600, fff00000c7732673) [ 18.569469] [ 18.569494] The buggy address belongs to the physical page: [ 18.569530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.569595] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.569652] page_type: f5(slab) [ 18.569700] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.569757] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.569803] page dumped because: kasan: bad access detected [ 18.569836] [ 18.569855] Memory state around the buggy address: [ 18.569893] fff00000c7732500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.569942] fff00000c7732580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.569990] >fff00000c7732600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.570034] ^ [ 18.570077] fff00000c7732680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.570126] fff00000c7732700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.570182] ================================================================== [ 18.570970] ================================================================== [ 18.571084] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 18.571254] Read of size 1 at addr fff00000c773267f by task kunit_try_catch/195 [ 18.571309] [ 18.571582] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.571710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.571777] Hardware name: linux,dummy-virt (DT) [ 18.571838] Call trace: [ 18.571875] show_stack+0x20/0x38 (C) [ 18.571983] dump_stack_lvl+0x8c/0xd0 [ 18.572140] print_report+0x118/0x608 [ 18.572261] kasan_report+0xdc/0x128 [ 18.572325] __asan_report_load1_noabort+0x20/0x30 [ 18.572429] ksize_unpoisons_memory+0x690/0x740 [ 18.572547] kunit_try_run_case+0x170/0x3f0 [ 18.572600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.572833] kthread+0x328/0x630 [ 18.573016] ret_from_fork+0x10/0x20 [ 18.573155] [ 18.573197] Allocated by task 195: [ 18.573241] kasan_save_stack+0x3c/0x68 [ 18.573304] kasan_save_track+0x20/0x40 [ 18.573346] kasan_save_alloc_info+0x40/0x58 [ 18.573391] __kasan_kmalloc+0xd4/0xd8 [ 18.573430] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.573472] ksize_unpoisons_memory+0xc0/0x740 [ 18.573516] kunit_try_run_case+0x170/0x3f0 [ 18.573558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.573617] kthread+0x328/0x630 [ 18.573652] ret_from_fork+0x10/0x20 [ 18.573700] [ 18.573720] The buggy address belongs to the object at fff00000c7732600 [ 18.573720] which belongs to the cache kmalloc-128 of size 128 [ 18.573787] The buggy address is located 12 bytes to the right of [ 18.573787] allocated 115-byte region [fff00000c7732600, fff00000c7732673) [ 18.573871] [ 18.573901] The buggy address belongs to the physical page: [ 18.573947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.574008] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.574065] page_type: f5(slab) [ 18.574119] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.574501] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.574583] page dumped because: kasan: bad access detected [ 18.574687] [ 18.574755] Memory state around the buggy address: [ 18.574865] fff00000c7732500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.575034] fff00000c7732580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.575104] >fff00000c7732600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.575266] ^ [ 18.575395] fff00000c7732680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.575446] fff00000c7732700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.575491] ==================================================================
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 103.418808] Internal error: Oops: 0000000096000005 [#1] SMP [ 103.426902] Modules linked in: [ 103.428221] CPU: 1 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 103.429512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 103.429840] Hardware name: linux,dummy-virt (DT) [ 103.430339] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 103.431311] pc : kunit_test_null_dereference+0x70/0x170 [ 103.432281] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 103.432951] sp : ffff800080f97d30 [ 103.433186] x29: ffff800080f97d90 x28: 0000000000000000 x27: 0000000000000000 [ 103.433648] x26: 1ffe000018edb9c1 x25: 0000000000000000 x24: 0000000000000004 [ 103.434024] x23: fff00000c76dce0c x22: ffff9bbfe2c245f8 x21: fff00000c3d6f108 [ 103.435235] x20: 1ffff000101f2fa6 x19: ffff800080087990 x18: 00000000b9f71a49 [ 103.436362] x17: 0000000000000001 x16: fff00000da474d28 x15: 0000000076f3fee2 [ 103.437538] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e989 x12: fffd800018c158b4 [ 103.438535] x11: 1ffe000018c158b3 x10: fffd800018c158b3 x9 : ffff9bbfe2c1ba60 [ 103.439464] x8 : ffff800080f97c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 103.440178] x5 : ffff7000101f2fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 103.440558] x2 : dfff800000000000 x1 : fff00000c60abcc0 x0 : ffff800080087990 [ 103.440973] Call trace: [ 103.441442] kunit_test_null_dereference+0x70/0x170 (P) [ 103.442213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 103.443104] kthread+0x328/0x630 [ 103.443746] ret_from_fork+0x10/0x20 [ 103.444665] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 103.446055] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 52.920702] ================================================================== [ 52.920795] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 52.920795] [ 52.920896] Use-after-free read at 0x000000004947fa2f (in kfence-#164): [ 52.920953] test_krealloc+0x51c/0x830 [ 52.920999] kunit_try_run_case+0x170/0x3f0 [ 52.921047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.921094] kthread+0x328/0x630 [ 52.921148] ret_from_fork+0x10/0x20 [ 52.921189] [ 52.921215] kfence-#164: 0x000000004947fa2f-0x0000000080ec4d09, size=32, cache=kmalloc-32 [ 52.921215] [ 52.921273] allocated by task 338 on cpu 1 at 52.920011s (0.001258s ago): [ 52.921361] test_alloc+0x29c/0x628 [ 52.921403] test_krealloc+0xc0/0x830 [ 52.921442] kunit_try_run_case+0x170/0x3f0 [ 52.921483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.921528] kthread+0x328/0x630 [ 52.921565] ret_from_fork+0x10/0x20 [ 52.921606] [ 52.921629] freed by task 338 on cpu 1 at 52.920290s (0.001336s ago): [ 52.921693] krealloc_noprof+0x148/0x360 [ 52.921734] test_krealloc+0x1dc/0x830 [ 52.921774] kunit_try_run_case+0x170/0x3f0 [ 52.921815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.921860] kthread+0x328/0x630 [ 52.921897] ret_from_fork+0x10/0x20 [ 52.921937] [ 52.921987] CPU: 1 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 52.922071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 52.922101] Hardware name: linux,dummy-virt (DT) [ 52.922151] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 52.839046] ================================================================== [ 52.839187] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 52.839187] [ 52.839299] Use-after-free read at 0x000000007f1e9e37 (in kfence-#163): [ 52.839361] test_memcache_typesafe_by_rcu+0x280/0x560 [ 52.839415] kunit_try_run_case+0x170/0x3f0 [ 52.839463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.839510] kthread+0x328/0x630 [ 52.839551] ret_from_fork+0x10/0x20 [ 52.839595] [ 52.839621] kfence-#163: 0x000000007f1e9e37-0x00000000d5cef76a, size=32, cache=test [ 52.839621] [ 52.839677] allocated by task 336 on cpu 0 at 52.819603s (0.020070s ago): [ 52.839755] test_alloc+0x230/0x628 [ 52.839799] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 52.839844] kunit_try_run_case+0x170/0x3f0 [ 52.839884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.839930] kthread+0x328/0x630 [ 52.839966] ret_from_fork+0x10/0x20 [ 52.840006] [ 52.840031] freed by task 336 on cpu 0 at 52.819740s (0.020287s ago): [ 52.840091] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 52.840148] kunit_try_run_case+0x170/0x3f0 [ 52.840190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.840234] kthread+0x328/0x630 [ 52.840272] ret_from_fork+0x10/0x20 [ 52.840313] [ 52.840366] CPU: 0 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 52.840448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 52.840480] Hardware name: linux,dummy-virt (DT) [ 52.840518] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 30.272808] ================================================================== [ 30.272986] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 30.272986] [ 30.273104] Invalid read at 0x00000000ee65cd7b: [ 30.273568] test_invalid_access+0xdc/0x1f0 [ 30.276000] kunit_try_run_case+0x170/0x3f0 [ 30.276884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.276985] kthread+0x328/0x630 [ 30.277062] ret_from_fork+0x10/0x20 [ 30.277169] [ 30.277257] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 30.277389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.277452] Hardware name: linux,dummy-virt (DT) [ 30.277522] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 30.039928] ================================================================== [ 30.040042] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 30.040042] [ 30.040113] Corrupted memory at 0x00000000869304e3 [ ! . . . . . . . . . . . . . . . ] (in kfence-#159): [ 30.040465] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 30.040519] kunit_try_run_case+0x170/0x3f0 [ 30.040563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.040611] kthread+0x328/0x630 [ 30.040652] ret_from_fork+0x10/0x20 [ 30.040695] [ 30.040720] kfence-#159: 0x000000009bb1e06b-0x000000002863331f, size=73, cache=kmalloc-96 [ 30.040720] [ 30.040780] allocated by task 326 on cpu 1 at 30.039648s (0.001128s ago): [ 30.040846] test_alloc+0x29c/0x628 [ 30.040890] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 30.040937] kunit_try_run_case+0x170/0x3f0 [ 30.040980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.041026] kthread+0x328/0x630 [ 30.041064] ret_from_fork+0x10/0x20 [ 30.041105] [ 30.041142] freed by task 326 on cpu 1 at 30.039825s (0.001301s ago): [ 30.041208] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 30.041255] kunit_try_run_case+0x170/0x3f0 [ 30.041309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.041355] kthread+0x328/0x630 [ 30.041395] ret_from_fork+0x10/0x20 [ 30.041436] [ 30.041483] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 30.041567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.041599] Hardware name: linux,dummy-virt (DT) [ 30.041637] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 29.623997] ================================================================== [ 29.624115] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 29.624115] [ 29.624251] Out-of-bounds read at 0x0000000002497dd9 (105B right of kfence-#155): [ 29.624319] test_kmalloc_aligned_oob_read+0x238/0x468 [ 29.624372] kunit_try_run_case+0x170/0x3f0 [ 29.624420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.624469] kthread+0x328/0x630 [ 29.624509] ret_from_fork+0x10/0x20 [ 29.624552] [ 29.624579] kfence-#155: 0x0000000096064e42-0x00000000beae620d, size=73, cache=kmalloc-96 [ 29.624579] [ 29.624639] allocated by task 324 on cpu 1 at 29.623712s (0.000923s ago): [ 29.624718] test_alloc+0x29c/0x628 [ 29.624761] test_kmalloc_aligned_oob_read+0x100/0x468 [ 29.624807] kunit_try_run_case+0x170/0x3f0 [ 29.624851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.624898] kthread+0x328/0x630 [ 29.624935] ret_from_fork+0x10/0x20 [ 29.624978] [ 29.625032] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 29.625118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.625162] Hardware name: linux,dummy-virt (DT) [ 29.625199] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 24.216304] ================================================================== [ 24.216431] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 24.216431] [ 24.216503] Corrupted memory at 0x0000000093a84581 [ ! ] (in kfence-#103): [ 24.216655] test_corruption+0x284/0x378 [ 24.216707] kunit_try_run_case+0x170/0x3f0 [ 24.216762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.216809] kthread+0x328/0x630 [ 24.216853] ret_from_fork+0x10/0x20 [ 24.216898] [ 24.216924] kfence-#103: 0x000000007b90885a-0x00000000c8a8ebc3, size=32, cache=kmalloc-32 [ 24.216924] [ 24.216988] allocated by task 312 on cpu 1 at 24.215898s (0.001086s ago): [ 24.217057] test_alloc+0x29c/0x628 [ 24.217101] test_corruption+0x198/0x378 [ 24.217160] kunit_try_run_case+0x170/0x3f0 [ 24.217204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.217251] kthread+0x328/0x630 [ 24.217298] ret_from_fork+0x10/0x20 [ 24.217340] [ 24.217366] freed by task 312 on cpu 1 at 24.216070s (0.001292s ago): [ 24.217432] test_corruption+0x284/0x378 [ 24.217476] kunit_try_run_case+0x170/0x3f0 [ 24.217519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.217567] kthread+0x328/0x630 [ 24.217605] ret_from_fork+0x10/0x20 [ 24.217647] [ 24.217704] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.217788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.217821] Hardware name: linux,dummy-virt (DT) [ 24.217860] ================================================================== [ 24.839908] ================================================================== [ 24.840023] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 24.840023] [ 24.840093] Corrupted memory at 0x000000009dae348a [ ! . . . . . . . . . . . . . . . ] (in kfence-#109): [ 24.840456] test_corruption+0x120/0x378 [ 24.840506] kunit_try_run_case+0x170/0x3f0 [ 24.840553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.840603] kthread+0x328/0x630 [ 24.840644] ret_from_fork+0x10/0x20 [ 24.840689] [ 24.840715] kfence-#109: 0x000000005b2a11d2-0x00000000277e4c14, size=32, cache=test [ 24.840715] [ 24.840776] allocated by task 314 on cpu 1 at 24.839727s (0.001045s ago): [ 24.840845] test_alloc+0x230/0x628 [ 24.840890] test_corruption+0xdc/0x378 [ 24.840934] kunit_try_run_case+0x170/0x3f0 [ 24.840977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.841025] kthread+0x328/0x630 [ 24.841065] ret_from_fork+0x10/0x20 [ 24.841107] [ 24.841144] freed by task 314 on cpu 1 at 24.839810s (0.001330s ago): [ 24.841212] test_corruption+0x120/0x378 [ 24.841256] kunit_try_run_case+0x170/0x3f0 [ 24.841306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.841352] kthread+0x328/0x630 [ 24.841390] ret_from_fork+0x10/0x20 [ 24.841433] [ 24.841482] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.841566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.841599] Hardware name: linux,dummy-virt (DT) [ 24.841638] ================================================================== [ 24.116615] ================================================================== [ 24.116710] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 24.116710] [ 24.116776] Corrupted memory at 0x00000000bd932d29 [ ! . . . . . . . . . . . . . . . ] (in kfence-#102): [ 24.117102] test_corruption+0x278/0x378 [ 24.117168] kunit_try_run_case+0x170/0x3f0 [ 24.117228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.117278] kthread+0x328/0x630 [ 24.117393] ret_from_fork+0x10/0x20 [ 24.117512] [ 24.117576] kfence-#102: 0x00000000d2effed0-0x0000000051dda90e, size=32, cache=kmalloc-32 [ 24.117576] [ 24.117717] allocated by task 312 on cpu 0 at 24.114444s (0.003258s ago): [ 24.117807] test_alloc+0x29c/0x628 [ 24.117883] test_corruption+0xdc/0x378 [ 24.117928] kunit_try_run_case+0x170/0x3f0 [ 24.118005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.118065] kthread+0x328/0x630 [ 24.118106] ret_from_fork+0x10/0x20 [ 24.118158] [ 24.118183] freed by task 312 on cpu 0 at 24.115265s (0.002913s ago): [ 24.118260] test_corruption+0x278/0x378 [ 24.118307] kunit_try_run_case+0x170/0x3f0 [ 24.118357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.118411] kthread+0x328/0x630 [ 24.118460] ret_from_fork+0x10/0x20 [ 24.118514] [ 24.118575] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.118673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.118716] Hardware name: linux,dummy-virt (DT) [ 24.118765] ================================================================== [ 24.943905] ================================================================== [ 24.944005] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 24.944005] [ 24.944076] Corrupted memory at 0x000000008a040b07 [ ! ] (in kfence-#110): [ 24.944221] test_corruption+0x1d8/0x378 [ 24.944272] kunit_try_run_case+0x170/0x3f0 [ 24.944319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.944367] kthread+0x328/0x630 [ 24.944411] ret_from_fork+0x10/0x20 [ 24.944453] [ 24.944480] kfence-#110: 0x00000000b27e048f-0x00000000eea08354, size=32, cache=test [ 24.944480] [ 24.944539] allocated by task 314 on cpu 1 at 24.943725s (0.000810s ago): [ 24.944606] test_alloc+0x230/0x628 [ 24.944649] test_corruption+0x198/0x378 [ 24.944693] kunit_try_run_case+0x170/0x3f0 [ 24.944735] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.944784] kthread+0x328/0x630 [ 24.944823] ret_from_fork+0x10/0x20 [ 24.944864] [ 24.944889] freed by task 314 on cpu 1 at 24.943811s (0.001074s ago): [ 24.944955] test_corruption+0x1d8/0x378 [ 24.944999] kunit_try_run_case+0x170/0x3f0 [ 24.945041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.945089] kthread+0x328/0x630 [ 24.945127] ret_from_fork+0x10/0x20 [ 24.945179] [ 24.945225] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.945320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.945353] Hardware name: linux,dummy-virt (DT) [ 24.945392] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 24.010344] ================================================================== [ 24.010458] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 24.010458] [ 24.011060] Invalid free of 0x00000000420da8a6 (in kfence-#101): [ 24.011196] test_invalid_addr_free+0xec/0x238 [ 24.011340] kunit_try_run_case+0x170/0x3f0 [ 24.011475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.011890] kthread+0x328/0x630 [ 24.012026] ret_from_fork+0x10/0x20 [ 24.012214] [ 24.012304] kfence-#101: 0x00000000ab5c2665-0x000000002263fcdf, size=32, cache=test [ 24.012304] [ 24.012742] allocated by task 310 on cpu 0 at 24.009765s (0.002960s ago): [ 24.012932] test_alloc+0x230/0x628 [ 24.013277] test_invalid_addr_free+0xd4/0x238 [ 24.013430] kunit_try_run_case+0x170/0x3f0 [ 24.013539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.013696] kthread+0x328/0x630 [ 24.013788] ret_from_fork+0x10/0x20 [ 24.014206] [ 24.014544] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.014737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.015118] Hardware name: linux,dummy-virt (DT) [ 24.015359] ================================================================== [ 23.904694] ================================================================== [ 23.904796] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.904796] [ 23.904863] Invalid free of 0x00000000f90b04c3 (in kfence-#100): [ 23.904974] test_invalid_addr_free+0x1ac/0x238 [ 23.905027] kunit_try_run_case+0x170/0x3f0 [ 23.905077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.905124] kthread+0x328/0x630 [ 23.905555] ret_from_fork+0x10/0x20 [ 23.905623] [ 23.905651] kfence-#100: 0x0000000004d2c826-0x00000000324bcd6f, size=32, cache=kmalloc-32 [ 23.905651] [ 23.905810] allocated by task 308 on cpu 0 at 23.904312s (0.001453s ago): [ 23.905919] test_alloc+0x29c/0x628 [ 23.905997] test_invalid_addr_free+0xd4/0x238 [ 23.906044] kunit_try_run_case+0x170/0x3f0 [ 23.906088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.906364] kthread+0x328/0x630 [ 23.906419] ret_from_fork+0x10/0x20 [ 23.906473] [ 23.906638] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.906869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.906910] Hardware name: linux,dummy-virt (DT) [ 23.906950] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 23.696319] ================================================================== [ 23.696807] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 23.696807] [ 23.696940] Invalid free of 0x00000000204aeb1f (in kfence-#98): [ 23.697093] test_double_free+0x1bc/0x238 [ 23.697179] kunit_try_run_case+0x170/0x3f0 [ 23.697239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.697296] kthread+0x328/0x630 [ 23.697373] ret_from_fork+0x10/0x20 [ 23.697421] [ 23.697487] kfence-#98: 0x00000000204aeb1f-0x00000000139d3c78, size=32, cache=kmalloc-32 [ 23.697487] [ 23.697653] allocated by task 304 on cpu 0 at 23.695957s (0.001630s ago): [ 23.697727] test_alloc+0x29c/0x628 [ 23.697770] test_double_free+0xd4/0x238 [ 23.697812] kunit_try_run_case+0x170/0x3f0 [ 23.698255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.698385] kthread+0x328/0x630 [ 23.698435] ret_from_fork+0x10/0x20 [ 23.698520] [ 23.698581] freed by task 304 on cpu 0 at 23.696100s (0.002445s ago): [ 23.698668] test_double_free+0x1ac/0x238 [ 23.698714] kunit_try_run_case+0x170/0x3f0 [ 23.698777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.698827] kthread+0x328/0x630 [ 23.698866] ret_from_fork+0x10/0x20 [ 23.698961] [ 23.699030] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.699120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.699164] Hardware name: linux,dummy-virt (DT) [ 23.699571] ================================================================== [ 23.796799] ================================================================== [ 23.796932] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 23.796932] [ 23.797000] Invalid free of 0x00000000b364e12a (in kfence-#99): [ 23.797110] test_double_free+0x100/0x238 [ 23.797173] kunit_try_run_case+0x170/0x3f0 [ 23.797222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.797269] kthread+0x328/0x630 [ 23.797317] ret_from_fork+0x10/0x20 [ 23.797391] [ 23.797437] kfence-#99: 0x00000000b364e12a-0x000000009b16b6b6, size=32, cache=test [ 23.797437] [ 23.797563] allocated by task 306 on cpu 0 at 23.796456s (0.001037s ago): [ 23.797657] test_alloc+0x230/0x628 [ 23.797704] test_double_free+0xd4/0x238 [ 23.797817] kunit_try_run_case+0x170/0x3f0 [ 23.798010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.798150] kthread+0x328/0x630 [ 23.798197] ret_from_fork+0x10/0x20 [ 23.798387] [ 23.798519] freed by task 306 on cpu 0 at 23.796542s (0.001917s ago): [ 23.798598] test_double_free+0xf0/0x238 [ 23.798644] kunit_try_run_case+0x170/0x3f0 [ 23.798686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.798733] kthread+0x328/0x630 [ 23.798935] ret_from_fork+0x10/0x20 [ 23.798993] [ 23.799156] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.799253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.799283] Hardware name: linux,dummy-virt (DT) [ 23.799324] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 23.266065] ================================================================== [ 23.266394] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.266394] [ 23.266661] Use-after-free read at 0x00000000876f85e2 (in kfence-#94): [ 23.266721] test_use_after_free_read+0x114/0x248 [ 23.266776] kunit_try_run_case+0x170/0x3f0 [ 23.266823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.266872] kthread+0x328/0x630 [ 23.266914] ret_from_fork+0x10/0x20 [ 23.266958] [ 23.267328] kfence-#94: 0x00000000876f85e2-0x0000000043dff4d5, size=32, cache=kmalloc-32 [ 23.267328] [ 23.267689] allocated by task 296 on cpu 0 at 23.265110s (0.002572s ago): [ 23.267784] test_alloc+0x29c/0x628 [ 23.267829] test_use_after_free_read+0xd0/0x248 [ 23.267877] kunit_try_run_case+0x170/0x3f0 [ 23.268064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.268151] kthread+0x328/0x630 [ 23.268264] ret_from_fork+0x10/0x20 [ 23.268310] [ 23.268366] freed by task 296 on cpu 0 at 23.265225s (0.003125s ago): [ 23.268440] test_use_after_free_read+0x1c0/0x248 [ 23.268545] kunit_try_run_case+0x170/0x3f0 [ 23.268694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.268749] kthread+0x328/0x630 [ 23.268818] ret_from_fork+0x10/0x20 [ 23.268896] [ 23.269280] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.269598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.269699] Hardware name: linux,dummy-virt (DT) [ 23.269740] ================================================================== [ 23.373219] ================================================================== [ 23.373499] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.373499] [ 23.373604] Use-after-free read at 0x0000000041cc4545 (in kfence-#95): [ 23.373699] test_use_after_free_read+0x114/0x248 [ 23.373752] kunit_try_run_case+0x170/0x3f0 [ 23.373848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.373898] kthread+0x328/0x630 [ 23.374199] ret_from_fork+0x10/0x20 [ 23.374369] [ 23.374417] kfence-#95: 0x0000000041cc4545-0x000000003f5d70ad, size=32, cache=test [ 23.374417] [ 23.374514] allocated by task 298 on cpu 0 at 23.372534s (0.001976s ago): [ 23.374593] test_alloc+0x230/0x628 [ 23.374637] test_use_after_free_read+0xd0/0x248 [ 23.374683] kunit_try_run_case+0x170/0x3f0 [ 23.374730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.374778] kthread+0x328/0x630 [ 23.374817] ret_from_fork+0x10/0x20 [ 23.375047] [ 23.375336] freed by task 298 on cpu 0 at 23.372616s (0.002712s ago): [ 23.375647] test_use_after_free_read+0xf0/0x248 [ 23.375707] kunit_try_run_case+0x170/0x3f0 [ 23.375754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.376442] kthread+0x328/0x630 [ 23.376711] ret_from_fork+0x10/0x20 [ 23.376761] [ 23.377010] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.377106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.377149] Hardware name: linux,dummy-virt (DT) [ 23.377189] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 22.749033] ================================================================== [ 22.749380] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.749380] [ 22.749507] Out-of-bounds write at 0x00000000017c903b (1B left of kfence-#89): [ 22.749620] test_out_of_bounds_write+0x100/0x240 [ 22.749714] kunit_try_run_case+0x170/0x3f0 [ 22.749766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.749814] kthread+0x328/0x630 [ 22.749856] ret_from_fork+0x10/0x20 [ 22.749899] [ 22.749926] kfence-#89: 0x00000000366afe49-0x000000006e336f37, size=32, cache=kmalloc-32 [ 22.749926] [ 22.750350] allocated by task 292 on cpu 0 at 22.748228s (0.001897s ago): [ 22.750450] test_alloc+0x29c/0x628 [ 22.750499] test_out_of_bounds_write+0xc8/0x240 [ 22.750748] kunit_try_run_case+0x170/0x3f0 [ 22.750808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.751035] kthread+0x328/0x630 [ 22.751183] ret_from_fork+0x10/0x20 [ 22.751234] [ 22.751540] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.751686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.751850] Hardware name: linux,dummy-virt (DT) [ 22.751956] ================================================================== [ 23.164115] ================================================================== [ 23.164282] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.164282] [ 23.164381] Out-of-bounds write at 0x0000000099e2dc1f (1B left of kfence-#93): [ 23.164650] test_out_of_bounds_write+0x100/0x240 [ 23.164714] kunit_try_run_case+0x170/0x3f0 [ 23.164815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.164866] kthread+0x328/0x630 [ 23.164907] ret_from_fork+0x10/0x20 [ 23.165000] [ 23.165060] kfence-#93: 0x00000000275bc575-0x0000000092835c4b, size=32, cache=test [ 23.165060] [ 23.165116] allocated by task 294 on cpu 0 at 23.163986s (0.001125s ago): [ 23.165292] test_alloc+0x230/0x628 [ 23.165344] test_out_of_bounds_write+0xc8/0x240 [ 23.165390] kunit_try_run_case+0x170/0x3f0 [ 23.165488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.165539] kthread+0x328/0x630 [ 23.165585] ret_from_fork+0x10/0x20 [ 23.165676] [ 23.165727] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.165816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.165847] Hardware name: linux,dummy-virt (DT) [ 23.165886] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 22.642233] ================================================================== [ 22.642330] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.642330] [ 22.642516] Out-of-bounds read at 0x000000003343e7d5 (32B right of kfence-#88): [ 22.642589] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.642801] kunit_try_run_case+0x170/0x3f0 [ 22.643051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.643145] kthread+0x328/0x630 [ 22.643376] ret_from_fork+0x10/0x20 [ 22.643527] [ 22.643615] kfence-#88: 0x00000000c50ab228-0x000000000ff063c6, size=32, cache=test [ 22.643615] [ 22.643677] allocated by task 290 on cpu 0 at 22.642031s (0.001642s ago): [ 22.644092] test_alloc+0x230/0x628 [ 22.644251] test_out_of_bounds_read+0x198/0x3e0 [ 22.644386] kunit_try_run_case+0x170/0x3f0 [ 22.644530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.644616] kthread+0x328/0x630 [ 22.644670] ret_from_fork+0x10/0x20 [ 22.645302] [ 22.645677] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.646002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.646287] Hardware name: linux,dummy-virt (DT) [ 22.646446] ================================================================== [ 22.325625] ================================================================== [ 22.325786] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.325786] [ 22.325979] Out-of-bounds read at 0x00000000e2d5ff75 (32B right of kfence-#85): [ 22.326073] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.326473] kunit_try_run_case+0x170/0x3f0 [ 22.326541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.326591] kthread+0x328/0x630 [ 22.326686] ret_from_fork+0x10/0x20 [ 22.326735] [ 22.326762] kfence-#85: 0x00000000cc60ed71-0x00000000a45ceb6b, size=32, cache=kmalloc-32 [ 22.326762] [ 22.326827] allocated by task 288 on cpu 0 at 22.324774s (0.002050s ago): [ 22.327524] test_alloc+0x29c/0x628 [ 22.327654] test_out_of_bounds_read+0x198/0x3e0 [ 22.327762] kunit_try_run_case+0x170/0x3f0 [ 22.327820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.328295] kthread+0x328/0x630 [ 22.328447] ret_from_fork+0x10/0x20 [ 22.328611] [ 22.328760] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.329253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.329430] Hardware name: linux,dummy-virt (DT) [ 22.329617] ================================================================== [ 22.224206] ================================================================== [ 22.224343] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.224343] [ 22.224497] Out-of-bounds read at 0x000000000a9498d8 (1B left of kfence-#84): [ 22.225041] test_out_of_bounds_read+0x114/0x3e0 [ 22.225218] kunit_try_run_case+0x170/0x3f0 [ 22.225278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.225334] kthread+0x328/0x630 [ 22.225430] ret_from_fork+0x10/0x20 [ 22.225476] [ 22.225504] kfence-#84: 0x00000000a176f6a2-0x0000000069bb379b, size=32, cache=kmalloc-32 [ 22.225504] [ 22.225592] allocated by task 288 on cpu 0 at 22.221678s (0.003909s ago): [ 22.225673] test_alloc+0x29c/0x628 [ 22.225718] test_out_of_bounds_read+0xdc/0x3e0 [ 22.225762] kunit_try_run_case+0x170/0x3f0 [ 22.225813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.225860] kthread+0x328/0x630 [ 22.225898] ret_from_fork+0x10/0x20 [ 22.225962] [ 22.226017] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.226105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.226608] Hardware name: linux,dummy-virt (DT) [ 22.226690] ================================================================== [ 22.539764] ================================================================== [ 22.539866] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.539866] [ 22.539964] Out-of-bounds read at 0x0000000091258391 (1B left of kfence-#87): [ 22.540033] test_out_of_bounds_read+0x114/0x3e0 [ 22.540084] kunit_try_run_case+0x170/0x3f0 [ 22.540644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.541265] kthread+0x328/0x630 [ 22.541349] ret_from_fork+0x10/0x20 [ 22.541399] [ 22.541438] kfence-#87: 0x000000005126341a-0x000000005bf7d747, size=32, cache=test [ 22.541438] [ 22.541591] allocated by task 290 on cpu 0 at 22.539070s (0.002501s ago): [ 22.541924] test_alloc+0x230/0x628 [ 22.542212] test_out_of_bounds_read+0xdc/0x3e0 [ 22.542281] kunit_try_run_case+0x170/0x3f0 [ 22.542328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.542378] kthread+0x328/0x630 [ 22.542417] ret_from_fork+0x10/0x20 [ 22.542530] [ 22.542587] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.542832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.543009] Hardware name: linux,dummy-virt (DT) [ 22.543187] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-write-in-__memset
[ 18.497996] ================================================================== [ 18.498168] BUG: KFENCE: use-after-free write in __memset+0xc/0x20 [ 18.498168] [ 18.498424] Use-after-free write at 0x00000000f886693e (in kfence-#62): [ 18.498717] __memset+0xc/0x20 [ 18.498796] kmalloc_uaf_memset+0x170/0x310 [ 18.498869] kunit_try_run_case+0x170/0x3f0 [ 18.498920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.498992] kthread+0x328/0x630 [ 18.499079] ret_from_fork+0x10/0x20 [ 18.499146] [ 18.499220] kfence-#62: 0x00000000f886693e-0x0000000097398d73, size=33, cache=kmalloc-64 [ 18.499220] [ 18.499375] allocated by task 187 on cpu 1 at 18.496273s (0.003057s ago): [ 18.499511] kmalloc_uaf_memset+0xb8/0x310 [ 18.499552] kunit_try_run_case+0x170/0x3f0 [ 18.499595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.499938] kthread+0x328/0x630 [ 18.500010] ret_from_fork+0x10/0x20 [ 18.500107] [ 18.500154] freed by task 187 on cpu 1 at 18.496371s (0.003779s ago): [ 18.500254] kmalloc_uaf_memset+0x11c/0x310 [ 18.500317] kunit_try_run_case+0x170/0x3f0 [ 18.500491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.500712] kthread+0x328/0x630 [ 18.500841] ret_from_fork+0x10/0x20 [ 18.500912] [ 18.501028] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.501209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.501314] Hardware name: linux,dummy-virt (DT) [ 18.501362] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_in_memset
[ 18.394570] ================================================================== [ 18.394686] BUG: KFENCE: memory corruption in kmalloc_oob_in_memset+0x160/0x2d0 [ 18.394686] [ 18.394756] Corrupted memory at 0x000000007f135f66 [ ! ! ! ! ! ! ! ! . . . . . . . . ] (in kfence-#61): [ 18.397498] kmalloc_oob_in_memset+0x160/0x2d0 [ 18.397561] kunit_try_run_case+0x170/0x3f0 [ 18.397765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.397874] kthread+0x328/0x630 [ 18.397979] ret_from_fork+0x10/0x20 [ 18.398160] [ 18.398676] kfence-#61: 0x00000000784ff9be-0x000000003a35dfd4, size=120, cache=kmalloc-128 [ 18.398676] [ 18.398973] allocated by task 171 on cpu 1 at 18.393103s (0.005795s ago): [ 18.399388] kmalloc_oob_in_memset+0xb0/0x2d0 [ 18.399481] kunit_try_run_case+0x170/0x3f0 [ 18.399525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.399572] kthread+0x328/0x630 [ 18.399637] ret_from_fork+0x10/0x20 [ 18.399718] [ 18.400145] freed by task 171 on cpu 1 at 18.393988s (0.005925s ago): [ 18.400370] kmalloc_oob_in_memset+0x160/0x2d0 [ 18.400508] kunit_try_run_case+0x170/0x3f0 [ 18.400637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.400753] kthread+0x328/0x630 [ 18.400852] ret_from_fork+0x10/0x20 [ 18.401010] [ 18.401506] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.401606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.401636] Hardware name: linux,dummy-virt (DT) [ 18.401677] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 22.091041] ================================================================== [ 22.091228] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 22.091327] Write of size 1 at addr fff00000c76c3a78 by task kunit_try_catch/286 [ 22.091393] [ 22.091830] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.092128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.092177] Hardware name: linux,dummy-virt (DT) [ 22.092550] Call trace: [ 22.092658] show_stack+0x20/0x38 (C) [ 22.093030] dump_stack_lvl+0x8c/0xd0 [ 22.093424] print_report+0x118/0x608 [ 22.093491] kasan_report+0xdc/0x128 [ 22.093824] __asan_report_store1_noabort+0x20/0x30 [ 22.093929] strncpy_from_user+0x270/0x2a0 [ 22.094459] copy_user_test_oob+0x5c0/0xec8 [ 22.094624] kunit_try_run_case+0x170/0x3f0 [ 22.094882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.094968] kthread+0x328/0x630 [ 22.095059] ret_from_fork+0x10/0x20 [ 22.095795] [ 22.095848] Allocated by task 286: [ 22.096329] kasan_save_stack+0x3c/0x68 [ 22.096399] kasan_save_track+0x20/0x40 [ 22.096454] kasan_save_alloc_info+0x40/0x58 [ 22.096501] __kasan_kmalloc+0xd4/0xd8 [ 22.096542] __kmalloc_noprof+0x198/0x4c8 [ 22.096587] kunit_kmalloc_array+0x34/0x88 [ 22.096631] copy_user_test_oob+0xac/0xec8 [ 22.096680] kunit_try_run_case+0x170/0x3f0 [ 22.096978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.097421] kthread+0x328/0x630 [ 22.097721] ret_from_fork+0x10/0x20 [ 22.097847] [ 22.098026] The buggy address belongs to the object at fff00000c76c3a00 [ 22.098026] which belongs to the cache kmalloc-128 of size 128 [ 22.098104] The buggy address is located 0 bytes to the right of [ 22.098104] allocated 120-byte region [fff00000c76c3a00, fff00000c76c3a78) [ 22.099399] [ 22.099449] The buggy address belongs to the physical page: [ 22.099510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 22.099610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.099847] page_type: f5(slab) [ 22.099944] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.100021] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.100071] page dumped because: kasan: bad access detected [ 22.100392] [ 22.100821] Memory state around the buggy address: [ 22.101126] fff00000c76c3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.101395] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.101521] >fff00000c76c3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.101698] ^ [ 22.101902] fff00000c76c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.101957] fff00000c76c3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.102004] ================================================================== [ 22.081363] ================================================================== [ 22.081661] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 22.081874] Write of size 121 at addr fff00000c76c3a00 by task kunit_try_catch/286 [ 22.082472] [ 22.082586] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.082831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.083087] Hardware name: linux,dummy-virt (DT) [ 22.083318] Call trace: [ 22.083405] show_stack+0x20/0x38 (C) [ 22.083688] dump_stack_lvl+0x8c/0xd0 [ 22.083745] print_report+0x118/0x608 [ 22.083895] kasan_report+0xdc/0x128 [ 22.083981] kasan_check_range+0x100/0x1a8 [ 22.084042] __kasan_check_write+0x20/0x30 [ 22.084105] strncpy_from_user+0x3c/0x2a0 [ 22.084184] copy_user_test_oob+0x5c0/0xec8 [ 22.084239] kunit_try_run_case+0x170/0x3f0 [ 22.084295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.084358] kthread+0x328/0x630 [ 22.084415] ret_from_fork+0x10/0x20 [ 22.084495] [ 22.084519] Allocated by task 286: [ 22.084554] kasan_save_stack+0x3c/0x68 [ 22.084612] kasan_save_track+0x20/0x40 [ 22.084656] kasan_save_alloc_info+0x40/0x58 [ 22.084719] __kasan_kmalloc+0xd4/0xd8 [ 22.084772] __kmalloc_noprof+0x198/0x4c8 [ 22.084817] kunit_kmalloc_array+0x34/0x88 [ 22.084861] copy_user_test_oob+0xac/0xec8 [ 22.084904] kunit_try_run_case+0x170/0x3f0 [ 22.084960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.085017] kthread+0x328/0x630 [ 22.085063] ret_from_fork+0x10/0x20 [ 22.085121] [ 22.085176] The buggy address belongs to the object at fff00000c76c3a00 [ 22.085176] which belongs to the cache kmalloc-128 of size 128 [ 22.085541] The buggy address is located 0 bytes inside of [ 22.085541] allocated 120-byte region [fff00000c76c3a00, fff00000c76c3a78) [ 22.085693] [ 22.086032] The buggy address belongs to the physical page: [ 22.086076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 22.086172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.086641] page_type: f5(slab) [ 22.086924] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.087176] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.087231] page dumped because: kasan: bad access detected [ 22.087271] [ 22.087493] Memory state around the buggy address: [ 22.087572] fff00000c76c3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.087951] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.088189] >fff00000c76c3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.088288] ^ [ 22.088634] fff00000c76c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.088746] fff00000c76c3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.088822] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 21.972445] ================================================================== [ 21.973294] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 21.973491] Write of size 121 at addr fff00000c76c3a00 by task kunit_try_catch/286 [ 21.973886] [ 21.973967] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.974082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.974116] Hardware name: linux,dummy-virt (DT) [ 21.974166] Call trace: [ 21.974196] show_stack+0x20/0x38 (C) [ 21.974261] dump_stack_lvl+0x8c/0xd0 [ 21.974321] print_report+0x118/0x608 [ 21.974374] kasan_report+0xdc/0x128 [ 21.974425] kasan_check_range+0x100/0x1a8 [ 21.974481] __kasan_check_write+0x20/0x30 [ 21.974532] copy_user_test_oob+0x234/0xec8 [ 21.974583] kunit_try_run_case+0x170/0x3f0 [ 21.974640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.974699] kthread+0x328/0x630 [ 21.974749] ret_from_fork+0x10/0x20 [ 21.974806] [ 21.974829] Allocated by task 286: [ 21.974866] kasan_save_stack+0x3c/0x68 [ 21.975017] kasan_save_track+0x20/0x40 [ 21.975097] kasan_save_alloc_info+0x40/0x58 [ 21.976122] __kasan_kmalloc+0xd4/0xd8 [ 21.976594] __kmalloc_noprof+0x198/0x4c8 [ 21.976972] kunit_kmalloc_array+0x34/0x88 [ 21.977089] copy_user_test_oob+0xac/0xec8 [ 21.977292] kunit_try_run_case+0x170/0x3f0 [ 21.977396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.977874] kthread+0x328/0x630 [ 21.978091] ret_from_fork+0x10/0x20 [ 21.978217] [ 21.978299] The buggy address belongs to the object at fff00000c76c3a00 [ 21.978299] which belongs to the cache kmalloc-128 of size 128 [ 21.979047] The buggy address is located 0 bytes inside of [ 21.979047] allocated 120-byte region [fff00000c76c3a00, fff00000c76c3a78) [ 21.979219] [ 21.979478] The buggy address belongs to the physical page: [ 21.979528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 21.979603] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.979667] page_type: f5(slab) [ 21.979871] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.980321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.980453] page dumped because: kasan: bad access detected [ 21.980628] [ 21.980706] Memory state around the buggy address: [ 21.981146] fff00000c76c3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.981555] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.982142] >fff00000c76c3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.982290] ^ [ 21.982572] fff00000c76c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.982818] fff00000c76c3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.982926] ================================================================== [ 22.061149] ================================================================== [ 22.061408] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 22.061830] Read of size 121 at addr fff00000c76c3a00 by task kunit_try_catch/286 [ 22.062052] [ 22.062170] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.062274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.062304] Hardware name: linux,dummy-virt (DT) [ 22.062588] Call trace: [ 22.062775] show_stack+0x20/0x38 (C) [ 22.062854] dump_stack_lvl+0x8c/0xd0 [ 22.063103] print_report+0x118/0x608 [ 22.063421] kasan_report+0xdc/0x128 [ 22.063687] kasan_check_range+0x100/0x1a8 [ 22.063920] __kasan_check_read+0x20/0x30 [ 22.064107] copy_user_test_oob+0x4a0/0xec8 [ 22.064271] kunit_try_run_case+0x170/0x3f0 [ 22.064342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.064404] kthread+0x328/0x630 [ 22.064459] ret_from_fork+0x10/0x20 [ 22.064519] [ 22.064542] Allocated by task 286: [ 22.064578] kasan_save_stack+0x3c/0x68 [ 22.064842] kasan_save_track+0x20/0x40 [ 22.065268] kasan_save_alloc_info+0x40/0x58 [ 22.065580] __kasan_kmalloc+0xd4/0xd8 [ 22.065752] __kmalloc_noprof+0x198/0x4c8 [ 22.065937] kunit_kmalloc_array+0x34/0x88 [ 22.065996] copy_user_test_oob+0xac/0xec8 [ 22.066046] kunit_try_run_case+0x170/0x3f0 [ 22.066090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.066218] kthread+0x328/0x630 [ 22.066270] ret_from_fork+0x10/0x20 [ 22.066315] [ 22.066351] The buggy address belongs to the object at fff00000c76c3a00 [ 22.066351] which belongs to the cache kmalloc-128 of size 128 [ 22.066444] The buggy address is located 0 bytes inside of [ 22.066444] allocated 120-byte region [fff00000c76c3a00, fff00000c76c3a78) [ 22.066518] [ 22.066558] The buggy address belongs to the physical page: [ 22.066608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 22.066671] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.066747] page_type: f5(slab) [ 22.066805] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.066866] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.066927] page dumped because: kasan: bad access detected [ 22.066965] [ 22.066997] Memory state around the buggy address: [ 22.067038] fff00000c76c3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.067315] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.067398] >fff00000c76c3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.067928] ^ [ 22.068362] fff00000c76c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.068428] fff00000c76c3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.068659] ================================================================== [ 22.049300] ================================================================== [ 22.049388] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 22.049462] Write of size 121 at addr fff00000c76c3a00 by task kunit_try_catch/286 [ 22.049525] [ 22.049571] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.049662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.049694] Hardware name: linux,dummy-virt (DT) [ 22.049968] Call trace: [ 22.050013] show_stack+0x20/0x38 (C) [ 22.050077] dump_stack_lvl+0x8c/0xd0 [ 22.050149] print_report+0x118/0x608 [ 22.050204] kasan_report+0xdc/0x128 [ 22.050252] kasan_check_range+0x100/0x1a8 [ 22.050306] __kasan_check_write+0x20/0x30 [ 22.050354] copy_user_test_oob+0x434/0xec8 [ 22.050408] kunit_try_run_case+0x170/0x3f0 [ 22.050461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.050520] kthread+0x328/0x630 [ 22.050586] ret_from_fork+0x10/0x20 [ 22.050644] [ 22.050666] Allocated by task 286: [ 22.050702] kasan_save_stack+0x3c/0x68 [ 22.050750] kasan_save_track+0x20/0x40 [ 22.050794] kasan_save_alloc_info+0x40/0x58 [ 22.050839] __kasan_kmalloc+0xd4/0xd8 [ 22.050891] __kmalloc_noprof+0x198/0x4c8 [ 22.050934] kunit_kmalloc_array+0x34/0x88 [ 22.050985] copy_user_test_oob+0xac/0xec8 [ 22.051026] kunit_try_run_case+0x170/0x3f0 [ 22.051070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.052155] kthread+0x328/0x630 [ 22.052205] ret_from_fork+0x10/0x20 [ 22.052261] [ 22.052287] The buggy address belongs to the object at fff00000c76c3a00 [ 22.052287] which belongs to the cache kmalloc-128 of size 128 [ 22.053043] The buggy address is located 0 bytes inside of [ 22.053043] allocated 120-byte region [fff00000c76c3a00, fff00000c76c3a78) [ 22.053337] [ 22.053489] The buggy address belongs to the physical page: [ 22.053543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 22.053719] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.053784] page_type: f5(slab) [ 22.054433] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.054518] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.055059] page dumped because: kasan: bad access detected [ 22.055428] [ 22.055798] Memory state around the buggy address: [ 22.055856] fff00000c76c3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.055912] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.056418] >fff00000c76c3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.056559] ^ [ 22.056812] fff00000c76c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.057026] fff00000c76c3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.057461] ================================================================== [ 22.036600] ================================================================== [ 22.036682] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 22.037149] Read of size 121 at addr fff00000c76c3a00 by task kunit_try_catch/286 [ 22.037234] [ 22.037278] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.037386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.037419] Hardware name: linux,dummy-virt (DT) [ 22.037456] Call trace: [ 22.037482] show_stack+0x20/0x38 (C) [ 22.037541] dump_stack_lvl+0x8c/0xd0 [ 22.037636] print_report+0x118/0x608 [ 22.037692] kasan_report+0xdc/0x128 [ 22.037743] kasan_check_range+0x100/0x1a8 [ 22.037795] __kasan_check_read+0x20/0x30 [ 22.037845] copy_user_test_oob+0x3c8/0xec8 [ 22.037897] kunit_try_run_case+0x170/0x3f0 [ 22.037950] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.038027] kthread+0x328/0x630 [ 22.038074] ret_from_fork+0x10/0x20 [ 22.038127] [ 22.039481] Allocated by task 286: [ 22.039786] kasan_save_stack+0x3c/0x68 [ 22.040027] kasan_save_track+0x20/0x40 [ 22.040083] kasan_save_alloc_info+0x40/0x58 [ 22.040334] __kasan_kmalloc+0xd4/0xd8 [ 22.040744] __kmalloc_noprof+0x198/0x4c8 [ 22.040862] kunit_kmalloc_array+0x34/0x88 [ 22.041188] copy_user_test_oob+0xac/0xec8 [ 22.041371] kunit_try_run_case+0x170/0x3f0 [ 22.041482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.041541] kthread+0x328/0x630 [ 22.041767] ret_from_fork+0x10/0x20 [ 22.041923] [ 22.042374] The buggy address belongs to the object at fff00000c76c3a00 [ 22.042374] which belongs to the cache kmalloc-128 of size 128 [ 22.042591] The buggy address is located 0 bytes inside of [ 22.042591] allocated 120-byte region [fff00000c76c3a00, fff00000c76c3a78) [ 22.042906] [ 22.042940] The buggy address belongs to the physical page: [ 22.043273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 22.043901] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.044084] page_type: f5(slab) [ 22.044220] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.044477] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.044533] page dumped because: kasan: bad access detected [ 22.044644] [ 22.044941] Memory state around the buggy address: [ 22.045001] fff00000c76c3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.045534] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.045872] >fff00000c76c3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.046197] ^ [ 22.046467] fff00000c76c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.046875] fff00000c76c3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.046937] ================================================================== [ 22.023788] ================================================================== [ 22.023903] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 22.023983] Write of size 121 at addr fff00000c76c3a00 by task kunit_try_catch/286 [ 22.024206] [ 22.024293] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.024701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.024750] Hardware name: linux,dummy-virt (DT) [ 22.024978] Call trace: [ 22.025015] show_stack+0x20/0x38 (C) [ 22.025098] dump_stack_lvl+0x8c/0xd0 [ 22.025394] print_report+0x118/0x608 [ 22.025470] kasan_report+0xdc/0x128 [ 22.025596] kasan_check_range+0x100/0x1a8 [ 22.025713] __kasan_check_write+0x20/0x30 [ 22.025937] copy_user_test_oob+0x35c/0xec8 [ 22.026081] kunit_try_run_case+0x170/0x3f0 [ 22.026361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.026789] kthread+0x328/0x630 [ 22.026922] ret_from_fork+0x10/0x20 [ 22.027048] [ 22.027383] Allocated by task 286: [ 22.027494] kasan_save_stack+0x3c/0x68 [ 22.027744] kasan_save_track+0x20/0x40 [ 22.027948] kasan_save_alloc_info+0x40/0x58 [ 22.028015] __kasan_kmalloc+0xd4/0xd8 [ 22.028058] __kmalloc_noprof+0x198/0x4c8 [ 22.028504] kunit_kmalloc_array+0x34/0x88 [ 22.028764] copy_user_test_oob+0xac/0xec8 [ 22.029080] kunit_try_run_case+0x170/0x3f0 [ 22.029225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.029454] kthread+0x328/0x630 [ 22.029602] ret_from_fork+0x10/0x20 [ 22.030428] [ 22.030484] The buggy address belongs to the object at fff00000c76c3a00 [ 22.030484] which belongs to the cache kmalloc-128 of size 128 [ 22.030583] The buggy address is located 0 bytes inside of [ 22.030583] allocated 120-byte region [fff00000c76c3a00, fff00000c76c3a78) [ 22.030694] [ 22.030938] The buggy address belongs to the physical page: [ 22.031235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 22.031353] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.031420] page_type: f5(slab) [ 22.031471] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.031530] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.032271] page dumped because: kasan: bad access detected [ 22.032345] [ 22.032593] Memory state around the buggy address: [ 22.032643] fff00000c76c3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.032905] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.033331] >fff00000c76c3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.033621] ^ [ 22.033942] fff00000c76c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.034013] fff00000c76c3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.034198] ================================================================== [ 21.993314] ================================================================== [ 21.994919] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 21.995051] Read of size 121 at addr fff00000c76c3a00 by task kunit_try_catch/286 [ 21.995313] [ 21.995515] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.995728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.996095] Hardware name: linux,dummy-virt (DT) [ 21.996335] Call trace: [ 21.996586] show_stack+0x20/0x38 (C) [ 21.996800] dump_stack_lvl+0x8c/0xd0 [ 21.996954] print_report+0x118/0x608 [ 21.997093] kasan_report+0xdc/0x128 [ 21.997213] kasan_check_range+0x100/0x1a8 [ 21.997767] __kasan_check_read+0x20/0x30 [ 21.997852] copy_user_test_oob+0x728/0xec8 [ 21.998223] kunit_try_run_case+0x170/0x3f0 [ 21.998537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.998816] kthread+0x328/0x630 [ 21.998915] ret_from_fork+0x10/0x20 [ 21.998998] [ 21.999034] Allocated by task 286: [ 21.999079] kasan_save_stack+0x3c/0x68 [ 21.999777] kasan_save_track+0x20/0x40 [ 22.000552] kasan_save_alloc_info+0x40/0x58 [ 22.000886] __kasan_kmalloc+0xd4/0xd8 [ 22.001275] __kmalloc_noprof+0x198/0x4c8 [ 22.001393] kunit_kmalloc_array+0x34/0x88 [ 22.001579] copy_user_test_oob+0xac/0xec8 [ 22.001694] kunit_try_run_case+0x170/0x3f0 [ 22.001931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.002167] kthread+0x328/0x630 [ 22.002290] ret_from_fork+0x10/0x20 [ 22.002757] [ 22.002869] The buggy address belongs to the object at fff00000c76c3a00 [ 22.002869] which belongs to the cache kmalloc-128 of size 128 [ 22.003008] The buggy address is located 0 bytes inside of [ 22.003008] allocated 120-byte region [fff00000c76c3a00, fff00000c76c3a78) [ 22.003446] [ 22.003504] The buggy address belongs to the physical page: [ 22.003570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 22.003662] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.003725] page_type: f5(slab) [ 22.003774] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.003833] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.004267] page dumped because: kasan: bad access detected [ 22.004901] [ 22.005017] Memory state around the buggy address: [ 22.005199] fff00000c76c3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.005255] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.005582] >fff00000c76c3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.005727] ^ [ 22.006259] fff00000c76c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.006338] fff00000c76c3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.006391] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.922219] ================================================================== [ 21.922287] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 21.922520] Write of size 8 at addr fff00000c76c3978 by task kunit_try_catch/282 [ 21.922594] [ 21.922634] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.923118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.923259] Hardware name: linux,dummy-virt (DT) [ 21.923578] Call trace: [ 21.923616] show_stack+0x20/0x38 (C) [ 21.923677] dump_stack_lvl+0x8c/0xd0 [ 21.923762] print_report+0x118/0x608 [ 21.923814] kasan_report+0xdc/0x128 [ 21.923865] kasan_check_range+0x100/0x1a8 [ 21.924102] __kasan_check_write+0x20/0x30 [ 21.924288] copy_to_kernel_nofault+0x8c/0x250 [ 21.924453] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 21.924546] kunit_try_run_case+0x170/0x3f0 [ 21.924638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.924735] kthread+0x328/0x630 [ 21.924811] ret_from_fork+0x10/0x20 [ 21.924895] [ 21.924997] Allocated by task 282: [ 21.925035] kasan_save_stack+0x3c/0x68 [ 21.925226] kasan_save_track+0x20/0x40 [ 21.925296] kasan_save_alloc_info+0x40/0x58 [ 21.925406] __kasan_kmalloc+0xd4/0xd8 [ 21.925505] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.925571] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.925617] kunit_try_run_case+0x170/0x3f0 [ 21.925711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.925958] kthread+0x328/0x630 [ 21.926040] ret_from_fork+0x10/0x20 [ 21.926081] [ 21.926103] The buggy address belongs to the object at fff00000c76c3900 [ 21.926103] which belongs to the cache kmalloc-128 of size 128 [ 21.926744] The buggy address is located 0 bytes to the right of [ 21.926744] allocated 120-byte region [fff00000c76c3900, fff00000c76c3978) [ 21.927037] [ 21.927348] The buggy address belongs to the physical page: [ 21.927426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 21.927621] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.927704] page_type: f5(slab) [ 21.927807] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.927868] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.927941] page dumped because: kasan: bad access detected [ 21.927980] [ 21.928001] Memory state around the buggy address: [ 21.928040] fff00000c76c3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.928093] fff00000c76c3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.928157] >fff00000c76c3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.928243] ^ [ 21.928296] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.928347] fff00000c76c3a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.928392] ================================================================== [ 21.914461] ================================================================== [ 21.914782] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 21.914869] Read of size 8 at addr fff00000c76c3978 by task kunit_try_catch/282 [ 21.915041] [ 21.915090] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.915209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.915671] Hardware name: linux,dummy-virt (DT) [ 21.916082] Call trace: [ 21.916235] show_stack+0x20/0x38 (C) [ 21.916385] dump_stack_lvl+0x8c/0xd0 [ 21.916527] print_report+0x118/0x608 [ 21.916581] kasan_report+0xdc/0x128 [ 21.916630] __asan_report_load8_noabort+0x20/0x30 [ 21.916712] copy_to_kernel_nofault+0x204/0x250 [ 21.916792] copy_to_kernel_nofault_oob+0x158/0x418 [ 21.917002] kunit_try_run_case+0x170/0x3f0 [ 21.917067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.917235] kthread+0x328/0x630 [ 21.917295] ret_from_fork+0x10/0x20 [ 21.917383] [ 21.917500] Allocated by task 282: [ 21.917542] kasan_save_stack+0x3c/0x68 [ 21.917819] kasan_save_track+0x20/0x40 [ 21.917891] kasan_save_alloc_info+0x40/0x58 [ 21.917937] __kasan_kmalloc+0xd4/0xd8 [ 21.917981] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.918107] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.918180] kunit_try_run_case+0x170/0x3f0 [ 21.918480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.918581] kthread+0x328/0x630 [ 21.918629] ret_from_fork+0x10/0x20 [ 21.918746] [ 21.918771] The buggy address belongs to the object at fff00000c76c3900 [ 21.918771] which belongs to the cache kmalloc-128 of size 128 [ 21.918844] The buggy address is located 0 bytes to the right of [ 21.918844] allocated 120-byte region [fff00000c76c3900, fff00000c76c3978) [ 21.918945] [ 21.918979] The buggy address belongs to the physical page: [ 21.919020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 21.919305] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.919494] page_type: f5(slab) [ 21.919548] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.919608] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.919922] page dumped because: kasan: bad access detected [ 21.920021] [ 21.920043] Memory state around the buggy address: [ 21.920118] fff00000c76c3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.920193] fff00000c76c3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.920272] >fff00000c76c3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.920330] ^ [ 21.920543] fff00000c76c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.920868] fff00000c76c3a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.920948] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 21.852461] ================================================================== [ 21.852601] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 21.852769] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 21.852847] [ 21.852893] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.852989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.853019] Hardware name: linux,dummy-virt (DT) [ 21.853060] Call trace: [ 21.853281] show_stack+0x20/0x38 (C) [ 21.853677] dump_stack_lvl+0x8c/0xd0 [ 21.853790] print_report+0x310/0x608 [ 21.853954] kasan_report+0xdc/0x128 [ 21.854127] __asan_report_load1_noabort+0x20/0x30 [ 21.854353] vmalloc_oob+0x578/0x5d0 [ 21.854507] kunit_try_run_case+0x170/0x3f0 [ 21.854606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.854865] kthread+0x328/0x630 [ 21.854918] ret_from_fork+0x10/0x20 [ 21.855062] [ 21.855102] The buggy address belongs to the virtual mapping at [ 21.855102] [ffff8000800fe000, ffff800080100000) created by: [ 21.855102] vmalloc_oob+0x98/0x5d0 [ 21.855473] [ 21.855503] The buggy address belongs to the physical page: [ 21.855544] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d4 [ 21.855609] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.855693] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.855848] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.855941] page dumped because: kasan: bad access detected [ 21.855979] [ 21.856024] Memory state around the buggy address: [ 21.856079] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.856168] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.856220] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.856266] ^ [ 21.856314] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.856435] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.856484] ================================================================== [ 21.857791] ================================================================== [ 21.857854] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 21.857911] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 21.857969] [ 21.858206] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.858556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.858819] Hardware name: linux,dummy-virt (DT) [ 21.858905] Call trace: [ 21.859045] show_stack+0x20/0x38 (C) [ 21.859117] dump_stack_lvl+0x8c/0xd0 [ 21.859186] print_report+0x310/0x608 [ 21.859268] kasan_report+0xdc/0x128 [ 21.859320] __asan_report_load1_noabort+0x20/0x30 [ 21.859474] vmalloc_oob+0x51c/0x5d0 [ 21.859529] kunit_try_run_case+0x170/0x3f0 [ 21.859602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.859693] kthread+0x328/0x630 [ 21.859754] ret_from_fork+0x10/0x20 [ 21.859920] [ 21.859953] The buggy address belongs to the virtual mapping at [ 21.859953] [ffff8000800fe000, ffff800080100000) created by: [ 21.859953] vmalloc_oob+0x98/0x5d0 [ 21.860079] [ 21.860249] The buggy address belongs to the physical page: [ 21.860468] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d4 [ 21.860562] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.860648] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.860760] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.860810] page dumped because: kasan: bad access detected [ 21.860916] [ 21.860981] Memory state around the buggy address: [ 21.861027] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.861244] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.861318] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.861363] ^ [ 21.861499] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.861548] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.861594] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 21.501323] ================================================================== [ 21.501399] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 21.501463] Write of size 4 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.502205] [ 21.502733] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.502881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.502914] Hardware name: linux,dummy-virt (DT) [ 21.502955] Call trace: [ 21.504009] show_stack+0x20/0x38 (C) [ 21.504189] dump_stack_lvl+0x8c/0xd0 [ 21.504247] print_report+0x118/0x608 [ 21.504302] kasan_report+0xdc/0x128 [ 21.504354] kasan_check_range+0x100/0x1a8 [ 21.504409] __kasan_check_write+0x20/0x30 [ 21.504461] kasan_atomics_helper+0xad4/0x4858 [ 21.504516] kasan_atomics+0x198/0x2e0 [ 21.504567] kunit_try_run_case+0x170/0x3f0 [ 21.504622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.504681] kthread+0x328/0x630 [ 21.504730] ret_from_fork+0x10/0x20 [ 21.504897] kasan_save_track+0x20/0x40 [ 21.506142] __kasan_kmalloc+0xd4/0xd8 [ 21.506187] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.506234] kasan_atomics+0xb8/0x2e0 [ 21.506708] kunit_try_run_case+0x170/0x3f0 [ 21.506798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.506854] kthread+0x328/0x630 [ 21.506894] ret_from_fork+0x10/0x20 [ 21.506937] [ 21.506962] The buggy address belongs to the object at fff00000c76da700 [ 21.506962] which belongs to the cache kmalloc-64 of size 64 [ 21.507046] The buggy address is located 0 bytes to the right of [ 21.507046] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.507124] [ 21.507526] The buggy address belongs to the physical page: [ 21.507570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.507640] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.507810] page_type: f5(slab) [ 21.507859] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.508405] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.508855] page dumped because: kasan: bad access detected [ 21.508947] [ 21.508970] Memory state around the buggy address: [ 21.509011] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.509412] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.509468] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.509716] ^ [ 21.510047] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.510142] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.510190] ================================================================== [ 21.668843] ================================================================== [ 21.668922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 21.669372] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.669455] [ 21.669498] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.669601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.669955] Hardware name: linux,dummy-virt (DT) [ 21.670357] Call trace: [ 21.670421] show_stack+0x20/0x38 (C) [ 21.670524] dump_stack_lvl+0x8c/0xd0 [ 21.670583] print_report+0x118/0x608 [ 21.670636] kasan_report+0xdc/0x128 [ 21.670697] kasan_check_range+0x100/0x1a8 [ 21.670754] __kasan_check_write+0x20/0x30 [ 21.670804] kasan_atomics_helper+0x1058/0x4858 [ 21.670870] kasan_atomics+0x198/0x2e0 [ 21.670920] kunit_try_run_case+0x170/0x3f0 [ 21.670988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.671047] kthread+0x328/0x630 [ 21.671094] ret_from_fork+0x10/0x20 [ 21.671390] [ 21.671416] Allocated by task 266: [ 21.671773] kasan_save_stack+0x3c/0x68 [ 21.671865] kasan_save_track+0x20/0x40 [ 21.672219] kasan_save_alloc_info+0x40/0x58 [ 21.672391] __kasan_kmalloc+0xd4/0xd8 [ 21.672493] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.673237] kasan_atomics+0xb8/0x2e0 [ 21.673308] kunit_try_run_case+0x170/0x3f0 [ 21.673352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.673785] kthread+0x328/0x630 [ 21.674196] ret_from_fork+0x10/0x20 [ 21.674314] [ 21.674399] The buggy address belongs to the object at fff00000c76da700 [ 21.674399] which belongs to the cache kmalloc-64 of size 64 [ 21.674826] The buggy address is located 0 bytes to the right of [ 21.674826] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.675242] [ 21.675410] The buggy address belongs to the physical page: [ 21.675483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.675553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.675613] page_type: f5(slab) [ 21.675663] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.675724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.675774] page dumped because: kasan: bad access detected [ 21.676187] [ 21.676306] Memory state around the buggy address: [ 21.676786] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.676857] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.677194] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.677272] ^ [ 21.677460] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.677535] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.677580] ================================================================== [ 21.460899] ================================================================== [ 21.460987] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 21.461143] Read of size 4 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.461581] [ 21.461650] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.461805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.461846] Hardware name: linux,dummy-virt (DT) [ 21.462372] Call trace: [ 21.462497] show_stack+0x20/0x38 (C) [ 21.462861] dump_stack_lvl+0x8c/0xd0 [ 21.462999] print_report+0x118/0x608 [ 21.463205] kasan_report+0xdc/0x128 [ 21.466327] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.466476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.466992] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.468970] ^ [ 21.472040] [ 21.473147] dump_stack_lvl+0x8c/0xd0 [ 21.473583] print_report+0x118/0x608 [ 21.473789] kasan_report+0xdc/0x128 [ 21.474106] kasan_check_range+0x100/0x1a8 [ 21.474361] __kasan_check_write+0x20/0x30 [ 21.474505] kasan_atomics_helper+0x934/0x4858 [ 21.474988] kasan_atomics+0x198/0x2e0 [ 21.475086] kunit_try_run_case+0x170/0x3f0 [ 21.475195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.475256] kthread+0x328/0x630 [ 21.475597] ret_from_fork+0x10/0x20 [ 21.475704] [ 21.475730] Allocated by task 266: [ 21.475766] kasan_save_stack+0x3c/0x68 [ 21.475814] kasan_save_track+0x20/0x40 [ 21.475856] kasan_save_alloc_info+0x40/0x58 [ 21.475902] __kasan_kmalloc+0xd4/0xd8 [ 21.475943] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.476002] kasan_atomics+0xb8/0x2e0 [ 21.476053] kunit_try_run_case+0x170/0x3f0 [ 21.476105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.476166] kthread+0x328/0x630 [ 21.476211] ret_from_fork+0x10/0x20 [ 21.476253] [ 21.476297] The buggy address belongs to the object at fff00000c76da700 [ 21.476297] which belongs to the cache kmalloc-64 of size 64 [ 21.476367] The buggy address is located 0 bytes to the right of [ 21.476367] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.476441] [ 21.476466] The buggy address belongs to the physical page: [ 21.476504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.476592] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.476659] page_type: f5(slab) [ 21.476716] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.476781] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.476845] page dumped because: kasan: bad access detected [ 21.476895] [ 21.476927] Memory state around the buggy address: [ 21.476967] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.477028] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.477090] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.477644] ^ [ 21.478019] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.478208] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.478937] ================================================================== [ 21.680298] ================================================================== [ 21.680378] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 21.680447] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.680507] [ 21.680550] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.680646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.680678] Hardware name: linux,dummy-virt (DT) [ 21.681335] Call trace: [ 21.681533] show_stack+0x20/0x38 (C) [ 21.681970] dump_stack_lvl+0x8c/0xd0 [ 21.682302] print_report+0x118/0x608 [ 21.682367] kasan_report+0xdc/0x128 [ 21.682510] kasan_check_range+0x100/0x1a8 [ 21.682568] __kasan_check_write+0x20/0x30 [ 21.682617] kasan_atomics_helper+0x10c0/0x4858 [ 21.682739] kasan_atomics+0x198/0x2e0 [ 21.682793] kunit_try_run_case+0x170/0x3f0 [ 21.683181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.683318] kthread+0x328/0x630 [ 21.683720] ret_from_fork+0x10/0x20 [ 21.683902] [ 21.684005] Allocated by task 266: [ 21.684266] kasan_save_stack+0x3c/0x68 [ 21.684325] kasan_save_track+0x20/0x40 [ 21.684368] kasan_save_alloc_info+0x40/0x58 [ 21.684754] __kasan_kmalloc+0xd4/0xd8 [ 21.684832] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.685059] kasan_atomics+0xb8/0x2e0 [ 21.685420] kunit_try_run_case+0x170/0x3f0 [ 21.685507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.685645] kthread+0x328/0x630 [ 21.685697] ret_from_fork+0x10/0x20 [ 21.685786] [ 21.685814] The buggy address belongs to the object at fff00000c76da700 [ 21.685814] which belongs to the cache kmalloc-64 of size 64 [ 21.685889] The buggy address is located 0 bytes to the right of [ 21.685889] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.685970] [ 21.686005] The buggy address belongs to the physical page: [ 21.686055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.686140] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.686209] page_type: f5(slab) [ 21.686265] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.686327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.686376] page dumped because: kasan: bad access detected [ 21.686415] [ 21.686452] Memory state around the buggy address: [ 21.686493] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.686545] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.686606] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.686670] ^ [ 21.686718] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.686768] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.686812] ================================================================== [ 21.584530] ================================================================== [ 21.585112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 21.585208] Read of size 4 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.585359] [ 21.585441] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.586000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.586083] Hardware name: linux,dummy-virt (DT) [ 21.586361] Call trace: [ 21.586420] show_stack+0x20/0x38 (C) [ 21.586486] dump_stack_lvl+0x8c/0xd0 [ 21.586619] print_report+0x118/0x608 [ 21.586710] kasan_report+0xdc/0x128 [ 21.586863] __asan_report_load4_noabort+0x20/0x30 [ 21.586923] kasan_atomics_helper+0x3e04/0x4858 [ 21.587007] kasan_atomics+0x198/0x2e0 [ 21.587066] kunit_try_run_case+0x170/0x3f0 [ 21.587387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.587694] kthread+0x328/0x630 [ 21.587763] ret_from_fork+0x10/0x20 [ 21.587919] [ 21.587974] Allocated by task 266: [ 21.588012] kasan_save_stack+0x3c/0x68 [ 21.588063] kasan_save_track+0x20/0x40 [ 21.588105] kasan_save_alloc_info+0x40/0x58 [ 21.588165] __kasan_kmalloc+0xd4/0xd8 [ 21.588207] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.588272] kasan_atomics+0xb8/0x2e0 [ 21.588315] kunit_try_run_case+0x170/0x3f0 [ 21.588359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.588415] kthread+0x328/0x630 [ 21.588458] ret_from_fork+0x10/0x20 [ 21.588511] [ 21.588562] The buggy address belongs to the object at fff00000c76da700 [ 21.588562] which belongs to the cache kmalloc-64 of size 64 [ 21.588637] The buggy address is located 0 bytes to the right of [ 21.588637] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.588720] [ 21.588753] The buggy address belongs to the physical page: [ 21.588803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.588867] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.588926] page_type: f5(slab) [ 21.588983] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.589053] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.589101] page dumped because: kasan: bad access detected [ 21.589874] [ 21.589926] Memory state around the buggy address: [ 21.589999] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.590377] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.590481] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.591091] ^ [ 21.591196] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.591424] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.591553] ================================================================== [ 21.564702] ================================================================== [ 21.564805] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 21.564876] Read of size 4 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.565209] [ 21.565471] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.565649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.565722] Hardware name: linux,dummy-virt (DT) [ 21.565793] Call trace: [ 21.565830] show_stack+0x20/0x38 (C) [ 21.566145] dump_stack_lvl+0x8c/0xd0 [ 21.566230] print_report+0x118/0x608 [ 21.566380] kasan_report+0xdc/0x128 [ 21.566436] __asan_report_load4_noabort+0x20/0x30 [ 21.566500] kasan_atomics_helper+0x3dd8/0x4858 [ 21.566699] kasan_atomics+0x198/0x2e0 [ 21.566887] kunit_try_run_case+0x170/0x3f0 [ 21.567081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.567286] kthread+0x328/0x630 [ 21.567692] ret_from_fork+0x10/0x20 [ 21.567896] [ 21.567968] Allocated by task 266: [ 21.568114] kasan_save_stack+0x3c/0x68 [ 21.568320] kasan_save_track+0x20/0x40 [ 21.568365] kasan_save_alloc_info+0x40/0x58 [ 21.568411] __kasan_kmalloc+0xd4/0xd8 [ 21.568777] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.568853] kasan_atomics+0xb8/0x2e0 [ 21.568896] kunit_try_run_case+0x170/0x3f0 [ 21.569248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.569542] kthread+0x328/0x630 [ 21.569696] ret_from_fork+0x10/0x20 [ 21.569739] [ 21.569794] The buggy address belongs to the object at fff00000c76da700 [ 21.569794] which belongs to the cache kmalloc-64 of size 64 [ 21.570150] The buggy address is located 0 bytes to the right of [ 21.570150] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.570390] [ 21.570527] The buggy address belongs to the physical page: [ 21.570700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.570838] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.570899] page_type: f5(slab) [ 21.570952] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.571011] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.571302] page dumped because: kasan: bad access detected [ 21.571534] [ 21.571567] Memory state around the buggy address: [ 21.571609] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.572039] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.572149] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.572585] ^ [ 21.572703] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.572884] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.573097] ================================================================== [ 21.785489] ================================================================== [ 21.785641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 21.785742] Read of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.785880] [ 21.785926] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.786159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.786206] Hardware name: linux,dummy-virt (DT) [ 21.786264] Call trace: [ 21.786388] show_stack+0x20/0x38 (C) [ 21.786456] dump_stack_lvl+0x8c/0xd0 [ 21.786586] print_report+0x118/0x608 [ 21.786691] kasan_report+0xdc/0x128 [ 21.786824] __asan_report_load8_noabort+0x20/0x30 [ 21.787019] kasan_atomics_helper+0x3db0/0x4858 [ 21.787092] kasan_atomics+0x198/0x2e0 [ 21.787270] kunit_try_run_case+0x170/0x3f0 [ 21.787498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.787584] kthread+0x328/0x630 [ 21.787638] ret_from_fork+0x10/0x20 [ 21.787694] [ 21.787717] Allocated by task 266: [ 21.787750] kasan_save_stack+0x3c/0x68 [ 21.788037] kasan_save_track+0x20/0x40 [ 21.788188] kasan_save_alloc_info+0x40/0x58 [ 21.788238] __kasan_kmalloc+0xd4/0xd8 [ 21.788323] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.788400] kasan_atomics+0xb8/0x2e0 [ 21.788445] kunit_try_run_case+0x170/0x3f0 [ 21.788498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.788548] kthread+0x328/0x630 [ 21.788596] ret_from_fork+0x10/0x20 [ 21.788648] [ 21.788686] The buggy address belongs to the object at fff00000c76da700 [ 21.788686] which belongs to the cache kmalloc-64 of size 64 [ 21.788759] The buggy address is located 0 bytes to the right of [ 21.788759] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.788849] [ 21.788876] The buggy address belongs to the physical page: [ 21.788924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.789008] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.789084] page_type: f5(slab) [ 21.789141] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.789533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.789585] page dumped because: kasan: bad access detected [ 21.789969] [ 21.790059] Memory state around the buggy address: [ 21.790413] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.790542] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.790766] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.790936] ^ [ 21.791086] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.791232] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.791325] ================================================================== [ 21.730451] ================================================================== [ 21.730584] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 21.730653] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.731126] [ 21.731431] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.731594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.731737] Hardware name: linux,dummy-virt (DT) [ 21.731788] Call trace: [ 21.731882] show_stack+0x20/0x38 (C) [ 21.731968] dump_stack_lvl+0x8c/0xd0 [ 21.732026] print_report+0x118/0x608 [ 21.732078] kasan_report+0xdc/0x128 [ 21.732173] kasan_check_range+0x100/0x1a8 [ 21.732229] __kasan_check_write+0x20/0x30 [ 21.732544] kasan_atomics_helper+0x12d8/0x4858 [ 21.733048] kasan_atomics+0x198/0x2e0 [ 21.733452] kunit_try_run_case+0x170/0x3f0 [ 21.733636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.733703] kthread+0x328/0x630 [ 21.733819] ret_from_fork+0x10/0x20 [ 21.734259] [ 21.734322] Allocated by task 266: [ 21.735033] kasan_save_stack+0x3c/0x68 [ 21.735314] kasan_save_track+0x20/0x40 [ 21.735366] kasan_save_alloc_info+0x40/0x58 [ 21.735414] __kasan_kmalloc+0xd4/0xd8 [ 21.735465] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.735634] kasan_atomics+0xb8/0x2e0 [ 21.735898] kunit_try_run_case+0x170/0x3f0 [ 21.735953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.736002] kthread+0x328/0x630 [ 21.736065] ret_from_fork+0x10/0x20 [ 21.736108] [ 21.736166] The buggy address belongs to the object at fff00000c76da700 [ 21.736166] which belongs to the cache kmalloc-64 of size 64 [ 21.736264] The buggy address is located 0 bytes to the right of [ 21.736264] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.736351] [ 21.736378] The buggy address belongs to the physical page: [ 21.736417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.736491] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.736561] page_type: f5(slab) [ 21.736610] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.737236] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.737311] page dumped because: kasan: bad access detected [ 21.737351] [ 21.737374] Memory state around the buggy address: [ 21.737791] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.737890] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.738373] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.738441] ^ [ 21.738493] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.738557] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.739209] ================================================================== [ 21.512118] ================================================================== [ 21.512209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 21.512822] Hardware name: linux,dummy-virt (DT) [ 21.514237] __asan_report_load4_noabort+0x20/0x30 [ 21.515439] [ 21.516347] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.516396] kasan_atomics+0xb8/0x2e0 [ 21.516438] kunit_try_run_case+0x170/0x3f0 [ 21.516481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.516707] The buggy address is located 0 bytes to the right of [ 21.516707] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.517152] page dumped because: kasan: bad access detected [ 21.517249] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.517495] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.520635] Write of size 4 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.521445] kasan_check_range+0x100/0x1a8 [ 21.521867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.522645] __kasan_kmalloc+0xd4/0xd8 [ 21.522758] kasan_atomics+0xb8/0x2e0 [ 21.522806] kunit_try_run_case+0x170/0x3f0 [ 21.523005] The buggy address belongs to the object at fff00000c76da700 [ 21.523005] which belongs to the cache kmalloc-64 of size 64 [ 21.524677] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.527834] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dbc/0x4858 [ 21.528374] Hardware name: linux,dummy-virt (DT) [ 21.528607] kasan_report+0xdc/0x128 [ 21.528962] kthread+0x328/0x630 [ 21.529311] __kasan_kmalloc+0xd4/0xd8 [ 21.529447] kunit_try_run_case+0x170/0x3f0 [ 21.529491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.529543] kthread+0x328/0x630 [ 21.529579] ret_from_fork+0x10/0x20 [ 21.529620] [ 21.529643] The buggy address belongs to the object at fff00000c76da700 [ 21.529643] which belongs to the cache kmalloc-64 of size 64 [ 21.529929] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.530304] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.531268] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.534740] Hardware name: linux,dummy-virt (DT) [ 21.537601] Allocated by task 266: [ 21.539225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.539424] kthread+0x328/0x630 [ 21.539666] ret_from_fork+0x10/0x20 [ 21.539841] [ 21.540067] The buggy address belongs to the object at fff00000c76da700 [ 21.540067] which belongs to the cache kmalloc-64 of size 64 [ 21.540325] The buggy address is located 0 bytes to the right of [ 21.540325] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.540492] [ 21.540566] The buggy address belongs to the physical page: [ 21.540959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.541115] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.541190] page_type: f5(slab) [ 21.541471] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.541654] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.541888] page dumped because: kasan: bad access detected [ 21.542057] [ 21.542180] Memory state around the buggy address: [ 21.542225] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.542697] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.542867] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.543009] ^ [ 21.543380] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.545706] Hardware name: linux,dummy-virt (DT) [ 21.546792] kthread+0x328/0x630 [ 21.548472] __kasan_kmalloc+0xd4/0xd8 [ 21.549454] The buggy address belongs to the object at fff00000c76da700 [ 21.549454] which belongs to the cache kmalloc-64 of size 64 [ 21.549997] [ 21.550544] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.551289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.551752] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.554455] ================================================================== [ 21.798862] ================================================================== [ 21.798979] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 21.799093] Read of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.799266] [ 21.799450] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.799755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.799960] Hardware name: linux,dummy-virt (DT) [ 21.800113] Call trace: [ 21.800212] show_stack+0x20/0x38 (C) [ 21.800376] dump_stack_lvl+0x8c/0xd0 [ 21.800456] print_report+0x118/0x608 [ 21.800508] kasan_report+0xdc/0x128 [ 21.800560] __asan_report_load8_noabort+0x20/0x30 [ 21.800615] kasan_atomics_helper+0x3df4/0x4858 [ 21.800670] kasan_atomics+0x198/0x2e0 [ 21.800845] kunit_try_run_case+0x170/0x3f0 [ 21.800972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.801277] kthread+0x328/0x630 [ 21.801536] ret_from_fork+0x10/0x20 [ 21.801615] [ 21.801640] Allocated by task 266: [ 21.801712] kasan_save_stack+0x3c/0x68 [ 21.801779] kasan_save_track+0x20/0x40 [ 21.801861] kasan_save_alloc_info+0x40/0x58 [ 21.801907] __kasan_kmalloc+0xd4/0xd8 [ 21.801949] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.802006] kasan_atomics+0xb8/0x2e0 [ 21.802048] kunit_try_run_case+0x170/0x3f0 [ 21.802092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.802174] kthread+0x328/0x630 [ 21.802221] ret_from_fork+0x10/0x20 [ 21.802262] [ 21.802301] The buggy address belongs to the object at fff00000c76da700 [ 21.802301] which belongs to the cache kmalloc-64 of size 64 [ 21.802371] The buggy address is located 0 bytes to the right of [ 21.802371] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.802459] [ 21.802505] The buggy address belongs to the physical page: [ 21.802544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.802606] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.802666] page_type: f5(slab) [ 21.802710] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.802771] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.802839] page dumped because: kasan: bad access detected [ 21.802886] [ 21.802908] Memory state around the buggy address: [ 21.802973] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.803032] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.803098] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.803446] ^ [ 21.803495] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.803544] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.803600] ================================================================== [ 21.602065] ================================================================== [ 21.602229] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 21.602434] Read of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.602500] [ 21.602544] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.602947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.603335] Hardware name: linux,dummy-virt (DT) [ 21.603620] Call trace: [ 21.603776] show_stack+0x20/0x38 (C) [ 21.603961] dump_stack_lvl+0x8c/0xd0 [ 21.604039] print_report+0x118/0x608 [ 21.604091] kasan_report+0xdc/0x128 [ 21.604162] __asan_report_load8_noabort+0x20/0x30 [ 21.604216] kasan_atomics_helper+0x3f58/0x4858 [ 21.604617] kasan_atomics+0x198/0x2e0 [ 21.605117] kunit_try_run_case+0x170/0x3f0 [ 21.605262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.605588] kthread+0x328/0x630 [ 21.605643] ret_from_fork+0x10/0x20 [ 21.606094] [ 21.606179] Allocated by task 266: [ 21.606226] kasan_save_stack+0x3c/0x68 [ 21.606290] kasan_save_track+0x20/0x40 [ 21.606346] kasan_save_alloc_info+0x40/0x58 [ 21.606402] __kasan_kmalloc+0xd4/0xd8 [ 21.606457] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.606520] kasan_atomics+0xb8/0x2e0 [ 21.606562] kunit_try_run_case+0x170/0x3f0 [ 21.606607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.606670] kthread+0x328/0x630 [ 21.606717] ret_from_fork+0x10/0x20 [ 21.606759] [ 21.606799] The buggy address belongs to the object at fff00000c76da700 [ 21.606799] which belongs to the cache kmalloc-64 of size 64 [ 21.606888] The buggy address is located 0 bytes to the right of [ 21.606888] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.606975] [ 21.607001] The buggy address belongs to the physical page: [ 21.607039] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.607650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.607742] page_type: f5(slab) [ 21.608029] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.608150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.608203] page dumped because: kasan: bad access detected [ 21.608241] [ 21.608262] Memory state around the buggy address: [ 21.608810] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.608907] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.609216] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.609515] ^ [ 21.609871] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.609974] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.610195] ================================================================== [ 21.574721] ================================================================== [ 21.574799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 21.574867] Write of size 4 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.574926] [ 21.574967] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.575060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.575092] Hardware name: linux,dummy-virt (DT) [ 21.575600] Call trace: [ 21.576127] show_stack+0x20/0x38 (C) [ 21.576396] dump_stack_lvl+0x8c/0xd0 [ 21.576520] print_report+0x118/0x608 [ 21.576635] kasan_report+0xdc/0x128 [ 21.576686] kasan_check_range+0x100/0x1a8 [ 21.576740] __kasan_check_write+0x20/0x30 [ 21.577006] kasan_atomics_helper+0xd3c/0x4858 [ 21.577404] kasan_atomics+0x198/0x2e0 [ 21.577845] kunit_try_run_case+0x170/0x3f0 [ 21.577948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.578115] kthread+0x328/0x630 [ 21.578300] ret_from_fork+0x10/0x20 [ 21.578378] [ 21.578403] Allocated by task 266: [ 21.578438] kasan_save_stack+0x3c/0x68 [ 21.578546] kasan_save_track+0x20/0x40 [ 21.578787] kasan_save_alloc_info+0x40/0x58 [ 21.578884] __kasan_kmalloc+0xd4/0xd8 [ 21.578944] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.578992] kasan_atomics+0xb8/0x2e0 [ 21.579034] kunit_try_run_case+0x170/0x3f0 [ 21.579086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.579368] kthread+0x328/0x630 [ 21.579705] ret_from_fork+0x10/0x20 [ 21.580237] [ 21.580273] The buggy address belongs to the object at fff00000c76da700 [ 21.580273] which belongs to the cache kmalloc-64 of size 64 [ 21.580349] The buggy address is located 0 bytes to the right of [ 21.580349] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.580775] [ 21.580868] The buggy address belongs to the physical page: [ 21.580943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.581029] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.581154] page_type: f5(slab) [ 21.581305] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.581507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.581627] page dumped because: kasan: bad access detected [ 21.582124] [ 21.582231] Memory state around the buggy address: [ 21.582362] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.582573] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.582624] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.583056] ^ [ 21.583356] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.583415] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.583472] ================================================================== [ 21.492809] ================================================================== [ 21.492881] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 21.493264] Write of size 4 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.493629] [ 21.493675] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.493771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.494418] Hardware name: linux,dummy-virt (DT) [ 21.494580] Call trace: [ 21.494709] show_stack+0x20/0x38 (C) [ 21.494783] dump_stack_lvl+0x8c/0xd0 [ 21.494840] print_report+0x118/0x608 [ 21.494907] kasan_report+0xdc/0x128 [ 21.494960] kasan_check_range+0x100/0x1a8 [ 21.495569] __kasan_check_write+0x20/0x30 [ 21.495651] kasan_atomics_helper+0xa6c/0x4858 [ 21.495776] kasan_atomics+0x198/0x2e0 [ 21.495830] kunit_try_run_case+0x170/0x3f0 [ 21.495892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.496224] kthread+0x328/0x630 [ 21.496291] ret_from_fork+0x10/0x20 [ 21.496464] [ 21.496489] Allocated by task 266: [ 21.496523] kasan_save_stack+0x3c/0x68 [ 21.496580] kasan_save_track+0x20/0x40 [ 21.496796] kasan_save_alloc_info+0x40/0x58 [ 21.496929] __kasan_kmalloc+0xd4/0xd8 [ 21.497032] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.497086] kasan_atomics+0xb8/0x2e0 [ 21.497497] kunit_try_run_case+0x170/0x3f0 [ 21.497723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.497775] kthread+0x328/0x630 [ 21.497812] ret_from_fork+0x10/0x20 [ 21.497855] [ 21.497881] The buggy address belongs to the object at fff00000c76da700 [ 21.497881] which belongs to the cache kmalloc-64 of size 64 [ 21.497954] The buggy address is located 0 bytes to the right of [ 21.497954] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.498296] [ 21.498384] The buggy address belongs to the physical page: [ 21.498493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.498678] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.498844] page_type: f5(slab) [ 21.499090] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.499169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.499280] page dumped because: kasan: bad access detected [ 21.499318] [ 21.499342] Memory state around the buggy address: [ 21.499381] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.499432] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.499634] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.499705] ^ [ 21.499749] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.499800] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.499845] ================================================================== [ 21.741532] ================================================================== [ 21.741827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 21.741905] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.742224] [ 21.742303] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.742446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.742665] Hardware name: linux,dummy-virt (DT) [ 21.742703] Call trace: [ 21.742875] show_stack+0x20/0x38 (C) [ 21.742952] dump_stack_lvl+0x8c/0xd0 [ 21.743322] print_report+0x118/0x608 [ 21.743410] kasan_report+0xdc/0x128 [ 21.743572] kasan_check_range+0x100/0x1a8 [ 21.743700] __kasan_check_write+0x20/0x30 [ 21.743859] kasan_atomics_helper+0x1384/0x4858 [ 21.743916] kasan_atomics+0x198/0x2e0 [ 21.743966] kunit_try_run_case+0x170/0x3f0 [ 21.744020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.744744] kthread+0x328/0x630 [ 21.744832] ret_from_fork+0x10/0x20 [ 21.745073] [ 21.745124] Allocated by task 266: [ 21.745184] kasan_save_stack+0x3c/0x68 [ 21.745332] kasan_save_track+0x20/0x40 [ 21.745400] kasan_save_alloc_info+0x40/0x58 [ 21.745458] __kasan_kmalloc+0xd4/0xd8 [ 21.745510] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.745558] kasan_atomics+0xb8/0x2e0 [ 21.745603] kunit_try_run_case+0x170/0x3f0 [ 21.745649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.745698] kthread+0x328/0x630 [ 21.745747] ret_from_fork+0x10/0x20 [ 21.745789] [ 21.745829] The buggy address belongs to the object at fff00000c76da700 [ 21.745829] which belongs to the cache kmalloc-64 of size 64 [ 21.745902] The buggy address is located 0 bytes to the right of [ 21.745902] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.745986] [ 21.746012] The buggy address belongs to the physical page: [ 21.746051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.746115] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.746195] page_type: f5(slab) [ 21.746243] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.746304] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.746362] page dumped because: kasan: bad access detected [ 21.746401] [ 21.746435] Memory state around the buggy address: [ 21.746481] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.746532] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.746583] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.746653] ^ [ 21.746706] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.746755] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.746799] ================================================================== [ 21.771911] ================================================================== [ 21.771985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 21.772079] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.772226] [ 21.772267] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.772612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.772696] Hardware name: linux,dummy-virt (DT) [ 21.772785] Call trace: [ 21.772815] show_stack+0x20/0x38 (C) [ 21.772987] dump_stack_lvl+0x8c/0xd0 [ 21.773066] print_report+0x118/0x608 [ 21.773197] kasan_report+0xdc/0x128 [ 21.773252] kasan_check_range+0x100/0x1a8 [ 21.773329] __kasan_check_write+0x20/0x30 [ 21.773410] kasan_atomics_helper+0x154c/0x4858 [ 21.773466] kasan_atomics+0x198/0x2e0 [ 21.773719] kunit_try_run_case+0x170/0x3f0 [ 21.773825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.773897] kthread+0x328/0x630 [ 21.773945] ret_from_fork+0x10/0x20 [ 21.774068] [ 21.774094] Allocated by task 266: [ 21.774169] kasan_save_stack+0x3c/0x68 [ 21.774348] kasan_save_track+0x20/0x40 [ 21.774404] kasan_save_alloc_info+0x40/0x58 [ 21.774485] __kasan_kmalloc+0xd4/0xd8 [ 21.774553] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.774648] kasan_atomics+0xb8/0x2e0 [ 21.774694] kunit_try_run_case+0x170/0x3f0 [ 21.774826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.774882] kthread+0x328/0x630 [ 21.774920] ret_from_fork+0x10/0x20 [ 21.774960] [ 21.775046] The buggy address belongs to the object at fff00000c76da700 [ 21.775046] which belongs to the cache kmalloc-64 of size 64 [ 21.775252] The buggy address is located 0 bytes to the right of [ 21.775252] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.775339] [ 21.775365] The buggy address belongs to the physical page: [ 21.775454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.775519] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.775575] page_type: f5(slab) [ 21.775622] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.775722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.775902] page dumped because: kasan: bad access detected [ 21.776148] [ 21.776250] Memory state around the buggy address: [ 21.776418] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.776473] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.776727] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.776788] ^ [ 21.776882] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.776964] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.777232] ================================================================== [ 21.710210] ================================================================== [ 21.710308] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 21.710410] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.710470] [ 21.710508] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.710600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.710632] Hardware name: linux,dummy-virt (DT) [ 21.710668] Call trace: [ 21.710696] show_stack+0x20/0x38 (C) [ 21.710751] dump_stack_lvl+0x8c/0xd0 [ 21.710805] print_report+0x118/0x608 [ 21.710855] kasan_report+0xdc/0x128 [ 21.710905] kasan_check_range+0x100/0x1a8 [ 21.710970] __kasan_check_write+0x20/0x30 [ 21.711021] kasan_atomics_helper+0x11f8/0x4858 [ 21.711075] kasan_atomics+0x198/0x2e0 [ 21.711519] kunit_try_run_case+0x170/0x3f0 [ 21.711869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.711951] kthread+0x328/0x630 [ 21.711998] ret_from_fork+0x10/0x20 [ 21.712053] [ 21.712076] Allocated by task 266: [ 21.712109] kasan_save_stack+0x3c/0x68 [ 21.712170] kasan_save_track+0x20/0x40 [ 21.712587] kasan_save_alloc_info+0x40/0x58 [ 21.712991] __kasan_kmalloc+0xd4/0xd8 [ 21.713069] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.713504] kasan_atomics+0xb8/0x2e0 [ 21.713953] kunit_try_run_case+0x170/0x3f0 [ 21.714159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.714358] kthread+0x328/0x630 [ 21.714438] ret_from_fork+0x10/0x20 [ 21.715019] [ 21.715235] The buggy address belongs to the object at fff00000c76da700 [ 21.715235] which belongs to the cache kmalloc-64 of size 64 [ 21.715447] The buggy address is located 0 bytes to the right of [ 21.715447] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.715666] [ 21.715698] The buggy address belongs to the physical page: [ 21.715873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.715990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.716367] page_type: f5(slab) [ 21.716541] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.716793] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.716850] page dumped because: kasan: bad access detected [ 21.717074] [ 21.717315] Memory state around the buggy address: [ 21.717389] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.717790] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.717928] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.717980] ^ [ 21.718194] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.718415] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.718491] ================================================================== [ 21.766468] ================================================================== [ 21.766531] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 21.766582] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.766649] [ 21.766684] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.766783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.766821] Hardware name: linux,dummy-virt (DT) [ 21.766859] Call trace: [ 21.766884] show_stack+0x20/0x38 (C) [ 21.766937] dump_stack_lvl+0x8c/0xd0 [ 21.766987] print_report+0x118/0x608 [ 21.767039] kasan_report+0xdc/0x128 [ 21.767087] kasan_check_range+0x100/0x1a8 [ 21.767944] __kasan_check_write+0x20/0x30 [ 21.768087] kasan_atomics_helper+0x14e4/0x4858 [ 21.768228] kasan_atomics+0x198/0x2e0 [ 21.768283] kunit_try_run_case+0x170/0x3f0 [ 21.768335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.768394] kthread+0x328/0x630 [ 21.768441] ret_from_fork+0x10/0x20 [ 21.768493] [ 21.768514] Allocated by task 266: [ 21.768546] kasan_save_stack+0x3c/0x68 [ 21.768590] kasan_save_track+0x20/0x40 [ 21.768654] kasan_save_alloc_info+0x40/0x58 [ 21.768808] __kasan_kmalloc+0xd4/0xd8 [ 21.768903] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.769053] kasan_atomics+0xb8/0x2e0 [ 21.769196] kunit_try_run_case+0x170/0x3f0 [ 21.769352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.769534] kthread+0x328/0x630 [ 21.769673] ret_from_fork+0x10/0x20 [ 21.769744] [ 21.769770] The buggy address belongs to the object at fff00000c76da700 [ 21.769770] which belongs to the cache kmalloc-64 of size 64 [ 21.769837] The buggy address is located 0 bytes to the right of [ 21.769837] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.769910] [ 21.769935] The buggy address belongs to the physical page: [ 21.769972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.770033] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.770088] page_type: f5(slab) [ 21.770143] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.770202] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.770332] page dumped because: kasan: bad access detected [ 21.770371] [ 21.770393] Memory state around the buggy address: [ 21.770431] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.770481] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.770531] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.770617] ^ [ 21.770835] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.770958] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.771422] ================================================================== [ 21.612265] ================================================================== [ 21.612496] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 21.612571] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.612922] [ 21.612980] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.613408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.613482] Hardware name: linux,dummy-virt (DT) [ 21.613535] Call trace: [ 21.613590] show_stack+0x20/0x38 (C) [ 21.614149] dump_stack_lvl+0x8c/0xd0 [ 21.614250] print_report+0x118/0x608 [ 21.614309] kasan_report+0xdc/0x128 [ 21.614676] kasan_check_range+0x100/0x1a8 [ 21.614757] __kasan_check_write+0x20/0x30 [ 21.614811] kasan_atomics_helper+0xe44/0x4858 [ 21.614866] kasan_atomics+0x198/0x2e0 [ 21.615254] kunit_try_run_case+0x170/0x3f0 [ 21.615672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.615844] kthread+0x328/0x630 [ 21.615949] ret_from_fork+0x10/0x20 [ 21.616090] [ 21.616116] Allocated by task 266: [ 21.616164] kasan_save_stack+0x3c/0x68 [ 21.616214] kasan_save_track+0x20/0x40 [ 21.616259] kasan_save_alloc_info+0x40/0x58 [ 21.616303] __kasan_kmalloc+0xd4/0xd8 [ 21.616344] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.616391] kasan_atomics+0xb8/0x2e0 [ 21.616432] kunit_try_run_case+0x170/0x3f0 [ 21.616477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.616528] kthread+0x328/0x630 [ 21.616567] ret_from_fork+0x10/0x20 [ 21.616621] [ 21.616662] The buggy address belongs to the object at fff00000c76da700 [ 21.616662] which belongs to the cache kmalloc-64 of size 64 [ 21.616756] The buggy address is located 0 bytes to the right of [ 21.616756] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.616831] [ 21.616863] The buggy address belongs to the physical page: [ 21.616912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.616978] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.617050] page_type: f5(slab) [ 21.617098] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.617182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.617240] page dumped because: kasan: bad access detected [ 21.617302] [ 21.617334] Memory state around the buggy address: [ 21.617390] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.617453] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.617502] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.617547] ^ [ 21.617595] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.617646] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.617693] ================================================================== [ 21.763618] ================================================================== [ 21.763680] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 21.763734] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.763792] [ 21.763828] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.763919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.763950] Hardware name: linux,dummy-virt (DT) [ 21.763988] Call trace: [ 21.764029] show_stack+0x20/0x38 (C) [ 21.764102] dump_stack_lvl+0x8c/0xd0 [ 21.764168] print_report+0x118/0x608 [ 21.764222] kasan_report+0xdc/0x128 [ 21.764304] kasan_check_range+0x100/0x1a8 [ 21.764399] __kasan_check_write+0x20/0x30 [ 21.764470] kasan_atomics_helper+0x147c/0x4858 [ 21.764527] kasan_atomics+0x198/0x2e0 [ 21.764578] kunit_try_run_case+0x170/0x3f0 [ 21.764636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.764728] kthread+0x328/0x630 [ 21.764777] ret_from_fork+0x10/0x20 [ 21.764829] [ 21.764870] Allocated by task 266: [ 21.764915] kasan_save_stack+0x3c/0x68 [ 21.764961] kasan_save_track+0x20/0x40 [ 21.765004] kasan_save_alloc_info+0x40/0x58 [ 21.765050] __kasan_kmalloc+0xd4/0xd8 [ 21.765092] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.765147] kasan_atomics+0xb8/0x2e0 [ 21.765188] kunit_try_run_case+0x170/0x3f0 [ 21.765230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.765281] kthread+0x328/0x630 [ 21.765326] ret_from_fork+0x10/0x20 [ 21.765365] [ 21.765389] The buggy address belongs to the object at fff00000c76da700 [ 21.765389] which belongs to the cache kmalloc-64 of size 64 [ 21.765457] The buggy address is located 0 bytes to the right of [ 21.765457] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.765532] [ 21.765557] The buggy address belongs to the physical page: [ 21.765595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.765676] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.765732] page_type: f5(slab) [ 21.765795] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.765868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.765924] page dumped because: kasan: bad access detected [ 21.765963] [ 21.765984] Memory state around the buggy address: [ 21.766022] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.766082] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.766144] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.766190] ^ [ 21.766226] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.766286] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.766331] ================================================================== [ 21.826520] ================================================================== [ 21.826611] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 21.826670] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.826726] [ 21.826762] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.826853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.827031] Hardware name: linux,dummy-virt (DT) [ 21.827077] Call trace: [ 21.827170] show_stack+0x20/0x38 (C) [ 21.827291] dump_stack_lvl+0x8c/0xd0 [ 21.827481] print_report+0x118/0x608 [ 21.827536] kasan_report+0xdc/0x128 [ 21.827613] kasan_check_range+0x100/0x1a8 [ 21.827681] __kasan_check_write+0x20/0x30 [ 21.827872] kasan_atomics_helper+0x17ec/0x4858 [ 21.827986] kasan_atomics+0x198/0x2e0 [ 21.828064] kunit_try_run_case+0x170/0x3f0 [ 21.828123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.828193] kthread+0x328/0x630 [ 21.828258] ret_from_fork+0x10/0x20 [ 21.828311] [ 21.828341] Allocated by task 266: [ 21.828376] kasan_save_stack+0x3c/0x68 [ 21.828421] kasan_save_track+0x20/0x40 [ 21.828476] kasan_save_alloc_info+0x40/0x58 [ 21.828521] __kasan_kmalloc+0xd4/0xd8 [ 21.828574] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.828628] kasan_atomics+0xb8/0x2e0 [ 21.828669] kunit_try_run_case+0x170/0x3f0 [ 21.828723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.828787] kthread+0x328/0x630 [ 21.828826] ret_from_fork+0x10/0x20 [ 21.828875] [ 21.828907] The buggy address belongs to the object at fff00000c76da700 [ 21.828907] which belongs to the cache kmalloc-64 of size 64 [ 21.828980] The buggy address is located 0 bytes to the right of [ 21.828980] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.829073] [ 21.829097] The buggy address belongs to the physical page: [ 21.829145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.829214] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.829298] page_type: f5(slab) [ 21.829344] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.829401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.829472] page dumped because: kasan: bad access detected [ 21.829512] [ 21.829534] Memory state around the buggy address: [ 21.829583] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.829634] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.829685] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.829730] ^ [ 21.829779] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.829830] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.829902] ================================================================== [ 21.803961] ================================================================== [ 21.804046] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 21.804215] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.804401] [ 21.804449] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.804804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.804931] Hardware name: linux,dummy-virt (DT) [ 21.805027] Call trace: [ 21.805209] show_stack+0x20/0x38 (C) [ 21.805319] dump_stack_lvl+0x8c/0xd0 [ 21.805672] print_report+0x118/0x608 [ 21.805774] kasan_report+0xdc/0x128 [ 21.805877] kasan_check_range+0x100/0x1a8 [ 21.805969] __kasan_check_write+0x20/0x30 [ 21.806061] kasan_atomics_helper+0x16d0/0x4858 [ 21.806119] kasan_atomics+0x198/0x2e0 [ 21.806182] kunit_try_run_case+0x170/0x3f0 [ 21.806234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.806293] kthread+0x328/0x630 [ 21.806343] ret_from_fork+0x10/0x20 [ 21.806564] [ 21.806598] Allocated by task 266: [ 21.806805] kasan_save_stack+0x3c/0x68 [ 21.806955] kasan_save_track+0x20/0x40 [ 21.807006] kasan_save_alloc_info+0x40/0x58 [ 21.807178] __kasan_kmalloc+0xd4/0xd8 [ 21.807421] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.807613] kasan_atomics+0xb8/0x2e0 [ 21.807779] kunit_try_run_case+0x170/0x3f0 [ 21.807827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.807877] kthread+0x328/0x630 [ 21.808007] ret_from_fork+0x10/0x20 [ 21.808067] [ 21.808235] The buggy address belongs to the object at fff00000c76da700 [ 21.808235] which belongs to the cache kmalloc-64 of size 64 [ 21.808413] The buggy address is located 0 bytes to the right of [ 21.808413] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.808609] [ 21.808958] The buggy address belongs to the physical page: [ 21.809082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.809248] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.809321] page_type: f5(slab) [ 21.809366] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.809617] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.809682] page dumped because: kasan: bad access detected [ 21.809742] [ 21.809817] Memory state around the buggy address: [ 21.809923] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.810178] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.810239] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.810294] ^ [ 21.810335] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.810384] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.810429] ================================================================== [ 21.656779] ================================================================== [ 21.657005] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 21.657197] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.657265] [ 21.657316] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.657410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.657614] Hardware name: linux,dummy-virt (DT) [ 21.657721] Call trace: [ 21.658006] show_stack+0x20/0x38 (C) [ 21.658204] dump_stack_lvl+0x8c/0xd0 [ 21.658613] print_report+0x118/0x608 [ 21.658957] kasan_report+0xdc/0x128 [ 21.659045] kasan_check_range+0x100/0x1a8 [ 21.659100] __kasan_check_write+0x20/0x30 [ 21.659300] kasan_atomics_helper+0xff0/0x4858 [ 21.659518] kasan_atomics+0x198/0x2e0 [ 21.659580] kunit_try_run_case+0x170/0x3f0 [ 21.659639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.659877] kthread+0x328/0x630 [ 21.659981] ret_from_fork+0x10/0x20 [ 21.660597] [ 21.660708] Allocated by task 266: [ 21.660782] kasan_save_stack+0x3c/0x68 [ 21.660942] kasan_save_track+0x20/0x40 [ 21.661092] kasan_save_alloc_info+0x40/0x58 [ 21.661195] __kasan_kmalloc+0xd4/0xd8 [ 21.661245] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.661304] kasan_atomics+0xb8/0x2e0 [ 21.661725] kunit_try_run_case+0x170/0x3f0 [ 21.661920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.662153] kthread+0x328/0x630 [ 21.662293] ret_from_fork+0x10/0x20 [ 21.662341] [ 21.662365] The buggy address belongs to the object at fff00000c76da700 [ 21.662365] which belongs to the cache kmalloc-64 of size 64 [ 21.662628] The buggy address is located 0 bytes to the right of [ 21.662628] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.663236] [ 21.663283] The buggy address belongs to the physical page: [ 21.663396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.663469] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.663843] page_type: f5(slab) [ 21.663937] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.664213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.664579] page dumped because: kasan: bad access detected [ 21.664647] [ 21.664670] Memory state around the buggy address: [ 21.664713] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.665213] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.665465] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.665549] ^ [ 21.665630] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.665743] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.665797] ================================================================== [ 21.758819] ================================================================== [ 21.758887] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 21.758945] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.759051] [ 21.759096] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.759222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.759343] Hardware name: linux,dummy-virt (DT) [ 21.759460] Call trace: [ 21.759838] show_stack+0x20/0x38 (C) [ 21.760004] dump_stack_lvl+0x8c/0xd0 [ 21.760148] print_report+0x118/0x608 [ 21.760238] kasan_report+0xdc/0x128 [ 21.760304] kasan_check_range+0x100/0x1a8 [ 21.760357] __kasan_check_write+0x20/0x30 [ 21.760408] kasan_atomics_helper+0x1414/0x4858 [ 21.760463] kasan_atomics+0x198/0x2e0 [ 21.760513] kunit_try_run_case+0x170/0x3f0 [ 21.760566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.760626] kthread+0x328/0x630 [ 21.760674] ret_from_fork+0x10/0x20 [ 21.760742] [ 21.760765] Allocated by task 266: [ 21.760797] kasan_save_stack+0x3c/0x68 [ 21.760844] kasan_save_track+0x20/0x40 [ 21.760948] kasan_save_alloc_info+0x40/0x58 [ 21.761222] __kasan_kmalloc+0xd4/0xd8 [ 21.761322] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.761369] kasan_atomics+0xb8/0x2e0 [ 21.761430] kunit_try_run_case+0x170/0x3f0 [ 21.761474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.761523] kthread+0x328/0x630 [ 21.761562] ret_from_fork+0x10/0x20 [ 21.761604] [ 21.761627] The buggy address belongs to the object at fff00000c76da700 [ 21.761627] which belongs to the cache kmalloc-64 of size 64 [ 21.761697] The buggy address is located 0 bytes to the right of [ 21.761697] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.761903] [ 21.762020] The buggy address belongs to the physical page: [ 21.762101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.762225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.762391] page_type: f5(slab) [ 21.762474] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.762535] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.762583] page dumped because: kasan: bad access detected [ 21.762621] [ 21.762642] Memory state around the buggy address: [ 21.762681] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.762732] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.762783] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.762828] ^ [ 21.762865] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.762915] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.762959] ================================================================== [ 21.791922] ================================================================== [ 21.791989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 21.792046] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.792335] [ 21.792416] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.792564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.792649] Hardware name: linux,dummy-virt (DT) [ 21.792812] Call trace: [ 21.792875] show_stack+0x20/0x38 (C) [ 21.793002] dump_stack_lvl+0x8c/0xd0 [ 21.793115] print_report+0x118/0x608 [ 21.793182] kasan_report+0xdc/0x128 [ 21.793306] kasan_check_range+0x100/0x1a8 [ 21.793365] __kasan_check_write+0x20/0x30 [ 21.793655] kasan_atomics_helper+0x1644/0x4858 [ 21.793770] kasan_atomics+0x198/0x2e0 [ 21.793877] kunit_try_run_case+0x170/0x3f0 [ 21.794076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.794174] kthread+0x328/0x630 [ 21.794241] ret_from_fork+0x10/0x20 [ 21.794298] [ 21.794348] Allocated by task 266: [ 21.794423] kasan_save_stack+0x3c/0x68 [ 21.794534] kasan_save_track+0x20/0x40 [ 21.794581] kasan_save_alloc_info+0x40/0x58 [ 21.794777] __kasan_kmalloc+0xd4/0xd8 [ 21.794835] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.794980] kasan_atomics+0xb8/0x2e0 [ 21.795027] kunit_try_run_case+0x170/0x3f0 [ 21.795206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.795372] kthread+0x328/0x630 [ 21.795577] ret_from_fork+0x10/0x20 [ 21.795782] [ 21.795954] The buggy address belongs to the object at fff00000c76da700 [ 21.795954] which belongs to the cache kmalloc-64 of size 64 [ 21.796071] The buggy address is located 0 bytes to the right of [ 21.796071] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.796286] [ 21.796415] The buggy address belongs to the physical page: [ 21.796547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.796623] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.796681] page_type: f5(slab) [ 21.796737] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.796797] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.797080] page dumped because: kasan: bad access detected [ 21.797230] [ 21.797406] Memory state around the buggy address: [ 21.797511] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.797942] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.798011] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.798065] ^ [ 21.798106] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.798216] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.798280] ================================================================== [ 21.592376] ================================================================== [ 21.592487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 21.592687] Read of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.592894] [ 21.593104] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.593227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.593499] Hardware name: linux,dummy-virt (DT) [ 21.593570] Call trace: [ 21.593634] show_stack+0x20/0x38 (C) [ 21.593780] dump_stack_lvl+0x8c/0xd0 [ 21.594043] print_report+0x118/0x608 [ 21.594119] kasan_report+0xdc/0x128 [ 21.594350] kasan_check_range+0x100/0x1a8 [ 21.594511] __kasan_check_read+0x20/0x30 [ 21.594612] kasan_atomics_helper+0xdd4/0x4858 [ 21.594812] kasan_atomics+0x198/0x2e0 [ 21.594968] kunit_try_run_case+0x170/0x3f0 [ 21.595054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.595178] kthread+0x328/0x630 [ 21.595239] ret_from_fork+0x10/0x20 [ 21.595491] [ 21.595518] Allocated by task 266: [ 21.595552] kasan_save_stack+0x3c/0x68 [ 21.595754] kasan_save_track+0x20/0x40 [ 21.595944] kasan_save_alloc_info+0x40/0x58 [ 21.596000] __kasan_kmalloc+0xd4/0xd8 [ 21.596045] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.596095] kasan_atomics+0xb8/0x2e0 [ 21.596548] kunit_try_run_case+0x170/0x3f0 [ 21.596611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.596954] kthread+0x328/0x630 [ 21.597152] ret_from_fork+0x10/0x20 [ 21.597554] [ 21.597626] The buggy address belongs to the object at fff00000c76da700 [ 21.597626] which belongs to the cache kmalloc-64 of size 64 [ 21.597915] The buggy address is located 0 bytes to the right of [ 21.597915] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.598329] [ 21.598390] The buggy address belongs to the physical page: [ 21.598485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.598566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.598626] page_type: f5(slab) [ 21.598671] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.598730] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.598791] page dumped because: kasan: bad access detected [ 21.598842] [ 21.598878] Memory state around the buggy address: [ 21.598926] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.598985] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.599035] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.599080] ^ [ 21.599679] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.599763] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.599837] ================================================================== [ 21.748152] ================================================================== [ 21.748218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 21.748278] Read of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.748337] [ 21.748373] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.748679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.749392] Hardware name: linux,dummy-virt (DT) [ 21.749476] Call trace: [ 21.749752] show_stack+0x20/0x38 (C) [ 21.750367] dump_stack_lvl+0x8c/0xd0 [ 21.750744] print_report+0x118/0x608 [ 21.750896] kasan_report+0xdc/0x128 [ 21.751081] __asan_report_load8_noabort+0x20/0x30 [ 21.751240] kasan_atomics_helper+0x3f04/0x4858 [ 21.751576] kasan_atomics+0x198/0x2e0 [ 21.751786] kunit_try_run_case+0x170/0x3f0 [ 21.751991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.752484] kthread+0x328/0x630 [ 21.752669] ret_from_fork+0x10/0x20 [ 21.752881] [ 21.752970] Allocated by task 266: [ 21.755416] kasan_save_stack+0x3c/0x68 [ 21.755487] kasan_save_track+0x20/0x40 [ 21.755530] kasan_save_alloc_info+0x40/0x58 [ 21.756343] __kasan_kmalloc+0xd4/0xd8 [ 21.756386] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.756432] kasan_atomics+0xb8/0x2e0 [ 21.756474] kunit_try_run_case+0x170/0x3f0 [ 21.756518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.756567] kthread+0x328/0x630 [ 21.756605] ret_from_fork+0x10/0x20 [ 21.756647] [ 21.756670] The buggy address belongs to the object at fff00000c76da700 [ 21.756670] which belongs to the cache kmalloc-64 of size 64 [ 21.756742] The buggy address is located 0 bytes to the right of [ 21.756742] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.756817] [ 21.756844] The buggy address belongs to the physical page: [ 21.756883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.756948] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.757008] page_type: f5(slab) [ 21.757056] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.757117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.757244] page dumped because: kasan: bad access detected [ 21.757307] [ 21.757339] Memory state around the buggy address: [ 21.757390] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.757527] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.757600] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.757695] ^ [ 21.757758] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.757866] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.757954] ================================================================== [ 21.700256] ================================================================== [ 21.700364] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 21.700817] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.700949] [ 21.700997] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.701093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.701321] Hardware name: linux,dummy-virt (DT) [ 21.701466] Call trace: [ 21.701505] show_stack+0x20/0x38 (C) [ 21.701744] dump_stack_lvl+0x8c/0xd0 [ 21.701811] print_report+0x118/0x608 [ 21.701873] kasan_report+0xdc/0x128 [ 21.701922] kasan_check_range+0x100/0x1a8 [ 21.702354] __kasan_check_write+0x20/0x30 [ 21.702462] kasan_atomics_helper+0x1190/0x4858 [ 21.702945] kasan_atomics+0x198/0x2e0 [ 21.703046] kunit_try_run_case+0x170/0x3f0 [ 21.703111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.703302] kthread+0x328/0x630 [ 21.703530] ret_from_fork+0x10/0x20 [ 21.703590] [ 21.703614] Allocated by task 266: [ 21.703867] kasan_save_stack+0x3c/0x68 [ 21.704060] kasan_save_track+0x20/0x40 [ 21.704279] kasan_save_alloc_info+0x40/0x58 [ 21.704473] __kasan_kmalloc+0xd4/0xd8 [ 21.704553] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.704633] kasan_atomics+0xb8/0x2e0 [ 21.704690] kunit_try_run_case+0x170/0x3f0 [ 21.704758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.704809] kthread+0x328/0x630 [ 21.704846] ret_from_fork+0x10/0x20 [ 21.704887] [ 21.704928] The buggy address belongs to the object at fff00000c76da700 [ 21.704928] which belongs to the cache kmalloc-64 of size 64 [ 21.705004] The buggy address is located 0 bytes to the right of [ 21.705004] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.705079] [ 21.705122] The buggy address belongs to the physical page: [ 21.705563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.705929] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.706175] page_type: f5(slab) [ 21.706492] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.706629] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.706811] page dumped because: kasan: bad access detected [ 21.706935] [ 21.706980] Memory state around the buggy address: [ 21.707021] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.707413] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.707497] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.707827] ^ [ 21.707992] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.708048] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.708412] ================================================================== [ 21.629840] ================================================================== [ 21.630429] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 21.630635] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.630709] [ 21.630871] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.631014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.631164] Hardware name: linux,dummy-virt (DT) [ 21.631236] Call trace: [ 21.631271] show_stack+0x20/0x38 (C) [ 21.631333] dump_stack_lvl+0x8c/0xd0 [ 21.631388] print_report+0x118/0x608 [ 21.631441] kasan_report+0xdc/0x128 [ 21.631866] kasan_check_range+0x100/0x1a8 [ 21.632429] __kasan_check_write+0x20/0x30 [ 21.632799] kasan_atomics_helper+0xeb8/0x4858 [ 21.633101] kasan_atomics+0x198/0x2e0 [ 21.633338] kunit_try_run_case+0x170/0x3f0 [ 21.633420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.633522] kthread+0x328/0x630 [ 21.633946] ret_from_fork+0x10/0x20 [ 21.634040] [ 21.634153] Allocated by task 266: [ 21.634224] kasan_save_stack+0x3c/0x68 [ 21.634288] kasan_save_track+0x20/0x40 [ 21.634333] kasan_save_alloc_info+0x40/0x58 [ 21.634378] __kasan_kmalloc+0xd4/0xd8 [ 21.634422] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.634474] kasan_atomics+0xb8/0x2e0 [ 21.634514] kunit_try_run_case+0x170/0x3f0 [ 21.634558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.634608] kthread+0x328/0x630 [ 21.634647] ret_from_fork+0x10/0x20 [ 21.634689] [ 21.634735] The buggy address belongs to the object at fff00000c76da700 [ 21.634735] which belongs to the cache kmalloc-64 of size 64 [ 21.634829] The buggy address is located 0 bytes to the right of [ 21.634829] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.634904] [ 21.634955] The buggy address belongs to the physical page: [ 21.634996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.635070] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.635206] page_type: f5(slab) [ 21.635828] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.635895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.635978] page dumped because: kasan: bad access detected [ 21.636017] [ 21.636041] Memory state around the buggy address: [ 21.636082] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.636146] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.636200] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.636245] ^ [ 21.636285] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.637122] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.637504] ================================================================== [ 21.815567] ================================================================== [ 21.815625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 21.815679] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.815735] [ 21.815772] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.815864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.815896] Hardware name: linux,dummy-virt (DT) [ 21.815932] Call trace: [ 21.815979] show_stack+0x20/0x38 (C) [ 21.816075] dump_stack_lvl+0x8c/0xd0 [ 21.816481] print_report+0x118/0x608 [ 21.816537] kasan_report+0xdc/0x128 [ 21.816588] kasan_check_range+0x100/0x1a8 [ 21.816723] __kasan_check_write+0x20/0x30 [ 21.816775] kasan_atomics_helper+0x175c/0x4858 [ 21.816830] kasan_atomics+0x198/0x2e0 [ 21.816879] kunit_try_run_case+0x170/0x3f0 [ 21.816933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.816992] kthread+0x328/0x630 [ 21.817038] ret_from_fork+0x10/0x20 [ 21.817091] [ 21.817113] Allocated by task 266: [ 21.817155] kasan_save_stack+0x3c/0x68 [ 21.817202] kasan_save_track+0x20/0x40 [ 21.817244] kasan_save_alloc_info+0x40/0x58 [ 21.817300] __kasan_kmalloc+0xd4/0xd8 [ 21.817342] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.817398] kasan_atomics+0xb8/0x2e0 [ 21.817461] kunit_try_run_case+0x170/0x3f0 [ 21.817601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.817695] kthread+0x328/0x630 [ 21.817732] ret_from_fork+0x10/0x20 [ 21.817772] [ 21.817794] The buggy address belongs to the object at fff00000c76da700 [ 21.817794] which belongs to the cache kmalloc-64 of size 64 [ 21.817893] The buggy address is located 0 bytes to the right of [ 21.817893] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.818109] [ 21.818251] The buggy address belongs to the physical page: [ 21.818290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.818351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.818411] page_type: f5(slab) [ 21.818484] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.818573] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.818999] page dumped because: kasan: bad access detected [ 21.819040] [ 21.819081] Memory state around the buggy address: [ 21.819154] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.819318] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.819546] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.819640] ^ [ 21.819679] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.819729] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.819774] ================================================================== [ 21.618853] ================================================================== [ 21.618936] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 21.618996] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.619054] [ 21.619405] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.619722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.619760] Hardware name: linux,dummy-virt (DT) [ 21.619853] Call trace: [ 21.619881] show_stack+0x20/0x38 (C) [ 21.620161] dump_stack_lvl+0x8c/0xd0 [ 21.620323] print_report+0x118/0x608 [ 21.620749] kasan_report+0xdc/0x128 [ 21.620850] __asan_report_store8_noabort+0x20/0x30 [ 21.621072] kasan_atomics_helper+0x3e5c/0x4858 [ 21.621328] kasan_atomics+0x198/0x2e0 [ 21.621387] kunit_try_run_case+0x170/0x3f0 [ 21.621470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.622171] kthread+0x328/0x630 [ 21.622254] ret_from_fork+0x10/0x20 [ 21.622499] [ 21.622573] Allocated by task 266: [ 21.622772] kasan_save_stack+0x3c/0x68 [ 21.622825] kasan_save_track+0x20/0x40 [ 21.622869] kasan_save_alloc_info+0x40/0x58 [ 21.623272] __kasan_kmalloc+0xd4/0xd8 [ 21.623360] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.623612] kasan_atomics+0xb8/0x2e0 [ 21.623667] kunit_try_run_case+0x170/0x3f0 [ 21.623712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.623776] kthread+0x328/0x630 [ 21.623816] ret_from_fork+0x10/0x20 [ 21.624179] [ 21.624685] The buggy address belongs to the object at fff00000c76da700 [ 21.624685] which belongs to the cache kmalloc-64 of size 64 [ 21.624784] The buggy address is located 0 bytes to the right of [ 21.624784] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.625509] [ 21.625639] The buggy address belongs to the physical page: [ 21.625693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.625861] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.625934] page_type: f5(slab) [ 21.626391] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.626487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.627043] page dumped because: kasan: bad access detected [ 21.627117] [ 21.627285] Memory state around the buggy address: [ 21.627367] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.627771] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.628003] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.628054] ^ [ 21.628098] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.628166] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.628214] ================================================================== [ 21.777985] ================================================================== [ 21.778053] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 21.778110] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.778256] [ 21.778308] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.778434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.778468] Hardware name: linux,dummy-virt (DT) [ 21.778506] Call trace: [ 21.778531] show_stack+0x20/0x38 (C) [ 21.778588] dump_stack_lvl+0x8c/0xd0 [ 21.778640] print_report+0x118/0x608 [ 21.778705] kasan_report+0xdc/0x128 [ 21.778755] kasan_check_range+0x100/0x1a8 [ 21.778809] __kasan_check_write+0x20/0x30 [ 21.778868] kasan_atomics_helper+0x15b4/0x4858 [ 21.778923] kasan_atomics+0x198/0x2e0 [ 21.778973] kunit_try_run_case+0x170/0x3f0 [ 21.779024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.779092] kthread+0x328/0x630 [ 21.779512] ret_from_fork+0x10/0x20 [ 21.779742] [ 21.779889] Allocated by task 266: [ 21.779937] kasan_save_stack+0x3c/0x68 [ 21.779991] kasan_save_track+0x20/0x40 [ 21.780035] kasan_save_alloc_info+0x40/0x58 [ 21.780079] __kasan_kmalloc+0xd4/0xd8 [ 21.780122] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.780395] kasan_atomics+0xb8/0x2e0 [ 21.780627] kunit_try_run_case+0x170/0x3f0 [ 21.780906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.781048] kthread+0x328/0x630 [ 21.781090] ret_from_fork+0x10/0x20 [ 21.781359] [ 21.781531] The buggy address belongs to the object at fff00000c76da700 [ 21.781531] which belongs to the cache kmalloc-64 of size 64 [ 21.781839] The buggy address is located 0 bytes to the right of [ 21.781839] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.781950] [ 21.782070] The buggy address belongs to the physical page: [ 21.782141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.782368] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.782568] page_type: f5(slab) [ 21.782669] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.783032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.783118] page dumped because: kasan: bad access detected [ 21.783299] [ 21.783325] Memory state around the buggy address: [ 21.783366] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.783426] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.783478] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.783524] ^ [ 21.783562] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.783871] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.783934] ================================================================== [ 21.649308] ================================================================== [ 21.649527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 21.649730] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.649880] [ 21.649929] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.650323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.650399] Hardware name: linux,dummy-virt (DT) [ 21.650439] Call trace: [ 21.650469] show_stack+0x20/0x38 (C) [ 21.650659] dump_stack_lvl+0x8c/0xd0 [ 21.650735] print_report+0x118/0x608 [ 21.650914] kasan_report+0xdc/0x128 [ 21.650982] kasan_check_range+0x100/0x1a8 [ 21.651150] __kasan_check_write+0x20/0x30 [ 21.651215] kasan_atomics_helper+0xf88/0x4858 [ 21.651280] kasan_atomics+0x198/0x2e0 [ 21.651333] kunit_try_run_case+0x170/0x3f0 [ 21.651385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.651821] kthread+0x328/0x630 [ 21.652275] ret_from_fork+0x10/0x20 [ 21.652426] [ 21.652493] Allocated by task 266: [ 21.652618] kasan_save_stack+0x3c/0x68 [ 21.652716] kasan_save_track+0x20/0x40 [ 21.652807] kasan_save_alloc_info+0x40/0x58 [ 21.653274] __kasan_kmalloc+0xd4/0xd8 [ 21.653341] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.653421] kasan_atomics+0xb8/0x2e0 [ 21.653485] kunit_try_run_case+0x170/0x3f0 [ 21.653530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.653582] kthread+0x328/0x630 [ 21.653629] ret_from_fork+0x10/0x20 [ 21.653688] [ 21.653723] The buggy address belongs to the object at fff00000c76da700 [ 21.653723] which belongs to the cache kmalloc-64 of size 64 [ 21.653808] The buggy address is located 0 bytes to the right of [ 21.653808] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.653882] [ 21.653919] The buggy address belongs to the physical page: [ 21.653959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.654032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.654102] page_type: f5(slab) [ 21.654165] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.654236] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.654293] page dumped because: kasan: bad access detected [ 21.654340] [ 21.654365] Memory state around the buggy address: [ 21.654405] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.654467] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.654521] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.654566] ^ [ 21.654624] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.654673] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.654720] ================================================================== [ 21.810640] ================================================================== [ 21.810699] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 21.810754] Read of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.810811] [ 21.810851] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.810944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.810974] Hardware name: linux,dummy-virt (DT) [ 21.811013] Call trace: [ 21.811038] show_stack+0x20/0x38 (C) [ 21.811093] dump_stack_lvl+0x8c/0xd0 [ 21.813203] print_report+0x118/0x608 [ 21.813262] kasan_report+0xdc/0x128 [ 21.813321] __asan_report_load8_noabort+0x20/0x30 [ 21.813377] kasan_atomics_helper+0x3e10/0x4858 [ 21.813431] kasan_atomics+0x198/0x2e0 [ 21.813480] kunit_try_run_case+0x170/0x3f0 [ 21.813535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.813594] kthread+0x328/0x630 [ 21.813640] ret_from_fork+0x10/0x20 [ 21.813695] [ 21.813717] Allocated by task 266: [ 21.813750] kasan_save_stack+0x3c/0x68 [ 21.813798] kasan_save_track+0x20/0x40 [ 21.813839] kasan_save_alloc_info+0x40/0x58 [ 21.813885] __kasan_kmalloc+0xd4/0xd8 [ 21.813927] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.813971] kasan_atomics+0xb8/0x2e0 [ 21.814012] kunit_try_run_case+0x170/0x3f0 [ 21.814053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.814104] kthread+0x328/0x630 [ 21.814150] ret_from_fork+0x10/0x20 [ 21.814261] [ 21.814285] The buggy address belongs to the object at fff00000c76da700 [ 21.814285] which belongs to the cache kmalloc-64 of size 64 [ 21.814366] The buggy address is located 0 bytes to the right of [ 21.814366] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.814460] [ 21.814493] The buggy address belongs to the physical page: [ 21.814539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.814606] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.814665] page_type: f5(slab) [ 21.814710] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.814786] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.814838] page dumped because: kasan: bad access detected [ 21.814885] [ 21.814907] Memory state around the buggy address: [ 21.814952] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.815026] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.815091] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.815155] ^ [ 21.815195] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.815246] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.815290] ================================================================== [ 21.689050] ================================================================== [ 21.689147] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 21.689400] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.689474] [ 21.689532] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.689638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.690070] Hardware name: linux,dummy-virt (DT) [ 21.690437] Call trace: [ 21.690492] show_stack+0x20/0x38 (C) [ 21.690560] dump_stack_lvl+0x8c/0xd0 [ 21.690616] print_report+0x118/0x608 [ 21.690808] kasan_report+0xdc/0x128 [ 21.690923] kasan_check_range+0x100/0x1a8 [ 21.691286] __kasan_check_write+0x20/0x30 [ 21.691470] kasan_atomics_helper+0x1128/0x4858 [ 21.691656] kasan_atomics+0x198/0x2e0 [ 21.691722] kunit_try_run_case+0x170/0x3f0 [ 21.691778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.692232] kthread+0x328/0x630 [ 21.692378] ret_from_fork+0x10/0x20 [ 21.692893] [ 21.693013] Allocated by task 266: [ 21.693206] kasan_save_stack+0x3c/0x68 [ 21.693370] kasan_save_track+0x20/0x40 [ 21.693417] kasan_save_alloc_info+0x40/0x58 [ 21.693771] __kasan_kmalloc+0xd4/0xd8 [ 21.694644] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.694760] kasan_atomics+0xb8/0x2e0 [ 21.694828] kunit_try_run_case+0x170/0x3f0 [ 21.694925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.694980] kthread+0x328/0x630 [ 21.695018] ret_from_fork+0x10/0x20 [ 21.695369] [ 21.695456] The buggy address belongs to the object at fff00000c76da700 [ 21.695456] which belongs to the cache kmalloc-64 of size 64 [ 21.695875] The buggy address is located 0 bytes to the right of [ 21.695875] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.696011] [ 21.696116] The buggy address belongs to the physical page: [ 21.696170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.696520] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.696699] page_type: f5(slab) [ 21.696813] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.697302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.697579] page dumped because: kasan: bad access detected [ 21.697670] [ 21.697750] Memory state around the buggy address: [ 21.697877] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.698096] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.698189] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.698245] ^ [ 21.698288] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.698360] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.698430] ================================================================== [ 21.639464] ================================================================== [ 21.639734] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 21.639901] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.640103] [ 21.640162] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.640268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.640301] Hardware name: linux,dummy-virt (DT) [ 21.640339] Call trace: [ 21.640367] show_stack+0x20/0x38 (C) [ 21.640831] dump_stack_lvl+0x8c/0xd0 [ 21.641247] print_report+0x118/0x608 [ 21.641352] kasan_report+0xdc/0x128 [ 21.641536] kasan_check_range+0x100/0x1a8 [ 21.641698] __kasan_check_write+0x20/0x30 [ 21.641783] kasan_atomics_helper+0xf20/0x4858 [ 21.641860] kasan_atomics+0x198/0x2e0 [ 21.642177] kunit_try_run_case+0x170/0x3f0 [ 21.642318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.642693] kthread+0x328/0x630 [ 21.642806] ret_from_fork+0x10/0x20 [ 21.642945] [ 21.643081] Allocated by task 266: [ 21.643196] kasan_save_stack+0x3c/0x68 [ 21.643328] kasan_save_track+0x20/0x40 [ 21.643375] kasan_save_alloc_info+0x40/0x58 [ 21.643420] __kasan_kmalloc+0xd4/0xd8 [ 21.644144] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.644432] kasan_atomics+0xb8/0x2e0 [ 21.644508] kunit_try_run_case+0x170/0x3f0 [ 21.644887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.645021] kthread+0x328/0x630 [ 21.645230] ret_from_fork+0x10/0x20 [ 21.645325] [ 21.645404] The buggy address belongs to the object at fff00000c76da700 [ 21.645404] which belongs to the cache kmalloc-64 of size 64 [ 21.645483] The buggy address is located 0 bytes to the right of [ 21.645483] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.645886] [ 21.645944] The buggy address belongs to the physical page: [ 21.646116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.646212] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.646404] page_type: f5(slab) [ 21.646463] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.646558] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.646620] page dumped because: kasan: bad access detected [ 21.646668] [ 21.646692] Memory state around the buggy address: [ 21.646735] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.646803] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.646886] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.646950] ^ [ 21.646989] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.647039] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.647103] ================================================================== [ 21.820155] ================================================================== [ 21.820212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 21.820694] Read of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.820752] [ 21.821028] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.821137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.821171] Hardware name: linux,dummy-virt (DT) [ 21.821278] Call trace: [ 21.821324] show_stack+0x20/0x38 (C) [ 21.821546] dump_stack_lvl+0x8c/0xd0 [ 21.821744] print_report+0x118/0x608 [ 21.821813] kasan_report+0xdc/0x128 [ 21.821975] __asan_report_load8_noabort+0x20/0x30 [ 21.822061] kasan_atomics_helper+0x3e20/0x4858 [ 21.822117] kasan_atomics+0x198/0x2e0 [ 21.822210] kunit_try_run_case+0x170/0x3f0 [ 21.822303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.822364] kthread+0x328/0x630 [ 21.822411] ret_from_fork+0x10/0x20 [ 21.822507] [ 21.822551] Allocated by task 266: [ 21.822592] kasan_save_stack+0x3c/0x68 [ 21.822638] kasan_save_track+0x20/0x40 [ 21.822681] kasan_save_alloc_info+0x40/0x58 [ 21.822725] __kasan_kmalloc+0xd4/0xd8 [ 21.822767] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.822939] kasan_atomics+0xb8/0x2e0 [ 21.823192] kunit_try_run_case+0x170/0x3f0 [ 21.823264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.823359] kthread+0x328/0x630 [ 21.823410] ret_from_fork+0x10/0x20 [ 21.823478] [ 21.823561] The buggy address belongs to the object at fff00000c76da700 [ 21.823561] which belongs to the cache kmalloc-64 of size 64 [ 21.823630] The buggy address is located 0 bytes to the right of [ 21.823630] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.823897] [ 21.824040] The buggy address belongs to the physical page: [ 21.824105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.824551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.824641] page_type: f5(slab) [ 21.824796] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.824912] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.824981] page dumped because: kasan: bad access detected [ 21.825020] [ 21.825041] Memory state around the buggy address: [ 21.825081] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.825278] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.825342] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.825387] ^ [ 21.825425] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.825673] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.825791] ================================================================== [ 21.719855] ================================================================== [ 21.720283] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 21.720365] Write of size 8 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.720787] [ 21.720851] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.720948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.721078] Hardware name: linux,dummy-virt (DT) [ 21.721224] Call trace: [ 21.721278] show_stack+0x20/0x38 (C) [ 21.721349] dump_stack_lvl+0x8c/0xd0 [ 21.721674] print_report+0x118/0x608 [ 21.721740] kasan_report+0xdc/0x128 [ 21.722214] kasan_check_range+0x100/0x1a8 [ 21.722295] __kasan_check_write+0x20/0x30 [ 21.722350] kasan_atomics_helper+0x126c/0x4858 [ 21.722415] kasan_atomics+0x198/0x2e0 [ 21.722518] kunit_try_run_case+0x170/0x3f0 [ 21.722575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.722647] kthread+0x328/0x630 [ 21.722704] ret_from_fork+0x10/0x20 [ 21.722762] [ 21.722790] Allocated by task 266: [ 21.722824] kasan_save_stack+0x3c/0x68 [ 21.722874] kasan_save_track+0x20/0x40 [ 21.722925] kasan_save_alloc_info+0x40/0x58 [ 21.722971] __kasan_kmalloc+0xd4/0xd8 [ 21.723022] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.723069] kasan_atomics+0xb8/0x2e0 [ 21.723110] kunit_try_run_case+0x170/0x3f0 [ 21.723427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.723479] kthread+0x328/0x630 [ 21.724052] ret_from_fork+0x10/0x20 [ 21.724413] [ 21.724584] The buggy address belongs to the object at fff00000c76da700 [ 21.724584] which belongs to the cache kmalloc-64 of size 64 [ 21.724715] The buggy address is located 0 bytes to the right of [ 21.724715] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.725094] [ 21.725175] The buggy address belongs to the physical page: [ 21.725616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.725754] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.726476] page_type: f5(slab) [ 21.726569] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.726745] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.726848] page dumped because: kasan: bad access detected [ 21.727198] [ 21.727248] Memory state around the buggy address: [ 21.727373] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.727433] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.727534] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.727908] ^ [ 21.728000] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.728196] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.728247] ================================================================== [ 21.479863] ================================================================== [ 21.479936] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 21.480002] Write of size 4 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.480059] [ 21.481016] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.481204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.481272] Hardware name: linux,dummy-virt (DT) [ 21.481338] Call trace: [ 21.481370] show_stack+0x20/0x38 (C) [ 21.481793] dump_stack_lvl+0x8c/0xd0 [ 21.481879] print_report+0x118/0x608 [ 21.481935] kasan_report+0xdc/0x128 [ 21.482505] kasan_check_range+0x100/0x1a8 [ 21.482737] __kasan_check_write+0x20/0x30 [ 21.482806] kasan_atomics_helper+0x99c/0x4858 [ 21.482884] kasan_atomics+0x198/0x2e0 [ 21.482959] kunit_try_run_case+0x170/0x3f0 [ 21.483017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.483199] kthread+0x328/0x630 [ 21.483262] ret_from_fork+0x10/0x20 [ 21.483322] [ 21.483347] Allocated by task 266: [ 21.483383] kasan_save_stack+0x3c/0x68 [ 21.483432] kasan_save_track+0x20/0x40 [ 21.483474] kasan_save_alloc_info+0x40/0x58 [ 21.483521] __kasan_kmalloc+0xd4/0xd8 [ 21.483562] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.483607] kasan_atomics+0xb8/0x2e0 [ 21.483650] kunit_try_run_case+0x170/0x3f0 [ 21.483692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.483743] kthread+0x328/0x630 [ 21.483779] ret_from_fork+0x10/0x20 [ 21.483821] [ 21.483844] The buggy address belongs to the object at fff00000c76da700 [ 21.483844] which belongs to the cache kmalloc-64 of size 64 [ 21.483916] The buggy address is located 0 bytes to the right of [ 21.483916] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.483990] [ 21.484016] The buggy address belongs to the physical page: [ 21.484056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.484118] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.484290] page_type: f5(slab) [ 21.484433] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.484598] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.484692] page dumped because: kasan: bad access detected [ 21.484740] [ 21.484762] Memory state around the buggy address: [ 21.484908] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.487301] kasan_check_range+0x100/0x1a8 [ 21.487831] [ 21.487853] Allocated by task 266: [ 21.487887] kasan_save_stack+0x3c/0x68 [ 21.488016] kasan_save_track+0x20/0x40 [ 21.488060] kasan_save_alloc_info+0x40/0x58 [ 21.488156] __kasan_kmalloc+0xd4/0xd8 [ 21.488200] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.488247] kasan_atomics+0xb8/0x2e0 [ 21.488289] kunit_try_run_case+0x170/0x3f0 [ 21.488332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.488394] kthread+0x328/0x630 [ 21.488438] ret_from_fork+0x10/0x20 [ 21.488478] [ 21.488592] The buggy address belongs to the object at fff00000c76da700 [ 21.488592] which belongs to the cache kmalloc-64 of size 64 [ 21.488910] The buggy address is located 0 bytes to the right of [ 21.488910] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.489234] [ 21.489259] The buggy address belongs to the physical page: [ 21.489391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.489596] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.489743] page_type: f5(slab) [ 21.489887] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.489961] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.490047] page dumped because: kasan: bad access detected [ 21.490121] [ 21.490464] Memory state around the buggy address: [ 21.490511] fff00000c76da600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.491017] fff00000c76da680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.491334] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.491472] ^ [ 21.491553] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.491613] fff00000c76da800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.491659] ================================================================== [ 21.365674] ================================================================== [ 21.365834] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 21.366065] Write of size 4 at addr fff00000c76da730 by task kunit_try_catch/266 [ 21.366124] [ 21.366175] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.369327] page_type: f5(slab) [ 21.370269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 21.374825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.379025] kasan_report+0xdc/0x128 [ 21.381353] [ 21.381575] page_type: f5(slab) [ 21.381962] >fff00000c76da700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.386637] [ 21.387551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.388348] fff00000c76da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.391799] [ 21.392327] kthread+0x328/0x630 [ 21.392657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076da [ 21.394148] ^ [ 21.395469] [ 21.395669] Call trace: [ 21.397495] kthread+0x328/0x630 [ 21.399524] The buggy address is located 0 bytes to the right of [ 21.399524] allocated 48-byte region [fff00000c76da700, fff00000c76da730) [ 21.400290] page dumped because: kasan: bad access detected [ 21.404792] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 21.203000] ================================================================== [ 21.203075] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 21.203409] Read of size 8 at addr fff00000c6013988 by task kunit_try_catch/262 [ 21.203471] [ 21.203961] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.204641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.204688] Hardware name: linux,dummy-virt (DT) [ 21.204946] Call trace: [ 21.205305] show_stack+0x20/0x38 (C) [ 21.205450] dump_stack_lvl+0x8c/0xd0 [ 21.205692] print_report+0x118/0x608 [ 21.205951] kasan_report+0xdc/0x128 [ 21.206464] __asan_report_load8_noabort+0x20/0x30 [ 21.206713] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 21.206843] kasan_bitops_generic+0x110/0x1c8 [ 21.207269] kunit_try_run_case+0x170/0x3f0 [ 21.207346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.207777] kthread+0x328/0x630 [ 21.207946] ret_from_fork+0x10/0x20 [ 21.208024] [ 21.208248] Allocated by task 262: [ 21.208348] kasan_save_stack+0x3c/0x68 [ 21.208547] kasan_save_track+0x20/0x40 [ 21.208599] kasan_save_alloc_info+0x40/0x58 [ 21.208914] __kasan_kmalloc+0xd4/0xd8 [ 21.209291] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.209408] kasan_bitops_generic+0xa0/0x1c8 [ 21.209617] kunit_try_run_case+0x170/0x3f0 [ 21.209689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.209777] kthread+0x328/0x630 [ 21.209825] ret_from_fork+0x10/0x20 [ 21.209869] [ 21.209895] The buggy address belongs to the object at fff00000c6013980 [ 21.209895] which belongs to the cache kmalloc-16 of size 16 [ 21.209979] The buggy address is located 8 bytes inside of [ 21.209979] allocated 9-byte region [fff00000c6013980, fff00000c6013989) [ 21.210063] [ 21.210089] The buggy address belongs to the physical page: [ 21.210128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106013 [ 21.210211] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.210272] page_type: f5(slab) [ 21.210330] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.210400] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.210451] page dumped because: kasan: bad access detected [ 21.210626] fff00000c6013900: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 21.212585] ================================================================== [ 21.145197] ================================================================== [ 21.145705] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.145980] Read of size 8 at addr fff00000c6013988 by task kunit_try_catch/262 [ 21.146522] [ 21.146686] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.146789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.146954] Hardware name: linux,dummy-virt (DT) [ 21.147062] Call trace: [ 21.147092] show_stack+0x20/0x38 (C) [ 21.147489] dump_stack_lvl+0x8c/0xd0 [ 21.147594] print_report+0x118/0x608 [ 21.147829] kasan_report+0xdc/0x128 [ 21.148026] __asan_report_load8_noabort+0x20/0x30 [ 21.148282] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.148428] kasan_bitops_generic+0x110/0x1c8 [ 21.148614] kunit_try_run_case+0x170/0x3f0 [ 21.148708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.148850] kthread+0x328/0x630 [ 21.149270] ret_from_fork+0x10/0x20 [ 21.149511] [ 21.149596] Allocated by task 262: [ 21.149791] kasan_save_stack+0x3c/0x68 [ 21.149848] kasan_save_track+0x20/0x40 [ 21.150173] kasan_save_alloc_info+0x40/0x58 [ 21.150368] __kasan_kmalloc+0xd4/0xd8 [ 21.150633] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.150977] kasan_bitops_generic+0xa0/0x1c8 [ 21.151083] kunit_try_run_case+0x170/0x3f0 [ 21.151213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.151344] kthread+0x328/0x630 [ 21.151401] ret_from_fork+0x10/0x20 [ 21.151443] [ 21.151472] The buggy address belongs to the object at fff00000c6013980 [ 21.151472] which belongs to the cache kmalloc-16 of size 16 [ 21.151544] The buggy address is located 8 bytes inside of [ 21.151544] allocated 9-byte region [fff00000c6013980, fff00000c6013989) [ 21.152192] [ 21.152296] The buggy address belongs to the physical page: [ 21.152382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106013 [ 21.152557] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.152621] page_type: f5(slab) [ 21.153064] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.153154] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.153330] page dumped because: kasan: bad access detected [ 21.153426] [ 21.153504] Memory state around the buggy address: [ 21.153752] fff00000c6013880: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 21.153861] fff00000c6013900: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 21.154482] >fff00000c6013980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.154554] ^ [ 21.154617] fff00000c6013a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.154671] fff00000c6013a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.154718] ================================================================== [ 21.168784] ================================================================== [ 21.169228] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.169375] Read of size 8 at addr fff00000c6013988 by task kunit_try_catch/262 [ 21.169488] [ 21.169702] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.169964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.170094] Hardware name: linux,dummy-virt (DT) [ 21.170152] Call trace: [ 21.170215] show_stack+0x20/0x38 (C) [ 21.170569] dump_stack_lvl+0x8c/0xd0 [ 21.170807] print_report+0x118/0x608 [ 21.171025] kasan_report+0xdc/0x128 [ 21.171210] __asan_report_load8_noabort+0x20/0x30 [ 21.171316] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.171565] kasan_bitops_generic+0x110/0x1c8 [ 21.171763] kunit_try_run_case+0x170/0x3f0 [ 21.172109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.172572] kthread+0x328/0x630 [ 21.172761] ret_from_fork+0x10/0x20 [ 21.172975] [ 21.173018] Allocated by task 262: [ 21.173059] kasan_save_stack+0x3c/0x68 [ 21.173339] kasan_save_track+0x20/0x40 [ 21.173443] kasan_save_alloc_info+0x40/0x58 [ 21.173493] __kasan_kmalloc+0xd4/0xd8 [ 21.174432] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.174504] kasan_bitops_generic+0xa0/0x1c8 [ 21.174915] kunit_try_run_case+0x170/0x3f0 [ 21.175337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.175486] kthread+0x328/0x630 [ 21.175614] ret_from_fork+0x10/0x20 [ 21.175744] [ 21.175785] The buggy address belongs to the object at fff00000c6013980 [ 21.175785] which belongs to the cache kmalloc-16 of size 16 [ 21.175864] The buggy address is located 8 bytes inside of [ 21.175864] allocated 9-byte region [fff00000c6013980, fff00000c6013989) [ 21.175935] [ 21.176345] The buggy address belongs to the physical page: [ 21.176436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106013 [ 21.176631] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.176714] page_type: f5(slab) [ 21.176770] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.176995] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.177194] page dumped because: kasan: bad access detected [ 21.177572] [ 21.177706] Memory state around the buggy address: [ 21.178080] fff00000c6013880: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 21.178353] fff00000c6013900: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 21.178482] >fff00000c6013980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.178553] ^ [ 21.178619] fff00000c6013a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.178765] fff00000c6013a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.178994] ================================================================== [ 21.156762] ================================================================== [ 21.156842] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.156914] Write of size 8 at addr fff00000c6013988 by task kunit_try_catch/262 [ 21.157505] [ 21.157576] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.157678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.157711] Hardware name: linux,dummy-virt (DT) [ 21.157750] Call trace: [ 21.157779] show_stack+0x20/0x38 (C) [ 21.157841] dump_stack_lvl+0x8c/0xd0 [ 21.157899] print_report+0x118/0x608 [ 21.157950] kasan_report+0xdc/0x128 [ 21.158025] kasan_check_range+0x100/0x1a8 [ 21.158081] __kasan_check_write+0x20/0x30 [ 21.158573] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.158887] kasan_bitops_generic+0x110/0x1c8 [ 21.158962] kunit_try_run_case+0x170/0x3f0 [ 21.159020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.159366] kthread+0x328/0x630 [ 21.159863] ret_from_fork+0x10/0x20 [ 21.160019] [ 21.160165] Allocated by task 262: [ 21.160224] kasan_save_stack+0x3c/0x68 [ 21.160421] kasan_save_track+0x20/0x40 [ 21.160702] kasan_save_alloc_info+0x40/0x58 [ 21.161144] __kasan_kmalloc+0xd4/0xd8 [ 21.161296] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.161381] kasan_bitops_generic+0xa0/0x1c8 [ 21.161737] kunit_try_run_case+0x170/0x3f0 [ 21.161877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.161937] kthread+0x328/0x630 [ 21.162380] ret_from_fork+0x10/0x20 [ 21.162542] [ 21.162572] The buggy address belongs to the object at fff00000c6013980 [ 21.162572] which belongs to the cache kmalloc-16 of size 16 [ 21.162863] The buggy address is located 8 bytes inside of [ 21.162863] allocated 9-byte region [fff00000c6013980, fff00000c6013989) [ 21.163202] [ 21.163267] The buggy address belongs to the physical page: [ 21.163428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106013 [ 21.163503] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.163762] page_type: f5(slab) [ 21.163861] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.164216] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.164288] page dumped because: kasan: bad access detected [ 21.164464] [ 21.164533] Memory state around the buggy address: [ 21.164772] fff00000c6013880: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 21.164973] fff00000c6013900: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 21.165268] >fff00000c6013980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.165605] ^ [ 21.165815] fff00000c6013a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.166238] fff00000c6013a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.166357] ================================================================== [ 21.190815] ================================================================== [ 21.190906] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 21.191413] Write of size 8 at addr fff00000c6013988 by task kunit_try_catch/262 [ 21.191585] [ 21.191682] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.191874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.191935] Hardware name: linux,dummy-virt (DT) [ 21.191972] Call trace: [ 21.192002] show_stack+0x20/0x38 (C) [ 21.192064] dump_stack_lvl+0x8c/0xd0 [ 21.192643] print_report+0x118/0x608 [ 21.192855] kasan_report+0xdc/0x128 [ 21.192952] kasan_check_range+0x100/0x1a8 [ 21.193040] __kasan_check_write+0x20/0x30 [ 21.193247] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 21.193389] kasan_bitops_generic+0x110/0x1c8 [ 21.193597] kunit_try_run_case+0x170/0x3f0 [ 21.193767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.193991] kthread+0x328/0x630 [ 21.194051] ret_from_fork+0x10/0x20 [ 21.194114] [ 21.194184] Allocated by task 262: [ 21.194537] kasan_save_stack+0x3c/0x68 [ 21.194717] kasan_save_track+0x20/0x40 [ 21.195403] kasan_save_alloc_info+0x40/0x58 [ 21.195795] __kasan_kmalloc+0xd4/0xd8 [ 21.195846] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.195923] kasan_bitops_generic+0xa0/0x1c8 [ 21.195971] kunit_try_run_case+0x170/0x3f0 [ 21.196016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.196066] kthread+0x328/0x630 [ 21.196365] ret_from_fork+0x10/0x20 [ 21.197041] [ 21.197124] The buggy address belongs to the object at fff00000c6013980 [ 21.197124] which belongs to the cache kmalloc-16 of size 16 [ 21.198105] The buggy address is located 8 bytes inside of [ 21.198105] allocated 9-byte region [fff00000c6013980, fff00000c6013989) [ 21.198228] [ 21.198270] The buggy address belongs to the physical page: [ 21.198338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106013 [ 21.198467] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.199110] page_type: f5(slab) [ 21.199290] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.199360] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.199409] page dumped because: kasan: bad access detected [ 21.199793] [ 21.199853] Memory state around the buggy address: [ 21.200043] fff00000c6013880: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 21.200150] fff00000c6013900: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 21.200207] >fff00000c6013980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.200591] ^ [ 21.200780] fff00000c6013a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.201004] fff00000c6013a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.201441] ================================================================== [ 21.181147] ================================================================== [ 21.181232] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.181471] Write of size 8 at addr fff00000c6013988 by task kunit_try_catch/262 [ 21.181813] [ 21.182053] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.182180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.182218] Hardware name: linux,dummy-virt (DT) [ 21.182608] Call trace: [ 21.182743] show_stack+0x20/0x38 (C) [ 21.182951] dump_stack_lvl+0x8c/0xd0 [ 21.183079] print_report+0x118/0x608 [ 21.183156] kasan_report+0xdc/0x128 [ 21.183641] kasan_check_range+0x100/0x1a8 [ 21.183887] __kasan_check_write+0x20/0x30 [ 21.183946] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.184005] kasan_bitops_generic+0x110/0x1c8 [ 21.184067] kunit_try_run_case+0x170/0x3f0 [ 21.184344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.184796] kthread+0x328/0x630 [ 21.185008] ret_from_fork+0x10/0x20 [ 21.185150] [ 21.185179] Allocated by task 262: [ 21.185244] kasan_save_stack+0x3c/0x68 [ 21.185303] kasan_save_track+0x20/0x40 [ 21.185348] kasan_save_alloc_info+0x40/0x58 [ 21.185395] __kasan_kmalloc+0xd4/0xd8 [ 21.185451] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.185514] kasan_bitops_generic+0xa0/0x1c8 [ 21.185561] kunit_try_run_case+0x170/0x3f0 [ 21.185606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.185658] kthread+0x328/0x630 [ 21.185694] ret_from_fork+0x10/0x20 [ 21.185734] [ 21.185778] The buggy address belongs to the object at fff00000c6013980 [ 21.185778] which belongs to the cache kmalloc-16 of size 16 [ 21.185866] The buggy address is located 8 bytes inside of [ 21.185866] allocated 9-byte region [fff00000c6013980, fff00000c6013989) [ 21.185939] [ 21.185965] The buggy address belongs to the physical page: [ 21.186013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106013 [ 21.186091] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.186456] page_type: f5(slab) [ 21.186574] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.186869] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.187138] page dumped because: kasan: bad access detected [ 21.187217] [ 21.187243] Memory state around the buggy address: [ 21.187706] fff00000c6013880: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 21.187924] fff00000c6013900: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 21.188110] >fff00000c6013980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.188293] ^ [ 21.188374] fff00000c6013a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.188753] fff00000c6013a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.188935] ================================================================== [ 21.136116] ================================================================== [ 21.136469] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.136921] Write of size 8 at addr fff00000c6013988 by task kunit_try_catch/262 [ 21.137163] [ 21.137465] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.137590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.137799] Hardware name: linux,dummy-virt (DT) [ 21.137899] Call trace: [ 21.138120] show_stack+0x20/0x38 (C) [ 21.138216] dump_stack_lvl+0x8c/0xd0 [ 21.138283] print_report+0x118/0x608 [ 21.138544] kasan_report+0xdc/0x128 [ 21.138805] kasan_check_range+0x100/0x1a8 [ 21.138879] __kasan_check_write+0x20/0x30 [ 21.139027] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.139277] kasan_bitops_generic+0x110/0x1c8 [ 21.139412] kunit_try_run_case+0x170/0x3f0 [ 21.139594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.139733] kthread+0x328/0x630 [ 21.139840] ret_from_fork+0x10/0x20 [ 21.139946] [ 21.139971] Allocated by task 262: [ 21.140010] kasan_save_stack+0x3c/0x68 [ 21.140058] kasan_save_track+0x20/0x40 [ 21.140731] kasan_save_alloc_info+0x40/0x58 [ 21.140980] __kasan_kmalloc+0xd4/0xd8 [ 21.141144] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.141198] kasan_bitops_generic+0xa0/0x1c8 [ 21.141293] kunit_try_run_case+0x170/0x3f0 [ 21.141521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.141799] kthread+0x328/0x630 [ 21.141905] ret_from_fork+0x10/0x20 [ 21.141990] [ 21.142123] The buggy address belongs to the object at fff00000c6013980 [ 21.142123] which belongs to the cache kmalloc-16 of size 16 [ 21.142262] The buggy address is located 8 bytes inside of [ 21.142262] allocated 9-byte region [fff00000c6013980, fff00000c6013989) [ 21.142336] [ 21.142385] The buggy address belongs to the physical page: [ 21.142438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106013 [ 21.142514] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.142587] page_type: f5(slab) [ 21.142646] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.142707] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.142756] page dumped because: kasan: bad access detected [ 21.142804] [ 21.142827] Memory state around the buggy address: [ 21.142883] fff00000c6013880: 00 00 fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 21.142935] fff00000c6013900: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 21.142986] >fff00000c6013980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.143031] ^ [ 21.143066] fff00000c6013a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.143401] fff00000c6013a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.143574] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 21.101464] ================================================================== [ 21.101914] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 21.102373] Read of size 1 at addr fff00000c76d9210 by task kunit_try_catch/260 [ 21.102819] [ 21.102876] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.103013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.103150] Hardware name: linux,dummy-virt (DT) [ 21.103192] Call trace: [ 21.103220] show_stack+0x20/0x38 (C) [ 21.103437] dump_stack_lvl+0x8c/0xd0 [ 21.103567] print_report+0x118/0x608 [ 21.103694] kasan_report+0xdc/0x128 [ 21.103777] __asan_report_load1_noabort+0x20/0x30 [ 21.103834] strnlen+0x80/0x88 [ 21.103882] kasan_strings+0x478/0xb00 [ 21.104397] kunit_try_run_case+0x170/0x3f0 [ 21.104471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.104689] kthread+0x328/0x630 [ 21.104987] ret_from_fork+0x10/0x20 [ 21.105111] [ 21.105279] Allocated by task 260: [ 21.105432] kasan_save_stack+0x3c/0x68 [ 21.105670] kasan_save_track+0x20/0x40 [ 21.105966] kasan_save_alloc_info+0x40/0x58 [ 21.106052] __kasan_kmalloc+0xd4/0xd8 [ 21.106265] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.106475] kasan_strings+0xc8/0xb00 [ 21.106665] kunit_try_run_case+0x170/0x3f0 [ 21.106811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.106902] kthread+0x328/0x630 [ 21.107113] ret_from_fork+0x10/0x20 [ 21.107356] [ 21.107544] Freed by task 260: [ 21.107687] kasan_save_stack+0x3c/0x68 [ 21.107820] kasan_save_track+0x20/0x40 [ 21.107916] kasan_save_free_info+0x4c/0x78 [ 21.108246] __kasan_slab_free+0x6c/0x98 [ 21.108510] kfree+0x214/0x3c8 [ 21.108627] kasan_strings+0x24c/0xb00 [ 21.108820] kunit_try_run_case+0x170/0x3f0 [ 21.108962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.109077] kthread+0x328/0x630 [ 21.109124] ret_from_fork+0x10/0x20 [ 21.109181] [ 21.109207] The buggy address belongs to the object at fff00000c76d9200 [ 21.109207] which belongs to the cache kmalloc-32 of size 32 [ 21.109279] The buggy address is located 16 bytes inside of [ 21.109279] freed 32-byte region [fff00000c76d9200, fff00000c76d9220) [ 21.109562] [ 21.109979] The buggy address belongs to the physical page: [ 21.110061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d9 [ 21.110250] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.110692] page_type: f5(slab) [ 21.110887] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.111047] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.111207] page dumped because: kasan: bad access detected [ 21.111338] [ 21.111499] Memory state around the buggy address: [ 21.111577] fff00000c76d9100: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 21.111645] fff00000c76d9180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.111885] >fff00000c76d9200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.112242] ^ [ 21.112419] fff00000c76d9280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.112557] fff00000c76d9300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.112656] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 21.091761] ================================================================== [ 21.091841] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 21.091905] Read of size 1 at addr fff00000c76d9210 by task kunit_try_catch/260 [ 21.091964] [ 21.092306] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.092821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.092889] Hardware name: linux,dummy-virt (DT) [ 21.092928] Call trace: [ 21.093032] show_stack+0x20/0x38 (C) [ 21.093122] dump_stack_lvl+0x8c/0xd0 [ 21.093332] print_report+0x118/0x608 [ 21.093423] kasan_report+0xdc/0x128 [ 21.093726] __asan_report_load1_noabort+0x20/0x30 [ 21.093901] strlen+0xa8/0xb0 [ 21.094044] kasan_strings+0x418/0xb00 [ 21.094125] kunit_try_run_case+0x170/0x3f0 [ 21.094264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.094343] kthread+0x328/0x630 [ 21.094393] ret_from_fork+0x10/0x20 [ 21.094478] [ 21.094804] Allocated by task 260: [ 21.094884] kasan_save_stack+0x3c/0x68 [ 21.094942] kasan_save_track+0x20/0x40 [ 21.095077] kasan_save_alloc_info+0x40/0x58 [ 21.095287] __kasan_kmalloc+0xd4/0xd8 [ 21.095370] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.095424] kasan_strings+0xc8/0xb00 [ 21.095706] kunit_try_run_case+0x170/0x3f0 [ 21.095872] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.095962] kthread+0x328/0x630 [ 21.096097] ret_from_fork+0x10/0x20 [ 21.096217] [ 21.096393] Freed by task 260: [ 21.096647] kasan_save_stack+0x3c/0x68 [ 21.096726] kasan_save_track+0x20/0x40 [ 21.096883] kasan_save_free_info+0x4c/0x78 [ 21.097020] __kasan_slab_free+0x6c/0x98 [ 21.097116] kfree+0x214/0x3c8 [ 21.097244] kasan_strings+0x24c/0xb00 [ 21.097291] kunit_try_run_case+0x170/0x3f0 [ 21.097352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.097408] kthread+0x328/0x630 [ 21.097581] ret_from_fork+0x10/0x20 [ 21.097761] [ 21.097789] The buggy address belongs to the object at fff00000c76d9200 [ 21.097789] which belongs to the cache kmalloc-32 of size 32 [ 21.097865] The buggy address is located 16 bytes inside of [ 21.097865] freed 32-byte region [fff00000c76d9200, fff00000c76d9220) [ 21.098043] [ 21.098082] The buggy address belongs to the physical page: [ 21.098122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d9 [ 21.098211] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.098285] page_type: f5(slab) [ 21.098333] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.098404] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.098469] page dumped because: kasan: bad access detected [ 21.098509] [ 21.098531] Memory state around the buggy address: [ 21.098572] fff00000c76d9100: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 21.098634] fff00000c76d9180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.098687] >fff00000c76d9200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.098736] ^ [ 21.098783] fff00000c76d9280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.098844] fff00000c76d9300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.098906] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 21.078101] ================================================================== [ 21.078214] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 21.078682] Read of size 1 at addr fff00000c76d9210 by task kunit_try_catch/260 [ 21.078784] [ 21.078841] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.078938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.079304] Hardware name: linux,dummy-virt (DT) [ 21.079459] Call trace: [ 21.079544] show_stack+0x20/0x38 (C) [ 21.079744] dump_stack_lvl+0x8c/0xd0 [ 21.079874] print_report+0x118/0x608 [ 21.080078] kasan_report+0xdc/0x128 [ 21.080242] __asan_report_load1_noabort+0x20/0x30 [ 21.080321] kasan_strings+0x95c/0xb00 [ 21.080636] kunit_try_run_case+0x170/0x3f0 [ 21.080878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.080997] kthread+0x328/0x630 [ 21.081105] ret_from_fork+0x10/0x20 [ 21.081778] [ 21.081896] Allocated by task 260: [ 21.082153] kasan_save_stack+0x3c/0x68 [ 21.082237] kasan_save_track+0x20/0x40 [ 21.082440] kasan_save_alloc_info+0x40/0x58 [ 21.082642] __kasan_kmalloc+0xd4/0xd8 [ 21.083034] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.083242] kasan_strings+0xc8/0xb00 [ 21.083340] kunit_try_run_case+0x170/0x3f0 [ 21.083536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.083798] kthread+0x328/0x630 [ 21.083846] ret_from_fork+0x10/0x20 [ 21.084186] [ 21.084373] Freed by task 260: [ 21.084493] kasan_save_stack+0x3c/0x68 [ 21.084647] kasan_save_track+0x20/0x40 [ 21.084731] kasan_save_free_info+0x4c/0x78 [ 21.085159] __kasan_slab_free+0x6c/0x98 [ 21.085264] kfree+0x214/0x3c8 [ 21.085357] kasan_strings+0x24c/0xb00 [ 21.085456] kunit_try_run_case+0x170/0x3f0 [ 21.085659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.085821] kthread+0x328/0x630 [ 21.086166] ret_from_fork+0x10/0x20 [ 21.086297] [ 21.086554] The buggy address belongs to the object at fff00000c76d9200 [ 21.086554] which belongs to the cache kmalloc-32 of size 32 [ 21.086641] The buggy address is located 16 bytes inside of [ 21.086641] freed 32-byte region [fff00000c76d9200, fff00000c76d9220) [ 21.086716] [ 21.086874] The buggy address belongs to the physical page: [ 21.087020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d9 [ 21.087092] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.087206] page_type: f5(slab) [ 21.087485] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.087934] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.088018] page dumped because: kasan: bad access detected [ 21.088166] [ 21.088232] Memory state around the buggy address: [ 21.088327] fff00000c76d9100: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 21.088691] fff00000c76d9180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.088885] >fff00000c76d9200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.089051] ^ [ 21.089168] fff00000c76d9280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.089327] fff00000c76d9300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.089423] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 21.065241] ================================================================== [ 21.065453] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 21.065540] Read of size 1 at addr fff00000c76d9210 by task kunit_try_catch/260 [ 21.065823] [ 21.065972] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.066355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.066416] Hardware name: linux,dummy-virt (DT) [ 21.066464] Call trace: [ 21.066499] show_stack+0x20/0x38 (C) [ 21.066971] dump_stack_lvl+0x8c/0xd0 [ 21.067063] print_report+0x118/0x608 [ 21.067211] kasan_report+0xdc/0x128 [ 21.067426] __asan_report_load1_noabort+0x20/0x30 [ 21.067492] strcmp+0xc0/0xc8 [ 21.067539] kasan_strings+0x340/0xb00 [ 21.067588] kunit_try_run_case+0x170/0x3f0 [ 21.068092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.068270] kthread+0x328/0x630 [ 21.068433] ret_from_fork+0x10/0x20 [ 21.068974] [ 21.069110] Allocated by task 260: [ 21.069216] kasan_save_stack+0x3c/0x68 [ 21.069377] kasan_save_track+0x20/0x40 [ 21.069505] kasan_save_alloc_info+0x40/0x58 [ 21.069580] __kasan_kmalloc+0xd4/0xd8 [ 21.070017] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.070553] kasan_strings+0xc8/0xb00 [ 21.070674] kunit_try_run_case+0x170/0x3f0 [ 21.071119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.071197] kthread+0x328/0x630 [ 21.071237] ret_from_fork+0x10/0x20 [ 21.071312] [ 21.071339] Freed by task 260: [ 21.072165] kasan_save_stack+0x3c/0x68 [ 21.072383] kasan_save_track+0x20/0x40 [ 21.072548] kasan_save_free_info+0x4c/0x78 [ 21.072910] __kasan_slab_free+0x6c/0x98 [ 21.073127] kfree+0x214/0x3c8 [ 21.073219] kasan_strings+0x24c/0xb00 [ 21.073339] kunit_try_run_case+0x170/0x3f0 [ 21.073385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.073563] kthread+0x328/0x630 [ 21.073610] ret_from_fork+0x10/0x20 [ 21.073898] [ 21.074310] The buggy address belongs to the object at fff00000c76d9200 [ 21.074310] which belongs to the cache kmalloc-32 of size 32 [ 21.074621] The buggy address is located 16 bytes inside of [ 21.074621] freed 32-byte region [fff00000c76d9200, fff00000c76d9220) [ 21.074747] [ 21.074816] The buggy address belongs to the physical page: [ 21.074869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d9 [ 21.074959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.075032] page_type: f5(slab) [ 21.075084] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.075175] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.075226] page dumped because: kasan: bad access detected [ 21.075265] [ 21.075286] Memory state around the buggy address: [ 21.075342] fff00000c76d9100: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 21.075394] fff00000c76d9180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.075446] >fff00000c76d9200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.075493] ^ [ 21.075530] fff00000c76d9280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.075581] fff00000c76d9300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.075651] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.994456] ================================================================== [ 20.994563] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 20.994642] Read of size 1 at addr ffff800080a87b4a by task kunit_try_catch/254 [ 20.994701] [ 20.995101] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.995456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.995555] Hardware name: linux,dummy-virt (DT) [ 20.995676] Call trace: [ 20.995715] show_stack+0x20/0x38 (C) [ 20.995819] dump_stack_lvl+0x8c/0xd0 [ 20.996453] print_report+0x310/0x608 [ 20.996570] kasan_report+0xdc/0x128 [ 20.996766] __asan_report_load1_noabort+0x20/0x30 [ 20.996919] kasan_alloca_oob_right+0x2dc/0x340 [ 20.997051] kunit_try_run_case+0x170/0x3f0 [ 20.997505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.997609] kthread+0x328/0x630 [ 20.997759] ret_from_fork+0x10/0x20 [ 20.997961] [ 20.998024] The buggy address belongs to stack of task kunit_try_catch/254 [ 20.998238] [ 20.998283] The buggy address belongs to the virtual mapping at [ 20.998283] [ffff800080a80000, ffff800080a89000) created by: [ 20.998283] kernel_clone+0x150/0x7a8 [ 20.998549] [ 20.998673] The buggy address belongs to the physical page: [ 20.998862] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107819 [ 20.998938] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.999023] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.999092] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.999179] page dumped because: kasan: bad access detected [ 20.999477] [ 20.999525] Memory state around the buggy address: [ 20.999581] ffff800080a87a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.999967] ffff800080a87a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.000139] >ffff800080a87b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 21.000341] ^ [ 21.000525] ffff800080a87b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 21.000633] ffff800080a87c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.000705] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.969672] ================================================================== [ 20.969825] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 20.969908] Read of size 1 at addr ffff800080997b5f by task kunit_try_catch/252 [ 20.969975] [ 20.970023] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.970126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.970173] Hardware name: linux,dummy-virt (DT) [ 20.970210] Call trace: [ 20.970244] show_stack+0x20/0x38 (C) [ 20.970302] dump_stack_lvl+0x8c/0xd0 [ 20.970366] print_report+0x310/0x608 [ 20.970428] kasan_report+0xdc/0x128 [ 20.970479] __asan_report_load1_noabort+0x20/0x30 [ 20.970547] kasan_alloca_oob_left+0x2b8/0x310 [ 20.970602] kunit_try_run_case+0x170/0x3f0 [ 20.970662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.970723] kthread+0x328/0x630 [ 20.970772] ret_from_fork+0x10/0x20 [ 20.970837] [ 20.970873] The buggy address belongs to stack of task kunit_try_catch/252 [ 20.970950] [ 20.970993] The buggy address belongs to the virtual mapping at [ 20.970993] [ffff800080990000, ffff800080999000) created by: [ 20.970993] kernel_clone+0x150/0x7a8 [ 20.971411] [ 20.972024] The buggy address belongs to the physical page: [ 20.972713] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e94 [ 20.973510] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.973742] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.973850] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.974008] page dumped because: kasan: bad access detected [ 20.974062] [ 20.974091] Memory state around the buggy address: [ 20.974492] ffff800080997a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.974674] ffff800080997a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.974915] >ffff800080997b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 20.975022] ^ [ 20.975364] ffff800080997b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.975581] ffff800080997c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.975708] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.942222] ================================================================== [ 20.942350] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 20.943551] Read of size 1 at addr ffff800080a97c2a by task kunit_try_catch/250 [ 20.943679] [ 20.943772] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.943972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.944061] Hardware name: linux,dummy-virt (DT) [ 20.944101] Call trace: [ 20.944140] show_stack+0x20/0x38 (C) [ 20.944205] dump_stack_lvl+0x8c/0xd0 [ 20.944260] print_report+0x310/0x608 [ 20.944311] kasan_report+0xdc/0x128 [ 20.944360] __asan_report_load1_noabort+0x20/0x30 [ 20.945092] kasan_stack_oob+0x238/0x270 [ 20.945281] kunit_try_run_case+0x170/0x3f0 [ 20.945833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.945913] kthread+0x328/0x630 [ 20.946032] ret_from_fork+0x10/0x20 [ 20.946120] [ 20.946237] The buggy address belongs to stack of task kunit_try_catch/250 [ 20.946408] and is located at offset 138 in frame: [ 20.946456] kasan_stack_oob+0x0/0x270 [ 20.946664] [ 20.946713] This frame has 4 objects: [ 20.946871] [48, 49) '__assertion' [ 20.946913] [64, 72) 'array' [ 20.946950] [96, 112) '__assertion' [ 20.947005] [128, 138) 'stack_array' [ 20.947072] [ 20.947127] The buggy address belongs to the virtual mapping at [ 20.947127] [ffff800080a90000, ffff800080a99000) created by: [ 20.947127] kernel_clone+0x150/0x7a8 [ 20.947827] [ 20.948156] The buggy address belongs to the physical page: [ 20.948237] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c6 [ 20.948333] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.948801] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.949757] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.949828] page dumped because: kasan: bad access detected [ 20.949916] [ 20.949972] Memory state around the buggy address: [ 20.950041] ffff800080a97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.950517] ffff800080a97b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 20.950673] >ffff800080a97c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 20.951152] ^ [ 20.951324] ffff800080a97c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 20.951483] ffff800080a97d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.951710] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.896104] ================================================================== [ 20.896235] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 20.896318] Read of size 1 at addr ffff9bbfe954f5cd by task kunit_try_catch/246 [ 20.896375] [ 20.896429] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.896935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.896986] Hardware name: linux,dummy-virt (DT) [ 20.897212] Call trace: [ 20.897366] show_stack+0x20/0x38 (C) [ 20.897460] dump_stack_lvl+0x8c/0xd0 [ 20.897837] print_report+0x310/0x608 [ 20.898060] kasan_report+0xdc/0x128 [ 20.898294] __asan_report_load1_noabort+0x20/0x30 [ 20.898397] kasan_global_oob_right+0x230/0x270 [ 20.898943] kunit_try_run_case+0x170/0x3f0 [ 20.899230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.899437] kthread+0x328/0x630 [ 20.899620] ret_from_fork+0x10/0x20 [ 20.899857] [ 20.900146] The buggy address belongs to the variable: [ 20.900190] global_array+0xd/0x40 [ 20.900578] [ 20.900874] The buggy address belongs to the virtual mapping at [ 20.900874] [ffff9bbfe7700000, ffff9bbfe9601000) created by: [ 20.900874] paging_init+0x66c/0x7d0 [ 20.901108] [ 20.901661] The buggy address belongs to the physical page: [ 20.901779] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 20.901989] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 20.902126] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 20.902206] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.902620] page dumped because: kasan: bad access detected [ 20.902729] [ 20.902805] Memory state around the buggy address: [ 20.903078] ffff9bbfe954f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.903365] ffff9bbfe954f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.903530] >ffff9bbfe954f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 20.903713] ^ [ 20.903789] ffff9bbfe954f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.903927] ffff9bbfe954f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.903973] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.841199] ================================================================== [ 20.841323] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.842197] Free of addr fff00000c76c3501 by task kunit_try_catch/242 [ 20.842646] [ 20.842712] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.843463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.843544] Hardware name: linux,dummy-virt (DT) [ 20.843625] Call trace: [ 20.843907] show_stack+0x20/0x38 (C) [ 20.843983] dump_stack_lvl+0x8c/0xd0 [ 20.844562] print_report+0x118/0x608 [ 20.844733] kasan_report_invalid_free+0xc0/0xe8 [ 20.844866] check_slab_allocation+0xfc/0x108 [ 20.845072] __kasan_mempool_poison_object+0x78/0x150 [ 20.845474] mempool_free+0x28c/0x328 [ 20.845731] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.845878] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.846055] kunit_try_run_case+0x170/0x3f0 [ 20.846195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.846325] kthread+0x328/0x630 [ 20.846595] ret_from_fork+0x10/0x20 [ 20.846910] [ 20.846951] Allocated by task 242: [ 20.847008] kasan_save_stack+0x3c/0x68 [ 20.847214] kasan_save_track+0x20/0x40 [ 20.847474] kasan_save_alloc_info+0x40/0x58 [ 20.847572] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.847695] remove_element+0x130/0x1f8 [ 20.847736] mempool_alloc_preallocated+0x58/0xc0 [ 20.847786] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 20.847835] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.847878] kunit_try_run_case+0x170/0x3f0 [ 20.847920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.848283] kthread+0x328/0x630 [ 20.848669] ret_from_fork+0x10/0x20 [ 20.848779] [ 20.848820] The buggy address belongs to the object at fff00000c76c3500 [ 20.848820] which belongs to the cache kmalloc-128 of size 128 [ 20.849142] The buggy address is located 1 bytes inside of [ 20.849142] 128-byte region [fff00000c76c3500, fff00000c76c3580) [ 20.849516] [ 20.849823] The buggy address belongs to the physical page: [ 20.850373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 20.850572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.851005] page_type: f5(slab) [ 20.851221] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.851344] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.851392] page dumped because: kasan: bad access detected [ 20.851429] [ 20.851448] Memory state around the buggy address: [ 20.851489] fff00000c76c3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.851540] fff00000c76c3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.852026] >fff00000c76c3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.852299] ^ [ 20.852515] fff00000c76c3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.852656] fff00000c76c3600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.852738] ================================================================== [ 20.869767] ================================================================== [ 20.870652] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.870840] Free of addr fff00000c7850001 by task kunit_try_catch/244 [ 20.870937] [ 20.871043] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.871173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.871211] Hardware name: linux,dummy-virt (DT) [ 20.871252] Call trace: [ 20.871278] show_stack+0x20/0x38 (C) [ 20.871571] dump_stack_lvl+0x8c/0xd0 [ 20.871830] print_report+0x118/0x608 [ 20.872166] kasan_report_invalid_free+0xc0/0xe8 [ 20.872496] __kasan_mempool_poison_object+0xfc/0x150 [ 20.872661] mempool_free+0x28c/0x328 [ 20.872821] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.873047] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 20.873534] kunit_try_run_case+0x170/0x3f0 [ 20.873676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.873793] kthread+0x328/0x630 [ 20.874073] ret_from_fork+0x10/0x20 [ 20.874441] [ 20.874623] The buggy address belongs to the physical page: [ 20.874818] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 20.875089] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.875588] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.876080] page_type: f8(unknown) [ 20.876303] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.876418] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.876866] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.877259] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.877917] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 20.878100] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.878527] page dumped because: kasan: bad access detected [ 20.878935] [ 20.878985] Memory state around the buggy address: [ 20.879081] fff00000c784ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.879171] fff00000c784ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.879700] >fff00000c7850000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.879756] ^ [ 20.879792] fff00000c7850080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.879842] fff00000c7850100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.879888] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.774343] ================================================================== [ 20.774899] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.775029] Free of addr fff00000c784c000 by task kunit_try_catch/238 [ 20.775081] [ 20.775699] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.776204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.776293] Hardware name: linux,dummy-virt (DT) [ 20.776404] Call trace: [ 20.776436] show_stack+0x20/0x38 (C) [ 20.776807] dump_stack_lvl+0x8c/0xd0 [ 20.777245] print_report+0x118/0x608 [ 20.777444] kasan_report_invalid_free+0xc0/0xe8 [ 20.777515] __kasan_mempool_poison_object+0x14c/0x150 [ 20.778031] mempool_free+0x28c/0x328 [ 20.778363] mempool_double_free_helper+0x150/0x2e8 [ 20.778561] mempool_kmalloc_large_double_free+0xc0/0x118 [ 20.778974] kunit_try_run_case+0x170/0x3f0 [ 20.779194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.779529] kthread+0x328/0x630 [ 20.779736] ret_from_fork+0x10/0x20 [ 20.779997] [ 20.780056] The buggy address belongs to the physical page: [ 20.780099] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 20.780564] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.780688] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.781011] page_type: f8(unknown) [ 20.781337] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.781415] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.781761] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.781952] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.782074] head: 0bfffe0000000002 ffffc1ffc31e1301 00000000ffffffff 00000000ffffffff [ 20.782357] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.782553] page dumped because: kasan: bad access detected [ 20.782755] [ 20.783000] Memory state around the buggy address: [ 20.783376] fff00000c784bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.783440] fff00000c784bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.783490] >fff00000c784c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.783896] ^ [ 20.784091] fff00000c784c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.784278] fff00000c784c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.784354] ================================================================== [ 20.809806] ================================================================== [ 20.810389] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.810496] Free of addr fff00000c784c000 by task kunit_try_catch/240 [ 20.810545] [ 20.810592] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.810685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.810715] Hardware name: linux,dummy-virt (DT) [ 20.811560] Call trace: [ 20.811664] show_stack+0x20/0x38 (C) [ 20.811747] dump_stack_lvl+0x8c/0xd0 [ 20.812205] print_report+0x118/0x608 [ 20.812310] kasan_report_invalid_free+0xc0/0xe8 [ 20.812489] __kasan_mempool_poison_pages+0xe0/0xe8 [ 20.812600] mempool_free+0x24c/0x328 [ 20.812872] mempool_double_free_helper+0x150/0x2e8 [ 20.813044] mempool_page_alloc_double_free+0xbc/0x118 [ 20.813105] kunit_try_run_case+0x170/0x3f0 [ 20.813175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.813234] kthread+0x328/0x630 [ 20.813279] ret_from_fork+0x10/0x20 [ 20.813341] [ 20.813367] The buggy address belongs to the physical page: [ 20.813441] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 20.813508] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.813601] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.813677] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.813736] page dumped because: kasan: bad access detected [ 20.813771] [ 20.813801] Memory state around the buggy address: [ 20.813851] fff00000c784bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.813901] fff00000c784bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.813951] >fff00000c784c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.814005] ^ [ 20.814039] fff00000c784c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.814097] fff00000c784c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.814189] ================================================================== [ 20.735370] ================================================================== [ 20.735551] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.735946] Free of addr fff00000c76c3100 by task kunit_try_catch/236 [ 20.736151] [ 20.736291] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.736453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.736484] Hardware name: linux,dummy-virt (DT) [ 20.736768] Call trace: [ 20.737225] show_stack+0x20/0x38 (C) [ 20.737400] dump_stack_lvl+0x8c/0xd0 [ 20.737479] print_report+0x118/0x608 [ 20.737723] kasan_report_invalid_free+0xc0/0xe8 [ 20.738039] check_slab_allocation+0xd4/0x108 [ 20.738600] __kasan_mempool_poison_object+0x78/0x150 [ 20.738784] mempool_free+0x28c/0x328 [ 20.739031] mempool_double_free_helper+0x150/0x2e8 [ 20.739314] mempool_kmalloc_double_free+0xc0/0x118 [ 20.739401] kunit_try_run_case+0x170/0x3f0 [ 20.739460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.739517] kthread+0x328/0x630 [ 20.739784] ret_from_fork+0x10/0x20 [ 20.740146] [ 20.740171] Allocated by task 236: [ 20.740603] kasan_save_stack+0x3c/0x68 [ 20.740805] kasan_save_track+0x20/0x40 [ 20.741194] kasan_save_alloc_info+0x40/0x58 [ 20.741424] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.741671] remove_element+0x130/0x1f8 [ 20.741943] mempool_alloc_preallocated+0x58/0xc0 [ 20.742107] mempool_double_free_helper+0x94/0x2e8 [ 20.742254] mempool_kmalloc_double_free+0xc0/0x118 [ 20.742336] kunit_try_run_case+0x170/0x3f0 [ 20.742654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.742860] kthread+0x328/0x630 [ 20.743111] ret_from_fork+0x10/0x20 [ 20.743577] [ 20.743612] Freed by task 236: [ 20.743649] kasan_save_stack+0x3c/0x68 [ 20.743698] kasan_save_track+0x20/0x40 [ 20.743954] kasan_save_free_info+0x4c/0x78 [ 20.744161] __kasan_mempool_poison_object+0xc0/0x150 [ 20.744427] mempool_free+0x28c/0x328 [ 20.744651] mempool_double_free_helper+0x100/0x2e8 [ 20.744775] mempool_kmalloc_double_free+0xc0/0x118 [ 20.744941] kunit_try_run_case+0x170/0x3f0 [ 20.745041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.745310] kthread+0x328/0x630 [ 20.745563] ret_from_fork+0x10/0x20 [ 20.746068] [ 20.746101] The buggy address belongs to the object at fff00000c76c3100 [ 20.746101] which belongs to the cache kmalloc-128 of size 128 [ 20.746360] The buggy address is located 0 bytes inside of [ 20.746360] 128-byte region [fff00000c76c3100, fff00000c76c3180) [ 20.746685] [ 20.746775] The buggy address belongs to the physical page: [ 20.747205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 20.747333] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.747406] page_type: f5(slab) [ 20.747618] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.747793] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.748092] page dumped because: kasan: bad access detected [ 20.748391] [ 20.748457] Memory state around the buggy address: [ 20.748970] fff00000c76c3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.749421] fff00000c76c3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.749493] >fff00000c76c3100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.749750] ^ [ 20.750007] fff00000c76c3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.750242] fff00000c76c3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.750353] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 18.470159] ================================================================== [ 18.470356] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.470437] Read of size 64 at addr fff00000c76fcc04 by task kunit_try_catch/183 [ 18.470494] [ 18.470537] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.470632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.470661] Hardware name: linux,dummy-virt (DT) [ 18.470696] Call trace: [ 18.470721] show_stack+0x20/0x38 (C) [ 18.470775] dump_stack_lvl+0x8c/0xd0 [ 18.470827] print_report+0x118/0x608 [ 18.470875] kasan_report+0xdc/0x128 [ 18.470924] kasan_check_range+0x100/0x1a8 [ 18.470973] __asan_memmove+0x3c/0x98 [ 18.471022] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.471076] kunit_try_run_case+0x170/0x3f0 [ 18.471127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.471199] kthread+0x328/0x630 [ 18.471245] ret_from_fork+0x10/0x20 [ 18.471296] [ 18.471317] Allocated by task 183: [ 18.471346] kasan_save_stack+0x3c/0x68 [ 18.471391] kasan_save_track+0x20/0x40 [ 18.471432] kasan_save_alloc_info+0x40/0x58 [ 18.471476] __kasan_kmalloc+0xd4/0xd8 [ 18.471514] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.471558] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 18.471602] kunit_try_run_case+0x170/0x3f0 [ 18.471643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.471693] kthread+0x328/0x630 [ 18.471727] ret_from_fork+0x10/0x20 [ 18.471767] [ 18.471787] The buggy address belongs to the object at fff00000c76fcc00 [ 18.471787] which belongs to the cache kmalloc-64 of size 64 [ 18.471853] The buggy address is located 4 bytes inside of [ 18.471853] allocated 64-byte region [fff00000c76fcc00, fff00000c76fcc40) [ 18.471933] [ 18.471957] The buggy address belongs to the physical page: [ 18.471994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076fc [ 18.472054] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.472109] page_type: f5(slab) [ 18.472164] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.472220] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.472264] page dumped because: kasan: bad access detected [ 18.472300] [ 18.472318] Memory state around the buggy address: [ 18.472356] fff00000c76fcb00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 18.472402] fff00000c76fcb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.472451] >fff00000c76fcc00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.472494] ^ [ 18.473002] fff00000c76fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.473159] fff00000c76fcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.473220] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.635312] ================================================================== [ 20.635989] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.636195] Read of size 1 at addr fff00000c784c000 by task kunit_try_catch/230 [ 20.636343] [ 20.636399] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.636493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.636525] Hardware name: linux,dummy-virt (DT) [ 20.636565] Call trace: [ 20.636592] show_stack+0x20/0x38 (C) [ 20.636743] dump_stack_lvl+0x8c/0xd0 [ 20.636799] print_report+0x118/0x608 [ 20.636850] kasan_report+0xdc/0x128 [ 20.637056] __asan_report_load1_noabort+0x20/0x30 [ 20.637206] mempool_uaf_helper+0x314/0x340 [ 20.637258] mempool_kmalloc_large_uaf+0xc4/0x120 [ 20.637320] kunit_try_run_case+0x170/0x3f0 [ 20.637374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.637581] kthread+0x328/0x630 [ 20.637708] ret_from_fork+0x10/0x20 [ 20.637812] [ 20.637915] The buggy address belongs to the physical page: [ 20.637956] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 20.638081] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.638155] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.638240] page_type: f8(unknown) [ 20.638293] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.638771] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.638936] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.639065] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.639304] head: 0bfffe0000000002 ffffc1ffc31e1301 00000000ffffffff 00000000ffffffff [ 20.639438] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.639656] page dumped because: kasan: bad access detected [ 20.639700] [ 20.639722] Memory state around the buggy address: [ 20.639802] fff00000c784bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.639997] fff00000c784bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.640252] >fff00000c784c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.640377] ^ [ 20.640564] fff00000c784c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.640647] fff00000c784c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.640926] ================================================================== [ 20.710584] ================================================================== [ 20.710709] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.710911] Read of size 1 at addr fff00000c784c000 by task kunit_try_catch/234 [ 20.711025] [ 20.711439] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.711656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.711833] Hardware name: linux,dummy-virt (DT) [ 20.711938] Call trace: [ 20.712098] show_stack+0x20/0x38 (C) [ 20.712353] dump_stack_lvl+0x8c/0xd0 [ 20.712728] print_report+0x118/0x608 [ 20.712934] kasan_report+0xdc/0x128 [ 20.713219] __asan_report_load1_noabort+0x20/0x30 [ 20.713476] mempool_uaf_helper+0x314/0x340 [ 20.713701] mempool_page_alloc_uaf+0xc0/0x118 [ 20.714097] kunit_try_run_case+0x170/0x3f0 [ 20.714325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.714492] kthread+0x328/0x630 [ 20.714563] ret_from_fork+0x10/0x20 [ 20.715039] [ 20.715101] The buggy address belongs to the physical page: [ 20.715190] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 20.715399] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.715604] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.715682] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.715730] page dumped because: kasan: bad access detected [ 20.715902] [ 20.715926] Memory state around the buggy address: [ 20.716361] fff00000c784bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.716496] fff00000c784bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.716685] >fff00000c784c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.716871] ^ [ 20.716975] fff00000c784c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.717031] fff00000c784c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.717220] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.657813] ================================================================== [ 20.657926] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.658410] Read of size 1 at addr fff00000c76c3240 by task kunit_try_catch/232 [ 20.658798] [ 20.658925] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.659026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.659063] Hardware name: linux,dummy-virt (DT) [ 20.659103] Call trace: [ 20.659349] show_stack+0x20/0x38 (C) [ 20.659582] dump_stack_lvl+0x8c/0xd0 [ 20.659644] print_report+0x118/0x608 [ 20.659697] kasan_report+0xdc/0x128 [ 20.659748] __asan_report_load1_noabort+0x20/0x30 [ 20.659980] mempool_uaf_helper+0x314/0x340 [ 20.660241] mempool_slab_uaf+0xc0/0x118 [ 20.660410] kunit_try_run_case+0x170/0x3f0 [ 20.660638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.660808] kthread+0x328/0x630 [ 20.660887] ret_from_fork+0x10/0x20 [ 20.661125] [ 20.661196] Allocated by task 232: [ 20.661234] kasan_save_stack+0x3c/0x68 [ 20.661295] kasan_save_track+0x20/0x40 [ 20.661339] kasan_save_alloc_info+0x40/0x58 [ 20.661384] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.661452] remove_element+0x16c/0x1f8 [ 20.661495] mempool_alloc_preallocated+0x58/0xc0 [ 20.661545] mempool_uaf_helper+0xa4/0x340 [ 20.661591] mempool_slab_uaf+0xc0/0x118 [ 20.661631] kunit_try_run_case+0x170/0x3f0 [ 20.661675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.661733] kthread+0x328/0x630 [ 20.661779] ret_from_fork+0x10/0x20 [ 20.661827] [ 20.661860] Freed by task 232: [ 20.661899] kasan_save_stack+0x3c/0x68 [ 20.661952] kasan_save_track+0x20/0x40 [ 20.662011] kasan_save_free_info+0x4c/0x78 [ 20.662055] __kasan_mempool_poison_object+0xc0/0x150 [ 20.662100] mempool_free+0x28c/0x328 [ 20.662330] mempool_uaf_helper+0x104/0x340 [ 20.662685] mempool_slab_uaf+0xc0/0x118 [ 20.662993] kunit_try_run_case+0x170/0x3f0 [ 20.663122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.663390] kthread+0x328/0x630 [ 20.663437] ret_from_fork+0x10/0x20 [ 20.663477] [ 20.663500] The buggy address belongs to the object at fff00000c76c3240 [ 20.663500] which belongs to the cache test_cache of size 123 [ 20.663570] The buggy address is located 0 bytes inside of [ 20.663570] freed 123-byte region [fff00000c76c3240, fff00000c76c32bb) [ 20.663742] [ 20.663852] The buggy address belongs to the physical page: [ 20.664182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c3 [ 20.664252] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.664488] page_type: f5(slab) [ 20.664799] raw: 0bfffe0000000000 fff00000c63f5280 dead000000000122 0000000000000000 [ 20.664944] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.665034] page dumped because: kasan: bad access detected [ 20.665073] [ 20.665407] Memory state around the buggy address: [ 20.665567] fff00000c76c3100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.665713] fff00000c76c3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.665784] >fff00000c76c3200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.665978] ^ [ 20.666343] fff00000c76c3280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.666419] fff00000c76c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.666676] ================================================================== [ 20.618649] ================================================================== [ 20.618756] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.618843] Read of size 1 at addr fff00000c6026d00 by task kunit_try_catch/228 [ 20.619104] [ 20.619605] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.619842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.619904] Hardware name: linux,dummy-virt (DT) [ 20.619943] Call trace: [ 20.619971] show_stack+0x20/0x38 (C) [ 20.620035] dump_stack_lvl+0x8c/0xd0 [ 20.620405] print_report+0x118/0x608 [ 20.620620] kasan_report+0xdc/0x128 [ 20.620781] __asan_report_load1_noabort+0x20/0x30 [ 20.620927] mempool_uaf_helper+0x314/0x340 [ 20.621040] mempool_kmalloc_uaf+0xc4/0x120 [ 20.621090] kunit_try_run_case+0x170/0x3f0 [ 20.621498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.621641] kthread+0x328/0x630 [ 20.621801] ret_from_fork+0x10/0x20 [ 20.621899] [ 20.621919] Allocated by task 228: [ 20.621955] kasan_save_stack+0x3c/0x68 [ 20.622347] kasan_save_track+0x20/0x40 [ 20.622475] kasan_save_alloc_info+0x40/0x58 [ 20.622575] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.622701] remove_element+0x130/0x1f8 [ 20.622747] mempool_alloc_preallocated+0x58/0xc0 [ 20.622808] mempool_uaf_helper+0xa4/0x340 [ 20.623190] mempool_kmalloc_uaf+0xc4/0x120 [ 20.623326] kunit_try_run_case+0x170/0x3f0 [ 20.623509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.623664] kthread+0x328/0x630 [ 20.623756] ret_from_fork+0x10/0x20 [ 20.623796] [ 20.623817] Freed by task 228: [ 20.623847] kasan_save_stack+0x3c/0x68 [ 20.623889] kasan_save_track+0x20/0x40 [ 20.624179] kasan_save_free_info+0x4c/0x78 [ 20.624273] __kasan_mempool_poison_object+0xc0/0x150 [ 20.624323] mempool_free+0x28c/0x328 [ 20.624371] mempool_uaf_helper+0x104/0x340 [ 20.624412] mempool_kmalloc_uaf+0xc4/0x120 [ 20.624452] kunit_try_run_case+0x170/0x3f0 [ 20.624504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.624558] kthread+0x328/0x630 [ 20.624592] ret_from_fork+0x10/0x20 [ 20.624653] [ 20.624687] The buggy address belongs to the object at fff00000c6026d00 [ 20.624687] which belongs to the cache kmalloc-128 of size 128 [ 20.624760] The buggy address is located 0 bytes inside of [ 20.624760] freed 128-byte region [fff00000c6026d00, fff00000c6026d80) [ 20.624839] [ 20.624866] The buggy address belongs to the physical page: [ 20.624916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106026 [ 20.624985] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.625050] page_type: f5(slab) [ 20.625098] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.625417] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.625711] page dumped because: kasan: bad access detected [ 20.625899] [ 20.625922] Memory state around the buggy address: [ 20.625961] fff00000c6026c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.626049] fff00000c6026c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.626293] >fff00000c6026d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.626449] ^ [ 20.626562] fff00000c6026d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.626653] fff00000c6026e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.626718] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.563123] ================================================================== [ 20.563483] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.563565] Read of size 1 at addr fff00000c784a001 by task kunit_try_catch/224 [ 20.563623] [ 20.563670] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.563764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.564976] Hardware name: linux,dummy-virt (DT) [ 20.565044] Call trace: [ 20.565072] show_stack+0x20/0x38 (C) [ 20.565150] dump_stack_lvl+0x8c/0xd0 [ 20.565734] print_report+0x118/0x608 [ 20.565796] kasan_report+0xdc/0x128 [ 20.565848] __asan_report_load1_noabort+0x20/0x30 [ 20.565904] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.566827] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 20.567329] kunit_try_run_case+0x170/0x3f0 [ 20.567407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.567522] kthread+0x328/0x630 [ 20.567569] ret_from_fork+0x10/0x20 [ 20.567642] [ 20.567668] The buggy address belongs to the physical page: [ 20.568116] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 20.568629] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.568784] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.569193] page_type: f8(unknown) [ 20.569272] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.569388] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.569674] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.570080] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.570292] head: 0bfffe0000000002 ffffc1ffc31e1201 00000000ffffffff 00000000ffffffff [ 20.570349] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.570702] page dumped because: kasan: bad access detected [ 20.570984] [ 20.571013] Memory state around the buggy address: [ 20.571194] fff00000c7849f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.571249] fff00000c7849f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.571621] >fff00000c784a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.571759] ^ [ 20.571855] fff00000c784a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.572038] fff00000c784a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.572142] ================================================================== [ 20.529752] ================================================================== [ 20.529880] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.529979] Read of size 1 at addr fff00000c6026973 by task kunit_try_catch/222 [ 20.530041] [ 20.530090] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.530203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.530235] Hardware name: linux,dummy-virt (DT) [ 20.530273] Call trace: [ 20.530300] show_stack+0x20/0x38 (C) [ 20.530359] dump_stack_lvl+0x8c/0xd0 [ 20.530415] print_report+0x118/0x608 [ 20.530467] kasan_report+0xdc/0x128 [ 20.530515] __asan_report_load1_noabort+0x20/0x30 [ 20.530570] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.530621] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.530673] kunit_try_run_case+0x170/0x3f0 [ 20.530729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.530786] kthread+0x328/0x630 [ 20.530832] ret_from_fork+0x10/0x20 [ 20.530888] [ 20.530909] Allocated by task 222: [ 20.530941] kasan_save_stack+0x3c/0x68 [ 20.530989] kasan_save_track+0x20/0x40 [ 20.531029] kasan_save_alloc_info+0x40/0x58 [ 20.531075] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.531127] remove_element+0x130/0x1f8 [ 20.531330] mempool_alloc_preallocated+0x58/0xc0 [ 20.531389] mempool_oob_right_helper+0x98/0x2f0 [ 20.531432] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.531474] kunit_try_run_case+0x170/0x3f0 [ 20.531516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.531563] kthread+0x328/0x630 [ 20.531600] ret_from_fork+0x10/0x20 [ 20.531639] [ 20.531662] The buggy address belongs to the object at fff00000c6026900 [ 20.531662] which belongs to the cache kmalloc-128 of size 128 [ 20.531732] The buggy address is located 0 bytes to the right of [ 20.531732] allocated 115-byte region [fff00000c6026900, fff00000c6026973) [ 20.531804] [ 20.531832] The buggy address belongs to the physical page: [ 20.531873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106026 [ 20.531937] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.531999] page_type: f5(slab) [ 20.532047] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.532103] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.532170] page dumped because: kasan: bad access detected [ 20.532206] [ 20.532226] Memory state around the buggy address: [ 20.532267] fff00000c6026800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.532317] fff00000c6026880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.532367] >fff00000c6026900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.532411] ^ [ 20.532458] fff00000c6026980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.532507] fff00000c6026a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.532552] ================================================================== [ 20.594750] ================================================================== [ 20.594887] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.594972] Read of size 1 at addr fff00000c63b72bb by task kunit_try_catch/226 [ 20.595032] [ 20.595077] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.595194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.595224] Hardware name: linux,dummy-virt (DT) [ 20.595262] Call trace: [ 20.595288] show_stack+0x20/0x38 (C) [ 20.595380] dump_stack_lvl+0x8c/0xd0 [ 20.595435] print_report+0x118/0x608 [ 20.595486] kasan_report+0xdc/0x128 [ 20.595534] __asan_report_load1_noabort+0x20/0x30 [ 20.595589] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.595642] mempool_slab_oob_right+0xc0/0x118 [ 20.595691] kunit_try_run_case+0x170/0x3f0 [ 20.595744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.595799] kthread+0x328/0x630 [ 20.595843] ret_from_fork+0x10/0x20 [ 20.595897] [ 20.595919] Allocated by task 226: [ 20.595949] kasan_save_stack+0x3c/0x68 [ 20.595995] kasan_save_track+0x20/0x40 [ 20.596034] kasan_save_alloc_info+0x40/0x58 [ 20.596078] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.596123] remove_element+0x16c/0x1f8 [ 20.596177] mempool_alloc_preallocated+0x58/0xc0 [ 20.596219] mempool_oob_right_helper+0x98/0x2f0 [ 20.596262] mempool_slab_oob_right+0xc0/0x118 [ 20.596303] kunit_try_run_case+0x170/0x3f0 [ 20.596343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.596389] kthread+0x328/0x630 [ 20.596424] ret_from_fork+0x10/0x20 [ 20.596462] [ 20.596485] The buggy address belongs to the object at fff00000c63b7240 [ 20.596485] which belongs to the cache test_cache of size 123 [ 20.596550] The buggy address is located 0 bytes to the right of [ 20.596550] allocated 123-byte region [fff00000c63b7240, fff00000c63b72bb) [ 20.596621] [ 20.596647] The buggy address belongs to the physical page: [ 20.596685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b7 [ 20.596749] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.596807] page_type: f5(slab) [ 20.596854] raw: 0bfffe0000000000 fff00000c63f5140 dead000000000122 0000000000000000 [ 20.596909] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.596954] page dumped because: kasan: bad access detected [ 20.596989] [ 20.597009] Memory state around the buggy address: [ 20.597047] fff00000c63b7180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.597096] fff00000c63b7200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.597155] >fff00000c63b7280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.597199] ^ [ 20.597236] fff00000c63b7300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.597292] fff00000c63b7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.597334] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.955045] ================================================================== [ 19.955915] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 19.956146] Read of size 1 at addr fff00000c7710000 by task kunit_try_catch/216 [ 19.956268] [ 19.956629] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.956746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.956777] Hardware name: linux,dummy-virt (DT) [ 19.957047] Call trace: [ 19.957186] show_stack+0x20/0x38 (C) [ 19.957329] dump_stack_lvl+0x8c/0xd0 [ 19.957411] print_report+0x118/0x608 [ 19.957464] kasan_report+0xdc/0x128 [ 19.957513] __kasan_check_byte+0x54/0x70 [ 19.957586] kmem_cache_destroy+0x34/0x218 [ 19.957637] kmem_cache_double_destroy+0x174/0x300 [ 19.957693] kunit_try_run_case+0x170/0x3f0 [ 19.958127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.958386] kthread+0x328/0x630 [ 19.958457] ret_from_fork+0x10/0x20 [ 19.958514] [ 19.958807] Allocated by task 216: [ 19.958850] kasan_save_stack+0x3c/0x68 [ 19.958971] kasan_save_track+0x20/0x40 [ 19.959014] kasan_save_alloc_info+0x40/0x58 [ 19.959470] __kasan_slab_alloc+0xa8/0xb0 [ 19.959676] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.959929] __kmem_cache_create_args+0x178/0x280 [ 19.960102] kmem_cache_double_destroy+0xc0/0x300 [ 19.960531] kunit_try_run_case+0x170/0x3f0 [ 19.960720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.960833] kthread+0x328/0x630 [ 19.961006] ret_from_fork+0x10/0x20 [ 19.961104] [ 19.961214] Freed by task 216: [ 19.961308] kasan_save_stack+0x3c/0x68 [ 19.961362] kasan_save_track+0x20/0x40 [ 19.961401] kasan_save_free_info+0x4c/0x78 [ 19.961445] __kasan_slab_free+0x6c/0x98 [ 19.961485] kmem_cache_free+0x260/0x468 [ 19.961554] slab_kmem_cache_release+0x38/0x50 [ 19.961598] kmem_cache_release+0x1c/0x30 [ 19.961636] kobject_put+0x17c/0x420 [ 19.961679] sysfs_slab_release+0x1c/0x30 [ 19.961719] kmem_cache_destroy+0x118/0x218 [ 19.961761] kmem_cache_double_destroy+0x128/0x300 [ 19.961804] kunit_try_run_case+0x170/0x3f0 [ 19.961846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.961893] kthread+0x328/0x630 [ 19.962150] ret_from_fork+0x10/0x20 [ 19.962349] [ 19.962463] The buggy address belongs to the object at fff00000c7710000 [ 19.962463] which belongs to the cache kmem_cache of size 208 [ 19.962651] The buggy address is located 0 bytes inside of [ 19.962651] freed 208-byte region [fff00000c7710000, fff00000c77100d0) [ 19.962844] [ 19.963284] The buggy address belongs to the physical page: [ 19.963470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107710 [ 19.963692] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.963835] page_type: f5(slab) [ 19.963987] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 19.964045] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.964093] page dumped because: kasan: bad access detected [ 19.964154] [ 19.964175] Memory state around the buggy address: [ 19.964219] fff00000c770ff00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.964268] fff00000c770ff80: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 19.964318] >fff00000c7710000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.964363] ^ [ 19.964861] fff00000c7710080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 19.964928] fff00000c7710100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.965104] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.553771] ================================================================== [ 19.553888] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 19.553982] Read of size 1 at addr fff00000c7713000 by task kunit_try_catch/214 [ 19.554040] [ 19.554089] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.554203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.554231] Hardware name: linux,dummy-virt (DT) [ 19.554271] Call trace: [ 19.554295] show_stack+0x20/0x38 (C) [ 19.554351] dump_stack_lvl+0x8c/0xd0 [ 19.554407] print_report+0x118/0x608 [ 19.554455] kasan_report+0xdc/0x128 [ 19.554504] __asan_report_load1_noabort+0x20/0x30 [ 19.554558] kmem_cache_rcu_uaf+0x388/0x468 [ 19.554608] kunit_try_run_case+0x170/0x3f0 [ 19.554660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.554717] kthread+0x328/0x630 [ 19.554764] ret_from_fork+0x10/0x20 [ 19.554817] [ 19.554838] Allocated by task 214: [ 19.554871] kasan_save_stack+0x3c/0x68 [ 19.554914] kasan_save_track+0x20/0x40 [ 19.554951] kasan_save_alloc_info+0x40/0x58 [ 19.554994] __kasan_slab_alloc+0xa8/0xb0 [ 19.555034] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.555080] kmem_cache_rcu_uaf+0x12c/0x468 [ 19.556199] kunit_try_run_case+0x170/0x3f0 [ 19.556245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.556293] kthread+0x328/0x630 [ 19.556329] ret_from_fork+0x10/0x20 [ 19.556369] [ 19.556389] Freed by task 0: [ 19.556421] kasan_save_stack+0x3c/0x68 [ 19.556464] kasan_save_track+0x20/0x40 [ 19.556504] kasan_save_free_info+0x4c/0x78 [ 19.556547] __kasan_slab_free+0x6c/0x98 [ 19.556585] slab_free_after_rcu_debug+0xd4/0x2f8 [ 19.556630] rcu_core+0x9f4/0x1e20 [ 19.556670] rcu_core_si+0x18/0x30 [ 19.556708] handle_softirqs+0x374/0xb28 [ 19.556748] __do_softirq+0x1c/0x28 [ 19.556785] [ 19.556807] Last potentially related work creation: [ 19.556837] kasan_save_stack+0x3c/0x68 [ 19.556876] kasan_record_aux_stack+0xb4/0xc8 [ 19.556920] kmem_cache_free+0x120/0x468 [ 19.556958] kmem_cache_rcu_uaf+0x16c/0x468 [ 19.556998] kunit_try_run_case+0x170/0x3f0 [ 19.557039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.557085] kthread+0x328/0x630 [ 19.557120] ret_from_fork+0x10/0x20 [ 19.557169] [ 19.557241] The buggy address belongs to the object at fff00000c7713000 [ 19.557241] which belongs to the cache test_cache of size 200 [ 19.557338] The buggy address is located 0 bytes inside of [ 19.557338] freed 200-byte region [fff00000c7713000, fff00000c77130c8) [ 19.557406] [ 19.557442] The buggy address belongs to the physical page: [ 19.557479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107713 [ 19.557540] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.557602] page_type: f5(slab) [ 19.557652] raw: 0bfffe0000000000 fff00000c0cacdc0 dead000000000122 0000000000000000 [ 19.557721] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.557767] page dumped because: kasan: bad access detected [ 19.557830] [ 19.557851] Memory state around the buggy address: [ 19.557888] fff00000c7712f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.557938] fff00000c7712f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.558003] >fff00000c7713000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.558067] ^ [ 19.558098] fff00000c7713080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.558170] fff00000c7713100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.558230] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 19.112958] ================================================================== [ 19.113066] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 19.113186] Free of addr fff00000c7716001 by task kunit_try_catch/212 [ 19.113235] [ 19.113644] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.114201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.114312] Hardware name: linux,dummy-virt (DT) [ 19.114466] Call trace: [ 19.114502] show_stack+0x20/0x38 (C) [ 19.114614] dump_stack_lvl+0x8c/0xd0 [ 19.114696] print_report+0x118/0x608 [ 19.114746] kasan_report_invalid_free+0xc0/0xe8 [ 19.115244] check_slab_allocation+0xfc/0x108 [ 19.115300] __kasan_slab_pre_free+0x2c/0x48 [ 19.115354] kmem_cache_free+0xf0/0x468 [ 19.115419] kmem_cache_invalid_free+0x184/0x3c8 [ 19.115582] kunit_try_run_case+0x170/0x3f0 [ 19.115637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.115735] kthread+0x328/0x630 [ 19.115785] ret_from_fork+0x10/0x20 [ 19.116026] [ 19.116050] Allocated by task 212: [ 19.116094] kasan_save_stack+0x3c/0x68 [ 19.116218] kasan_save_track+0x20/0x40 [ 19.116317] kasan_save_alloc_info+0x40/0x58 [ 19.116426] __kasan_slab_alloc+0xa8/0xb0 [ 19.116561] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.116630] kmem_cache_invalid_free+0x12c/0x3c8 [ 19.116723] kunit_try_run_case+0x170/0x3f0 [ 19.116814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.116885] kthread+0x328/0x630 [ 19.116920] ret_from_fork+0x10/0x20 [ 19.116961] [ 19.116983] The buggy address belongs to the object at fff00000c7716000 [ 19.116983] which belongs to the cache test_cache of size 200 [ 19.117429] The buggy address is located 1 bytes inside of [ 19.117429] 200-byte region [fff00000c7716000, fff00000c77160c8) [ 19.117531] [ 19.117649] The buggy address belongs to the physical page: [ 19.117687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.117893] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.117979] page_type: f5(slab) [ 19.118037] raw: 0bfffe0000000000 fff00000c0cacc80 dead000000000122 0000000000000000 [ 19.118629] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.118725] page dumped because: kasan: bad access detected [ 19.118762] [ 19.118781] Memory state around the buggy address: [ 19.118823] fff00000c7715f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.119315] fff00000c7715f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.119473] >fff00000c7716000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.119559] ^ [ 19.119592] fff00000c7716080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.119639] fff00000c7716100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.119708] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 19.064082] ================================================================== [ 19.064349] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 19.064637] Free of addr fff00000c7733000 by task kunit_try_catch/210 [ 19.064812] [ 19.064941] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.065176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.065557] Hardware name: linux,dummy-virt (DT) [ 19.065638] Call trace: [ 19.065664] show_stack+0x20/0x38 (C) [ 19.065727] dump_stack_lvl+0x8c/0xd0 [ 19.065784] print_report+0x118/0x608 [ 19.065837] kasan_report_invalid_free+0xc0/0xe8 [ 19.065891] check_slab_allocation+0xd4/0x108 [ 19.065943] __kasan_slab_pre_free+0x2c/0x48 [ 19.065996] kmem_cache_free+0xf0/0x468 [ 19.066046] kmem_cache_double_free+0x190/0x3c8 [ 19.066097] kunit_try_run_case+0x170/0x3f0 [ 19.066166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.066225] kthread+0x328/0x630 [ 19.066305] ret_from_fork+0x10/0x20 [ 19.066362] [ 19.066401] Allocated by task 210: [ 19.066793] kasan_save_stack+0x3c/0x68 [ 19.066998] kasan_save_track+0x20/0x40 [ 19.067042] kasan_save_alloc_info+0x40/0x58 [ 19.067309] __kasan_slab_alloc+0xa8/0xb0 [ 19.067411] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.067456] kmem_cache_double_free+0x12c/0x3c8 [ 19.067650] kunit_try_run_case+0x170/0x3f0 [ 19.067697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.067747] kthread+0x328/0x630 [ 19.068178] ret_from_fork+0x10/0x20 [ 19.068240] [ 19.068261] Freed by task 210: [ 19.068291] kasan_save_stack+0x3c/0x68 [ 19.068347] kasan_save_track+0x20/0x40 [ 19.068518] kasan_save_free_info+0x4c/0x78 [ 19.068585] __kasan_slab_free+0x6c/0x98 [ 19.068703] kmem_cache_free+0x260/0x468 [ 19.068746] kmem_cache_double_free+0x140/0x3c8 [ 19.068787] kunit_try_run_case+0x170/0x3f0 [ 19.068840] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.068889] kthread+0x328/0x630 [ 19.068923] ret_from_fork+0x10/0x20 [ 19.069039] [ 19.069121] The buggy address belongs to the object at fff00000c7733000 [ 19.069121] which belongs to the cache test_cache of size 200 [ 19.069437] The buggy address is located 0 bytes inside of [ 19.069437] 200-byte region [fff00000c7733000, fff00000c77330c8) [ 19.069509] [ 19.069536] The buggy address belongs to the physical page: [ 19.069849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 19.069953] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.070014] page_type: f5(slab) [ 19.070062] raw: 0bfffe0000000000 fff00000c0cacb40 dead000000000122 0000000000000000 [ 19.070121] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.070180] page dumped because: kasan: bad access detected [ 19.070227] [ 19.070246] Memory state around the buggy address: [ 19.070285] fff00000c7732f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.070503] fff00000c7732f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.070822] >fff00000c7733000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.071005] ^ [ 19.071040] fff00000c7733080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.071090] fff00000c7733100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.071148] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.870261] ================================================================== [ 18.870359] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 18.870456] Read of size 1 at addr fff00000c77370c8 by task kunit_try_catch/208 [ 18.870521] [ 18.870567] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.870661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.870701] Hardware name: linux,dummy-virt (DT) [ 18.870749] Call trace: [ 18.870774] show_stack+0x20/0x38 (C) [ 18.870831] dump_stack_lvl+0x8c/0xd0 [ 18.870885] print_report+0x118/0x608 [ 18.870935] kasan_report+0xdc/0x128 [ 18.870994] __asan_report_load1_noabort+0x20/0x30 [ 18.871051] kmem_cache_oob+0x344/0x430 [ 18.871099] kunit_try_run_case+0x170/0x3f0 [ 18.871164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.871223] kthread+0x328/0x630 [ 18.871695] ret_from_fork+0x10/0x20 [ 18.871752] [ 18.871830] Allocated by task 208: [ 18.871885] kasan_save_stack+0x3c/0x68 [ 18.871930] kasan_save_track+0x20/0x40 [ 18.871971] kasan_save_alloc_info+0x40/0x58 [ 18.872177] __kasan_slab_alloc+0xa8/0xb0 [ 18.872230] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.872321] kmem_cache_oob+0x12c/0x430 [ 18.872395] kunit_try_run_case+0x170/0x3f0 [ 18.872589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.872775] kthread+0x328/0x630 [ 18.872857] ret_from_fork+0x10/0x20 [ 18.872925] [ 18.872948] The buggy address belongs to the object at fff00000c7737000 [ 18.872948] which belongs to the cache test_cache of size 200 [ 18.873365] The buggy address is located 0 bytes to the right of [ 18.873365] allocated 200-byte region [fff00000c7737000, fff00000c77370c8) [ 18.873667] [ 18.873871] The buggy address belongs to the physical page: [ 18.874018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107737 [ 18.874150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.874375] page_type: f5(slab) [ 18.874455] raw: 0bfffe0000000000 fff00000c0caca00 dead000000000122 0000000000000000 [ 18.874761] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.874996] page dumped because: kasan: bad access detected [ 18.875091] [ 18.875233] Memory state around the buggy address: [ 18.875403] fff00000c7736f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.875513] fff00000c7737000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.875660] >fff00000c7737080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.875706] ^ [ 18.875747] fff00000c7737100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.875796] fff00000c7737180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.875840] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.834583] ================================================================== [ 18.834725] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 18.834842] Read of size 8 at addr fff00000c7747f00 by task kunit_try_catch/201 [ 18.834903] [ 18.835152] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.835255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.835285] Hardware name: linux,dummy-virt (DT) [ 18.835367] Call trace: [ 18.835421] show_stack+0x20/0x38 (C) [ 18.835481] dump_stack_lvl+0x8c/0xd0 [ 18.835576] print_report+0x118/0x608 [ 18.835627] kasan_report+0xdc/0x128 [ 18.835676] __asan_report_load8_noabort+0x20/0x30 [ 18.835728] workqueue_uaf+0x480/0x4a8 [ 18.835776] kunit_try_run_case+0x170/0x3f0 [ 18.835827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.835949] kthread+0x328/0x630 [ 18.836139] ret_from_fork+0x10/0x20 [ 18.836206] [ 18.836226] Allocated by task 201: [ 18.836401] kasan_save_stack+0x3c/0x68 [ 18.836489] kasan_save_track+0x20/0x40 [ 18.836531] kasan_save_alloc_info+0x40/0x58 [ 18.836605] __kasan_kmalloc+0xd4/0xd8 [ 18.836647] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.836690] workqueue_uaf+0x13c/0x4a8 [ 18.836727] kunit_try_run_case+0x170/0x3f0 [ 18.836769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.837092] kthread+0x328/0x630 [ 18.837215] ret_from_fork+0x10/0x20 [ 18.837383] [ 18.837460] Freed by task 47: [ 18.837618] kasan_save_stack+0x3c/0x68 [ 18.837658] kasan_save_track+0x20/0x40 [ 18.837739] kasan_save_free_info+0x4c/0x78 [ 18.837797] __kasan_slab_free+0x6c/0x98 [ 18.838275] kfree+0x214/0x3c8 [ 18.838324] workqueue_uaf_work+0x18/0x30 [ 18.838429] process_one_work+0x530/0xf98 [ 18.838532] worker_thread+0x618/0xf38 [ 18.838715] kthread+0x328/0x630 [ 18.838787] ret_from_fork+0x10/0x20 [ 18.838911] [ 18.838934] Last potentially related work creation: [ 18.838962] kasan_save_stack+0x3c/0x68 [ 18.839037] kasan_record_aux_stack+0xb4/0xc8 [ 18.839334] __queue_work+0x65c/0x1008 [ 18.839527] queue_work_on+0xbc/0xf8 [ 18.839752] workqueue_uaf+0x210/0x4a8 [ 18.839978] kunit_try_run_case+0x170/0x3f0 [ 18.840047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.840109] kthread+0x328/0x630 [ 18.840264] ret_from_fork+0x10/0x20 [ 18.840307] [ 18.840328] The buggy address belongs to the object at fff00000c7747f00 [ 18.840328] which belongs to the cache kmalloc-32 of size 32 [ 18.840602] The buggy address is located 0 bytes inside of [ 18.840602] freed 32-byte region [fff00000c7747f00, fff00000c7747f20) [ 18.840689] [ 18.840713] The buggy address belongs to the physical page: [ 18.840751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 18.840813] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.840871] page_type: f5(slab) [ 18.840920] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.840976] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.841021] page dumped because: kasan: bad access detected [ 18.841055] [ 18.841075] Memory state around the buggy address: [ 18.841253] fff00000c7747e00: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 18.841346] fff00000c7747e80: 00 00 07 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 18.841427] >fff00000c7747f00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.841696] ^ [ 18.841857] fff00000c7747f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.842025] fff00000c7748000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.842259] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.812417] ================================================================== [ 18.812579] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 18.812661] Read of size 4 at addr fff00000c7747d00 by task swapper/1/0 [ 18.812715] [ 18.812762] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.812854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.812883] Hardware name: linux,dummy-virt (DT) [ 18.812922] Call trace: [ 18.812947] show_stack+0x20/0x38 (C) [ 18.813004] dump_stack_lvl+0x8c/0xd0 [ 18.813055] print_report+0x118/0x608 [ 18.813106] kasan_report+0xdc/0x128 [ 18.813262] __asan_report_load4_noabort+0x20/0x30 [ 18.813325] rcu_uaf_reclaim+0x64/0x70 [ 18.813396] rcu_core+0x9f4/0x1e20 [ 18.813468] rcu_core_si+0x18/0x30 [ 18.813516] handle_softirqs+0x374/0xb28 [ 18.813577] __do_softirq+0x1c/0x28 [ 18.813622] ____do_softirq+0x18/0x30 [ 18.813670] call_on_irq_stack+0x24/0x30 [ 18.813717] do_softirq_own_stack+0x24/0x38 [ 18.813767] __irq_exit_rcu+0x1fc/0x318 [ 18.813944] irq_exit_rcu+0x1c/0x80 [ 18.814207] el1_interrupt+0x38/0x58 [ 18.814283] el1h_64_irq_handler+0x18/0x28 [ 18.814351] el1h_64_irq+0x6c/0x70 [ 18.814464] arch_local_irq_enable+0x4/0x8 (P) [ 18.814655] do_idle+0x384/0x4e8 [ 18.814835] cpu_startup_entry+0x68/0x80 [ 18.814887] secondary_start_kernel+0x288/0x340 [ 18.814938] __secondary_switched+0xc0/0xc8 [ 18.814999] [ 18.815021] Allocated by task 199: [ 18.815055] kasan_save_stack+0x3c/0x68 [ 18.815101] kasan_save_track+0x20/0x40 [ 18.815156] kasan_save_alloc_info+0x40/0x58 [ 18.815200] __kasan_kmalloc+0xd4/0xd8 [ 18.815288] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.815748] rcu_uaf+0xb0/0x2d8 [ 18.815851] kunit_try_run_case+0x170/0x3f0 [ 18.815975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.816064] kthread+0x328/0x630 [ 18.816103] ret_from_fork+0x10/0x20 [ 18.816155] [ 18.816176] Freed by task 0: [ 18.816219] kasan_save_stack+0x3c/0x68 [ 18.816262] kasan_save_track+0x20/0x40 [ 18.816303] kasan_save_free_info+0x4c/0x78 [ 18.816735] __kasan_slab_free+0x6c/0x98 [ 18.816841] kfree+0x214/0x3c8 [ 18.816973] rcu_uaf_reclaim+0x28/0x70 [ 18.817012] rcu_core+0x9f4/0x1e20 [ 18.817101] rcu_core_si+0x18/0x30 [ 18.817473] handle_softirqs+0x374/0xb28 [ 18.817619] __do_softirq+0x1c/0x28 [ 18.817714] [ 18.817758] Last potentially related work creation: [ 18.817805] kasan_save_stack+0x3c/0x68 [ 18.818123] kasan_record_aux_stack+0xb4/0xc8 [ 18.818233] __call_rcu_common.constprop.0+0x74/0x8c8 [ 18.818309] call_rcu+0x18/0x30 [ 18.818367] rcu_uaf+0x14c/0x2d8 [ 18.818405] kunit_try_run_case+0x170/0x3f0 [ 18.818448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.818514] kthread+0x328/0x630 [ 18.818549] ret_from_fork+0x10/0x20 [ 18.818616] [ 18.818662] The buggy address belongs to the object at fff00000c7747d00 [ 18.818662] which belongs to the cache kmalloc-32 of size 32 [ 18.818758] The buggy address is located 0 bytes inside of [ 18.818758] freed 32-byte region [fff00000c7747d00, fff00000c7747d20) [ 18.818827] [ 18.818852] The buggy address belongs to the physical page: [ 18.818901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 18.818965] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.819024] page_type: f5(slab) [ 18.819083] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.819150] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.819197] page dumped because: kasan: bad access detected [ 18.819235] [ 18.819256] Memory state around the buggy address: [ 18.819293] fff00000c7747c00: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 18.819587] fff00000c7747c80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.819797] >fff00000c7747d00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 18.819954] ^ [ 18.820299] fff00000c7747d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.820354] fff00000c7747e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.820492] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.544008] ================================================================== [ 18.544099] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 18.544176] Free of addr fff00000c5d4da60 by task kunit_try_catch/193 [ 18.544224] [ 18.544265] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.544496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.544537] Hardware name: linux,dummy-virt (DT) [ 18.544571] Call trace: [ 18.544597] show_stack+0x20/0x38 (C) [ 18.544788] dump_stack_lvl+0x8c/0xd0 [ 18.544885] print_report+0x118/0x608 [ 18.545009] kasan_report_invalid_free+0xc0/0xe8 [ 18.545065] check_slab_allocation+0xd4/0x108 [ 18.545162] __kasan_slab_pre_free+0x2c/0x48 [ 18.545228] kfree+0xe8/0x3c8 [ 18.545275] kfree_sensitive+0x3c/0xb0 [ 18.545333] kmalloc_double_kzfree+0x168/0x308 [ 18.545388] kunit_try_run_case+0x170/0x3f0 [ 18.545567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.545781] kthread+0x328/0x630 [ 18.545873] ret_from_fork+0x10/0x20 [ 18.545928] [ 18.545970] Allocated by task 193: [ 18.546023] kasan_save_stack+0x3c/0x68 [ 18.546073] kasan_save_track+0x20/0x40 [ 18.546113] kasan_save_alloc_info+0x40/0x58 [ 18.546201] __kasan_kmalloc+0xd4/0xd8 [ 18.546252] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.546318] kmalloc_double_kzfree+0xb8/0x308 [ 18.546391] kunit_try_run_case+0x170/0x3f0 [ 18.546442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.546496] kthread+0x328/0x630 [ 18.546534] ret_from_fork+0x10/0x20 [ 18.546574] [ 18.546596] Freed by task 193: [ 18.546626] kasan_save_stack+0x3c/0x68 [ 18.546678] kasan_save_track+0x20/0x40 [ 18.546750] kasan_save_free_info+0x4c/0x78 [ 18.546796] __kasan_slab_free+0x6c/0x98 [ 18.546837] kfree+0x214/0x3c8 [ 18.546873] kfree_sensitive+0x80/0xb0 [ 18.547040] kmalloc_double_kzfree+0x11c/0x308 [ 18.547222] kunit_try_run_case+0x170/0x3f0 [ 18.547336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.547411] kthread+0x328/0x630 [ 18.547447] ret_from_fork+0x10/0x20 [ 18.547488] [ 18.547511] The buggy address belongs to the object at fff00000c5d4da60 [ 18.547511] which belongs to the cache kmalloc-16 of size 16 [ 18.547593] The buggy address is located 0 bytes inside of [ 18.547593] 16-byte region [fff00000c5d4da60, fff00000c5d4da70) [ 18.547672] [ 18.547702] The buggy address belongs to the physical page: [ 18.547749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d4d [ 18.547809] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.547877] page_type: f5(slab) [ 18.547924] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.547986] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.548032] page dumped because: kasan: bad access detected [ 18.548068] [ 18.548093] Memory state around the buggy address: [ 18.548143] fff00000c5d4d900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.548192] fff00000c5d4d980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.548243] >fff00000c5d4da00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.548295] ^ [ 18.548347] fff00000c5d4da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.548411] fff00000c5d4db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.548457] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.537019] ================================================================== [ 18.537123] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 18.537214] Read of size 1 at addr fff00000c5d4da60 by task kunit_try_catch/193 [ 18.537361] [ 18.537409] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.537548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.537577] Hardware name: linux,dummy-virt (DT) [ 18.537652] Call trace: [ 18.537681] show_stack+0x20/0x38 (C) [ 18.537738] dump_stack_lvl+0x8c/0xd0 [ 18.537810] print_report+0x118/0x608 [ 18.537862] kasan_report+0xdc/0x128 [ 18.537912] __kasan_check_byte+0x54/0x70 [ 18.537962] kfree_sensitive+0x30/0xb0 [ 18.538050] kmalloc_double_kzfree+0x168/0x308 [ 18.538285] kunit_try_run_case+0x170/0x3f0 [ 18.538344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.538434] kthread+0x328/0x630 [ 18.538483] ret_from_fork+0x10/0x20 [ 18.538551] [ 18.538594] Allocated by task 193: [ 18.538655] kasan_save_stack+0x3c/0x68 [ 18.538704] kasan_save_track+0x20/0x40 [ 18.538763] kasan_save_alloc_info+0x40/0x58 [ 18.538837] __kasan_kmalloc+0xd4/0xd8 [ 18.538879] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.538921] kmalloc_double_kzfree+0xb8/0x308 [ 18.538984] kunit_try_run_case+0x170/0x3f0 [ 18.539055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.539115] kthread+0x328/0x630 [ 18.539175] ret_from_fork+0x10/0x20 [ 18.539262] [ 18.539296] Freed by task 193: [ 18.539365] kasan_save_stack+0x3c/0x68 [ 18.539409] kasan_save_track+0x20/0x40 [ 18.539448] kasan_save_free_info+0x4c/0x78 [ 18.539491] __kasan_slab_free+0x6c/0x98 [ 18.539532] kfree+0x214/0x3c8 [ 18.539894] kfree_sensitive+0x80/0xb0 [ 18.540052] kmalloc_double_kzfree+0x11c/0x308 [ 18.540155] kunit_try_run_case+0x170/0x3f0 [ 18.540282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.540418] kthread+0x328/0x630 [ 18.540495] ret_from_fork+0x10/0x20 [ 18.540578] [ 18.540654] The buggy address belongs to the object at fff00000c5d4da60 [ 18.540654] which belongs to the cache kmalloc-16 of size 16 [ 18.540778] The buggy address is located 0 bytes inside of [ 18.540778] freed 16-byte region [fff00000c5d4da60, fff00000c5d4da70) [ 18.540932] [ 18.541019] The buggy address belongs to the physical page: [ 18.541059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d4d [ 18.541124] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.541195] page_type: f5(slab) [ 18.541475] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.541636] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.541804] page dumped because: kasan: bad access detected [ 18.541881] [ 18.541997] Memory state around the buggy address: [ 18.542106] fff00000c5d4d900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.542266] fff00000c5d4d980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.542347] >fff00000c5d4da00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.542476] ^ [ 18.542542] fff00000c5d4da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.542612] fff00000c5d4db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.542897] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.515050] ================================================================== [ 18.515224] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 18.515344] Read of size 1 at addr fff00000c77311a8 by task kunit_try_catch/189 [ 18.515448] [ 18.515569] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.515701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.515767] Hardware name: linux,dummy-virt (DT) [ 18.515814] Call trace: [ 18.515839] show_stack+0x20/0x38 (C) [ 18.515895] dump_stack_lvl+0x8c/0xd0 [ 18.515950] print_report+0x118/0x608 [ 18.516030] kasan_report+0xdc/0x128 [ 18.516205] __asan_report_load1_noabort+0x20/0x30 [ 18.516266] kmalloc_uaf2+0x3f4/0x468 [ 18.516314] kunit_try_run_case+0x170/0x3f0 [ 18.516436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.516587] kthread+0x328/0x630 [ 18.516658] ret_from_fork+0x10/0x20 [ 18.517001] [ 18.517076] Allocated by task 189: [ 18.517170] kasan_save_stack+0x3c/0x68 [ 18.517258] kasan_save_track+0x20/0x40 [ 18.517349] kasan_save_alloc_info+0x40/0x58 [ 18.517424] __kasan_kmalloc+0xd4/0xd8 [ 18.517500] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.517635] kmalloc_uaf2+0xc4/0x468 [ 18.517720] kunit_try_run_case+0x170/0x3f0 [ 18.517843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.517961] kthread+0x328/0x630 [ 18.518090] ret_from_fork+0x10/0x20 [ 18.518242] [ 18.518329] Freed by task 189: [ 18.518359] kasan_save_stack+0x3c/0x68 [ 18.518399] kasan_save_track+0x20/0x40 [ 18.518570] kasan_save_free_info+0x4c/0x78 [ 18.518841] __kasan_slab_free+0x6c/0x98 [ 18.518932] kfree+0x214/0x3c8 [ 18.519011] kmalloc_uaf2+0x134/0x468 [ 18.519104] kunit_try_run_case+0x170/0x3f0 [ 18.519537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.519639] kthread+0x328/0x630 [ 18.519733] ret_from_fork+0x10/0x20 [ 18.519844] [ 18.519906] The buggy address belongs to the object at fff00000c7731180 [ 18.519906] which belongs to the cache kmalloc-64 of size 64 [ 18.520029] The buggy address is located 40 bytes inside of [ 18.520029] freed 64-byte region [fff00000c7731180, fff00000c77311c0) [ 18.520192] [ 18.520301] The buggy address belongs to the physical page: [ 18.520340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107731 [ 18.520403] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.520859] page_type: f5(slab) [ 18.520953] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.521196] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.521245] page dumped because: kasan: bad access detected [ 18.521281] [ 18.521306] Memory state around the buggy address: [ 18.521432] fff00000c7731080: 00 00 00 00 02 fc fc fc fc fc fc fc fc fc fc fc [ 18.521526] fff00000c7731100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.521629] >fff00000c7731180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.521694] ^ [ 18.521750] fff00000c7731200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.521827] fff00000c7731280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.521872] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 18.481757] ================================================================== [ 18.481888] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 18.482007] Read of size 1 at addr fff00000c5d4da48 by task kunit_try_catch/185 [ 18.482066] [ 18.482128] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.482243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.482273] Hardware name: linux,dummy-virt (DT) [ 18.482587] Call trace: [ 18.482662] show_stack+0x20/0x38 (C) [ 18.482883] dump_stack_lvl+0x8c/0xd0 [ 18.482975] print_report+0x118/0x608 [ 18.483048] kasan_report+0xdc/0x128 [ 18.483096] __asan_report_load1_noabort+0x20/0x30 [ 18.483281] kmalloc_uaf+0x300/0x338 [ 18.483367] kunit_try_run_case+0x170/0x3f0 [ 18.483459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.483560] kthread+0x328/0x630 [ 18.483644] ret_from_fork+0x10/0x20 [ 18.483859] [ 18.483995] Allocated by task 185: [ 18.484062] kasan_save_stack+0x3c/0x68 [ 18.484193] kasan_save_track+0x20/0x40 [ 18.484312] kasan_save_alloc_info+0x40/0x58 [ 18.484430] __kasan_kmalloc+0xd4/0xd8 [ 18.484532] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.484628] kmalloc_uaf+0xb8/0x338 [ 18.484702] kunit_try_run_case+0x170/0x3f0 [ 18.484849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.484931] kthread+0x328/0x630 [ 18.484977] ret_from_fork+0x10/0x20 [ 18.485019] [ 18.485039] Freed by task 185: [ 18.485068] kasan_save_stack+0x3c/0x68 [ 18.485279] kasan_save_track+0x20/0x40 [ 18.485330] kasan_save_free_info+0x4c/0x78 [ 18.485372] __kasan_slab_free+0x6c/0x98 [ 18.485413] kfree+0x214/0x3c8 [ 18.485448] kmalloc_uaf+0x11c/0x338 [ 18.485485] kunit_try_run_case+0x170/0x3f0 [ 18.485672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.485802] kthread+0x328/0x630 [ 18.485837] ret_from_fork+0x10/0x20 [ 18.485876] [ 18.486067] The buggy address belongs to the object at fff00000c5d4da40 [ 18.486067] which belongs to the cache kmalloc-16 of size 16 [ 18.486282] The buggy address is located 8 bytes inside of [ 18.486282] freed 16-byte region [fff00000c5d4da40, fff00000c5d4da50) [ 18.486451] [ 18.486519] The buggy address belongs to the physical page: [ 18.486568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d4d [ 18.486630] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.486689] page_type: f5(slab) [ 18.486737] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.486792] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.486840] page dumped because: kasan: bad access detected [ 18.486876] [ 18.486895] Memory state around the buggy address: [ 18.486951] fff00000c5d4d900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.487010] fff00000c5d4d980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.487076] >fff00000c5d4da00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 18.487554] ^ [ 18.487605] fff00000c5d4da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.487654] fff00000c5d4db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.487701] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.458813] ================================================================== [ 18.458911] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.458985] Read of size 18446744073709551614 at addr fff00000c76fca04 by task kunit_try_catch/181 [ 18.459074] [ 18.459116] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.459223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.459252] Hardware name: linux,dummy-virt (DT) [ 18.459287] Call trace: [ 18.459312] show_stack+0x20/0x38 (C) [ 18.459392] dump_stack_lvl+0x8c/0xd0 [ 18.459445] print_report+0x118/0x608 [ 18.459496] kasan_report+0xdc/0x128 [ 18.459542] kasan_check_range+0x100/0x1a8 [ 18.459590] __asan_memmove+0x3c/0x98 [ 18.459634] kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.459685] kunit_try_run_case+0x170/0x3f0 [ 18.459735] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.459789] kthread+0x328/0x630 [ 18.459844] ret_from_fork+0x10/0x20 [ 18.459895] [ 18.459914] Allocated by task 181: [ 18.459951] kasan_save_stack+0x3c/0x68 [ 18.460000] kasan_save_track+0x20/0x40 [ 18.460047] kasan_save_alloc_info+0x40/0x58 [ 18.460089] __kasan_kmalloc+0xd4/0xd8 [ 18.460153] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.460196] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 18.460238] kunit_try_run_case+0x170/0x3f0 [ 18.460277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.460324] kthread+0x328/0x630 [ 18.460385] ret_from_fork+0x10/0x20 [ 18.460427] [ 18.460448] The buggy address belongs to the object at fff00000c76fca00 [ 18.460448] which belongs to the cache kmalloc-64 of size 64 [ 18.460511] The buggy address is located 4 bytes inside of [ 18.460511] 64-byte region [fff00000c76fca00, fff00000c76fca40) [ 18.460598] [ 18.460640] The buggy address belongs to the physical page: [ 18.460676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076fc [ 18.460733] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.460788] page_type: f5(slab) [ 18.460834] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.460888] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.460932] page dumped because: kasan: bad access detected [ 18.461307] [ 18.461485] Memory state around the buggy address: [ 18.461590] fff00000c76fc900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.461718] fff00000c76fc980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.462427] >fff00000c76fca00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.462522] ^ [ 18.462556] fff00000c76fca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.462625] fff00000c76fcb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.462978] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.446081] ================================================================== [ 18.446182] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 18.446250] Write of size 16 at addr fff00000c7732469 by task kunit_try_catch/179 [ 18.446557] [ 18.446656] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.446767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.446828] Hardware name: linux,dummy-virt (DT) [ 18.446863] Call trace: [ 18.446948] show_stack+0x20/0x38 (C) [ 18.447005] dump_stack_lvl+0x8c/0xd0 [ 18.447075] print_report+0x118/0x608 [ 18.447144] kasan_report+0xdc/0x128 [ 18.447262] kasan_check_range+0x100/0x1a8 [ 18.447376] __asan_memset+0x34/0x78 [ 18.447501] kmalloc_oob_memset_16+0x150/0x2f8 [ 18.447680] kunit_try_run_case+0x170/0x3f0 [ 18.447752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.447809] kthread+0x328/0x630 [ 18.448006] ret_from_fork+0x10/0x20 [ 18.448061] [ 18.448081] Allocated by task 179: [ 18.448346] kasan_save_stack+0x3c/0x68 [ 18.448524] kasan_save_track+0x20/0x40 [ 18.448679] kasan_save_alloc_info+0x40/0x58 [ 18.448852] __kasan_kmalloc+0xd4/0xd8 [ 18.448983] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.449141] kmalloc_oob_memset_16+0xb0/0x2f8 [ 18.449257] kunit_try_run_case+0x170/0x3f0 [ 18.449368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.449590] kthread+0x328/0x630 [ 18.449627] ret_from_fork+0x10/0x20 [ 18.449691] [ 18.449713] The buggy address belongs to the object at fff00000c7732400 [ 18.449713] which belongs to the cache kmalloc-128 of size 128 [ 18.449968] The buggy address is located 105 bytes inside of [ 18.449968] allocated 120-byte region [fff00000c7732400, fff00000c7732478) [ 18.450182] [ 18.450257] The buggy address belongs to the physical page: [ 18.450350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.450463] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.450530] page_type: f5(slab) [ 18.450609] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.450706] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.450749] page dumped because: kasan: bad access detected [ 18.450784] [ 18.450802] Memory state around the buggy address: [ 18.450859] fff00000c7732300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.450916] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.450972] >fff00000c7732400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.451024] ^ [ 18.451068] fff00000c7732480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.451122] fff00000c7732500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.451173] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.434427] ================================================================== [ 18.434536] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 18.434658] Write of size 8 at addr fff00000c7732371 by task kunit_try_catch/177 [ 18.434715] [ 18.434826] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.434919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.434947] Hardware name: linux,dummy-virt (DT) [ 18.434982] Call trace: [ 18.435006] show_stack+0x20/0x38 (C) [ 18.435115] dump_stack_lvl+0x8c/0xd0 [ 18.435385] print_report+0x118/0x608 [ 18.435436] kasan_report+0xdc/0x128 [ 18.435484] kasan_check_range+0x100/0x1a8 [ 18.435533] __asan_memset+0x34/0x78 [ 18.435613] kmalloc_oob_memset_8+0x150/0x2f8 [ 18.435690] kunit_try_run_case+0x170/0x3f0 [ 18.435751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.435807] kthread+0x328/0x630 [ 18.435890] ret_from_fork+0x10/0x20 [ 18.435945] [ 18.435965] Allocated by task 177: [ 18.436004] kasan_save_stack+0x3c/0x68 [ 18.436049] kasan_save_track+0x20/0x40 [ 18.436089] kasan_save_alloc_info+0x40/0x58 [ 18.436143] __kasan_kmalloc+0xd4/0xd8 [ 18.436181] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.436223] kmalloc_oob_memset_8+0xb0/0x2f8 [ 18.436261] kunit_try_run_case+0x170/0x3f0 [ 18.436301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.436347] kthread+0x328/0x630 [ 18.436382] ret_from_fork+0x10/0x20 [ 18.436420] [ 18.436441] The buggy address belongs to the object at fff00000c7732300 [ 18.436441] which belongs to the cache kmalloc-128 of size 128 [ 18.436504] The buggy address is located 113 bytes inside of [ 18.436504] allocated 120-byte region [fff00000c7732300, fff00000c7732378) [ 18.436571] [ 18.436609] The buggy address belongs to the physical page: [ 18.436644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.436705] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.436761] page_type: f5(slab) [ 18.436835] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.436907] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.436957] page dumped because: kasan: bad access detected [ 18.436992] [ 18.437012] Memory state around the buggy address: [ 18.437048] fff00000c7732200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.437095] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.437775] >fff00000c7732300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.437955] ^ [ 18.438047] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.438115] fff00000c7732400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.438220] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.421593] ================================================================== [ 18.421686] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 18.421757] Write of size 4 at addr fff00000c7732275 by task kunit_try_catch/175 [ 18.421812] [ 18.421885] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.421979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.422022] Hardware name: linux,dummy-virt (DT) [ 18.422059] Call trace: [ 18.422083] show_stack+0x20/0x38 (C) [ 18.422151] dump_stack_lvl+0x8c/0xd0 [ 18.422203] print_report+0x118/0x608 [ 18.422252] kasan_report+0xdc/0x128 [ 18.422309] kasan_check_range+0x100/0x1a8 [ 18.422360] __asan_memset+0x34/0x78 [ 18.422411] kmalloc_oob_memset_4+0x150/0x300 [ 18.422460] kunit_try_run_case+0x170/0x3f0 [ 18.422511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.422566] kthread+0x328/0x630 [ 18.422611] ret_from_fork+0x10/0x20 [ 18.422663] [ 18.422682] Allocated by task 175: [ 18.422713] kasan_save_stack+0x3c/0x68 [ 18.422768] kasan_save_track+0x20/0x40 [ 18.422808] kasan_save_alloc_info+0x40/0x58 [ 18.422850] __kasan_kmalloc+0xd4/0xd8 [ 18.422889] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.422930] kmalloc_oob_memset_4+0xb0/0x300 [ 18.422979] kunit_try_run_case+0x170/0x3f0 [ 18.423020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.423072] kthread+0x328/0x630 [ 18.423106] ret_from_fork+0x10/0x20 [ 18.423153] [ 18.423188] The buggy address belongs to the object at fff00000c7732200 [ 18.423188] which belongs to the cache kmalloc-128 of size 128 [ 18.423254] The buggy address is located 117 bytes inside of [ 18.423254] allocated 120-byte region [fff00000c7732200, fff00000c7732278) [ 18.423348] [ 18.423387] The buggy address belongs to the physical page: [ 18.423437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.423513] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.423569] page_type: f5(slab) [ 18.423614] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.423667] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.423711] page dumped because: kasan: bad access detected [ 18.423744] [ 18.423763] Memory state around the buggy address: [ 18.423799] fff00000c7732100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.423845] fff00000c7732180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.423892] >fff00000c7732200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.423968] ^ [ 18.424088] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.424197] fff00000c7732300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.424253] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.408965] ================================================================== [ 18.409051] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 18.409119] Write of size 2 at addr fff00000c7732177 by task kunit_try_catch/173 [ 18.409220] [ 18.409325] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.409419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.409581] Hardware name: linux,dummy-virt (DT) [ 18.409618] Call trace: [ 18.409714] show_stack+0x20/0x38 (C) [ 18.409909] dump_stack_lvl+0x8c/0xd0 [ 18.409984] print_report+0x118/0x608 [ 18.410086] kasan_report+0xdc/0x128 [ 18.410147] kasan_check_range+0x100/0x1a8 [ 18.410217] __asan_memset+0x34/0x78 [ 18.410272] kmalloc_oob_memset_2+0x150/0x2f8 [ 18.410342] kunit_try_run_case+0x170/0x3f0 [ 18.410444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.410501] kthread+0x328/0x630 [ 18.410576] ret_from_fork+0x10/0x20 [ 18.410630] [ 18.410650] Allocated by task 173: [ 18.410681] kasan_save_stack+0x3c/0x68 [ 18.410889] kasan_save_track+0x20/0x40 [ 18.410932] kasan_save_alloc_info+0x40/0x58 [ 18.410975] __kasan_kmalloc+0xd4/0xd8 [ 18.411013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.411055] kmalloc_oob_memset_2+0xb0/0x2f8 [ 18.411116] kunit_try_run_case+0x170/0x3f0 [ 18.411277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.411395] kthread+0x328/0x630 [ 18.411491] ret_from_fork+0x10/0x20 [ 18.411543] [ 18.411565] The buggy address belongs to the object at fff00000c7732100 [ 18.411565] which belongs to the cache kmalloc-128 of size 128 [ 18.411631] The buggy address is located 119 bytes inside of [ 18.411631] allocated 120-byte region [fff00000c7732100, fff00000c7732178) [ 18.411701] [ 18.411725] The buggy address belongs to the physical page: [ 18.411933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.411994] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.412051] page_type: f5(slab) [ 18.412097] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.412162] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.412317] page dumped because: kasan: bad access detected [ 18.412394] [ 18.412414] Memory state around the buggy address: [ 18.412464] fff00000c7732000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.412554] fff00000c7732080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.412601] >fff00000c7732100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.412694] ^ [ 18.412842] fff00000c7732180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.412889] fff00000c7732200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.413120] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.380208] ================================================================== [ 18.380329] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 18.380401] Read of size 16 at addr fff00000c5d4da20 by task kunit_try_catch/169 [ 18.380472] [ 18.380518] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.380609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.380668] Hardware name: linux,dummy-virt (DT) [ 18.380704] Call trace: [ 18.380876] show_stack+0x20/0x38 (C) [ 18.380999] dump_stack_lvl+0x8c/0xd0 [ 18.381055] print_report+0x118/0x608 [ 18.381126] kasan_report+0xdc/0x128 [ 18.381208] __asan_report_load16_noabort+0x20/0x30 [ 18.381290] kmalloc_uaf_16+0x3bc/0x438 [ 18.381374] kunit_try_run_case+0x170/0x3f0 [ 18.381478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.381536] kthread+0x328/0x630 [ 18.381581] ret_from_fork+0x10/0x20 [ 18.381654] [ 18.381707] Allocated by task 169: [ 18.381760] kasan_save_stack+0x3c/0x68 [ 18.381806] kasan_save_track+0x20/0x40 [ 18.381846] kasan_save_alloc_info+0x40/0x58 [ 18.381950] __kasan_kmalloc+0xd4/0xd8 [ 18.382000] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.382043] kmalloc_uaf_16+0x140/0x438 [ 18.382079] kunit_try_run_case+0x170/0x3f0 [ 18.382253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.382398] kthread+0x328/0x630 [ 18.382471] ret_from_fork+0x10/0x20 [ 18.382626] [ 18.382667] Freed by task 169: [ 18.382718] kasan_save_stack+0x3c/0x68 [ 18.382782] kasan_save_track+0x20/0x40 [ 18.382822] kasan_save_free_info+0x4c/0x78 [ 18.382904] __kasan_slab_free+0x6c/0x98 [ 18.382945] kfree+0x214/0x3c8 [ 18.382998] kmalloc_uaf_16+0x190/0x438 [ 18.383037] kunit_try_run_case+0x170/0x3f0 [ 18.383104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.383175] kthread+0x328/0x630 [ 18.383262] ret_from_fork+0x10/0x20 [ 18.383413] [ 18.383507] The buggy address belongs to the object at fff00000c5d4da20 [ 18.383507] which belongs to the cache kmalloc-16 of size 16 [ 18.383588] The buggy address is located 0 bytes inside of [ 18.383588] freed 16-byte region [fff00000c5d4da20, fff00000c5d4da30) [ 18.383655] [ 18.383677] The buggy address belongs to the physical page: [ 18.383712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d4d [ 18.383774] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.383830] page_type: f5(slab) [ 18.383932] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.384220] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.384308] page dumped because: kasan: bad access detected [ 18.384398] [ 18.384418] Memory state around the buggy address: [ 18.384482] fff00000c5d4d900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.384571] fff00000c5d4d980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.384618] >fff00000c5d4da00: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.384726] ^ [ 18.384794] fff00000c5d4da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.384909] fff00000c5d4db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.384985] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.368463] ================================================================== [ 18.368757] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 18.368856] Write of size 16 at addr fff00000c5d4d9c0 by task kunit_try_catch/167 [ 18.368965] [ 18.369012] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.369103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.369147] Hardware name: linux,dummy-virt (DT) [ 18.369216] Call trace: [ 18.369351] show_stack+0x20/0x38 (C) [ 18.369412] dump_stack_lvl+0x8c/0xd0 [ 18.369519] print_report+0x118/0x608 [ 18.369589] kasan_report+0xdc/0x128 [ 18.369659] __asan_report_store16_noabort+0x20/0x30 [ 18.369712] kmalloc_oob_16+0x3a0/0x3f8 [ 18.369761] kunit_try_run_case+0x170/0x3f0 [ 18.369844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.369951] kthread+0x328/0x630 [ 18.369998] ret_from_fork+0x10/0x20 [ 18.370058] [ 18.370080] Allocated by task 167: [ 18.370111] kasan_save_stack+0x3c/0x68 [ 18.370282] kasan_save_track+0x20/0x40 [ 18.370422] kasan_save_alloc_info+0x40/0x58 [ 18.370475] __kasan_kmalloc+0xd4/0xd8 [ 18.370542] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.370628] kmalloc_oob_16+0xb4/0x3f8 [ 18.370666] kunit_try_run_case+0x170/0x3f0 [ 18.370706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.370752] kthread+0x328/0x630 [ 18.370820] ret_from_fork+0x10/0x20 [ 18.370859] [ 18.370881] The buggy address belongs to the object at fff00000c5d4d9c0 [ 18.370881] which belongs to the cache kmalloc-16 of size 16 [ 18.371074] The buggy address is located 0 bytes inside of [ 18.371074] allocated 13-byte region [fff00000c5d4d9c0, fff00000c5d4d9cd) [ 18.371384] [ 18.371471] The buggy address belongs to the physical page: [ 18.371605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d4d [ 18.371680] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.371738] page_type: f5(slab) [ 18.371912] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.371974] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.372019] page dumped because: kasan: bad access detected [ 18.372052] [ 18.372070] Memory state around the buggy address: [ 18.372255] fff00000c5d4d880: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 18.372337] fff00000c5d4d900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.372425] >fff00000c5d4d980: 00 04 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 18.372466] ^ [ 18.372678] fff00000c5d4da00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.372860] fff00000c5d4da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.372991] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 18.354348] ================================================================== [ 18.354524] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 18.354588] Read of size 1 at addr fff00000c0b9ba00 by task kunit_try_catch/165 [ 18.354641] [ 18.354681] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.354770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.354798] Hardware name: linux,dummy-virt (DT) [ 18.355012] Call trace: [ 18.355052] show_stack+0x20/0x38 (C) [ 18.355176] dump_stack_lvl+0x8c/0xd0 [ 18.355289] print_report+0x118/0x608 [ 18.355388] kasan_report+0xdc/0x128 [ 18.355451] __asan_report_load1_noabort+0x20/0x30 [ 18.355512] krealloc_uaf+0x4c8/0x520 [ 18.355559] kunit_try_run_case+0x170/0x3f0 [ 18.355635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.355821] kthread+0x328/0x630 [ 18.355963] ret_from_fork+0x10/0x20 [ 18.356057] [ 18.356190] Allocated by task 165: [ 18.356283] kasan_save_stack+0x3c/0x68 [ 18.356328] kasan_save_track+0x20/0x40 [ 18.356367] kasan_save_alloc_info+0x40/0x58 [ 18.356437] __kasan_kmalloc+0xd4/0xd8 [ 18.356476] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.356518] krealloc_uaf+0xc8/0x520 [ 18.356686] kunit_try_run_case+0x170/0x3f0 [ 18.356793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.356876] kthread+0x328/0x630 [ 18.356967] ret_from_fork+0x10/0x20 [ 18.357029] [ 18.357115] Freed by task 165: [ 18.357156] kasan_save_stack+0x3c/0x68 [ 18.357367] kasan_save_track+0x20/0x40 [ 18.357516] kasan_save_free_info+0x4c/0x78 [ 18.357580] __kasan_slab_free+0x6c/0x98 [ 18.357692] kfree+0x214/0x3c8 [ 18.357800] krealloc_uaf+0x12c/0x520 [ 18.357917] kunit_try_run_case+0x170/0x3f0 [ 18.358059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.358119] kthread+0x328/0x630 [ 18.358165] ret_from_fork+0x10/0x20 [ 18.358202] [ 18.358223] The buggy address belongs to the object at fff00000c0b9ba00 [ 18.358223] which belongs to the cache kmalloc-256 of size 256 [ 18.358472] The buggy address is located 0 bytes inside of [ 18.358472] freed 256-byte region [fff00000c0b9ba00, fff00000c0b9bb00) [ 18.358585] [ 18.358638] The buggy address belongs to the physical page: [ 18.358783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 18.358885] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.358937] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.359057] page_type: f5(slab) [ 18.359121] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.359189] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.359267] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.359320] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.359477] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 18.359591] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.359672] page dumped because: kasan: bad access detected [ 18.359707] [ 18.359725] Memory state around the buggy address: [ 18.359808] fff00000c0b9b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.359868] fff00000c0b9b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.359957] >fff00000c0b9ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.360056] ^ [ 18.360094] fff00000c0b9ba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.360165] fff00000c0b9bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.360208] ================================================================== [ 18.346483] ================================================================== [ 18.346606] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 18.346896] Read of size 1 at addr fff00000c0b9ba00 by task kunit_try_catch/165 [ 18.346987] [ 18.347034] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.347164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.347255] Hardware name: linux,dummy-virt (DT) [ 18.347295] Call trace: [ 18.347320] show_stack+0x20/0x38 (C) [ 18.347379] dump_stack_lvl+0x8c/0xd0 [ 18.347538] print_report+0x118/0x608 [ 18.347591] kasan_report+0xdc/0x128 [ 18.347639] __kasan_check_byte+0x54/0x70 [ 18.347688] krealloc_noprof+0x44/0x360 [ 18.347985] krealloc_uaf+0x180/0x520 [ 18.348058] kunit_try_run_case+0x170/0x3f0 [ 18.348196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.348296] kthread+0x328/0x630 [ 18.348356] ret_from_fork+0x10/0x20 [ 18.348462] [ 18.348536] Allocated by task 165: [ 18.348622] kasan_save_stack+0x3c/0x68 [ 18.348727] kasan_save_track+0x20/0x40 [ 18.348841] kasan_save_alloc_info+0x40/0x58 [ 18.348885] __kasan_kmalloc+0xd4/0xd8 [ 18.348925] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.348968] krealloc_uaf+0xc8/0x520 [ 18.349005] kunit_try_run_case+0x170/0x3f0 [ 18.349238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.349319] kthread+0x328/0x630 [ 18.349356] ret_from_fork+0x10/0x20 [ 18.349395] [ 18.349469] Freed by task 165: [ 18.349514] kasan_save_stack+0x3c/0x68 [ 18.349715] kasan_save_track+0x20/0x40 [ 18.349869] kasan_save_free_info+0x4c/0x78 [ 18.349970] __kasan_slab_free+0x6c/0x98 [ 18.350099] kfree+0x214/0x3c8 [ 18.350261] krealloc_uaf+0x12c/0x520 [ 18.350327] kunit_try_run_case+0x170/0x3f0 [ 18.350479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.350618] kthread+0x328/0x630 [ 18.350701] ret_from_fork+0x10/0x20 [ 18.350840] [ 18.350915] The buggy address belongs to the object at fff00000c0b9ba00 [ 18.350915] which belongs to the cache kmalloc-256 of size 256 [ 18.351072] The buggy address is located 0 bytes inside of [ 18.351072] freed 256-byte region [fff00000c0b9ba00, fff00000c0b9bb00) [ 18.351152] [ 18.351177] The buggy address belongs to the physical page: [ 18.351215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 18.351427] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.351542] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.351701] page_type: f5(slab) [ 18.351819] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.351961] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.352014] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.352203] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.352261] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 18.352450] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.352565] page dumped because: kasan: bad access detected [ 18.352638] [ 18.352794] Memory state around the buggy address: [ 18.352863] fff00000c0b9b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.352941] fff00000c0b9b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.353036] >fff00000c0b9ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.353079] ^ [ 18.353110] fff00000c0b9ba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.353167] fff00000c0b9bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.353209] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 18.337277] ================================================================== [ 18.337336] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.337388] Write of size 1 at addr fff00000c64b60eb by task kunit_try_catch/163 [ 18.337456] [ 18.337489] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.337576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.337606] Hardware name: linux,dummy-virt (DT) [ 18.337639] Call trace: [ 18.337661] show_stack+0x20/0x38 (C) [ 18.337709] dump_stack_lvl+0x8c/0xd0 [ 18.337757] print_report+0x118/0x608 [ 18.337824] kasan_report+0xdc/0x128 [ 18.337873] __asan_report_store1_noabort+0x20/0x30 [ 18.337933] krealloc_less_oob_helper+0xa58/0xc50 [ 18.337994] krealloc_large_less_oob+0x20/0x38 [ 18.338045] kunit_try_run_case+0x170/0x3f0 [ 18.338094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.338162] kthread+0x328/0x630 [ 18.338206] ret_from_fork+0x10/0x20 [ 18.338256] [ 18.338287] The buggy address belongs to the physical page: [ 18.338321] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b4 [ 18.338378] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.338439] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.338506] page_type: f8(unknown) [ 18.338547] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.338600] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.338660] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.338712] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.338764] head: 0bfffe0000000002 ffffc1ffc3192d01 00000000ffffffff 00000000ffffffff [ 18.338815] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.338858] page dumped because: kasan: bad access detected [ 18.338891] [ 18.338909] Memory state around the buggy address: [ 18.338950] fff00000c64b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.338996] fff00000c64b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.339051] >fff00000c64b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.339092] ^ [ 18.339142] fff00000c64b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.339186] fff00000c64b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.339227] ================================================================== [ 18.321142] ================================================================== [ 18.321221] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.321476] Write of size 1 at addr fff00000c64b60c9 by task kunit_try_catch/163 [ 18.321613] [ 18.321659] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.321753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.321788] Hardware name: linux,dummy-virt (DT) [ 18.321831] Call trace: [ 18.321865] show_stack+0x20/0x38 (C) [ 18.321922] dump_stack_lvl+0x8c/0xd0 [ 18.321984] print_report+0x118/0x608 [ 18.322035] kasan_report+0xdc/0x128 [ 18.322083] __asan_report_store1_noabort+0x20/0x30 [ 18.322146] krealloc_less_oob_helper+0xa48/0xc50 [ 18.322200] krealloc_large_less_oob+0x20/0x38 [ 18.322251] kunit_try_run_case+0x170/0x3f0 [ 18.322304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.322585] kthread+0x328/0x630 [ 18.322648] ret_from_fork+0x10/0x20 [ 18.322701] [ 18.322725] The buggy address belongs to the physical page: [ 18.322762] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b4 [ 18.322845] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.322915] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.322978] page_type: f8(unknown) [ 18.323061] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.323282] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.323344] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.323397] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.323574] head: 0bfffe0000000002 ffffc1ffc3192d01 00000000ffffffff 00000000ffffffff [ 18.323756] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.323849] page dumped because: kasan: bad access detected [ 18.323953] [ 18.324092] Memory state around the buggy address: [ 18.324245] fff00000c64b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.324315] fff00000c64b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.324390] >fff00000c64b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.324534] ^ [ 18.324574] fff00000c64b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.324619] fff00000c64b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.324661] ================================================================== [ 18.261569] ================================================================== [ 18.261661] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.261732] Write of size 1 at addr fff00000c0b9b8c9 by task kunit_try_catch/159 [ 18.261788] [ 18.261832] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.261924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.261953] Hardware name: linux,dummy-virt (DT) [ 18.261989] Call trace: [ 18.262013] show_stack+0x20/0x38 (C) [ 18.262068] dump_stack_lvl+0x8c/0xd0 [ 18.262502] print_report+0x118/0x608 [ 18.262620] kasan_report+0xdc/0x128 [ 18.262672] __asan_report_store1_noabort+0x20/0x30 [ 18.262725] krealloc_less_oob_helper+0xa48/0xc50 [ 18.262777] krealloc_less_oob+0x20/0x38 [ 18.263042] kunit_try_run_case+0x170/0x3f0 [ 18.263162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.263225] kthread+0x328/0x630 [ 18.263432] ret_from_fork+0x10/0x20 [ 18.263539] [ 18.263655] Allocated by task 159: [ 18.263718] kasan_save_stack+0x3c/0x68 [ 18.263852] kasan_save_track+0x20/0x40 [ 18.263937] kasan_save_alloc_info+0x40/0x58 [ 18.264064] __kasan_krealloc+0x118/0x178 [ 18.264199] krealloc_noprof+0x128/0x360 [ 18.264326] krealloc_less_oob_helper+0x168/0xc50 [ 18.264448] krealloc_less_oob+0x20/0x38 [ 18.264787] kunit_try_run_case+0x170/0x3f0 [ 18.264929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.265056] kthread+0x328/0x630 [ 18.265192] ret_from_fork+0x10/0x20 [ 18.265284] [ 18.265326] The buggy address belongs to the object at fff00000c0b9b800 [ 18.265326] which belongs to the cache kmalloc-256 of size 256 [ 18.265394] The buggy address is located 0 bytes to the right of [ 18.265394] allocated 201-byte region [fff00000c0b9b800, fff00000c0b9b8c9) [ 18.265494] [ 18.265519] The buggy address belongs to the physical page: [ 18.265556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 18.265620] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.265674] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.266058] page_type: f5(slab) [ 18.266158] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.266359] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.266499] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.266686] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.266742] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 18.266807] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.266857] page dumped because: kasan: bad access detected [ 18.266891] [ 18.266911] Memory state around the buggy address: [ 18.266949] fff00000c0b9b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.267012] fff00000c0b9b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.267070] >fff00000c0b9b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.267160] ^ [ 18.267201] fff00000c0b9b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.267479] fff00000c0b9b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.267534] ================================================================== [ 18.332224] ================================================================== [ 18.332271] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.332318] Write of size 1 at addr fff00000c64b60ea by task kunit_try_catch/163 [ 18.332844] [ 18.332882] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.332968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.332996] Hardware name: linux,dummy-virt (DT) [ 18.333121] Call trace: [ 18.333195] show_stack+0x20/0x38 (C) [ 18.333248] dump_stack_lvl+0x8c/0xd0 [ 18.333346] print_report+0x118/0x608 [ 18.333426] kasan_report+0xdc/0x128 [ 18.333504] __asan_report_store1_noabort+0x20/0x30 [ 18.333633] krealloc_less_oob_helper+0xae4/0xc50 [ 18.333723] krealloc_large_less_oob+0x20/0x38 [ 18.333774] kunit_try_run_case+0x170/0x3f0 [ 18.333992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.334109] kthread+0x328/0x630 [ 18.334185] ret_from_fork+0x10/0x20 [ 18.334235] [ 18.334256] The buggy address belongs to the physical page: [ 18.334545] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b4 [ 18.334637] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.334742] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.334835] page_type: f8(unknown) [ 18.334877] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.334977] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.335053] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.335117] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.335250] head: 0bfffe0000000002 ffffc1ffc3192d01 00000000ffffffff 00000000ffffffff [ 18.335389] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.335455] page dumped because: kasan: bad access detected [ 18.335489] [ 18.335509] Memory state around the buggy address: [ 18.335742] fff00000c64b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.335795] fff00000c64b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.335840] >fff00000c64b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.336043] ^ [ 18.336205] fff00000c64b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.336288] fff00000c64b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.336503] ================================================================== [ 18.325054] ================================================================== [ 18.325105] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.325250] Write of size 1 at addr fff00000c64b60d0 by task kunit_try_catch/163 [ 18.325358] [ 18.325444] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.325574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.325643] Hardware name: linux,dummy-virt (DT) [ 18.325710] Call trace: [ 18.325784] show_stack+0x20/0x38 (C) [ 18.325843] dump_stack_lvl+0x8c/0xd0 [ 18.325896] print_report+0x118/0x608 [ 18.325974] kasan_report+0xdc/0x128 [ 18.326023] __asan_report_store1_noabort+0x20/0x30 [ 18.326104] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.326235] krealloc_large_less_oob+0x20/0x38 [ 18.326293] kunit_try_run_case+0x170/0x3f0 [ 18.326345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.326401] kthread+0x328/0x630 [ 18.326458] ret_from_fork+0x10/0x20 [ 18.326509] [ 18.326536] The buggy address belongs to the physical page: [ 18.326571] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b4 [ 18.326630] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.326681] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.326739] page_type: f8(unknown) [ 18.326787] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.326841] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.326894] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.326951] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.327005] head: 0bfffe0000000002 ffffc1ffc3192d01 00000000ffffffff 00000000ffffffff [ 18.327068] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.327151] page dumped because: kasan: bad access detected [ 18.327187] [ 18.327206] Memory state around the buggy address: [ 18.327241] fff00000c64b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.327315] fff00000c64b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.327381] >fff00000c64b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.327422] ^ [ 18.327460] fff00000c64b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.327506] fff00000c64b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.327547] ================================================================== [ 18.282398] ================================================================== [ 18.282457] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.282521] Write of size 1 at addr fff00000c0b9b8ea by task kunit_try_catch/159 [ 18.282577] [ 18.282625] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.282715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.282752] Hardware name: linux,dummy-virt (DT) [ 18.282788] Call trace: [ 18.282821] show_stack+0x20/0x38 (C) [ 18.282881] dump_stack_lvl+0x8c/0xd0 [ 18.282933] print_report+0x118/0x608 [ 18.282983] kasan_report+0xdc/0x128 [ 18.283031] __asan_report_store1_noabort+0x20/0x30 [ 18.283083] krealloc_less_oob_helper+0xae4/0xc50 [ 18.283199] krealloc_less_oob+0x20/0x38 [ 18.283248] kunit_try_run_case+0x170/0x3f0 [ 18.283549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.283717] kthread+0x328/0x630 [ 18.283860] ret_from_fork+0x10/0x20 [ 18.284151] [ 18.284216] Allocated by task 159: [ 18.284254] kasan_save_stack+0x3c/0x68 [ 18.284299] kasan_save_track+0x20/0x40 [ 18.284339] kasan_save_alloc_info+0x40/0x58 [ 18.284381] __kasan_krealloc+0x118/0x178 [ 18.284421] krealloc_noprof+0x128/0x360 [ 18.284660] krealloc_less_oob_helper+0x168/0xc50 [ 18.284711] krealloc_less_oob+0x20/0x38 [ 18.284750] kunit_try_run_case+0x170/0x3f0 [ 18.284790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.284837] kthread+0x328/0x630 [ 18.284871] ret_from_fork+0x10/0x20 [ 18.284910] [ 18.285219] The buggy address belongs to the object at fff00000c0b9b800 [ 18.285219] which belongs to the cache kmalloc-256 of size 256 [ 18.285358] The buggy address is located 33 bytes to the right of [ 18.285358] allocated 201-byte region [fff00000c0b9b800, fff00000c0b9b8c9) [ 18.285431] [ 18.285453] The buggy address belongs to the physical page: [ 18.285842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 18.285944] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.286074] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.286221] page_type: f5(slab) [ 18.286328] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.286413] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.286522] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.286633] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.286689] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 18.286889] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.287186] page dumped because: kasan: bad access detected [ 18.287292] [ 18.287758] Memory state around the buggy address: [ 18.287864] fff00000c0b9b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.287945] fff00000c0b9b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.288016] >fff00000c0b9b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.288058] ^ [ 18.288101] fff00000c0b9b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288186] fff00000c0b9b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288229] ================================================================== [ 18.277223] ================================================================== [ 18.277332] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.277414] Write of size 1 at addr fff00000c0b9b8da by task kunit_try_catch/159 [ 18.277478] [ 18.277517] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.277607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.277639] Hardware name: linux,dummy-virt (DT) [ 18.277850] Call trace: [ 18.277905] show_stack+0x20/0x38 (C) [ 18.277985] dump_stack_lvl+0x8c/0xd0 [ 18.278062] print_report+0x118/0x608 [ 18.278186] kasan_report+0xdc/0x128 [ 18.278238] __asan_report_store1_noabort+0x20/0x30 [ 18.278309] krealloc_less_oob_helper+0xa80/0xc50 [ 18.278369] krealloc_less_oob+0x20/0x38 [ 18.278457] kunit_try_run_case+0x170/0x3f0 [ 18.278528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.278585] kthread+0x328/0x630 [ 18.278657] ret_from_fork+0x10/0x20 [ 18.278731] [ 18.278758] Allocated by task 159: [ 18.278790] kasan_save_stack+0x3c/0x68 [ 18.278834] kasan_save_track+0x20/0x40 [ 18.278873] kasan_save_alloc_info+0x40/0x58 [ 18.278915] __kasan_krealloc+0x118/0x178 [ 18.278954] krealloc_noprof+0x128/0x360 [ 18.278994] krealloc_less_oob_helper+0x168/0xc50 [ 18.279037] krealloc_less_oob+0x20/0x38 [ 18.279236] kunit_try_run_case+0x170/0x3f0 [ 18.279429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.279489] kthread+0x328/0x630 [ 18.279524] ret_from_fork+0x10/0x20 [ 18.279593] [ 18.279674] The buggy address belongs to the object at fff00000c0b9b800 [ 18.279674] which belongs to the cache kmalloc-256 of size 256 [ 18.279774] The buggy address is located 17 bytes to the right of [ 18.279774] allocated 201-byte region [fff00000c0b9b800, fff00000c0b9b8c9) [ 18.279864] [ 18.279887] The buggy address belongs to the physical page: [ 18.279922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 18.279992] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.280225] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.280289] page_type: f5(slab) [ 18.280334] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.280389] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.280443] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.280747] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.280899] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 18.280992] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.281066] page dumped because: kasan: bad access detected [ 18.281101] [ 18.281191] Memory state around the buggy address: [ 18.281249] fff00000c0b9b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.281303] fff00000c0b9b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.281353] >fff00000c0b9b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.281395] ^ [ 18.281558] fff00000c0b9b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.281664] fff00000c0b9b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.281814] ================================================================== [ 18.270486] ================================================================== [ 18.270569] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.270636] Write of size 1 at addr fff00000c0b9b8d0 by task kunit_try_catch/159 [ 18.270776] [ 18.270824] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.270917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.270946] Hardware name: linux,dummy-virt (DT) [ 18.271029] Call trace: [ 18.271055] show_stack+0x20/0x38 (C) [ 18.271171] dump_stack_lvl+0x8c/0xd0 [ 18.271230] print_report+0x118/0x608 [ 18.271321] kasan_report+0xdc/0x128 [ 18.271370] __asan_report_store1_noabort+0x20/0x30 [ 18.271421] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.271473] krealloc_less_oob+0x20/0x38 [ 18.271521] kunit_try_run_case+0x170/0x3f0 [ 18.271574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.271808] kthread+0x328/0x630 [ 18.271932] ret_from_fork+0x10/0x20 [ 18.272009] [ 18.272049] Allocated by task 159: [ 18.272511] kasan_save_stack+0x3c/0x68 [ 18.272577] kasan_save_track+0x20/0x40 [ 18.272617] kasan_save_alloc_info+0x40/0x58 [ 18.272660] __kasan_krealloc+0x118/0x178 [ 18.272700] krealloc_noprof+0x128/0x360 [ 18.272740] krealloc_less_oob_helper+0x168/0xc50 [ 18.272782] krealloc_less_oob+0x20/0x38 [ 18.272820] kunit_try_run_case+0x170/0x3f0 [ 18.272861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.272907] kthread+0x328/0x630 [ 18.272942] ret_from_fork+0x10/0x20 [ 18.272979] [ 18.273001] The buggy address belongs to the object at fff00000c0b9b800 [ 18.273001] which belongs to the cache kmalloc-256 of size 256 [ 18.273066] The buggy address is located 7 bytes to the right of [ 18.273066] allocated 201-byte region [fff00000c0b9b800, fff00000c0b9b8c9) [ 18.273150] [ 18.273194] The buggy address belongs to the physical page: [ 18.273239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 18.273415] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.273563] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.273705] page_type: f5(slab) [ 18.273752] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.273806] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.273862] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.273916] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.274069] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 18.274376] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.274428] page dumped because: kasan: bad access detected [ 18.274561] [ 18.274675] Memory state around the buggy address: [ 18.274815] fff00000c0b9b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.274863] fff00000c0b9b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.274930] >fff00000c0b9b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.274986] ^ [ 18.275167] fff00000c0b9b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.275213] fff00000c0b9b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.275544] ================================================================== [ 18.290043] ================================================================== [ 18.290109] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.290247] Write of size 1 at addr fff00000c0b9b8eb by task kunit_try_catch/159 [ 18.290302] [ 18.290342] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.290434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.290463] Hardware name: linux,dummy-virt (DT) [ 18.290499] Call trace: [ 18.290522] show_stack+0x20/0x38 (C) [ 18.290573] dump_stack_lvl+0x8c/0xd0 [ 18.290623] print_report+0x118/0x608 [ 18.290674] kasan_report+0xdc/0x128 [ 18.290732] __asan_report_store1_noabort+0x20/0x30 [ 18.291042] krealloc_less_oob_helper+0xa58/0xc50 [ 18.291222] krealloc_less_oob+0x20/0x38 [ 18.291644] kunit_try_run_case+0x170/0x3f0 [ 18.291980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.292213] kthread+0x328/0x630 [ 18.292262] ret_from_fork+0x10/0x20 [ 18.292315] [ 18.292336] Allocated by task 159: [ 18.292367] kasan_save_stack+0x3c/0x68 [ 18.292898] kasan_save_track+0x20/0x40 [ 18.293192] kasan_save_alloc_info+0x40/0x58 [ 18.293284] __kasan_krealloc+0x118/0x178 [ 18.293330] krealloc_noprof+0x128/0x360 [ 18.293381] krealloc_less_oob_helper+0x168/0xc50 [ 18.293424] krealloc_less_oob+0x20/0x38 [ 18.293838] kunit_try_run_case+0x170/0x3f0 [ 18.293928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.294001] kthread+0x328/0x630 [ 18.294035] ret_from_fork+0x10/0x20 [ 18.294298] [ 18.294361] The buggy address belongs to the object at fff00000c0b9b800 [ 18.294361] which belongs to the cache kmalloc-256 of size 256 [ 18.294497] The buggy address is located 34 bytes to the right of [ 18.294497] allocated 201-byte region [fff00000c0b9b800, fff00000c0b9b8c9) [ 18.294780] [ 18.294827] The buggy address belongs to the physical page: [ 18.294979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 18.295063] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.295162] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.295284] page_type: f5(slab) [ 18.295338] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.295395] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.295563] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.295777] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.295923] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 18.296007] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.296051] page dumped because: kasan: bad access detected [ 18.296323] [ 18.296490] Memory state around the buggy address: [ 18.296570] fff00000c0b9b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.296630] fff00000c0b9b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.296689] >fff00000c0b9b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.296737] ^ [ 18.296781] fff00000c0b9b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.296835] fff00000c0b9b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.296877] ================================================================== [ 18.328379] ================================================================== [ 18.328436] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.328513] Write of size 1 at addr fff00000c64b60da by task kunit_try_catch/163 [ 18.328567] [ 18.328599] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.328686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.328714] Hardware name: linux,dummy-virt (DT) [ 18.328747] Call trace: [ 18.328769] show_stack+0x20/0x38 (C) [ 18.328853] dump_stack_lvl+0x8c/0xd0 [ 18.328902] print_report+0x118/0x608 [ 18.328951] kasan_report+0xdc/0x128 [ 18.328999] __asan_report_store1_noabort+0x20/0x30 [ 18.329049] krealloc_less_oob_helper+0xa80/0xc50 [ 18.329101] krealloc_large_less_oob+0x20/0x38 [ 18.329165] kunit_try_run_case+0x170/0x3f0 [ 18.329323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.329410] kthread+0x328/0x630 [ 18.329506] ret_from_fork+0x10/0x20 [ 18.329597] [ 18.329638] The buggy address belongs to the physical page: [ 18.329672] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b4 [ 18.329745] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.329825] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.329910] page_type: f8(unknown) [ 18.329991] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.330078] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.330165] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.330267] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.330321] head: 0bfffe0000000002 ffffc1ffc3192d01 00000000ffffffff 00000000ffffffff [ 18.330448] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.330494] page dumped because: kasan: bad access detected [ 18.330535] [ 18.330554] Memory state around the buggy address: [ 18.330586] fff00000c64b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.330915] fff00000c64b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.331062] >fff00000c64b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.331212] ^ [ 18.331345] fff00000c64b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.331491] fff00000c64b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.331635] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 18.248111] ================================================================== [ 18.248195] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 18.248586] Write of size 1 at addr fff00000c0b9b6f0 by task kunit_try_catch/157 [ 18.248666] [ 18.248750] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.248868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.248899] Hardware name: linux,dummy-virt (DT) [ 18.248946] Call trace: [ 18.248971] show_stack+0x20/0x38 (C) [ 18.249027] dump_stack_lvl+0x8c/0xd0 [ 18.249098] print_report+0x118/0x608 [ 18.249162] kasan_report+0xdc/0x128 [ 18.249221] __asan_report_store1_noabort+0x20/0x30 [ 18.249284] krealloc_more_oob_helper+0x5c0/0x678 [ 18.249344] krealloc_more_oob+0x20/0x38 [ 18.249393] kunit_try_run_case+0x170/0x3f0 [ 18.249446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.249514] kthread+0x328/0x630 [ 18.249560] ret_from_fork+0x10/0x20 [ 18.249623] [ 18.249643] Allocated by task 157: [ 18.249674] kasan_save_stack+0x3c/0x68 [ 18.249719] kasan_save_track+0x20/0x40 [ 18.249773] kasan_save_alloc_info+0x40/0x58 [ 18.249817] __kasan_krealloc+0x118/0x178 [ 18.249858] krealloc_noprof+0x128/0x360 [ 18.249898] krealloc_more_oob_helper+0x168/0x678 [ 18.249939] krealloc_more_oob+0x20/0x38 [ 18.249980] kunit_try_run_case+0x170/0x3f0 [ 18.250030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.250077] kthread+0x328/0x630 [ 18.250121] ret_from_fork+0x10/0x20 [ 18.250170] [ 18.250191] The buggy address belongs to the object at fff00000c0b9b600 [ 18.250191] which belongs to the cache kmalloc-256 of size 256 [ 18.250255] The buggy address is located 5 bytes to the right of [ 18.250255] allocated 235-byte region [fff00000c0b9b600, fff00000c0b9b6eb) [ 18.250325] [ 18.250347] The buggy address belongs to the physical page: [ 18.250383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 18.250767] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.250838] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.250901] page_type: f5(slab) [ 18.250950] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.251199] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.251302] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.251448] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.251523] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 18.251607] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.251650] page dumped because: kasan: bad access detected [ 18.251684] [ 18.251703] Memory state around the buggy address: [ 18.251740] fff00000c0b9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.251932] fff00000c0b9b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.251987] >fff00000c0b9b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.252071] ^ [ 18.252240] fff00000c0b9b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.252306] fff00000c0b9b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.252348] ================================================================== [ 18.310859] ================================================================== [ 18.310916] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 18.310974] Write of size 1 at addr fff00000c64b60f0 by task kunit_try_catch/161 [ 18.311028] [ 18.311064] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.311214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.311244] Hardware name: linux,dummy-virt (DT) [ 18.311310] Call trace: [ 18.311350] show_stack+0x20/0x38 (C) [ 18.311424] dump_stack_lvl+0x8c/0xd0 [ 18.311476] print_report+0x118/0x608 [ 18.311526] kasan_report+0xdc/0x128 [ 18.311574] __asan_report_store1_noabort+0x20/0x30 [ 18.311625] krealloc_more_oob_helper+0x5c0/0x678 [ 18.311678] krealloc_large_more_oob+0x20/0x38 [ 18.311775] kunit_try_run_case+0x170/0x3f0 [ 18.311880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.312033] kthread+0x328/0x630 [ 18.312159] ret_from_fork+0x10/0x20 [ 18.312296] [ 18.312320] The buggy address belongs to the physical page: [ 18.312397] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b4 [ 18.312471] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.312524] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.312583] page_type: f8(unknown) [ 18.312655] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.312713] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.312766] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.312819] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.312872] head: 0bfffe0000000002 ffffc1ffc3192d01 00000000ffffffff 00000000ffffffff [ 18.312924] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.312990] page dumped because: kasan: bad access detected [ 18.313024] [ 18.313043] Memory state around the buggy address: [ 18.313126] fff00000c64b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.313244] fff00000c64b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.313365] >fff00000c64b6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.313530] ^ [ 18.313625] fff00000c64b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.313712] fff00000c64b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.313828] ================================================================== [ 18.305986] ================================================================== [ 18.306074] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 18.306409] Write of size 1 at addr fff00000c64b60eb by task kunit_try_catch/161 [ 18.306496] [ 18.306543] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.306664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.306707] Hardware name: linux,dummy-virt (DT) [ 18.306744] Call trace: [ 18.306798] show_stack+0x20/0x38 (C) [ 18.306858] dump_stack_lvl+0x8c/0xd0 [ 18.306911] print_report+0x118/0x608 [ 18.307058] kasan_report+0xdc/0x128 [ 18.307367] __asan_report_store1_noabort+0x20/0x30 [ 18.307522] krealloc_more_oob_helper+0x60c/0x678 [ 18.307626] krealloc_large_more_oob+0x20/0x38 [ 18.307784] kunit_try_run_case+0x170/0x3f0 [ 18.307924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.307982] kthread+0x328/0x630 [ 18.308030] ret_from_fork+0x10/0x20 [ 18.308111] [ 18.308150] The buggy address belongs to the physical page: [ 18.308188] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b4 [ 18.308250] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.308304] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.308368] page_type: f8(unknown) [ 18.308611] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.308686] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.308780] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.308905] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.308958] head: 0bfffe0000000002 ffffc1ffc3192d01 00000000ffffffff 00000000ffffffff [ 18.309277] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.309335] page dumped because: kasan: bad access detected [ 18.309371] [ 18.309390] Memory state around the buggy address: [ 18.309429] fff00000c64b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.309478] fff00000c64b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.309525] >fff00000c64b6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.309567] ^ [ 18.309614] fff00000c64b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.309660] fff00000c64b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.309703] ================================================================== [ 18.239503] ================================================================== [ 18.239649] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 18.239729] Write of size 1 at addr fff00000c0b9b6eb by task kunit_try_catch/157 [ 18.239909] [ 18.239956] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.240053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.240082] Hardware name: linux,dummy-virt (DT) [ 18.240351] Call trace: [ 18.240403] show_stack+0x20/0x38 (C) [ 18.240539] dump_stack_lvl+0x8c/0xd0 [ 18.240678] print_report+0x118/0x608 [ 18.240796] kasan_report+0xdc/0x128 [ 18.240923] __asan_report_store1_noabort+0x20/0x30 [ 18.241039] krealloc_more_oob_helper+0x60c/0x678 [ 18.241188] krealloc_more_oob+0x20/0x38 [ 18.241238] kunit_try_run_case+0x170/0x3f0 [ 18.241604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.241962] kthread+0x328/0x630 [ 18.242075] ret_from_fork+0x10/0x20 [ 18.242234] [ 18.242377] Allocated by task 157: [ 18.242439] kasan_save_stack+0x3c/0x68 [ 18.242546] kasan_save_track+0x20/0x40 [ 18.242654] kasan_save_alloc_info+0x40/0x58 [ 18.242765] __kasan_krealloc+0x118/0x178 [ 18.242907] krealloc_noprof+0x128/0x360 [ 18.243003] krealloc_more_oob_helper+0x168/0x678 [ 18.243098] krealloc_more_oob+0x20/0x38 [ 18.243189] kunit_try_run_case+0x170/0x3f0 [ 18.243249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.243299] kthread+0x328/0x630 [ 18.243334] ret_from_fork+0x10/0x20 [ 18.243373] [ 18.243395] The buggy address belongs to the object at fff00000c0b9b600 [ 18.243395] which belongs to the cache kmalloc-256 of size 256 [ 18.243459] The buggy address is located 0 bytes to the right of [ 18.243459] allocated 235-byte region [fff00000c0b9b600, fff00000c0b9b6eb) [ 18.243530] [ 18.243783] The buggy address belongs to the physical page: [ 18.243839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 18.243904] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.243970] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.244034] page_type: f5(slab) [ 18.244104] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.244401] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.244535] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.244593] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.244646] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 18.244899] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.244982] page dumped because: kasan: bad access detected [ 18.245053] [ 18.245075] Memory state around the buggy address: [ 18.245437] fff00000c0b9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.245521] fff00000c0b9b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.245607] >fff00000c0b9b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.245703] ^ [ 18.245803] fff00000c0b9b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.245850] fff00000c0b9b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.245911] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 18.225992] ================================================================== [ 18.226344] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 18.226491] Read of size 1 at addr fff00000c7770000 by task kunit_try_catch/155 [ 18.226559] [ 18.226605] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.226720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.226810] Hardware name: linux,dummy-virt (DT) [ 18.226848] Call trace: [ 18.226890] show_stack+0x20/0x38 (C) [ 18.226947] dump_stack_lvl+0x8c/0xd0 [ 18.227004] print_report+0x118/0x608 [ 18.227081] kasan_report+0xdc/0x128 [ 18.227141] __asan_report_load1_noabort+0x20/0x30 [ 18.227241] page_alloc_uaf+0x328/0x350 [ 18.227564] kunit_try_run_case+0x170/0x3f0 [ 18.227628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.227685] kthread+0x328/0x630 [ 18.227732] ret_from_fork+0x10/0x20 [ 18.227785] [ 18.227811] The buggy address belongs to the physical page: [ 18.227847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107770 [ 18.228223] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.228316] page_type: f0(buddy) [ 18.228395] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 18.228547] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 18.228650] page dumped because: kasan: bad access detected [ 18.228721] [ 18.228833] Memory state around the buggy address: [ 18.228872] fff00000c776ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.228919] fff00000c776ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.228974] >fff00000c7770000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.229014] ^ [ 18.229069] fff00000c7770080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.229113] fff00000c7770100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.229165] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 18.202273] ================================================================== [ 18.202398] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 18.202761] Free of addr fff00000c64b0001 by task kunit_try_catch/151 [ 18.202838] [ 18.202916] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.203026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.203092] Hardware name: linux,dummy-virt (DT) [ 18.203181] Call trace: [ 18.203209] show_stack+0x20/0x38 (C) [ 18.203268] dump_stack_lvl+0x8c/0xd0 [ 18.203319] print_report+0x118/0x608 [ 18.203368] kasan_report_invalid_free+0xc0/0xe8 [ 18.203422] __kasan_kfree_large+0x5c/0xa8 [ 18.203723] free_large_kmalloc+0x64/0x190 [ 18.203904] kfree+0x270/0x3c8 [ 18.203998] kmalloc_large_invalid_free+0x108/0x270 [ 18.204112] kunit_try_run_case+0x170/0x3f0 [ 18.204259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.204316] kthread+0x328/0x630 [ 18.204670] ret_from_fork+0x10/0x20 [ 18.204815] [ 18.204901] The buggy address belongs to the physical page: [ 18.205025] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b0 [ 18.205099] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.205317] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.205483] page_type: f8(unknown) [ 18.205629] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.205726] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.205836] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.205948] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.206036] head: 0bfffe0000000002 ffffc1ffc3192c01 00000000ffffffff 00000000ffffffff [ 18.206088] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.206357] page dumped because: kasan: bad access detected [ 18.206518] [ 18.206554] Memory state around the buggy address: [ 18.206596] fff00000c64aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.206650] fff00000c64aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.206703] >fff00000c64b0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.206746] ^ [ 18.206794] fff00000c64b0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.206841] fff00000c64b0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.206916] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 18.189505] ================================================================== [ 18.189613] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 18.189949] Read of size 1 at addr fff00000c64b0000 by task kunit_try_catch/149 [ 18.190068] [ 18.190148] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.190269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.190328] Hardware name: linux,dummy-virt (DT) [ 18.190366] Call trace: [ 18.190452] show_stack+0x20/0x38 (C) [ 18.190532] dump_stack_lvl+0x8c/0xd0 [ 18.190610] print_report+0x118/0x608 [ 18.190735] kasan_report+0xdc/0x128 [ 18.190783] __asan_report_load1_noabort+0x20/0x30 [ 18.190836] kmalloc_large_uaf+0x2cc/0x2f8 [ 18.190882] kunit_try_run_case+0x170/0x3f0 [ 18.190950] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.191159] kthread+0x328/0x630 [ 18.191384] ret_from_fork+0x10/0x20 [ 18.191517] [ 18.191587] The buggy address belongs to the physical page: [ 18.191669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b0 [ 18.191804] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.191973] raw: 0bfffe0000000000 ffffc1ffc3192d08 fff00000da478c40 0000000000000000 [ 18.192111] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.192223] page dumped because: kasan: bad access detected [ 18.192257] [ 18.192276] Memory state around the buggy address: [ 18.192314] fff00000c64aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.192522] fff00000c64aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.192571] >fff00000c64b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.192809] ^ [ 18.192881] fff00000c64b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.192973] fff00000c64b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.193015] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 18.170578] ================================================================== [ 18.170698] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 18.170770] Write of size 1 at addr fff00000c64ae00a by task kunit_try_catch/147 [ 18.170836] [ 18.170880] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.170971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.170999] Hardware name: linux,dummy-virt (DT) [ 18.171034] Call trace: [ 18.171059] show_stack+0x20/0x38 (C) [ 18.171112] dump_stack_lvl+0x8c/0xd0 [ 18.171177] print_report+0x118/0x608 [ 18.171226] kasan_report+0xdc/0x128 [ 18.171557] __asan_report_store1_noabort+0x20/0x30 [ 18.171619] kmalloc_large_oob_right+0x278/0x2b8 [ 18.171669] kunit_try_run_case+0x170/0x3f0 [ 18.171930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.172021] kthread+0x328/0x630 [ 18.172087] ret_from_fork+0x10/0x20 [ 18.172200] [ 18.172347] The buggy address belongs to the physical page: [ 18.172408] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064ac [ 18.172516] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.172612] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.172716] page_type: f8(unknown) [ 18.172783] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.172838] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.172891] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.173090] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.173164] head: 0bfffe0000000002 ffffc1ffc3192b01 00000000ffffffff 00000000ffffffff [ 18.173216] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.173259] page dumped because: kasan: bad access detected [ 18.173299] [ 18.173319] Memory state around the buggy address: [ 18.173357] fff00000c64adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.173403] fff00000c64adf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.173601] >fff00000c64ae000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.173698] ^ [ 18.173764] fff00000c64ae080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.173967] fff00000c64ae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.174123] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 18.157445] ================================================================== [ 18.157903] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 18.157976] Write of size 1 at addr fff00000c7729f00 by task kunit_try_catch/145 [ 18.158030] [ 18.158103] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.158209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.158237] Hardware name: linux,dummy-virt (DT) [ 18.158270] Call trace: [ 18.158387] show_stack+0x20/0x38 (C) [ 18.158452] dump_stack_lvl+0x8c/0xd0 [ 18.158534] print_report+0x118/0x608 [ 18.158649] kasan_report+0xdc/0x128 [ 18.158697] __asan_report_store1_noabort+0x20/0x30 [ 18.158778] kmalloc_big_oob_right+0x2a4/0x2f0 [ 18.158828] kunit_try_run_case+0x170/0x3f0 [ 18.158878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.158954] kthread+0x328/0x630 [ 18.159000] ret_from_fork+0x10/0x20 [ 18.159051] [ 18.159269] Allocated by task 145: [ 18.159316] kasan_save_stack+0x3c/0x68 [ 18.159470] kasan_save_track+0x20/0x40 [ 18.159622] kasan_save_alloc_info+0x40/0x58 [ 18.159702] __kasan_kmalloc+0xd4/0xd8 [ 18.159751] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.159793] kmalloc_big_oob_right+0xb8/0x2f0 [ 18.159833] kunit_try_run_case+0x170/0x3f0 [ 18.159899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.159949] kthread+0x328/0x630 [ 18.159983] ret_from_fork+0x10/0x20 [ 18.160022] [ 18.160043] The buggy address belongs to the object at fff00000c7728000 [ 18.160043] which belongs to the cache kmalloc-8k of size 8192 [ 18.160107] The buggy address is located 0 bytes to the right of [ 18.160107] allocated 7936-byte region [fff00000c7728000, fff00000c7729f00) [ 18.160316] [ 18.160420] The buggy address belongs to the physical page: [ 18.160513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107728 [ 18.160604] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.160663] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.160736] page_type: f5(slab) [ 18.160802] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 18.160879] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 18.160932] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 18.160983] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 18.161062] head: 0bfffe0000000003 ffffc1ffc31dca01 00000000ffffffff 00000000ffffffff [ 18.161318] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.161424] page dumped because: kasan: bad access detected [ 18.161559] [ 18.161646] Memory state around the buggy address: [ 18.161714] fff00000c7729e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.161780] fff00000c7729e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.161826] >fff00000c7729f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.161888] ^ [ 18.161918] fff00000c7729f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.161963] fff00000c772a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.162169] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 18.139062] ================================================================== [ 18.139207] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.139281] Write of size 1 at addr fff00000c5d57f78 by task kunit_try_catch/143 [ 18.139339] [ 18.139406] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.139497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.139526] Hardware name: linux,dummy-virt (DT) [ 18.139562] Call trace: [ 18.139586] show_stack+0x20/0x38 (C) [ 18.139640] dump_stack_lvl+0x8c/0xd0 [ 18.139693] print_report+0x118/0x608 [ 18.139743] kasan_report+0xdc/0x128 [ 18.139851] __asan_report_store1_noabort+0x20/0x30 [ 18.139959] kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.140044] kunit_try_run_case+0x170/0x3f0 [ 18.140168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.140353] kthread+0x328/0x630 [ 18.140470] ret_from_fork+0x10/0x20 [ 18.140630] [ 18.140755] Allocated by task 143: [ 18.140815] kasan_save_stack+0x3c/0x68 [ 18.140916] kasan_save_track+0x20/0x40 [ 18.140960] kasan_save_alloc_info+0x40/0x58 [ 18.141019] __kasan_kmalloc+0xd4/0xd8 [ 18.141058] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.141105] kmalloc_track_caller_oob_right+0xa8/0x488 [ 18.141159] kunit_try_run_case+0x170/0x3f0 [ 18.141262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.141556] kthread+0x328/0x630 [ 18.141722] ret_from_fork+0x10/0x20 [ 18.142304] [ 18.142392] The buggy address belongs to the object at fff00000c5d57f00 [ 18.142392] which belongs to the cache kmalloc-128 of size 128 [ 18.142520] The buggy address is located 0 bytes to the right of [ 18.142520] allocated 120-byte region [fff00000c5d57f00, fff00000c5d57f78) [ 18.142647] [ 18.142716] The buggy address belongs to the physical page: [ 18.142750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d57 [ 18.142809] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.142866] page_type: f5(slab) [ 18.142912] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.142968] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.143012] page dumped because: kasan: bad access detected [ 18.143045] [ 18.143063] Memory state around the buggy address: [ 18.143109] fff00000c5d57e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.143166] fff00000c5d57e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.143212] >fff00000c5d57f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.143253] ^ [ 18.143296] fff00000c5d57f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.143712] fff00000c5d58000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.143806] ================================================================== [ 18.145449] ================================================================== [ 18.145531] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 18.145736] Write of size 1 at addr fff00000c7732078 by task kunit_try_catch/143 [ 18.145805] [ 18.145874] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.146005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.146069] Hardware name: linux,dummy-virt (DT) [ 18.146106] Call trace: [ 18.146161] show_stack+0x20/0x38 (C) [ 18.146267] dump_stack_lvl+0x8c/0xd0 [ 18.146339] print_report+0x118/0x608 [ 18.146409] kasan_report+0xdc/0x128 [ 18.146460] __asan_report_store1_noabort+0x20/0x30 [ 18.146512] kmalloc_track_caller_oob_right+0x418/0x488 [ 18.146594] kunit_try_run_case+0x170/0x3f0 [ 18.146660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.146718] kthread+0x328/0x630 [ 18.146781] ret_from_fork+0x10/0x20 [ 18.146865] [ 18.146885] Allocated by task 143: [ 18.146916] kasan_save_stack+0x3c/0x68 [ 18.146978] kasan_save_track+0x20/0x40 [ 18.147599] kasan_save_alloc_info+0x40/0x58 [ 18.147664] __kasan_kmalloc+0xd4/0xd8 [ 18.147704] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.147751] kmalloc_track_caller_oob_right+0x184/0x488 [ 18.147795] kunit_try_run_case+0x170/0x3f0 [ 18.147835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.147880] kthread+0x328/0x630 [ 18.147914] ret_from_fork+0x10/0x20 [ 18.147952] [ 18.147973] The buggy address belongs to the object at fff00000c7732000 [ 18.147973] which belongs to the cache kmalloc-128 of size 128 [ 18.148042] The buggy address is located 0 bytes to the right of [ 18.148042] allocated 120-byte region [fff00000c7732000, fff00000c7732078) [ 18.148111] [ 18.148151] The buggy address belongs to the physical page: [ 18.148248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 18.148327] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.148384] page_type: f5(slab) [ 18.148430] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.148484] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.148527] page dumped because: kasan: bad access detected [ 18.148560] [ 18.148580] Memory state around the buggy address: [ 18.148615] fff00000c7731f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.148972] fff00000c7731f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.149054] >fff00000c7732000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.149158] ^ [ 18.149281] fff00000c7732080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.149392] fff00000c7732100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.149434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 18.125855] ================================================================== [ 18.125941] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 18.126008] Read of size 1 at addr fff00000c7719000 by task kunit_try_catch/141 [ 18.126063] [ 18.126105] CPU: 1 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.126216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.126244] Hardware name: linux,dummy-virt (DT) [ 18.126280] Call trace: [ 18.126304] show_stack+0x20/0x38 (C) [ 18.126358] dump_stack_lvl+0x8c/0xd0 [ 18.126410] print_report+0x118/0x608 [ 18.126459] kasan_report+0xdc/0x128 [ 18.126507] __asan_report_load1_noabort+0x20/0x30 [ 18.126561] kmalloc_node_oob_right+0x2f4/0x330 [ 18.126612] kunit_try_run_case+0x170/0x3f0 [ 18.126664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.126721] kthread+0x328/0x630 [ 18.127153] ret_from_fork+0x10/0x20 [ 18.127301] [ 18.127333] Allocated by task 141: [ 18.127365] kasan_save_stack+0x3c/0x68 [ 18.127411] kasan_save_track+0x20/0x40 [ 18.127472] kasan_save_alloc_info+0x40/0x58 [ 18.127823] __kasan_kmalloc+0xd4/0xd8 [ 18.127882] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 18.127979] kmalloc_node_oob_right+0xbc/0x330 [ 18.128618] kunit_try_run_case+0x170/0x3f0 [ 18.128669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.128716] kthread+0x328/0x630 [ 18.128751] ret_from_fork+0x10/0x20 [ 18.128788] [ 18.128810] The buggy address belongs to the object at fff00000c7718000 [ 18.128810] which belongs to the cache kmalloc-4k of size 4096 [ 18.128874] The buggy address is located 0 bytes to the right of [ 18.128874] allocated 4096-byte region [fff00000c7718000, fff00000c7719000) [ 18.128944] [ 18.128970] The buggy address belongs to the physical page: [ 18.129057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107718 [ 18.129461] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.129602] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.129787] page_type: f5(slab) [ 18.129835] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.129973] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.130241] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.130399] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.130503] head: 0bfffe0000000003 ffffc1ffc31dc601 00000000ffffffff 00000000ffffffff [ 18.130587] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.130658] page dumped because: kasan: bad access detected [ 18.130856] [ 18.130889] Memory state around the buggy address: [ 18.130928] fff00000c7718f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.131055] fff00000c7718f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.131159] >fff00000c7719000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.131202] ^ [ 18.131232] fff00000c7719080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.131278] fff00000c7719100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.131320] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 18.113168] ================================================================== [ 18.113264] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 18.113778] Read of size 1 at addr fff00000c5d4d99f by task kunit_try_catch/139 [ 18.113859] [ 18.113906] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.114428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.114521] Hardware name: linux,dummy-virt (DT) [ 18.114672] Call trace: [ 18.114734] show_stack+0x20/0x38 (C) [ 18.114799] dump_stack_lvl+0x8c/0xd0 [ 18.114898] print_report+0x118/0x608 [ 18.114968] kasan_report+0xdc/0x128 [ 18.115064] __asan_report_load1_noabort+0x20/0x30 [ 18.115237] kmalloc_oob_left+0x2ec/0x320 [ 18.115316] kunit_try_run_case+0x170/0x3f0 [ 18.115497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.115730] kthread+0x328/0x630 [ 18.115875] ret_from_fork+0x10/0x20 [ 18.116006] [ 18.116150] Allocated by task 24: [ 18.116186] kasan_save_stack+0x3c/0x68 [ 18.116232] kasan_save_track+0x20/0x40 [ 18.116271] kasan_save_alloc_info+0x40/0x58 [ 18.116338] __kasan_kmalloc+0xd4/0xd8 [ 18.116377] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.116425] kvasprintf+0xe0/0x180 [ 18.116491] __kthread_create_on_node+0x16c/0x350 [ 18.116532] kthread_create_on_node+0xe4/0x130 [ 18.116571] create_worker+0x380/0x6b8 [ 18.116608] worker_thread+0x808/0xf38 [ 18.116644] kthread+0x328/0x630 [ 18.116677] ret_from_fork+0x10/0x20 [ 18.116871] [ 18.116926] The buggy address belongs to the object at fff00000c5d4d980 [ 18.116926] which belongs to the cache kmalloc-16 of size 16 [ 18.117044] The buggy address is located 19 bytes to the right of [ 18.117044] allocated 12-byte region [fff00000c5d4d980, fff00000c5d4d98c) [ 18.117240] [ 18.117365] The buggy address belongs to the physical page: [ 18.117500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d4d [ 18.117643] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.117790] page_type: f5(slab) [ 18.117991] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.118183] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.118263] page dumped because: kasan: bad access detected [ 18.118338] [ 18.118486] Memory state around the buggy address: [ 18.118555] fff00000c5d4d880: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 18.118625] fff00000c5d4d900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.118685] >fff00000c5d4d980: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 18.118792] ^ [ 18.118837] fff00000c5d4da00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.118912] fff00000c5d4da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.118984] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 18.081916] ================================================================== [ 18.082346] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 18.083332] Write of size 1 at addr fff00000c5d57e73 by task kunit_try_catch/137 [ 18.083481] [ 18.084385] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 18.084547] Tainted: [N]=TEST [ 18.084584] Hardware name: linux,dummy-virt (DT) [ 18.084824] Call trace: [ 18.085008] show_stack+0x20/0x38 (C) [ 18.085167] dump_stack_lvl+0x8c/0xd0 [ 18.085238] print_report+0x118/0x608 [ 18.085291] kasan_report+0xdc/0x128 [ 18.085346] __asan_report_store1_noabort+0x20/0x30 [ 18.085398] kmalloc_oob_right+0x5a4/0x660 [ 18.085447] kunit_try_run_case+0x170/0x3f0 [ 18.085502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.085562] kthread+0x328/0x630 [ 18.085609] ret_from_fork+0x10/0x20 [ 18.085779] [ 18.085821] Allocated by task 137: [ 18.085949] kasan_save_stack+0x3c/0x68 [ 18.086020] kasan_save_track+0x20/0x40 [ 18.086061] kasan_save_alloc_info+0x40/0x58 [ 18.086103] __kasan_kmalloc+0xd4/0xd8 [ 18.086173] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.086219] kmalloc_oob_right+0xb0/0x660 [ 18.086257] kunit_try_run_case+0x170/0x3f0 [ 18.086297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.086344] kthread+0x328/0x630 [ 18.086378] ret_from_fork+0x10/0x20 [ 18.086439] [ 18.086518] The buggy address belongs to the object at fff00000c5d57e00 [ 18.086518] which belongs to the cache kmalloc-128 of size 128 [ 18.086621] The buggy address is located 0 bytes to the right of [ 18.086621] allocated 115-byte region [fff00000c5d57e00, fff00000c5d57e73) [ 18.086696] [ 18.086786] The buggy address belongs to the physical page: [ 18.087007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d57 [ 18.087409] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.087888] page_type: f5(slab) [ 18.088237] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.088307] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.088422] page dumped because: kasan: bad access detected [ 18.088466] [ 18.088494] Memory state around the buggy address: [ 18.088727] fff00000c5d57d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.088799] fff00000c5d57d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.088859] >fff00000c5d57e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.088916] ^ [ 18.089004] fff00000c5d57e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.089051] fff00000c5d57f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.089118] ================================================================== [ 18.090209] ================================================================== [ 18.090260] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 18.090317] Write of size 1 at addr fff00000c5d57e78 by task kunit_try_catch/137 [ 18.090396] [ 18.090434] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.090532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.090562] Hardware name: linux,dummy-virt (DT) [ 18.090604] Call trace: [ 18.090628] show_stack+0x20/0x38 (C) [ 18.090681] dump_stack_lvl+0x8c/0xd0 [ 18.090732] print_report+0x118/0x608 [ 18.090781] kasan_report+0xdc/0x128 [ 18.090838] __asan_report_store1_noabort+0x20/0x30 [ 18.090909] kmalloc_oob_right+0x538/0x660 [ 18.090959] kunit_try_run_case+0x170/0x3f0 [ 18.091010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.091076] kthread+0x328/0x630 [ 18.093579] ret_from_fork+0x10/0x20 [ 18.093660] [ 18.093680] Allocated by task 137: [ 18.093710] kasan_save_stack+0x3c/0x68 [ 18.093755] kasan_save_track+0x20/0x40 [ 18.093795] kasan_save_alloc_info+0x40/0x58 [ 18.093836] __kasan_kmalloc+0xd4/0xd8 [ 18.093873] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.093914] kmalloc_oob_right+0xb0/0x660 [ 18.093951] kunit_try_run_case+0x170/0x3f0 [ 18.093991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.094037] kthread+0x328/0x630 [ 18.094070] ret_from_fork+0x10/0x20 [ 18.094107] [ 18.094127] The buggy address belongs to the object at fff00000c5d57e00 [ 18.094127] which belongs to the cache kmalloc-128 of size 128 [ 18.094680] The buggy address is located 5 bytes to the right of [ 18.094680] allocated 115-byte region [fff00000c5d57e00, fff00000c5d57e73) [ 18.094800] [ 18.094911] The buggy address belongs to the physical page: [ 18.094947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d57 [ 18.095010] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.095064] page_type: f5(slab) [ 18.095109] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.095174] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.095218] page dumped because: kasan: bad access detected [ 18.095282] [ 18.095301] Memory state around the buggy address: [ 18.095336] fff00000c5d57d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.095383] fff00000c5d57d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.095429] >fff00000c5d57e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.095469] ^ [ 18.095511] fff00000c5d57e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.095556] fff00000c5d57f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.095597] ================================================================== [ 18.095940] ================================================================== [ 18.096019] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 18.096071] Read of size 1 at addr fff00000c5d57e80 by task kunit_try_catch/137 [ 18.096124] [ 18.096172] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.096262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.096331] Hardware name: linux,dummy-virt (DT) [ 18.096367] Call trace: [ 18.096389] show_stack+0x20/0x38 (C) [ 18.096440] dump_stack_lvl+0x8c/0xd0 [ 18.096492] print_report+0x118/0x608 [ 18.096542] kasan_report+0xdc/0x128 [ 18.096590] __asan_report_load1_noabort+0x20/0x30 [ 18.096643] kmalloc_oob_right+0x5d0/0x660 [ 18.096691] kunit_try_run_case+0x170/0x3f0 [ 18.096740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.096826] kthread+0x328/0x630 [ 18.096889] ret_from_fork+0x10/0x20 [ 18.096970] [ 18.097006] Allocated by task 137: [ 18.097036] kasan_save_stack+0x3c/0x68 [ 18.097148] kasan_save_track+0x20/0x40 [ 18.097251] kasan_save_alloc_info+0x40/0x58 [ 18.097300] __kasan_kmalloc+0xd4/0xd8 [ 18.097338] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.097501] kmalloc_oob_right+0xb0/0x660 [ 18.097598] kunit_try_run_case+0x170/0x3f0 [ 18.097638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.097684] kthread+0x328/0x630 [ 18.097813] ret_from_fork+0x10/0x20 [ 18.097888] [ 18.097908] The buggy address belongs to the object at fff00000c5d57e00 [ 18.097908] which belongs to the cache kmalloc-128 of size 128 [ 18.098019] The buggy address is located 13 bytes to the right of [ 18.098019] allocated 115-byte region [fff00000c5d57e00, fff00000c5d57e73) [ 18.098116] [ 18.098188] The buggy address belongs to the physical page: [ 18.098222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d57 [ 18.098279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.098404] page_type: f5(slab) [ 18.098517] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.098572] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.098747] page dumped because: kasan: bad access detected [ 18.098804] [ 18.098823] Memory state around the buggy address: [ 18.098939] fff00000c5d57d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.099029] fff00000c5d57e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.099076] >fff00000c5d57e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.099162] ^ [ 18.099420] fff00000c5d57f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.099592] fff00000c5d57f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.099836] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 104.463152] WARNING: CPU: 0 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 104.464369] Modules linked in: [ 104.464599] CPU: 0 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 104.465010] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 104.465262] Hardware name: linux,dummy-virt (DT) [ 104.465481] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 104.465776] pc : intlog10+0x38/0x48 [ 104.465968] lr : intlog10_test+0xe4/0x200 [ 104.466228] sp : ffff800082227c10 [ 104.466584] x29: ffff800082227c90 x28: 0000000000000000 x27: 0000000000000000 [ 104.467415] x26: 1ffe000018c71dc1 x25: 0000000000000000 x24: ffff800082227ce0 [ 104.468340] x23: ffff800082227d00 x22: 0000000000000000 x21: 1ffff00010444f82 [ 104.469289] x20: ffff9bbfe5689840 x19: ffff800080087990 x18: 00000000f3d67a0e [ 104.470062] x17: 00000000523420b6 x16: 0000000009cbc981 x15: 000000006430666e [ 104.470867] x14: 00000000d7057e70 x13: 0000000000000005 x12: ffff7377fd2a3381 [ 104.471811] x11: 1ffff377fd2a3380 x10: ffff7377fd2a3380 x9 : ffff9bbfe2c3701c [ 104.472723] x8 : ffff9bbfe9519c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 104.473496] x5 : ffff700010444f82 x4 : 1ffff00010010f3a x3 : 1ffff377fcad1308 [ 104.474286] x2 : 1ffff377fcad1308 x1 : 0000000000000003 x0 : 0000000000000000 [ 104.475065] Call trace: [ 104.475448] intlog10+0x38/0x48 (P) [ 104.475897] kunit_try_run_case+0x170/0x3f0 [ 104.476490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 104.477058] kthread+0x328/0x630 [ 104.477465] ret_from_fork+0x10/0x20 [ 104.477867] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 104.411456] WARNING: CPU: 0 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 104.412741] Modules linked in: [ 104.413234] CPU: 0 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 104.414014] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 104.414250] Hardware name: linux,dummy-virt (DT) [ 104.414463] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 104.414756] pc : intlog2+0xd8/0xf8 [ 104.414942] lr : intlog2_test+0xe4/0x200 [ 104.415478] sp : ffff800082197c10 [ 104.416074] x29: ffff800082197c90 x28: 0000000000000000 x27: 0000000000000000 [ 104.416872] x26: 1ffe000018f093a1 x25: 0000000000000000 x24: ffff800082197ce0 [ 104.417618] x23: ffff800082197d00 x22: 0000000000000000 x21: 1ffff00010432f82 [ 104.417994] x20: ffff9bbfe5689740 x19: ffff800080087990 x18: 0000000078686181 [ 104.418414] x17: 00000000806a4e81 x16: fff00000c097583c x15: 00000000c8aa1b8f [ 104.418836] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e9cd x12: ffff7377fd2a3381 [ 104.419332] x11: 1ffff377fd2a3380 x10: ffff7377fd2a3380 x9 : ffff9bbfe2c3721c [ 104.419913] x8 : ffff9bbfe9519c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 104.421075] x5 : ffff700010432f82 x4 : 1ffff00010010f3a x3 : 1ffff377fcad12e8 [ 104.421773] x2 : 1ffff377fcad12e8 x1 : 0000000000000003 x0 : 0000000000000000 [ 104.422162] Call trace: [ 104.422314] intlog2+0xd8/0xf8 (P) [ 104.422518] kunit_try_run_case+0x170/0x3f0 [ 104.422736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 104.422986] kthread+0x328/0x630 [ 104.423482] ret_from_fork+0x10/0x20 [ 104.424378] ---[ end trace 0000000000000000 ]---