Date
July 4, 2025, 11:11 p.m.
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.198073] ================================================================== [ 20.198146] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.198210] Free of addr fff00000c76c4d01 by task kunit_try_catch/241 [ 20.198306] [ 20.198341] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.198421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.198448] Hardware name: linux,dummy-virt (DT) [ 20.198486] Call trace: [ 20.198569] show_stack+0x20/0x38 (C) [ 20.198620] dump_stack_lvl+0x8c/0xd0 [ 20.198687] print_report+0x118/0x608 [ 20.198850] kasan_report_invalid_free+0xc0/0xe8 [ 20.198932] check_slab_allocation+0xfc/0x108 [ 20.199235] __kasan_mempool_poison_object+0x78/0x150 [ 20.199370] mempool_free+0x28c/0x328 [ 20.199548] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.199739] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.199887] kunit_try_run_case+0x170/0x3f0 [ 20.199966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.200019] kthread+0x328/0x630 [ 20.200214] ret_from_fork+0x10/0x20 [ 20.200266] [ 20.200297] Allocated by task 241: [ 20.200329] kasan_save_stack+0x3c/0x68 [ 20.200591] kasan_save_track+0x20/0x40 [ 20.200691] kasan_save_alloc_info+0x40/0x58 [ 20.200812] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.200897] remove_element+0x130/0x1f8 [ 20.200994] mempool_alloc_preallocated+0x58/0xc0 [ 20.201083] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 20.201185] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.201313] kunit_try_run_case+0x170/0x3f0 [ 20.201410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.201555] kthread+0x328/0x630 [ 20.201610] ret_from_fork+0x10/0x20 [ 20.201645] [ 20.201835] The buggy address belongs to the object at fff00000c76c4d00 [ 20.201835] which belongs to the cache kmalloc-128 of size 128 [ 20.202026] The buggy address is located 1 bytes inside of [ 20.202026] 128-byte region [fff00000c76c4d00, fff00000c76c4d80) [ 20.202217] [ 20.202347] The buggy address belongs to the physical page: [ 20.202474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 20.202557] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.202727] page_type: f5(slab) [ 20.202813] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.202878] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.202918] page dumped because: kasan: bad access detected [ 20.202948] [ 20.202966] Memory state around the buggy address: [ 20.202997] fff00000c76c4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.203041] fff00000c76c4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.203366] >fff00000c76c4d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.203456] ^ [ 20.203615] fff00000c76c4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.203725] fff00000c76c4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.203866] ================================================================== [ 20.212329] ================================================================== [ 20.212427] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.212487] Free of addr fff00000c7830001 by task kunit_try_catch/243 [ 20.212625] [ 20.212681] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.212768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.212878] Hardware name: linux,dummy-virt (DT) [ 20.212912] Call trace: [ 20.212935] show_stack+0x20/0x38 (C) [ 20.212985] dump_stack_lvl+0x8c/0xd0 [ 20.213033] print_report+0x118/0x608 [ 20.213194] kasan_report_invalid_free+0xc0/0xe8 [ 20.213374] __kasan_mempool_poison_object+0xfc/0x150 [ 20.213454] mempool_free+0x28c/0x328 [ 20.213511] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.213651] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 20.213704] kunit_try_run_case+0x170/0x3f0 [ 20.213863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.213967] kthread+0x328/0x630 [ 20.214041] ret_from_fork+0x10/0x20 [ 20.214092] [ 20.214112] The buggy address belongs to the physical page: [ 20.214260] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107830 [ 20.214564] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.214629] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.214750] page_type: f8(unknown) [ 20.214859] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.214947] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.215099] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.215197] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.215285] head: 0bfffe0000000002 ffffc1ffc31e0c01 00000000ffffffff 00000000ffffffff [ 20.215332] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.215373] page dumped because: kasan: bad access detected [ 20.215656] [ 20.215741] Memory state around the buggy address: [ 20.215919] fff00000c782ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.216032] fff00000c782ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.216154] >fff00000c7830000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.216223] ^ [ 20.216317] fff00000c7830080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.216426] fff00000c7830100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.216492] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.189304] ================================================================== [ 20.189365] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.189422] Free of addr fff00000c77fc000 by task kunit_try_catch/239 [ 20.189465] [ 20.189498] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.189694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.189723] Hardware name: linux,dummy-virt (DT) [ 20.189900] Call trace: [ 20.190009] show_stack+0x20/0x38 (C) [ 20.190113] dump_stack_lvl+0x8c/0xd0 [ 20.190193] print_report+0x118/0x608 [ 20.190239] kasan_report_invalid_free+0xc0/0xe8 [ 20.190289] __kasan_mempool_poison_pages+0xe0/0xe8 [ 20.190356] mempool_free+0x24c/0x328 [ 20.190401] mempool_double_free_helper+0x150/0x2e8 [ 20.190457] mempool_page_alloc_double_free+0xbc/0x118 [ 20.190509] kunit_try_run_case+0x170/0x3f0 [ 20.190557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.190609] kthread+0x328/0x630 [ 20.190651] ret_from_fork+0x10/0x20 [ 20.190696] [ 20.190718] The buggy address belongs to the physical page: [ 20.190748] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077fc [ 20.190995] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.191138] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.191315] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.191356] page dumped because: kasan: bad access detected [ 20.191387] [ 20.191404] Memory state around the buggy address: [ 20.191474] fff00000c77fbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.191716] fff00000c77fbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.191801] >fff00000c77fc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.191864] ^ [ 20.191945] fff00000c77fc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.191987] fff00000c77fc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.192025] ================================================================== [ 20.174941] ================================================================== [ 20.174996] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.175049] Free of addr fff00000c77fc000 by task kunit_try_catch/237 [ 20.175089] [ 20.175240] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.175322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.175350] Hardware name: linux,dummy-virt (DT) [ 20.175586] Call trace: [ 20.175612] show_stack+0x20/0x38 (C) [ 20.175799] dump_stack_lvl+0x8c/0xd0 [ 20.176019] print_report+0x118/0x608 [ 20.176105] kasan_report_invalid_free+0xc0/0xe8 [ 20.176158] __kasan_mempool_poison_object+0x14c/0x150 [ 20.176293] mempool_free+0x28c/0x328 [ 20.176426] mempool_double_free_helper+0x150/0x2e8 [ 20.176784] mempool_kmalloc_large_double_free+0xc0/0x118 [ 20.177046] kunit_try_run_case+0x170/0x3f0 [ 20.177288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.177486] kthread+0x328/0x630 [ 20.177631] ret_from_fork+0x10/0x20 [ 20.177704] [ 20.177727] The buggy address belongs to the physical page: [ 20.177932] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077fc [ 20.178196] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.178381] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.178509] page_type: f8(unknown) [ 20.178933] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.179074] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.179151] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.179199] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.179248] head: 0bfffe0000000002 ffffc1ffc31dff01 00000000ffffffff 00000000ffffffff [ 20.179433] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.179599] page dumped because: kasan: bad access detected [ 20.179663] [ 20.179965] Memory state around the buggy address: [ 20.180344] fff00000c77fbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180410] fff00000c77fbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180483] >fff00000c77fc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180598] ^ [ 20.180676] fff00000c77fc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180736] fff00000c77fc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180775] ================================================================== [ 20.160632] ================================================================== [ 20.160713] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.160837] Free of addr fff00000c76c4900 by task kunit_try_catch/235 [ 20.160902] [ 20.160940] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.161020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.161071] Hardware name: linux,dummy-virt (DT) [ 20.161242] Call trace: [ 20.161300] show_stack+0x20/0x38 (C) [ 20.161624] dump_stack_lvl+0x8c/0xd0 [ 20.161719] print_report+0x118/0x608 [ 20.161831] kasan_report_invalid_free+0xc0/0xe8 [ 20.161911] check_slab_allocation+0xd4/0x108 [ 20.161977] __kasan_mempool_poison_object+0x78/0x150 [ 20.162030] mempool_free+0x28c/0x328 [ 20.162095] mempool_double_free_helper+0x150/0x2e8 [ 20.162175] mempool_kmalloc_double_free+0xc0/0x118 [ 20.162242] kunit_try_run_case+0x170/0x3f0 [ 20.162323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.162377] kthread+0x328/0x630 [ 20.162522] ret_from_fork+0x10/0x20 [ 20.162570] [ 20.162614] Allocated by task 235: [ 20.162788] kasan_save_stack+0x3c/0x68 [ 20.162911] kasan_save_track+0x20/0x40 [ 20.162989] kasan_save_alloc_info+0x40/0x58 [ 20.163127] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.163255] remove_element+0x130/0x1f8 [ 20.163438] mempool_alloc_preallocated+0x58/0xc0 [ 20.163566] mempool_double_free_helper+0x94/0x2e8 [ 20.163605] mempool_kmalloc_double_free+0xc0/0x118 [ 20.163646] kunit_try_run_case+0x170/0x3f0 [ 20.163844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.163885] kthread+0x328/0x630 [ 20.163920] ret_from_fork+0x10/0x20 [ 20.163964] [ 20.163983] Freed by task 235: [ 20.164011] kasan_save_stack+0x3c/0x68 [ 20.164323] kasan_save_track+0x20/0x40 [ 20.164604] kasan_save_free_info+0x4c/0x78 [ 20.164647] __kasan_mempool_poison_object+0xc0/0x150 [ 20.164690] mempool_free+0x28c/0x328 [ 20.164725] mempool_double_free_helper+0x100/0x2e8 [ 20.164765] mempool_kmalloc_double_free+0xc0/0x118 [ 20.164817] kunit_try_run_case+0x170/0x3f0 [ 20.165132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.165262] kthread+0x328/0x630 [ 20.165435] ret_from_fork+0x10/0x20 [ 20.165610] [ 20.165767] The buggy address belongs to the object at fff00000c76c4900 [ 20.165767] which belongs to the cache kmalloc-128 of size 128 [ 20.165927] The buggy address is located 0 bytes inside of [ 20.165927] 128-byte region [fff00000c76c4900, fff00000c76c4980) [ 20.165986] [ 20.166005] The buggy address belongs to the physical page: [ 20.166048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 20.166278] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.166351] page_type: f5(slab) [ 20.166461] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.166799] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.166993] page dumped because: kasan: bad access detected [ 20.167121] [ 20.167201] Memory state around the buggy address: [ 20.167351] fff00000c76c4800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.167396] fff00000c76c4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.167439] >fff00000c76c4900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.167478] ^ [ 20.167506] fff00000c76c4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.167547] fff00000c76c4a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.167585] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.600102] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 20.528783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 20.465786] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 20.441678] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 20.423871] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.377154] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.396482] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 95.017985] Internal error: Oops: 0000000096000005 [#1] SMP [ 95.029588] Modules linked in: [ 95.031714] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 95.033161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 95.033661] Hardware name: linux,dummy-virt (DT) [ 95.034271] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.035158] pc : kunit_test_null_dereference+0x70/0x170 [ 95.036047] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.036691] sp : ffff800081fb7d30 [ 95.037136] x29: ffff800081fb7d90 x28: 0000000000000000 x27: 0000000000000000 [ 95.038051] x26: 1ffe000018ee2ce1 x25: 0000000000000000 x24: 0000000000000004 [ 95.038896] x23: fff00000c771670c x22: ffffae9c21a241b8 x21: fff00000c1c5ba08 [ 95.039886] x20: 1ffff000103f6fa6 x19: ffff800080087990 x18: 00000000a74e8f73 [ 95.040675] x17: 0000000000000001 x16: fff00000da452d28 x15: fff00000ff616b08 [ 95.041459] x14: 0000000000018fff x13: 1ffe00001b48a589 x12: fffd80001928762c [ 95.042066] x11: 1ffe00001928762b x10: fffd80001928762b x9 : ffffae9c21a1b620 [ 95.042462] x8 : ffff800081fb7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 95.042797] x5 : ffff7000103f6fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 95.043719] x2 : dfff800000000000 x1 : fff00000c943a880 x0 : ffff800080087990 [ 95.044617] Call trace: [ 95.045003] kunit_test_null_dereference+0x70/0x170 (P) [ 95.045625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.046297] kthread+0x328/0x630 [ 95.046701] ret_from_fork+0x10/0x20 [ 95.047481] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 95.048379] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.460154] ================================================================== [ 51.460214] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 51.460214] [ 51.460300] Use-after-free read at 0x000000006df0a2f3 (in kfence-#149): [ 51.460356] test_krealloc+0x51c/0x830 [ 51.460401] kunit_try_run_case+0x170/0x3f0 [ 51.460448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.460493] kthread+0x328/0x630 [ 51.460534] ret_from_fork+0x10/0x20 [ 51.460574] [ 51.460598] kfence-#149: 0x000000006df0a2f3-0x00000000f0b7c56d, size=32, cache=kmalloc-32 [ 51.460598] [ 51.460651] allocated by task 337 on cpu 0 at 51.459503s (0.001144s ago): [ 51.460722] test_alloc+0x29c/0x628 [ 51.460764] test_krealloc+0xc0/0x830 [ 51.460819] kunit_try_run_case+0x170/0x3f0 [ 51.460860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.460903] kthread+0x328/0x630 [ 51.460942] ret_from_fork+0x10/0x20 [ 51.460982] [ 51.461005] freed by task 337 on cpu 0 at 51.459753s (0.001248s ago): [ 51.461069] krealloc_noprof+0x148/0x360 [ 51.461111] test_krealloc+0x1dc/0x830 [ 51.461149] kunit_try_run_case+0x170/0x3f0 [ 51.461188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.461233] kthread+0x328/0x630 [ 51.461268] ret_from_fork+0x10/0x20 [ 51.461308] [ 51.461352] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 51.461440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.461471] Hardware name: linux,dummy-virt (DT) [ 51.461508] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.379440] ================================================================== [ 51.379539] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.379539] [ 51.379638] Use-after-free read at 0x0000000064a5b94a (in kfence-#148): [ 51.379691] test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.379743] kunit_try_run_case+0x170/0x3f0 [ 51.379789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.379852] kthread+0x328/0x630 [ 51.379891] ret_from_fork+0x10/0x20 [ 51.379939] [ 51.379962] kfence-#148: 0x0000000064a5b94a-0x0000000051c3beca, size=32, cache=test [ 51.379962] [ 51.380016] allocated by task 335 on cpu 1 at 51.355231s (0.024780s ago): [ 51.380087] test_alloc+0x230/0x628 [ 51.380129] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 51.380172] kunit_try_run_case+0x170/0x3f0 [ 51.380212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.380255] kthread+0x328/0x630 [ 51.380291] ret_from_fork+0x10/0x20 [ 51.380329] [ 51.380352] freed by task 335 on cpu 1 at 51.355353s (0.024995s ago): [ 51.380408] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 51.380452] kunit_try_run_case+0x170/0x3f0 [ 51.380490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.380533] kthread+0x328/0x630 [ 51.380568] ret_from_fork+0x10/0x20 [ 51.380607] [ 51.380650] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 51.380738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.380767] Hardware name: linux,dummy-virt (DT) [ 51.380812] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 28.491213] ================================================================== [ 28.491369] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 28.491369] [ 28.491508] Invalid read at 0x0000000067cb4064: [ 28.491601] test_invalid_access+0xdc/0x1f0 [ 28.491681] kunit_try_run_case+0x170/0x3f0 [ 28.491755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.491846] kthread+0x328/0x630 [ 28.491922] ret_from_fork+0x10/0x20 [ 28.491999] [ 28.492071] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.492180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.492235] Hardware name: linux,dummy-virt (DT) [ 28.492297] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 28.263542] ================================================================== [ 28.263629] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.263629] [ 28.263692] Corrupted memory at 0x000000008c863f3b [ ! . . . . . . . . . . . . . . . ] (in kfence-#144): [ 28.264022] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.264073] kunit_try_run_case+0x170/0x3f0 [ 28.264118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.264162] kthread+0x328/0x630 [ 28.264201] ret_from_fork+0x10/0x20 [ 28.264241] [ 28.264265] kfence-#144: 0x00000000263abe8d-0x000000004e423e3f, size=73, cache=kmalloc-96 [ 28.264265] [ 28.264321] allocated by task 325 on cpu 1 at 28.263305s (0.001012s ago): [ 28.264382] test_alloc+0x29c/0x628 [ 28.264424] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 28.264466] kunit_try_run_case+0x170/0x3f0 [ 28.264507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.264550] kthread+0x328/0x630 [ 28.264585] ret_from_fork+0x10/0x20 [ 28.264625] [ 28.264649] freed by task 325 on cpu 1 at 28.263445s (0.001200s ago): [ 28.264710] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.264753] kunit_try_run_case+0x170/0x3f0 [ 28.264791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.264845] kthread+0x328/0x630 [ 28.264880] ret_from_fork+0x10/0x20 [ 28.264920] [ 28.264964] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.265042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.265072] Hardware name: linux,dummy-virt (DT) [ 28.265106] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 28.159623] ================================================================== [ 28.159720] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.159720] [ 28.159838] Out-of-bounds read at 0x00000000ecf43355 (105B right of kfence-#143): [ 28.159907] test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.159957] kunit_try_run_case+0x170/0x3f0 [ 28.160003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.160047] kthread+0x328/0x630 [ 28.160088] ret_from_fork+0x10/0x20 [ 28.160129] [ 28.160153] kfence-#143: 0x00000000831f0400-0x000000006c4ccbd5, size=73, cache=kmalloc-96 [ 28.160153] [ 28.160206] allocated by task 323 on cpu 0 at 28.159358s (0.000844s ago): [ 28.160280] test_alloc+0x29c/0x628 [ 28.160321] test_kmalloc_aligned_oob_read+0x100/0x468 [ 28.160375] kunit_try_run_case+0x170/0x3f0 [ 28.160416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.160459] kthread+0x328/0x630 [ 28.160496] ret_from_fork+0x10/0x20 [ 28.160536] [ 28.160582] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.160662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.160692] Hardware name: linux,dummy-virt (DT) [ 28.160727] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 23.271634] ================================================================== [ 23.271724] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 23.271724] [ 23.271785] Corrupted memory at 0x0000000064acca27 [ ! ] (in kfence-#96): [ 23.271933] test_corruption+0x284/0x378 [ 23.271983] kunit_try_run_case+0x170/0x3f0 [ 23.272025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.272069] kthread+0x328/0x630 [ 23.272109] ret_from_fork+0x10/0x20 [ 23.272149] [ 23.272171] kfence-#96: 0x0000000058ba94c9-0x000000008507afef, size=32, cache=kmalloc-32 [ 23.272171] [ 23.272226] allocated by task 311 on cpu 1 at 23.271360s (0.000863s ago): [ 23.272286] test_alloc+0x29c/0x628 [ 23.272326] test_corruption+0x198/0x378 [ 23.272367] kunit_try_run_case+0x170/0x3f0 [ 23.272405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.272449] kthread+0x328/0x630 [ 23.272485] ret_from_fork+0x10/0x20 [ 23.272522] [ 23.272545] freed by task 311 on cpu 1 at 23.271464s (0.001077s ago): [ 23.272604] test_corruption+0x284/0x378 [ 23.272645] kunit_try_run_case+0x170/0x3f0 [ 23.272683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.272725] kthread+0x328/0x630 [ 23.272762] ret_from_fork+0x10/0x20 [ 23.272800] [ 23.272851] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.272926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.272954] Hardware name: linux,dummy-virt (DT) [ 23.272989] ================================================================== [ 23.583560] ================================================================== [ 23.583649] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.583649] [ 23.583710] Corrupted memory at 0x0000000009c28dc2 [ ! ] (in kfence-#99): [ 23.583837] test_corruption+0x1d8/0x378 [ 23.583884] kunit_try_run_case+0x170/0x3f0 [ 23.583938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.583983] kthread+0x328/0x630 [ 23.584024] ret_from_fork+0x10/0x20 [ 23.584062] [ 23.584085] kfence-#99: 0x0000000008e7c7b8-0x0000000090cd98d8, size=32, cache=test [ 23.584085] [ 23.584137] allocated by task 313 on cpu 1 at 23.583415s (0.000719s ago): [ 23.584198] test_alloc+0x230/0x628 [ 23.584239] test_corruption+0x198/0x378 [ 23.584280] kunit_try_run_case+0x170/0x3f0 [ 23.584319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.584362] kthread+0x328/0x630 [ 23.584397] ret_from_fork+0x10/0x20 [ 23.584436] [ 23.584458] freed by task 313 on cpu 1 at 23.583476s (0.000979s ago): [ 23.584518] test_corruption+0x1d8/0x378 [ 23.584557] kunit_try_run_case+0x170/0x3f0 [ 23.584597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.584642] kthread+0x328/0x630 [ 23.584677] ret_from_fork+0x10/0x20 [ 23.584716] [ 23.584757] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.584841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.584871] Hardware name: linux,dummy-virt (DT) [ 23.584906] ================================================================== [ 23.063597] ================================================================== [ 23.063689] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 23.063689] [ 23.063752] Corrupted memory at 0x00000000ce5b419c [ ! . . . . . . . . . . . . . . . ] (in kfence-#94): [ 23.064080] test_corruption+0x278/0x378 [ 23.064130] kunit_try_run_case+0x170/0x3f0 [ 23.064173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.064219] kthread+0x328/0x630 [ 23.064257] ret_from_fork+0x10/0x20 [ 23.064296] [ 23.064320] kfence-#94: 0x00000000506c4552-0x0000000057ccfa03, size=32, cache=kmalloc-32 [ 23.064320] [ 23.064375] allocated by task 311 on cpu 1 at 23.063393s (0.000978s ago): [ 23.064437] test_alloc+0x29c/0x628 [ 23.064478] test_corruption+0xdc/0x378 [ 23.064519] kunit_try_run_case+0x170/0x3f0 [ 23.064560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.064603] kthread+0x328/0x630 [ 23.064638] ret_from_fork+0x10/0x20 [ 23.064677] [ 23.064700] freed by task 311 on cpu 1 at 23.063505s (0.001192s ago): [ 23.064760] test_corruption+0x278/0x378 [ 23.064800] kunit_try_run_case+0x170/0x3f0 [ 23.064850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.064894] kthread+0x328/0x630 [ 23.064930] ret_from_fork+0x10/0x20 [ 23.064969] [ 23.065013] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.065091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.065120] Hardware name: linux,dummy-virt (DT) [ 23.065157] ================================================================== [ 23.479523] ================================================================== [ 23.479616] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 23.479616] [ 23.479680] Corrupted memory at 0x000000002ab86a03 [ ! . . . . . . . . . . . . . . . ] (in kfence-#98): [ 23.480010] test_corruption+0x120/0x378 [ 23.480059] kunit_try_run_case+0x170/0x3f0 [ 23.480104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480149] kthread+0x328/0x630 [ 23.480189] ret_from_fork+0x10/0x20 [ 23.480229] [ 23.480252] kfence-#98: 0x0000000054adf5dd-0x000000004df8406a, size=32, cache=test [ 23.480252] [ 23.480306] allocated by task 313 on cpu 1 at 23.479379s (0.000923s ago): [ 23.480367] test_alloc+0x230/0x628 [ 23.480408] test_corruption+0xdc/0x378 [ 23.480449] kunit_try_run_case+0x170/0x3f0 [ 23.480490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480533] kthread+0x328/0x630 [ 23.480570] ret_from_fork+0x10/0x20 [ 23.480608] [ 23.480631] freed by task 313 on cpu 1 at 23.479434s (0.001193s ago): [ 23.480691] test_corruption+0x120/0x378 [ 23.480730] kunit_try_run_case+0x170/0x3f0 [ 23.480769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480822] kthread+0x328/0x630 [ 23.480859] ret_from_fork+0x10/0x20 [ 23.480898] [ 23.480938] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.481014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.481042] Hardware name: linux,dummy-virt (DT) [ 23.481075] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.852300] ================================================================== [ 22.852409] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 22.852409] [ 22.852470] Invalid free of 0x00000000502d4b82 (in kfence-#92): [ 22.852531] test_invalid_addr_free+0x1ac/0x238 [ 22.852582] kunit_try_run_case+0x170/0x3f0 [ 22.852624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.852668] kthread+0x328/0x630 [ 22.852706] ret_from_fork+0x10/0x20 [ 22.852746] [ 22.852769] kfence-#92: 0x00000000efc2f8fb-0x000000005311292b, size=32, cache=kmalloc-32 [ 22.852769] [ 22.852846] allocated by task 307 on cpu 1 at 22.851947s (0.000886s ago): [ 22.852909] test_alloc+0x29c/0x628 [ 22.852950] test_invalid_addr_free+0xd4/0x238 [ 22.853001] kunit_try_run_case+0x170/0x3f0 [ 22.853042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.853093] kthread+0x328/0x630 [ 22.853130] ret_from_fork+0x10/0x20 [ 22.853169] [ 22.853212] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.853290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.853327] Hardware name: linux,dummy-virt (DT) [ 22.853364] ================================================================== [ 22.960868] ================================================================== [ 22.961004] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 22.961004] [ 22.961078] Invalid free of 0x000000008ca51b7e (in kfence-#93): [ 22.961149] test_invalid_addr_free+0xec/0x238 [ 22.961215] kunit_try_run_case+0x170/0x3f0 [ 22.961259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.961329] kthread+0x328/0x630 [ 22.961386] ret_from_fork+0x10/0x20 [ 22.961429] [ 22.961470] kfence-#93: 0x00000000a03ae1d7-0x00000000cc202154, size=32, cache=test [ 22.961470] [ 22.961611] allocated by task 309 on cpu 1 at 22.960738s (0.000823s ago): [ 22.961675] test_alloc+0x230/0x628 [ 22.961715] test_invalid_addr_free+0xd4/0x238 [ 22.961969] kunit_try_run_case+0x170/0x3f0 [ 22.962099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.962152] kthread+0x328/0x630 [ 22.962217] ret_from_fork+0x10/0x20 [ 22.962260] [ 22.962305] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.962539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.962594] Hardware name: linux,dummy-virt (DT) [ 22.962647] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 22.747862] ================================================================== [ 22.747978] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 22.747978] [ 22.748070] Invalid free of 0x00000000a56615b3 (in kfence-#91): [ 22.748122] test_double_free+0x100/0x238 [ 22.748193] kunit_try_run_case+0x170/0x3f0 [ 22.748236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.748315] kthread+0x328/0x630 [ 22.748372] ret_from_fork+0x10/0x20 [ 22.748411] [ 22.748435] kfence-#91: 0x00000000a56615b3-0x00000000751db6c3, size=32, cache=test [ 22.748435] [ 22.748490] allocated by task 305 on cpu 1 at 22.747582s (0.000900s ago): [ 22.748552] test_alloc+0x230/0x628 [ 22.748591] test_double_free+0xd4/0x238 [ 22.748763] kunit_try_run_case+0x170/0x3f0 [ 22.748827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.748872] kthread+0x328/0x630 [ 22.748907] ret_from_fork+0x10/0x20 [ 22.748982] [ 22.749023] freed by task 305 on cpu 1 at 22.747639s (0.001379s ago): [ 22.749091] test_double_free+0xf0/0x238 [ 22.749147] kunit_try_run_case+0x170/0x3f0 [ 22.749188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.749231] kthread+0x328/0x630 [ 22.749349] ret_from_fork+0x10/0x20 [ 22.749452] [ 22.749495] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.749594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.749660] Hardware name: linux,dummy-virt (DT) [ 22.749696] ================================================================== [ 22.644533] ================================================================== [ 22.645257] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 22.645257] [ 22.647667] Invalid free of 0x00000000251c4c2f (in kfence-#90): [ 22.647773] test_double_free+0x1bc/0x238 [ 22.647838] kunit_try_run_case+0x170/0x3f0 [ 22.647884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.647930] kthread+0x328/0x630 [ 22.647970] ret_from_fork+0x10/0x20 [ 22.648008] [ 22.648032] kfence-#90: 0x00000000251c4c2f-0x00000000e351b751, size=32, cache=kmalloc-32 [ 22.648032] [ 22.648084] allocated by task 303 on cpu 1 at 22.644171s (0.003910s ago): [ 22.648146] test_alloc+0x29c/0x628 [ 22.648188] test_double_free+0xd4/0x238 [ 22.648227] kunit_try_run_case+0x170/0x3f0 [ 22.648269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.648310] kthread+0x328/0x630 [ 22.648346] ret_from_fork+0x10/0x20 [ 22.648384] [ 22.648407] freed by task 303 on cpu 1 at 22.644234s (0.004170s ago): [ 22.648469] test_double_free+0x1ac/0x238 [ 22.648509] kunit_try_run_case+0x170/0x3f0 [ 22.648549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.648591] kthread+0x328/0x630 [ 22.648628] ret_from_fork+0x10/0x20 [ 22.648666] [ 22.648709] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.648788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.648826] Hardware name: linux,dummy-virt (DT) [ 22.648862] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 22.215850] ================================================================== [ 22.215961] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.215961] [ 22.216060] Use-after-free read at 0x00000000bc2391a5 (in kfence-#86): [ 22.216760] test_use_after_free_read+0x114/0x248 [ 22.217076] kunit_try_run_case+0x170/0x3f0 [ 22.217215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.217267] kthread+0x328/0x630 [ 22.217307] ret_from_fork+0x10/0x20 [ 22.217348] [ 22.217686] kfence-#86: 0x00000000bc2391a5-0x000000008ed0e063, size=32, cache=kmalloc-32 [ 22.217686] [ 22.217912] allocated by task 295 on cpu 1 at 22.215463s (0.002357s ago): [ 22.218124] test_alloc+0x29c/0x628 [ 22.218174] test_use_after_free_read+0xd0/0x248 [ 22.218543] kunit_try_run_case+0x170/0x3f0 [ 22.218610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.218657] kthread+0x328/0x630 [ 22.218989] ret_from_fork+0x10/0x20 [ 22.219152] [ 22.219363] freed by task 295 on cpu 1 at 22.215579s (0.003744s ago): [ 22.219602] test_use_after_free_read+0x1c0/0x248 [ 22.219672] kunit_try_run_case+0x170/0x3f0 [ 22.219712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.220570] kthread+0x328/0x630 [ 22.220815] ret_from_fork+0x10/0x20 [ 22.220861] [ 22.221255] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.221466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.221714] Hardware name: linux,dummy-virt (DT) [ 22.222039] ================================================================== [ 22.324361] ================================================================== [ 22.324436] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.324436] [ 22.324935] Use-after-free read at 0x000000003e14ec0c (in kfence-#87): [ 22.325070] test_use_after_free_read+0x114/0x248 [ 22.325218] kunit_try_run_case+0x170/0x3f0 [ 22.325297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.325484] kthread+0x328/0x630 [ 22.325721] ret_from_fork+0x10/0x20 [ 22.325781] [ 22.325834] kfence-#87: 0x000000003e14ec0c-0x000000008b8ec671, size=32, cache=test [ 22.325834] [ 22.326129] allocated by task 297 on cpu 1 at 22.324093s (0.002031s ago): [ 22.326513] test_alloc+0x230/0x628 [ 22.326593] test_use_after_free_read+0xd0/0x248 [ 22.326726] kunit_try_run_case+0x170/0x3f0 [ 22.326883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.326930] kthread+0x328/0x630 [ 22.327050] ret_from_fork+0x10/0x20 [ 22.327091] [ 22.327114] freed by task 297 on cpu 1 at 22.324155s (0.002956s ago): [ 22.327228] test_use_after_free_read+0xf0/0x248 [ 22.327273] kunit_try_run_case+0x170/0x3f0 [ 22.327648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.327836] kthread+0x328/0x630 [ 22.328007] ret_from_fork+0x10/0x20 [ 22.328163] [ 22.328227] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.328670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.328777] Hardware name: linux,dummy-virt (DT) [ 22.328848] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 22.004577] ================================================================== [ 22.004658] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.004658] [ 22.004779] Out-of-bounds write at 0x000000001a1ab30a (1B left of kfence-#84): [ 22.005019] test_out_of_bounds_write+0x100/0x240 [ 22.005224] kunit_try_run_case+0x170/0x3f0 [ 22.005276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.005540] kthread+0x328/0x630 [ 22.005698] ret_from_fork+0x10/0x20 [ 22.005851] [ 22.005880] kfence-#84: 0x0000000026976af1-0x000000006a03fa1d, size=32, cache=kmalloc-32 [ 22.005880] [ 22.005984] allocated by task 291 on cpu 1 at 22.004276s (0.001656s ago): [ 22.006063] test_alloc+0x29c/0x628 [ 22.006424] test_out_of_bounds_write+0xc8/0x240 [ 22.006493] kunit_try_run_case+0x170/0x3f0 [ 22.006649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.006760] kthread+0x328/0x630 [ 22.006943] ret_from_fork+0x10/0x20 [ 22.007110] [ 22.007160] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.007247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.007277] Hardware name: linux,dummy-virt (DT) [ 22.007312] ================================================================== [ 22.107701] ================================================================== [ 22.107846] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.107846] [ 22.107980] Out-of-bounds write at 0x00000000379cc138 (1B left of kfence-#85): [ 22.108135] test_out_of_bounds_write+0x100/0x240 [ 22.108208] kunit_try_run_case+0x170/0x3f0 [ 22.108261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.108533] kthread+0x328/0x630 [ 22.108596] ret_from_fork+0x10/0x20 [ 22.108706] [ 22.108763] kfence-#85: 0x000000000144e235-0x0000000068a85069, size=32, cache=test [ 22.108763] [ 22.109023] allocated by task 293 on cpu 1 at 22.107604s (0.001329s ago): [ 22.109142] test_alloc+0x230/0x628 [ 22.109186] test_out_of_bounds_write+0xc8/0x240 [ 22.109295] kunit_try_run_case+0x170/0x3f0 [ 22.109379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.109634] kthread+0x328/0x630 [ 22.109710] ret_from_fork+0x10/0x20 [ 22.109846] [ 22.109977] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.110067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.110115] Hardware name: linux,dummy-virt (DT) [ 22.110157] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.680952] ================================================================== [ 21.681036] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.681036] [ 21.681557] Out-of-bounds read at 0x0000000083c634b7 (1B left of kfence-#81): [ 21.681695] test_out_of_bounds_read+0x114/0x3e0 [ 21.681760] kunit_try_run_case+0x170/0x3f0 [ 21.682047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.682165] kthread+0x328/0x630 [ 21.682224] ret_from_fork+0x10/0x20 [ 21.682306] [ 21.682372] kfence-#81: 0x00000000d540ca7f-0x000000001a051b05, size=32, cache=test [ 21.682372] [ 21.682616] allocated by task 289 on cpu 1 at 21.680724s (0.001741s ago): [ 21.682902] test_alloc+0x230/0x628 [ 21.683137] test_out_of_bounds_read+0xdc/0x3e0 [ 21.683191] kunit_try_run_case+0x170/0x3f0 [ 21.683243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.683861] kthread+0x328/0x630 [ 21.684072] ret_from_fork+0x10/0x20 [ 21.684353] [ 21.684424] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.684948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.685186] Hardware name: linux,dummy-virt (DT) [ 21.685389] ================================================================== [ 21.464707] ================================================================== [ 21.464795] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.464795] [ 21.465039] Out-of-bounds read at 0x000000003ffb1c37 (32B right of kfence-#79): [ 21.465120] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.465575] kunit_try_run_case+0x170/0x3f0 [ 21.465839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.466191] kthread+0x328/0x630 [ 21.466317] ret_from_fork+0x10/0x20 [ 21.466399] [ 21.466476] kfence-#79: 0x00000000e1da2280-0x000000009b2780d7, size=32, cache=kmalloc-32 [ 21.466476] [ 21.466817] allocated by task 287 on cpu 1 at 21.464103s (0.002424s ago): [ 21.466905] test_alloc+0x29c/0x628 [ 21.467018] test_out_of_bounds_read+0x198/0x3e0 [ 21.467268] kunit_try_run_case+0x170/0x3f0 [ 21.467447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.467567] kthread+0x328/0x630 [ 21.467868] ret_from_fork+0x10/0x20 [ 21.468072] [ 21.468148] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.468395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.468492] Hardware name: linux,dummy-virt (DT) [ 21.468913] ================================================================== [ 21.357146] ================================================================== [ 21.357584] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.357584] [ 21.358070] Out-of-bounds read at 0x00000000666665c8 (1B left of kfence-#78): [ 21.358182] test_out_of_bounds_read+0x114/0x3e0 [ 21.358611] kunit_try_run_case+0x170/0x3f0 [ 21.358879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.359098] kthread+0x328/0x630 [ 21.359219] ret_from_fork+0x10/0x20 [ 21.359260] [ 21.359451] kfence-#78: 0x00000000dfe85350-0x000000007b97a766, size=32, cache=kmalloc-32 [ 21.359451] [ 21.359996] allocated by task 287 on cpu 1 at 21.355659s (0.004299s ago): [ 21.360098] test_alloc+0x29c/0x628 [ 21.360580] test_out_of_bounds_read+0xdc/0x3e0 [ 21.360709] kunit_try_run_case+0x170/0x3f0 [ 21.360893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.361138] kthread+0x328/0x630 [ 21.361210] ret_from_fork+0x10/0x20 [ 21.361959] [ 21.362171] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.362564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.362820] Hardware name: linux,dummy-virt (DT) [ 21.362929] ================================================================== [ 21.897693] ================================================================== [ 21.898073] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.898073] [ 21.898174] Out-of-bounds read at 0x0000000026246c35 (32B right of kfence-#83): [ 21.898442] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.898555] kunit_try_run_case+0x170/0x3f0 [ 21.898722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.898877] kthread+0x328/0x630 [ 21.899116] ret_from_fork+0x10/0x20 [ 21.899173] [ 21.899231] kfence-#83: 0x00000000df48f921-0x000000003d8eadac, size=32, cache=test [ 21.899231] [ 21.899308] allocated by task 289 on cpu 1 at 21.897352s (0.001937s ago): [ 21.899401] test_alloc+0x230/0x628 [ 21.899449] test_out_of_bounds_read+0x198/0x3e0 [ 21.899498] kunit_try_run_case+0x170/0x3f0 [ 21.899536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.899627] kthread+0x328/0x630 [ 21.899667] ret_from_fork+0x10/0x20 [ 21.899815] [ 21.899890] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.900080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.900307] Hardware name: linux,dummy-virt (DT) [ 21.900652] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 17.755117] ================================================================== [ 17.755972] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x224/0x488 [ 17.755972] [ 17.756106] Corrupted memory at 0x0000000059ce069f [ ! . . . . . . . ] (in kfence-#52): [ 17.760295] kmalloc_track_caller_oob_right+0x224/0x488 [ 17.760366] kunit_try_run_case+0x170/0x3f0 [ 17.760412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.760473] kthread+0x328/0x630 [ 17.760508] ret_from_fork+0x10/0x20 [ 17.760565] [ 17.760766] kfence-#52: 0x00000000bd021e51-0x0000000045c62ec1, size=120, cache=kmalloc-128 [ 17.760766] [ 17.762312] allocated by task 142 on cpu 0 at 17.752720s (0.009191s ago): [ 17.763111] kmalloc_track_caller_oob_right+0x184/0x488 [ 17.763394] kunit_try_run_case+0x170/0x3f0 [ 17.763535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.763597] kthread+0x328/0x630 [ 17.763630] ret_from_fork+0x10/0x20 [ 17.764250] [ 17.764779] freed by task 142 on cpu 0 at 17.754183s (0.010363s ago): [ 17.765232] kmalloc_track_caller_oob_right+0x224/0x488 [ 17.765320] kunit_try_run_case+0x170/0x3f0 [ 17.765506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.765729] kthread+0x328/0x630 [ 17.765793] ret_from_fork+0x10/0x20 [ 17.766255] [ 17.766457] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.766649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.766677] Hardware name: linux,dummy-virt (DT) [ 17.767093] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 21.148061] ================================================================== [ 21.148115] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 21.148170] Write of size 1 at addr fff00000c6f35278 by task kunit_try_catch/285 [ 21.148220] [ 21.149614] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.149733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.149873] Hardware name: linux,dummy-virt (DT) [ 21.150199] Call trace: [ 21.150243] show_stack+0x20/0x38 (C) [ 21.150296] dump_stack_lvl+0x8c/0xd0 [ 21.150349] print_report+0x118/0x608 [ 21.150452] kasan_report+0xdc/0x128 [ 21.150787] __asan_report_store1_noabort+0x20/0x30 [ 21.150866] strncpy_from_user+0x270/0x2a0 [ 21.150918] copy_user_test_oob+0x5c0/0xec8 [ 21.151313] kunit_try_run_case+0x170/0x3f0 [ 21.151469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.151762] kthread+0x328/0x630 [ 21.152153] ret_from_fork+0x10/0x20 [ 21.152409] [ 21.152561] Allocated by task 285: [ 21.152909] kasan_save_stack+0x3c/0x68 [ 21.153164] kasan_save_track+0x20/0x40 [ 21.153565] kasan_save_alloc_info+0x40/0x58 [ 21.154055] __kasan_kmalloc+0xd4/0xd8 [ 21.154305] __kmalloc_noprof+0x198/0x4c8 [ 21.154417] kunit_kmalloc_array+0x34/0x88 [ 21.154458] copy_user_test_oob+0xac/0xec8 [ 21.154964] kunit_try_run_case+0x170/0x3f0 [ 21.155182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.155266] kthread+0x328/0x630 [ 21.155371] ret_from_fork+0x10/0x20 [ 21.155412] [ 21.155444] The buggy address belongs to the object at fff00000c6f35200 [ 21.155444] which belongs to the cache kmalloc-128 of size 128 [ 21.155525] The buggy address is located 0 bytes to the right of [ 21.155525] allocated 120-byte region [fff00000c6f35200, fff00000c6f35278) [ 21.155596] [ 21.155975] The buggy address belongs to the physical page: [ 21.156048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.156480] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.156561] page_type: f5(slab) [ 21.156902] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.157014] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.157303] page dumped because: kasan: bad access detected [ 21.157376] [ 21.157482] Memory state around the buggy address: [ 21.157529] fff00000c6f35100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.157840] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.158266] >fff00000c6f35200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.158382] ^ [ 21.158890] fff00000c6f35280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.159024] fff00000c6f35300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.159067] ================================================================== [ 21.140655] ================================================================== [ 21.140708] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 21.140765] Write of size 121 at addr fff00000c6f35200 by task kunit_try_catch/285 [ 21.140835] [ 21.140866] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.140945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.140973] Hardware name: linux,dummy-virt (DT) [ 21.141005] Call trace: [ 21.141056] show_stack+0x20/0x38 (C) [ 21.141107] dump_stack_lvl+0x8c/0xd0 [ 21.141156] print_report+0x118/0x608 [ 21.141204] kasan_report+0xdc/0x128 [ 21.141252] kasan_check_range+0x100/0x1a8 [ 21.141301] __kasan_check_write+0x20/0x30 [ 21.141427] strncpy_from_user+0x3c/0x2a0 [ 21.141479] copy_user_test_oob+0x5c0/0xec8 [ 21.141528] kunit_try_run_case+0x170/0x3f0 [ 21.141576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.141630] kthread+0x328/0x630 [ 21.141675] ret_from_fork+0x10/0x20 [ 21.141724] [ 21.141744] Allocated by task 285: [ 21.141790] kasan_save_stack+0x3c/0x68 [ 21.141851] kasan_save_track+0x20/0x40 [ 21.141997] kasan_save_alloc_info+0x40/0x58 [ 21.142039] __kasan_kmalloc+0xd4/0xd8 [ 21.142078] __kmalloc_noprof+0x198/0x4c8 [ 21.142792] kunit_kmalloc_array+0x34/0x88 [ 21.142871] copy_user_test_oob+0xac/0xec8 [ 21.142912] kunit_try_run_case+0x170/0x3f0 [ 21.143479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.143531] kthread+0x328/0x630 [ 21.143565] ret_from_fork+0x10/0x20 [ 21.143604] [ 21.143625] The buggy address belongs to the object at fff00000c6f35200 [ 21.143625] which belongs to the cache kmalloc-128 of size 128 [ 21.143685] The buggy address is located 0 bytes inside of [ 21.143685] allocated 120-byte region [fff00000c6f35200, fff00000c6f35278) [ 21.144538] [ 21.144616] The buggy address belongs to the physical page: [ 21.144652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.145083] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.145190] page_type: f5(slab) [ 21.145260] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.145576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.145630] page dumped because: kasan: bad access detected [ 21.145895] [ 21.146086] Memory state around the buggy address: [ 21.146153] fff00000c6f35100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.146238] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.146318] >fff00000c6f35200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.146636] ^ [ 21.146695] fff00000c6f35280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.147083] fff00000c6f35300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.147344] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 21.116139] ================================================================== [ 21.116199] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 21.116294] Write of size 121 at addr fff00000c6f35200 by task kunit_try_catch/285 [ 21.116398] [ 21.116475] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.116560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.116925] Hardware name: linux,dummy-virt (DT) [ 21.117021] Call trace: [ 21.117073] show_stack+0x20/0x38 (C) [ 21.117197] dump_stack_lvl+0x8c/0xd0 [ 21.117248] print_report+0x118/0x608 [ 21.117482] kasan_report+0xdc/0x128 [ 21.117550] kasan_check_range+0x100/0x1a8 [ 21.117618] __kasan_check_write+0x20/0x30 [ 21.117667] copy_user_test_oob+0x35c/0xec8 [ 21.117714] kunit_try_run_case+0x170/0x3f0 [ 21.117789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.117908] kthread+0x328/0x630 [ 21.117952] ret_from_fork+0x10/0x20 [ 21.118037] [ 21.118089] Allocated by task 285: [ 21.118373] kasan_save_stack+0x3c/0x68 [ 21.118487] kasan_save_track+0x20/0x40 [ 21.118547] kasan_save_alloc_info+0x40/0x58 [ 21.118592] __kasan_kmalloc+0xd4/0xd8 [ 21.118648] __kmalloc_noprof+0x198/0x4c8 [ 21.118714] kunit_kmalloc_array+0x34/0x88 [ 21.118781] copy_user_test_oob+0xac/0xec8 [ 21.118859] kunit_try_run_case+0x170/0x3f0 [ 21.118930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.119241] kthread+0x328/0x630 [ 21.119309] ret_from_fork+0x10/0x20 [ 21.119348] [ 21.119372] The buggy address belongs to the object at fff00000c6f35200 [ 21.119372] which belongs to the cache kmalloc-128 of size 128 [ 21.119522] The buggy address is located 0 bytes inside of [ 21.119522] allocated 120-byte region [fff00000c6f35200, fff00000c6f35278) [ 21.119650] [ 21.119739] The buggy address belongs to the physical page: [ 21.120053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.120225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.120336] page_type: f5(slab) [ 21.120424] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.120543] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.120661] page dumped because: kasan: bad access detected [ 21.120837] [ 21.120917] Memory state around the buggy address: [ 21.120978] fff00000c6f35100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.121023] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.121326] >fff00000c6f35200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.121409] ^ [ 21.121455] fff00000c6f35280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.121801] fff00000c6f35300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.122009] ================================================================== [ 21.128348] ================================================================== [ 21.128461] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 21.128515] Write of size 121 at addr fff00000c6f35200 by task kunit_try_catch/285 [ 21.128660] [ 21.128693] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.128885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.128983] Hardware name: linux,dummy-virt (DT) [ 21.129042] Call trace: [ 21.129068] show_stack+0x20/0x38 (C) [ 21.129156] dump_stack_lvl+0x8c/0xd0 [ 21.129390] print_report+0x118/0x608 [ 21.129560] kasan_report+0xdc/0x128 [ 21.129611] kasan_check_range+0x100/0x1a8 [ 21.129877] __kasan_check_write+0x20/0x30 [ 21.130039] copy_user_test_oob+0x434/0xec8 [ 21.130093] kunit_try_run_case+0x170/0x3f0 [ 21.130143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.130236] kthread+0x328/0x630 [ 21.130357] ret_from_fork+0x10/0x20 [ 21.130572] [ 21.130669] Allocated by task 285: [ 21.130748] kasan_save_stack+0x3c/0x68 [ 21.130815] kasan_save_track+0x20/0x40 [ 21.130861] kasan_save_alloc_info+0x40/0x58 [ 21.130912] __kasan_kmalloc+0xd4/0xd8 [ 21.130977] __kmalloc_noprof+0x198/0x4c8 [ 21.131090] kunit_kmalloc_array+0x34/0x88 [ 21.131206] copy_user_test_oob+0xac/0xec8 [ 21.131257] kunit_try_run_case+0x170/0x3f0 [ 21.131296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.131349] kthread+0x328/0x630 [ 21.131383] ret_from_fork+0x10/0x20 [ 21.131419] [ 21.131656] The buggy address belongs to the object at fff00000c6f35200 [ 21.131656] which belongs to the cache kmalloc-128 of size 128 [ 21.131869] The buggy address is located 0 bytes inside of [ 21.131869] allocated 120-byte region [fff00000c6f35200, fff00000c6f35278) [ 21.132081] [ 21.132476] The buggy address belongs to the physical page: [ 21.132590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.132855] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.133039] page_type: f5(slab) [ 21.133146] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.133199] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.133457] page dumped because: kasan: bad access detected [ 21.133534] [ 21.133695] Memory state around the buggy address: [ 21.133790] fff00000c6f35100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.133993] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.134364] >fff00000c6f35200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.134427] ^ [ 21.134472] fff00000c6f35280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.134715] fff00000c6f35300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.134867] ================================================================== [ 21.135692] ================================================================== [ 21.135743] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 21.135793] Read of size 121 at addr fff00000c6f35200 by task kunit_try_catch/285 [ 21.135872] [ 21.135906] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.135986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.136013] Hardware name: linux,dummy-virt (DT) [ 21.136044] Call trace: [ 21.136068] show_stack+0x20/0x38 (C) [ 21.136117] dump_stack_lvl+0x8c/0xd0 [ 21.136165] print_report+0x118/0x608 [ 21.136329] kasan_report+0xdc/0x128 [ 21.136392] kasan_check_range+0x100/0x1a8 [ 21.136503] __kasan_check_read+0x20/0x30 [ 21.136551] copy_user_test_oob+0x4a0/0xec8 [ 21.136835] kunit_try_run_case+0x170/0x3f0 [ 21.137032] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.137101] kthread+0x328/0x630 [ 21.137205] ret_from_fork+0x10/0x20 [ 21.137254] [ 21.137304] Allocated by task 285: [ 21.137370] kasan_save_stack+0x3c/0x68 [ 21.137414] kasan_save_track+0x20/0x40 [ 21.137470] kasan_save_alloc_info+0x40/0x58 [ 21.137542] __kasan_kmalloc+0xd4/0xd8 [ 21.137642] __kmalloc_noprof+0x198/0x4c8 [ 21.137683] kunit_kmalloc_array+0x34/0x88 [ 21.137720] copy_user_test_oob+0xac/0xec8 [ 21.137777] kunit_try_run_case+0x170/0x3f0 [ 21.137978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.138026] kthread+0x328/0x630 [ 21.138063] ret_from_fork+0x10/0x20 [ 21.138099] [ 21.138260] The buggy address belongs to the object at fff00000c6f35200 [ 21.138260] which belongs to the cache kmalloc-128 of size 128 [ 21.138400] The buggy address is located 0 bytes inside of [ 21.138400] allocated 120-byte region [fff00000c6f35200, fff00000c6f35278) [ 21.138467] [ 21.138563] The buggy address belongs to the physical page: [ 21.138621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.138734] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.138800] page_type: f5(slab) [ 21.138851] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.138904] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.139036] page dumped because: kasan: bad access detected [ 21.139069] [ 21.139091] Memory state around the buggy address: [ 21.139135] fff00000c6f35100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.139185] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.139230] >fff00000c6f35200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.139270] ^ [ 21.139313] fff00000c6f35280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.139357] fff00000c6f35300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.139397] ================================================================== [ 21.105473] ================================================================== [ 21.105535] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 21.105589] Read of size 121 at addr fff00000c6f35200 by task kunit_try_catch/285 [ 21.105641] [ 21.105674] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.105931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.105970] Hardware name: linux,dummy-virt (DT) [ 21.106001] Call trace: [ 21.106053] show_stack+0x20/0x38 (C) [ 21.106127] dump_stack_lvl+0x8c/0xd0 [ 21.106205] print_report+0x118/0x608 [ 21.106260] kasan_report+0xdc/0x128 [ 21.106307] kasan_check_range+0x100/0x1a8 [ 21.106358] __kasan_check_read+0x20/0x30 [ 21.106405] copy_user_test_oob+0x728/0xec8 [ 21.106636] kunit_try_run_case+0x170/0x3f0 [ 21.106733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.106846] kthread+0x328/0x630 [ 21.106950] ret_from_fork+0x10/0x20 [ 21.107205] [ 21.107231] Allocated by task 285: [ 21.107265] kasan_save_stack+0x3c/0x68 [ 21.107309] kasan_save_track+0x20/0x40 [ 21.107350] kasan_save_alloc_info+0x40/0x58 [ 21.107751] __kasan_kmalloc+0xd4/0xd8 [ 21.107923] __kmalloc_noprof+0x198/0x4c8 [ 21.108226] kunit_kmalloc_array+0x34/0x88 [ 21.108266] copy_user_test_oob+0xac/0xec8 [ 21.108524] kunit_try_run_case+0x170/0x3f0 [ 21.108703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.108850] kthread+0x328/0x630 [ 21.108886] ret_from_fork+0x10/0x20 [ 21.108936] [ 21.108966] The buggy address belongs to the object at fff00000c6f35200 [ 21.108966] which belongs to the cache kmalloc-128 of size 128 [ 21.109026] The buggy address is located 0 bytes inside of [ 21.109026] allocated 120-byte region [fff00000c6f35200, fff00000c6f35278) [ 21.109098] [ 21.109122] The buggy address belongs to the physical page: [ 21.109159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.109227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.109275] page_type: f5(slab) [ 21.109324] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.109402] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.109445] page dumped because: kasan: bad access detected [ 21.109480] [ 21.109509] Memory state around the buggy address: [ 21.109543] fff00000c6f35100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.109588] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.109633] >fff00000c6f35200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.109675] ^ [ 21.109716] fff00000c6f35280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.109781] fff00000c6f35300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.110369] ================================================================== [ 21.122912] ================================================================== [ 21.123048] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 21.123121] Read of size 121 at addr fff00000c6f35200 by task kunit_try_catch/285 [ 21.123255] [ 21.123432] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.123518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.123545] Hardware name: linux,dummy-virt (DT) [ 21.123614] Call trace: [ 21.123637] show_stack+0x20/0x38 (C) [ 21.123687] dump_stack_lvl+0x8c/0xd0 [ 21.123945] print_report+0x118/0x608 [ 21.124065] kasan_report+0xdc/0x128 [ 21.124190] kasan_check_range+0x100/0x1a8 [ 21.124324] __kasan_check_read+0x20/0x30 [ 21.124478] copy_user_test_oob+0x3c8/0xec8 [ 21.124546] kunit_try_run_case+0x170/0x3f0 [ 21.124597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.124649] kthread+0x328/0x630 [ 21.124696] ret_from_fork+0x10/0x20 [ 21.124748] [ 21.124788] Allocated by task 285: [ 21.124828] kasan_save_stack+0x3c/0x68 [ 21.124870] kasan_save_track+0x20/0x40 [ 21.124917] kasan_save_alloc_info+0x40/0x58 [ 21.124969] __kasan_kmalloc+0xd4/0xd8 [ 21.125016] __kmalloc_noprof+0x198/0x4c8 [ 21.125056] kunit_kmalloc_array+0x34/0x88 [ 21.125100] copy_user_test_oob+0xac/0xec8 [ 21.125140] kunit_try_run_case+0x170/0x3f0 [ 21.125178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.125225] kthread+0x328/0x630 [ 21.125270] ret_from_fork+0x10/0x20 [ 21.125321] [ 21.125352] The buggy address belongs to the object at fff00000c6f35200 [ 21.125352] which belongs to the cache kmalloc-128 of size 128 [ 21.125418] The buggy address is located 0 bytes inside of [ 21.125418] allocated 120-byte region [fff00000c6f35200, fff00000c6f35278) [ 21.125487] [ 21.125522] The buggy address belongs to the physical page: [ 21.125555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.125605] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.125653] page_type: f5(slab) [ 21.125711] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.125768] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.126453] page dumped because: kasan: bad access detected [ 21.126627] [ 21.126760] Memory state around the buggy address: [ 21.126838] fff00000c6f35100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.127126] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.127174] >fff00000c6f35200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.127215] ^ [ 21.127258] fff00000c6f35280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.127301] fff00000c6f35300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.127341] ================================================================== [ 21.095974] ================================================================== [ 21.096098] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 21.096236] Write of size 121 at addr fff00000c6f35200 by task kunit_try_catch/285 [ 21.096340] [ 21.096386] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.096601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.096637] Hardware name: linux,dummy-virt (DT) [ 21.096695] Call trace: [ 21.096786] show_stack+0x20/0x38 (C) [ 21.096908] dump_stack_lvl+0x8c/0xd0 [ 21.096981] print_report+0x118/0x608 [ 21.097055] kasan_report+0xdc/0x128 [ 21.097102] kasan_check_range+0x100/0x1a8 [ 21.097153] __kasan_check_write+0x20/0x30 [ 21.097339] copy_user_test_oob+0x234/0xec8 [ 21.097426] kunit_try_run_case+0x170/0x3f0 [ 21.097519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.097601] kthread+0x328/0x630 [ 21.097676] ret_from_fork+0x10/0x20 [ 21.097747] [ 21.097779] Allocated by task 285: [ 21.097822] kasan_save_stack+0x3c/0x68 [ 21.097877] kasan_save_track+0x20/0x40 [ 21.097916] kasan_save_alloc_info+0x40/0x58 [ 21.098113] __kasan_kmalloc+0xd4/0xd8 [ 21.098166] __kmalloc_noprof+0x198/0x4c8 [ 21.098211] kunit_kmalloc_array+0x34/0x88 [ 21.098314] copy_user_test_oob+0xac/0xec8 [ 21.098381] kunit_try_run_case+0x170/0x3f0 [ 21.098426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.098489] kthread+0x328/0x630 [ 21.098524] ret_from_fork+0x10/0x20 [ 21.098560] [ 21.098584] The buggy address belongs to the object at fff00000c6f35200 [ 21.098584] which belongs to the cache kmalloc-128 of size 128 [ 21.098827] The buggy address is located 0 bytes inside of [ 21.098827] allocated 120-byte region [fff00000c6f35200, fff00000c6f35278) [ 21.098903] [ 21.098943] The buggy address belongs to the physical page: [ 21.099082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.099216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.099350] page_type: f5(slab) [ 21.099395] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.099446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.099489] page dumped because: kasan: bad access detected [ 21.099636] [ 21.099662] Memory state around the buggy address: [ 21.099699] fff00000c6f35100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.099746] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.099791] >fff00000c6f35200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.099886] ^ [ 21.099977] fff00000c6f35280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.100030] fff00000c6f35300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.100118] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.042480] ================================================================== [ 21.042551] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 21.042986] Read of size 8 at addr fff00000c6f35178 by task kunit_try_catch/281 [ 21.043102] [ 21.043165] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.043408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.043465] Hardware name: linux,dummy-virt (DT) [ 21.043501] Call trace: [ 21.043656] show_stack+0x20/0x38 (C) [ 21.043719] dump_stack_lvl+0x8c/0xd0 [ 21.043996] print_report+0x118/0x608 [ 21.044437] kasan_report+0xdc/0x128 [ 21.044534] __asan_report_load8_noabort+0x20/0x30 [ 21.044656] copy_to_kernel_nofault+0x204/0x250 [ 21.044774] copy_to_kernel_nofault_oob+0x158/0x418 [ 21.045204] kunit_try_run_case+0x170/0x3f0 [ 21.045327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.045450] kthread+0x328/0x630 [ 21.045613] ret_from_fork+0x10/0x20 [ 21.045786] [ 21.045819] Allocated by task 281: [ 21.045859] kasan_save_stack+0x3c/0x68 [ 21.046063] kasan_save_track+0x20/0x40 [ 21.046240] kasan_save_alloc_info+0x40/0x58 [ 21.046378] __kasan_kmalloc+0xd4/0xd8 [ 21.046551] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.046647] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.046870] kunit_try_run_case+0x170/0x3f0 [ 21.046921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.047138] kthread+0x328/0x630 [ 21.047183] ret_from_fork+0x10/0x20 [ 21.047240] [ 21.047270] The buggy address belongs to the object at fff00000c6f35100 [ 21.047270] which belongs to the cache kmalloc-128 of size 128 [ 21.047721] The buggy address is located 0 bytes to the right of [ 21.047721] allocated 120-byte region [fff00000c6f35100, fff00000c6f35178) [ 21.047932] [ 21.048046] The buggy address belongs to the physical page: [ 21.048131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.048241] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.048314] page_type: f5(slab) [ 21.048539] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.048790] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.048918] page dumped because: kasan: bad access detected [ 21.049019] [ 21.049146] Memory state around the buggy address: [ 21.049227] fff00000c6f35000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.049292] fff00000c6f35080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.049669] >fff00000c6f35100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.049737] ^ [ 21.049865] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.049930] fff00000c6f35200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.050017] ================================================================== [ 21.052094] ================================================================== [ 21.052251] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 21.052315] Write of size 8 at addr fff00000c6f35178 by task kunit_try_catch/281 [ 21.052367] [ 21.052541] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.052634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.052664] Hardware name: linux,dummy-virt (DT) [ 21.052698] Call trace: [ 21.052721] show_stack+0x20/0x38 (C) [ 21.052775] dump_stack_lvl+0x8c/0xd0 [ 21.052841] print_report+0x118/0x608 [ 21.052890] kasan_report+0xdc/0x128 [ 21.052936] kasan_check_range+0x100/0x1a8 [ 21.052994] __kasan_check_write+0x20/0x30 [ 21.053042] copy_to_kernel_nofault+0x8c/0x250 [ 21.053091] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 21.053142] kunit_try_run_case+0x170/0x3f0 [ 21.053200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.053262] kthread+0x328/0x630 [ 21.053317] ret_from_fork+0x10/0x20 [ 21.053367] [ 21.053387] Allocated by task 281: [ 21.053416] kasan_save_stack+0x3c/0x68 [ 21.053458] kasan_save_track+0x20/0x40 [ 21.053496] kasan_save_alloc_info+0x40/0x58 [ 21.053538] __kasan_kmalloc+0xd4/0xd8 [ 21.053575] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.053616] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.053664] kunit_try_run_case+0x170/0x3f0 [ 21.053705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.053752] kthread+0x328/0x630 [ 21.053785] ret_from_fork+0x10/0x20 [ 21.054069] [ 21.054125] The buggy address belongs to the object at fff00000c6f35100 [ 21.054125] which belongs to the cache kmalloc-128 of size 128 [ 21.054426] The buggy address is located 0 bytes to the right of [ 21.054426] allocated 120-byte region [fff00000c6f35100, fff00000c6f35178) [ 21.054536] [ 21.054561] The buggy address belongs to the physical page: [ 21.054601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 21.054667] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.054918] page_type: f5(slab) [ 21.054976] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.055366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.055599] page dumped because: kasan: bad access detected [ 21.055765] [ 21.055950] Memory state around the buggy address: [ 21.056023] fff00000c6f35000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.056238] fff00000c6f35080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.056297] >fff00000c6f35100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.056339] ^ [ 21.056486] fff00000c6f35180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.056763] fff00000c6f35200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.057156] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 20.986132] ================================================================== [ 20.986457] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 20.986523] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 20.987494] [ 20.987861] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.988147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.988248] Hardware name: linux,dummy-virt (DT) [ 20.988366] Call trace: [ 20.988394] show_stack+0x20/0x38 (C) [ 20.988471] dump_stack_lvl+0x8c/0xd0 [ 20.988788] print_report+0x310/0x608 [ 20.989051] kasan_report+0xdc/0x128 [ 20.989227] __asan_report_load1_noabort+0x20/0x30 [ 20.989369] vmalloc_oob+0x51c/0x5d0 [ 20.989509] kunit_try_run_case+0x170/0x3f0 [ 20.989773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.990098] kthread+0x328/0x630 [ 20.990307] ret_from_fork+0x10/0x20 [ 20.990455] [ 20.990533] The buggy address belongs to the virtual mapping at [ 20.990533] [ffff8000800fe000, ffff800080100000) created by: [ 20.990533] vmalloc_oob+0x98/0x5d0 [ 20.990681] [ 20.990759] The buggy address belongs to the physical page: [ 20.990909] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f25 [ 20.991039] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.991387] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.991474] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.991701] page dumped because: kasan: bad access detected [ 20.991926] [ 20.991972] Memory state around the buggy address: [ 20.992078] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.992213] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.992258] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 20.992299] ^ [ 20.992342] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.992731] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.993037] ================================================================== [ 20.980608] ================================================================== [ 20.980815] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 20.980891] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 20.980944] [ 20.981162] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.981388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.981423] Hardware name: linux,dummy-virt (DT) [ 20.981459] Call trace: [ 20.981485] show_stack+0x20/0x38 (C) [ 20.981773] dump_stack_lvl+0x8c/0xd0 [ 20.981861] print_report+0x310/0x608 [ 20.981909] kasan_report+0xdc/0x128 [ 20.982169] __asan_report_load1_noabort+0x20/0x30 [ 20.982370] vmalloc_oob+0x578/0x5d0 [ 20.982422] kunit_try_run_case+0x170/0x3f0 [ 20.982527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.982644] kthread+0x328/0x630 [ 20.982739] ret_from_fork+0x10/0x20 [ 20.983045] [ 20.983168] The buggy address belongs to the virtual mapping at [ 20.983168] [ffff8000800fe000, ffff800080100000) created by: [ 20.983168] vmalloc_oob+0x98/0x5d0 [ 20.983278] [ 20.983373] The buggy address belongs to the physical page: [ 20.983438] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f25 [ 20.983659] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.983738] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.983789] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.983846] page dumped because: kasan: bad access detected [ 20.984020] [ 20.984100] Memory state around the buggy address: [ 20.984312] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.984434] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.984521] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 20.984962] ^ [ 20.985038] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.985140] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.985258] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.746458] ================================================================== [ 20.746509] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 20.746897] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.747069] [ 20.747139] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.747246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.747368] Hardware name: linux,dummy-virt (DT) [ 20.747444] Call trace: [ 20.747589] show_stack+0x20/0x38 (C) [ 20.747662] dump_stack_lvl+0x8c/0xd0 [ 20.747713] print_report+0x118/0x608 [ 20.747796] kasan_report+0xdc/0x128 [ 20.747857] kasan_check_range+0x100/0x1a8 [ 20.747910] __kasan_check_write+0x20/0x30 [ 20.747959] kasan_atomics_helper+0xe44/0x4858 [ 20.748165] kasan_atomics+0x198/0x2e0 [ 20.748295] kunit_try_run_case+0x170/0x3f0 [ 20.748606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.748736] kthread+0x328/0x630 [ 20.748872] ret_from_fork+0x10/0x20 [ 20.748996] [ 20.749066] Allocated by task 265: [ 20.749240] kasan_save_stack+0x3c/0x68 [ 20.749405] kasan_save_track+0x20/0x40 [ 20.749467] kasan_save_alloc_info+0x40/0x58 [ 20.749511] __kasan_kmalloc+0xd4/0xd8 [ 20.749841] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.749948] kasan_atomics+0xb8/0x2e0 [ 20.750062] kunit_try_run_case+0x170/0x3f0 [ 20.750366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.750504] kthread+0x328/0x630 [ 20.750590] ret_from_fork+0x10/0x20 [ 20.750629] [ 20.750651] The buggy address belongs to the object at fff00000c6f13780 [ 20.750651] which belongs to the cache kmalloc-64 of size 64 [ 20.750934] The buggy address is located 0 bytes to the right of [ 20.750934] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.751219] [ 20.751269] The buggy address belongs to the physical page: [ 20.751489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.751793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.751951] page_type: f5(slab) [ 20.752030] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.752081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.752148] page dumped because: kasan: bad access detected [ 20.752180] [ 20.752200] Memory state around the buggy address: [ 20.752358] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.752448] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.752574] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.752630] ^ [ 20.752671] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.752716] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.752756] ================================================================== [ 20.758147] ================================================================== [ 20.758198] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 20.758403] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.758589] [ 20.758678] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.758878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.759002] Hardware name: linux,dummy-virt (DT) [ 20.759206] Call trace: [ 20.759245] show_stack+0x20/0x38 (C) [ 20.759344] dump_stack_lvl+0x8c/0xd0 [ 20.759464] print_report+0x118/0x608 [ 20.759552] kasan_report+0xdc/0x128 [ 20.759629] kasan_check_range+0x100/0x1a8 [ 20.759680] __kasan_check_write+0x20/0x30 [ 20.759748] kasan_atomics_helper+0xeb8/0x4858 [ 20.759801] kasan_atomics+0x198/0x2e0 [ 20.760037] kunit_try_run_case+0x170/0x3f0 [ 20.760206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.760283] kthread+0x328/0x630 [ 20.760375] ret_from_fork+0x10/0x20 [ 20.760730] [ 20.760857] Allocated by task 265: [ 20.760963] kasan_save_stack+0x3c/0x68 [ 20.761088] kasan_save_track+0x20/0x40 [ 20.761180] kasan_save_alloc_info+0x40/0x58 [ 20.761282] __kasan_kmalloc+0xd4/0xd8 [ 20.761369] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.761536] kasan_atomics+0xb8/0x2e0 [ 20.761660] kunit_try_run_case+0x170/0x3f0 [ 20.761722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.761769] kthread+0x328/0x630 [ 20.762041] ret_from_fork+0x10/0x20 [ 20.762234] [ 20.762342] The buggy address belongs to the object at fff00000c6f13780 [ 20.762342] which belongs to the cache kmalloc-64 of size 64 [ 20.762595] The buggy address is located 0 bytes to the right of [ 20.762595] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.762814] [ 20.762873] The buggy address belongs to the physical page: [ 20.763025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.763081] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.763130] page_type: f5(slab) [ 20.763307] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.763477] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.763614] page dumped because: kasan: bad access detected [ 20.763734] [ 20.764027] Memory state around the buggy address: [ 20.764170] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.764266] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.764399] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.764440] ^ [ 20.764474] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.764541] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.764582] ================================================================== [ 20.863578] ================================================================== [ 20.863720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 20.863780] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.863939] [ 20.863973] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.864266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.864396] Hardware name: linux,dummy-virt (DT) [ 20.864467] Call trace: [ 20.864495] show_stack+0x20/0x38 (C) [ 20.864591] dump_stack_lvl+0x8c/0xd0 [ 20.864641] print_report+0x118/0x608 [ 20.864687] kasan_report+0xdc/0x128 [ 20.864772] kasan_check_range+0x100/0x1a8 [ 20.864833] __kasan_check_write+0x20/0x30 [ 20.864880] kasan_atomics_helper+0x14e4/0x4858 [ 20.864984] kasan_atomics+0x198/0x2e0 [ 20.865102] kunit_try_run_case+0x170/0x3f0 [ 20.865167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.865221] kthread+0x328/0x630 [ 20.865267] ret_from_fork+0x10/0x20 [ 20.865474] [ 20.865504] Allocated by task 265: [ 20.865537] kasan_save_stack+0x3c/0x68 [ 20.865584] kasan_save_track+0x20/0x40 [ 20.865623] kasan_save_alloc_info+0x40/0x58 [ 20.865665] __kasan_kmalloc+0xd4/0xd8 [ 20.865716] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.865756] kasan_atomics+0xb8/0x2e0 [ 20.865795] kunit_try_run_case+0x170/0x3f0 [ 20.866036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.866102] kthread+0x328/0x630 [ 20.866198] ret_from_fork+0x10/0x20 [ 20.866238] [ 20.866259] The buggy address belongs to the object at fff00000c6f13780 [ 20.866259] which belongs to the cache kmalloc-64 of size 64 [ 20.866344] The buggy address is located 0 bytes to the right of [ 20.866344] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.866410] [ 20.866431] The buggy address belongs to the physical page: [ 20.866589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.866769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.866943] page_type: f5(slab) [ 20.867020] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.867811] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.867942] page dumped because: kasan: bad access detected [ 20.867977] [ 20.868013] Memory state around the buggy address: [ 20.868049] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.868118] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.868163] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.868220] ^ [ 20.868254] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.868408] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.868483] ================================================================== [ 20.872857] ================================================================== [ 20.873165] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 20.873289] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.873361] [ 20.873424] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.873530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.873589] Hardware name: linux,dummy-virt (DT) [ 20.873683] Call trace: [ 20.873788] show_stack+0x20/0x38 (C) [ 20.873876] dump_stack_lvl+0x8c/0xd0 [ 20.873952] print_report+0x118/0x608 [ 20.874001] kasan_report+0xdc/0x128 [ 20.874053] kasan_check_range+0x100/0x1a8 [ 20.874108] __kasan_check_write+0x20/0x30 [ 20.874210] kasan_atomics_helper+0x15b4/0x4858 [ 20.874299] kasan_atomics+0x198/0x2e0 [ 20.874364] kunit_try_run_case+0x170/0x3f0 [ 20.874469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.874524] kthread+0x328/0x630 [ 20.874570] ret_from_fork+0x10/0x20 [ 20.874749] [ 20.874770] Allocated by task 265: [ 20.874941] kasan_save_stack+0x3c/0x68 [ 20.875241] kasan_save_track+0x20/0x40 [ 20.875551] kasan_save_alloc_info+0x40/0x58 [ 20.875722] __kasan_kmalloc+0xd4/0xd8 [ 20.875888] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.876009] kasan_atomics+0xb8/0x2e0 [ 20.876097] kunit_try_run_case+0x170/0x3f0 [ 20.876186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.876231] kthread+0x328/0x630 [ 20.876266] ret_from_fork+0x10/0x20 [ 20.876305] [ 20.876326] The buggy address belongs to the object at fff00000c6f13780 [ 20.876326] which belongs to the cache kmalloc-64 of size 64 [ 20.876718] The buggy address is located 0 bytes to the right of [ 20.876718] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.876964] [ 20.877152] The buggy address belongs to the physical page: [ 20.877362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.877424] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.877665] page_type: f5(slab) [ 20.877722] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.877909] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.878031] page dumped because: kasan: bad access detected [ 20.878369] [ 20.878481] Memory state around the buggy address: [ 20.878567] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.878677] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.878771] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.878823] ^ [ 20.878857] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.879166] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.879377] ================================================================== [ 20.838182] ================================================================== [ 20.838236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 20.838286] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.838338] [ 20.838368] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.838458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.838485] Hardware name: linux,dummy-virt (DT) [ 20.838518] Call trace: [ 20.838541] show_stack+0x20/0x38 (C) [ 20.838591] dump_stack_lvl+0x8c/0xd0 [ 20.838638] print_report+0x118/0x608 [ 20.838686] kasan_report+0xdc/0x128 [ 20.838732] kasan_check_range+0x100/0x1a8 [ 20.838782] __kasan_check_write+0x20/0x30 [ 20.838847] kasan_atomics_helper+0x12d8/0x4858 [ 20.838896] kasan_atomics+0x198/0x2e0 [ 20.838975] kunit_try_run_case+0x170/0x3f0 [ 20.839332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.839407] kthread+0x328/0x630 [ 20.839567] ret_from_fork+0x10/0x20 [ 20.839728] [ 20.839874] Allocated by task 265: [ 20.839976] kasan_save_stack+0x3c/0x68 [ 20.840071] kasan_save_track+0x20/0x40 [ 20.840176] kasan_save_alloc_info+0x40/0x58 [ 20.840251] __kasan_kmalloc+0xd4/0xd8 [ 20.840290] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.840357] kasan_atomics+0xb8/0x2e0 [ 20.840396] kunit_try_run_case+0x170/0x3f0 [ 20.840438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.840526] kthread+0x328/0x630 [ 20.840562] ret_from_fork+0x10/0x20 [ 20.840774] [ 20.840873] The buggy address belongs to the object at fff00000c6f13780 [ 20.840873] which belongs to the cache kmalloc-64 of size 64 [ 20.841303] The buggy address is located 0 bytes to the right of [ 20.841303] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.841486] [ 20.841558] The buggy address belongs to the physical page: [ 20.841608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.841693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.841745] page_type: f5(slab) [ 20.841783] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.842033] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.842165] page dumped because: kasan: bad access detected [ 20.842214] [ 20.842235] Memory state around the buggy address: [ 20.842298] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.842374] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.842419] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.842459] ^ [ 20.842777] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.842943] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.843049] ================================================================== [ 20.713656] ================================================================== [ 20.713709] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 20.713761] Write of size 4 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.713822] [ 20.713853] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.713934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.713963] Hardware name: linux,dummy-virt (DT) [ 20.714030] Call trace: [ 20.714058] show_stack+0x20/0x38 (C) [ 20.714127] dump_stack_lvl+0x8c/0xd0 [ 20.714185] print_report+0x118/0x608 [ 20.714242] kasan_report+0xdc/0x128 [ 20.714288] kasan_check_range+0x100/0x1a8 [ 20.714339] __kasan_check_write+0x20/0x30 [ 20.714385] kasan_atomics_helper+0xd3c/0x4858 [ 20.714434] kasan_atomics+0x198/0x2e0 [ 20.714488] kunit_try_run_case+0x170/0x3f0 [ 20.714538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.714592] kthread+0x328/0x630 [ 20.714635] ret_from_fork+0x10/0x20 [ 20.714691] [ 20.714714] Allocated by task 265: [ 20.714745] kasan_save_stack+0x3c/0x68 [ 20.714788] kasan_save_track+0x20/0x40 [ 20.714838] kasan_save_alloc_info+0x40/0x58 [ 20.714881] __kasan_kmalloc+0xd4/0xd8 [ 20.715826] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.716113] kasan_atomics+0xb8/0x2e0 [ 20.716170] kunit_try_run_case+0x170/0x3f0 [ 20.716338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.716617] kthread+0x328/0x630 [ 20.716972] ret_from_fork+0x10/0x20 [ 20.717059] [ 20.717235] The buggy address belongs to the object at fff00000c6f13780 [ 20.717235] which belongs to the cache kmalloc-64 of size 64 [ 20.717654] The buggy address is located 0 bytes to the right of [ 20.717654] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.717982] [ 20.718055] The buggy address belongs to the physical page: [ 20.718254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.718654] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.718735] page_type: f5(slab) [ 20.718881] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.719545] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.719615] page dumped because: kasan: bad access detected [ 20.719669] [ 20.719690] Memory state around the buggy address: [ 20.720354] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.720420] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.720511] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.720789] ^ [ 20.720897] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.721231] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.721460] ================================================================== [ 20.847527] ================================================================== [ 20.847580] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 20.847649] Read of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.847738] [ 20.847798] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.847907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.848005] Hardware name: linux,dummy-virt (DT) [ 20.848043] Call trace: [ 20.848070] show_stack+0x20/0x38 (C) [ 20.848256] dump_stack_lvl+0x8c/0xd0 [ 20.848392] print_report+0x118/0x608 [ 20.848516] kasan_report+0xdc/0x128 [ 20.848587] __asan_report_load8_noabort+0x20/0x30 [ 20.848654] kasan_atomics_helper+0x3f04/0x4858 [ 20.848720] kasan_atomics+0x198/0x2e0 [ 20.848856] kunit_try_run_case+0x170/0x3f0 [ 20.848909] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.848969] kthread+0x328/0x630 [ 20.849044] ret_from_fork+0x10/0x20 [ 20.849114] [ 20.849134] Allocated by task 265: [ 20.849165] kasan_save_stack+0x3c/0x68 [ 20.849228] kasan_save_track+0x20/0x40 [ 20.849269] kasan_save_alloc_info+0x40/0x58 [ 20.849312] __kasan_kmalloc+0xd4/0xd8 [ 20.849374] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.849415] kasan_atomics+0xb8/0x2e0 [ 20.849451] kunit_try_run_case+0x170/0x3f0 [ 20.849598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.849651] kthread+0x328/0x630 [ 20.849721] ret_from_fork+0x10/0x20 [ 20.849845] [ 20.849889] The buggy address belongs to the object at fff00000c6f13780 [ 20.849889] which belongs to the cache kmalloc-64 of size 64 [ 20.850124] The buggy address is located 0 bytes to the right of [ 20.850124] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.850201] [ 20.850222] The buggy address belongs to the physical page: [ 20.850254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.850403] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.850577] page_type: f5(slab) [ 20.850620] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.850673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.850774] page dumped because: kasan: bad access detected [ 20.850849] [ 20.851005] Memory state around the buggy address: [ 20.851154] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.851334] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.851467] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.851508] ^ [ 20.851566] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.851609] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.851648] ================================================================== [ 20.892168] ================================================================== [ 20.892225] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 20.892271] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.892320] [ 20.892349] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.892430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.892459] Hardware name: linux,dummy-virt (DT) [ 20.892962] Call trace: [ 20.893047] show_stack+0x20/0x38 (C) [ 20.893298] dump_stack_lvl+0x8c/0xd0 [ 20.893459] print_report+0x118/0x608 [ 20.893549] kasan_report+0xdc/0x128 [ 20.893642] kasan_check_range+0x100/0x1a8 [ 20.893821] __kasan_check_write+0x20/0x30 [ 20.893899] kasan_atomics_helper+0x16d0/0x4858 [ 20.893949] kasan_atomics+0x198/0x2e0 [ 20.893995] kunit_try_run_case+0x170/0x3f0 [ 20.894043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.894330] kthread+0x328/0x630 [ 20.894448] ret_from_fork+0x10/0x20 [ 20.894892] [ 20.894944] Allocated by task 265: [ 20.894976] kasan_save_stack+0x3c/0x68 [ 20.895067] kasan_save_track+0x20/0x40 [ 20.895140] kasan_save_alloc_info+0x40/0x58 [ 20.895251] __kasan_kmalloc+0xd4/0xd8 [ 20.895328] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.895434] kasan_atomics+0xb8/0x2e0 [ 20.895523] kunit_try_run_case+0x170/0x3f0 [ 20.895618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.895692] kthread+0x328/0x630 [ 20.895725] ret_from_fork+0x10/0x20 [ 20.895762] [ 20.895782] The buggy address belongs to the object at fff00000c6f13780 [ 20.895782] which belongs to the cache kmalloc-64 of size 64 [ 20.895871] The buggy address is located 0 bytes to the right of [ 20.895871] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.896035] [ 20.896058] The buggy address belongs to the physical page: [ 20.896091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.896212] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.896379] page_type: f5(slab) [ 20.896484] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.896561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.896679] page dumped because: kasan: bad access detected [ 20.896714] [ 20.896733] Memory state around the buggy address: [ 20.896768] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.896977] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.897070] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.897183] ^ [ 20.897298] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.897344] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.897384] ================================================================== [ 20.898390] ================================================================== [ 20.898440] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 20.898768] Read of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.898911] [ 20.898944] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.899032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.899079] Hardware name: linux,dummy-virt (DT) [ 20.899147] Call trace: [ 20.899192] show_stack+0x20/0x38 (C) [ 20.899340] dump_stack_lvl+0x8c/0xd0 [ 20.899390] print_report+0x118/0x608 [ 20.899462] kasan_report+0xdc/0x128 [ 20.899510] __asan_report_load8_noabort+0x20/0x30 [ 20.899878] kasan_atomics_helper+0x3e10/0x4858 [ 20.900073] kasan_atomics+0x198/0x2e0 [ 20.900174] kunit_try_run_case+0x170/0x3f0 [ 20.900392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.900650] kthread+0x328/0x630 [ 20.900884] ret_from_fork+0x10/0x20 [ 20.901107] [ 20.901260] Allocated by task 265: [ 20.901293] kasan_save_stack+0x3c/0x68 [ 20.901335] kasan_save_track+0x20/0x40 [ 20.901404] kasan_save_alloc_info+0x40/0x58 [ 20.901796] __kasan_kmalloc+0xd4/0xd8 [ 20.902070] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.902296] kasan_atomics+0xb8/0x2e0 [ 20.902441] kunit_try_run_case+0x170/0x3f0 [ 20.902556] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.902739] kthread+0x328/0x630 [ 20.902941] ret_from_fork+0x10/0x20 [ 20.903032] [ 20.903064] The buggy address belongs to the object at fff00000c6f13780 [ 20.903064] which belongs to the cache kmalloc-64 of size 64 [ 20.903146] The buggy address is located 0 bytes to the right of [ 20.903146] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.903215] [ 20.903236] The buggy address belongs to the physical page: [ 20.903269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.903325] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.903376] page_type: f5(slab) [ 20.903523] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.903625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.903797] page dumped because: kasan: bad access detected [ 20.903874] [ 20.903894] Memory state around the buggy address: [ 20.903933] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.903979] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.904171] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.904289] ^ [ 20.904413] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.904509] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.904611] ================================================================== [ 20.635705] ================================================================== [ 20.635746] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 20.635818] Write of size 4 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.635869] [ 20.635902] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.636159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.636438] Hardware name: linux,dummy-virt (DT) [ 20.636495] Call trace: [ 20.636520] show_stack+0x20/0x38 (C) [ 20.636573] dump_stack_lvl+0x8c/0xd0 [ 20.636620] print_report+0x118/0x608 [ 20.636971] kasan_report+0xdc/0x128 [ 20.637043] kasan_check_range+0x100/0x1a8 [ 20.637096] __kasan_check_write+0x20/0x30 [ 20.637221] kasan_atomics_helper+0xa6c/0x4858 [ 20.637273] kasan_atomics+0x198/0x2e0 [ 20.638402] kasan_save_alloc_info+0x40/0x58 [ 20.638443] __kasan_kmalloc+0xd4/0xd8 [ 20.638482] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.638713] kasan_atomics+0xb8/0x2e0 [ 20.638815] kunit_try_run_case+0x170/0x3f0 [ 20.638888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.638944] kthread+0x328/0x630 [ 20.639006] ret_from_fork+0x10/0x20 [ 20.639323] [ 20.640487] [ 20.641296] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.642994] [ 20.643817] kasan_atomics_helper+0xad4/0x4858 [ 20.645469] kasan_save_alloc_info+0x40/0x58 [ 20.645613] __kasan_kmalloc+0xd4/0xd8 [ 20.645666] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.645965] kasan_atomics+0xb8/0x2e0 [ 20.646070] kunit_try_run_case+0x170/0x3f0 [ 20.646112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.646276] The buggy address belongs to the object at fff00000c6f13780 [ 20.646276] which belongs to the cache kmalloc-64 of size 64 [ 20.648430] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.650136] kasan_atomics_helper+0x3dcc/0x4858 [ 20.651741] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.653991] The buggy address belongs to the physical page: [ 20.655249] [ 20.655969] ^ [ 20.657932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.658775] kasan_save_stack+0x3c/0x68 [ 20.661061] [ 20.661955] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.664172] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.666683] show_stack+0x20/0x38 (C) [ 20.669397] kasan_save_stack+0x3c/0x68 [ 20.672230] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.672687] ^ [ 20.679080] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.679440] kunit_try_run_case+0x170/0x3f0 [ 20.681483] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.682708] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.683239] ^ [ 20.685202] Read of size 4 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.685508] Hardware name: linux,dummy-virt (DT) [ 20.686536] kasan_atomics_helper+0x3de4/0x4858 [ 20.688244] kasan_save_track+0x20/0x40 [ 20.689521] kthread+0x328/0x630 [ 20.689793] [ 20.690343] [ 20.690761] The buggy address belongs to the physical page: [ 20.690930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.691862] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.692638] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.692873] ^ [ 20.693262] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.695253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.696235] print_report+0x118/0x608 [ 20.697254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.699007] __kasan_kmalloc+0xd4/0xd8 [ 20.700508] ret_from_fork+0x10/0x20 [ 20.700667] [ 20.700693] The buggy address belongs to the object at fff00000c6f13780 [ 20.700693] which belongs to the cache kmalloc-64 of size 64 [ 20.700791] The buggy address is located 0 bytes to the right of [ 20.700791] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.700891] [ 20.700922] The buggy address belongs to the physical page: [ 20.700964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.701027] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.701076] page_type: f5(slab) [ 20.701114] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.701165] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.701207] page dumped because: kasan: bad access detected [ 20.701250] [ 20.701281] Memory state around the buggy address: [ 20.701314] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.701364] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.701417] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.701461] ^ [ 20.701496] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.701545] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.701586] ================================================================== [ 20.722281] ================================================================== [ 20.722430] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 20.722536] Read of size 4 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.722589] [ 20.722703] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.723036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.723222] Hardware name: linux,dummy-virt (DT) [ 20.723289] Call trace: [ 20.723443] show_stack+0x20/0x38 (C) [ 20.723647] dump_stack_lvl+0x8c/0xd0 [ 20.723799] print_report+0x118/0x608 [ 20.723949] kasan_report+0xdc/0x128 [ 20.724123] __asan_report_load4_noabort+0x20/0x30 [ 20.724268] kasan_atomics_helper+0x3e04/0x4858 [ 20.724421] kasan_atomics+0x198/0x2e0 [ 20.725223] kunit_try_run_case+0x170/0x3f0 [ 20.725311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.725393] kthread+0x328/0x630 [ 20.725476] ret_from_fork+0x10/0x20 [ 20.725549] [ 20.725571] Allocated by task 265: [ 20.726028] kasan_save_stack+0x3c/0x68 [ 20.726391] kasan_save_track+0x20/0x40 [ 20.726433] kasan_save_alloc_info+0x40/0x58 [ 20.726476] __kasan_kmalloc+0xd4/0xd8 [ 20.726703] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.727167] kasan_atomics+0xb8/0x2e0 [ 20.727238] kunit_try_run_case+0x170/0x3f0 [ 20.727421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.727538] kthread+0x328/0x630 [ 20.727573] ret_from_fork+0x10/0x20 [ 20.727611] [ 20.728355] The buggy address belongs to the object at fff00000c6f13780 [ 20.728355] which belongs to the cache kmalloc-64 of size 64 [ 20.728446] The buggy address is located 0 bytes to the right of [ 20.728446] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.728860] [ 20.729007] The buggy address belongs to the physical page: [ 20.729285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.729362] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.729770] page_type: f5(slab) [ 20.729863] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.730195] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.730379] page dumped because: kasan: bad access detected [ 20.730507] [ 20.730539] Memory state around the buggy address: [ 20.730595] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.730652] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.730705] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.730752] ^ [ 20.730788] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.730843] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.730895] ================================================================== [ 20.790593] ================================================================== [ 20.790687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 20.790827] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.790890] [ 20.790951] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.791464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.791678] Hardware name: linux,dummy-virt (DT) [ 20.791761] Call trace: [ 20.791882] show_stack+0x20/0x38 (C) [ 20.791990] dump_stack_lvl+0x8c/0xd0 [ 20.792044] print_report+0x118/0x608 [ 20.792116] kasan_report+0xdc/0x128 [ 20.792485] kasan_check_range+0x100/0x1a8 [ 20.792747] __kasan_check_write+0x20/0x30 [ 20.792896] kasan_atomics_helper+0x1058/0x4858 [ 20.793304] kasan_atomics+0x198/0x2e0 [ 20.793505] kunit_try_run_case+0x170/0x3f0 [ 20.794003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.794272] kthread+0x328/0x630 [ 20.794413] ret_from_fork+0x10/0x20 [ 20.794585] [ 20.794609] Allocated by task 265: [ 20.794638] kasan_save_stack+0x3c/0x68 [ 20.795079] kasan_save_track+0x20/0x40 [ 20.795342] kasan_save_alloc_info+0x40/0x58 [ 20.795569] __kasan_kmalloc+0xd4/0xd8 [ 20.795696] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.796061] kasan_atomics+0xb8/0x2e0 [ 20.796101] kunit_try_run_case+0x170/0x3f0 [ 20.796140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.796185] kthread+0x328/0x630 [ 20.796667] ret_from_fork+0x10/0x20 [ 20.796765] [ 20.797055] The buggy address belongs to the object at fff00000c6f13780 [ 20.797055] which belongs to the cache kmalloc-64 of size 64 [ 20.797246] The buggy address is located 0 bytes to the right of [ 20.797246] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.797463] [ 20.797521] The buggy address belongs to the physical page: [ 20.797887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.798086] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.798168] page_type: f5(slab) [ 20.798211] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.798651] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.799100] page dumped because: kasan: bad access detected [ 20.799276] [ 20.799337] Memory state around the buggy address: [ 20.799756] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.799957] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.800175] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.800360] ^ [ 20.800417] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.800569] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.800777] ================================================================== [ 20.616122] ================================================================== [ 20.616175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 20.616568] Read of size 4 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.616699] [ 20.616733] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.616919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.616976] Hardware name: linux,dummy-virt (DT) [ 20.617011] Call trace: [ 20.617088] show_stack+0x20/0x38 (C) [ 20.617142] dump_stack_lvl+0x8c/0xd0 [ 20.617212] print_report+0x118/0x608 [ 20.617265] kasan_report+0xdc/0x128 [ 20.617349] __asan_report_load4_noabort+0x20/0x30 [ 20.617694] kasan_atomics_helper+0x42d8/0x4858 [ 20.617821] kasan_atomics+0x198/0x2e0 [ 20.617917] kunit_try_run_case+0x170/0x3f0 [ 20.617966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.618021] kthread+0x328/0x630 [ 20.618105] ret_from_fork+0x10/0x20 [ 20.618155] [ 20.618193] Allocated by task 265: [ 20.618389] kasan_save_stack+0x3c/0x68 [ 20.618443] kasan_save_track+0x20/0x40 [ 20.618627] kasan_save_alloc_info+0x40/0x58 [ 20.618679] __kasan_kmalloc+0xd4/0xd8 [ 20.618726] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.618768] kasan_atomics+0xb8/0x2e0 [ 20.618920] kunit_try_run_case+0x170/0x3f0 [ 20.619108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.619245] kthread+0x328/0x630 [ 20.619571] ret_from_fork+0x10/0x20 [ 20.619686] [ 20.619816] The buggy address belongs to the object at fff00000c6f13780 [ 20.619816] which belongs to the cache kmalloc-64 of size 64 [ 20.619922] The buggy address is located 0 bytes to the right of [ 20.619922] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.620000] [ 20.620023] The buggy address belongs to the physical page: [ 20.620097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.620168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.620217] page_type: f5(slab) [ 20.620255] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.620308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.620434] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.621777] [ 20.622020] Hardware name: linux,dummy-virt (DT) [ 20.622076] show_stack+0x20/0x38 (C) [ 20.622127] dump_stack_lvl+0x8c/0xd0 [ 20.622175] print_report+0x118/0x608 [ 20.622233] kasan_report+0xdc/0x128 [ 20.622288] kasan_check_range+0x100/0x1a8 [ 20.622338] __kasan_check_write+0x20/0x30 [ 20.622391] kasan_atomics_helper+0x934/0x4858 [ 20.622443] kasan_atomics+0x198/0x2e0 [ 20.622488] kunit_try_run_case+0x170/0x3f0 [ 20.622535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.622596] kthread+0x328/0x630 [ 20.622639] ret_from_fork+0x10/0x20 [ 20.622686] [ 20.622707] Allocated by task 265: [ 20.622734] kasan_save_stack+0x3c/0x68 [ 20.622775] kasan_save_track+0x20/0x40 [ 20.623119] kasan_save_alloc_info+0x40/0x58 [ 20.623324] __kasan_kmalloc+0xd4/0xd8 [ 20.623368] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.623408] kasan_atomics+0xb8/0x2e0 [ 20.623638] kunit_try_run_case+0x170/0x3f0 [ 20.623786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.623935] kthread+0x328/0x630 [ 20.623970] ret_from_fork+0x10/0x20 [ 20.624031] [ 20.624161] The buggy address belongs to the object at fff00000c6f13780 [ 20.624161] which belongs to the cache kmalloc-64 of size 64 [ 20.624350] The buggy address is located 0 bytes to the right of [ 20.624350] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.624740] [ 20.624774] The buggy address belongs to the physical page: [ 20.624880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.625040] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.625178] page_type: f5(slab) [ 20.625307] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.625420] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.625567] page dumped because: kasan: bad access detected [ 20.625676] [ 20.625783] Memory state around the buggy address: [ 20.625895] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.625968] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.626013] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.626066] ^ [ 20.626106] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.626150] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.626191] ================================================================== [ 20.934714] ================================================================== [ 20.934931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 20.935547] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.935626] [ 20.935662] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.936304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.936702] Hardware name: linux,dummy-virt (DT) [ 20.936837] Call trace: [ 20.937139] show_stack+0x20/0x38 (C) [ 20.937645] dump_stack_lvl+0x8c/0xd0 [ 20.938547] print_report+0x118/0x608 [ 20.939288] kasan_report+0xdc/0x128 [ 20.939520] kasan_check_range+0x100/0x1a8 [ 20.939604] __kasan_check_write+0x20/0x30 [ 20.939651] kasan_atomics_helper+0x17ec/0x4858 [ 20.939701] kasan_atomics+0x198/0x2e0 [ 20.939746] kunit_try_run_case+0x170/0x3f0 [ 20.939796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.941095] kthread+0x328/0x630 [ 20.941426] ret_from_fork+0x10/0x20 [ 20.941518] [ 20.942015] Allocated by task 265: [ 20.942140] kasan_save_stack+0x3c/0x68 [ 20.942725] kasan_save_track+0x20/0x40 [ 20.942896] kasan_save_alloc_info+0x40/0x58 [ 20.942942] __kasan_kmalloc+0xd4/0xd8 [ 20.943546] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.943599] kasan_atomics+0xb8/0x2e0 [ 20.944668] kunit_try_run_case+0x170/0x3f0 [ 20.945137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.945568] kthread+0x328/0x630 [ 20.945642] ret_from_fork+0x10/0x20 [ 20.945682] [ 20.945704] The buggy address belongs to the object at fff00000c6f13780 [ 20.945704] which belongs to the cache kmalloc-64 of size 64 [ 20.946938] The buggy address is located 0 bytes to the right of [ 20.946938] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.947173] [ 20.947196] The buggy address belongs to the physical page: [ 20.947231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.947976] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.948186] page_type: f5(slab) [ 20.948230] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.949193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.949651] page dumped because: kasan: bad access detected [ 20.950499] [ 20.950902] Memory state around the buggy address: [ 20.951022] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.951085] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.951721] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.952414] ^ [ 20.952613] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.952672] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.953401] ================================================================== [ 20.825563] ================================================================== [ 20.825768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 20.825931] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.826156] [ 20.826265] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.826365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.826456] Hardware name: linux,dummy-virt (DT) [ 20.826526] Call trace: [ 20.826551] show_stack+0x20/0x38 (C) [ 20.826603] dump_stack_lvl+0x8c/0xd0 [ 20.826980] print_report+0x118/0x608 [ 20.827396] kasan_report+0xdc/0x128 [ 20.827546] kasan_check_range+0x100/0x1a8 [ 20.827695] __kasan_check_write+0x20/0x30 [ 20.827800] kasan_atomics_helper+0x11f8/0x4858 [ 20.827934] kasan_atomics+0x198/0x2e0 [ 20.828106] kunit_try_run_case+0x170/0x3f0 [ 20.828164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.828217] kthread+0x328/0x630 [ 20.828264] ret_from_fork+0x10/0x20 [ 20.828311] [ 20.828355] Allocated by task 265: [ 20.828386] kasan_save_stack+0x3c/0x68 [ 20.828428] kasan_save_track+0x20/0x40 [ 20.828664] kasan_save_alloc_info+0x40/0x58 [ 20.828812] __kasan_kmalloc+0xd4/0xd8 [ 20.828915] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.829233] kasan_atomics+0xb8/0x2e0 [ 20.829317] kunit_try_run_case+0x170/0x3f0 [ 20.829444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.829568] kthread+0x328/0x630 [ 20.829684] ret_from_fork+0x10/0x20 [ 20.829838] [ 20.829940] The buggy address belongs to the object at fff00000c6f13780 [ 20.829940] which belongs to the cache kmalloc-64 of size 64 [ 20.830003] The buggy address is located 0 bytes to the right of [ 20.830003] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.830361] [ 20.830410] The buggy address belongs to the physical page: [ 20.830452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.830506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.830555] page_type: f5(slab) [ 20.830604] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.830658] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.830699] page dumped because: kasan: bad access detected [ 20.830743] [ 20.830772] Memory state around the buggy address: [ 20.830824] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.830868] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.830912] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.831191] ^ [ 20.831282] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.831325] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.831551] ================================================================== [ 20.702602] ================================================================== [ 20.702654] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 20.702706] Read of size 4 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.702919] [ 20.702965] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.703218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.703409] Hardware name: linux,dummy-virt (DT) [ 20.703736] Call trace: [ 20.703859] show_stack+0x20/0x38 (C) [ 20.704122] dump_stack_lvl+0x8c/0xd0 [ 20.704375] print_report+0x118/0x608 [ 20.704772] kasan_report+0xdc/0x128 [ 20.705006] __asan_report_load4_noabort+0x20/0x30 [ 20.705111] kasan_atomics_helper+0x3dd8/0x4858 [ 20.705543] kasan_atomics+0x198/0x2e0 [ 20.705636] kunit_try_run_case+0x170/0x3f0 [ 20.705841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.706450] kthread+0x328/0x630 [ 20.706674] ret_from_fork+0x10/0x20 [ 20.706904] [ 20.707172] Allocated by task 265: [ 20.707349] kasan_save_stack+0x3c/0x68 [ 20.707449] kasan_save_track+0x20/0x40 [ 20.707506] kasan_save_alloc_info+0x40/0x58 [ 20.707680] __kasan_kmalloc+0xd4/0xd8 [ 20.707722] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.707763] kasan_atomics+0xb8/0x2e0 [ 20.708325] kunit_try_run_case+0x170/0x3f0 [ 20.708491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.708571] kthread+0x328/0x630 [ 20.708608] ret_from_fork+0x10/0x20 [ 20.708962] [ 20.709311] The buggy address belongs to the object at fff00000c6f13780 [ 20.709311] which belongs to the cache kmalloc-64 of size 64 [ 20.709748] The buggy address is located 0 bytes to the right of [ 20.709748] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.709892] [ 20.710212] The buggy address belongs to the physical page: [ 20.710329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.710594] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.711119] page_type: f5(slab) [ 20.711335] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.711458] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.711637] page dumped because: kasan: bad access detected [ 20.711801] [ 20.712005] Memory state around the buggy address: [ 20.712133] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.712356] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.712438] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.712476] ^ [ 20.712512] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.712557] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.712887] ================================================================== [ 20.916107] ================================================================== [ 20.916283] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 20.916709] Read of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.916843] [ 20.917515] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.918594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.918707] Hardware name: linux,dummy-virt (DT) [ 20.918743] Call trace: [ 20.918766] show_stack+0x20/0x38 (C) [ 20.919061] dump_stack_lvl+0x8c/0xd0 [ 20.919275] print_report+0x118/0x608 [ 20.919327] kasan_report+0xdc/0x128 [ 20.919374] __asan_report_load8_noabort+0x20/0x30 [ 20.919423] kasan_atomics_helper+0x3e20/0x4858 [ 20.919473] kasan_atomics+0x198/0x2e0 [ 20.919520] kunit_try_run_case+0x170/0x3f0 [ 20.920954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.921604] kthread+0x328/0x630 [ 20.921742] ret_from_fork+0x10/0x20 [ 20.922320] [ 20.922987] Allocated by task 265: [ 20.923154] kasan_save_stack+0x3c/0x68 [ 20.923204] kasan_save_track+0x20/0x40 [ 20.923244] kasan_save_alloc_info+0x40/0x58 [ 20.923287] __kasan_kmalloc+0xd4/0xd8 [ 20.923326] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.923365] kasan_atomics+0xb8/0x2e0 [ 20.923404] kunit_try_run_case+0x170/0x3f0 [ 20.923442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.923487] kthread+0x328/0x630 [ 20.923520] ret_from_fork+0x10/0x20 [ 20.925155] [ 20.925578] The buggy address belongs to the object at fff00000c6f13780 [ 20.925578] which belongs to the cache kmalloc-64 of size 64 [ 20.926641] The buggy address is located 0 bytes to the right of [ 20.926641] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.926930] [ 20.926960] The buggy address belongs to the physical page: [ 20.926993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.927051] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.927100] page_type: f5(slab) [ 20.927141] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.928473] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.928858] page dumped because: kasan: bad access detected [ 20.928900] [ 20.929794] Memory state around the buggy address: [ 20.929962] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.930282] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.930502] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.930769] ^ [ 20.931364] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.931414] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.932275] ================================================================== [ 20.809555] ================================================================== [ 20.809604] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 20.809653] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.809704] [ 20.809735] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.809832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.809861] Hardware name: linux,dummy-virt (DT) [ 20.809894] Call trace: [ 20.809918] show_stack+0x20/0x38 (C) [ 20.809966] dump_stack_lvl+0x8c/0xd0 [ 20.810013] print_report+0x118/0x608 [ 20.810061] kasan_report+0xdc/0x128 [ 20.810106] kasan_check_range+0x100/0x1a8 [ 20.810156] __kasan_check_write+0x20/0x30 [ 20.810200] kasan_atomics_helper+0x1128/0x4858 [ 20.810250] kasan_atomics+0x198/0x2e0 [ 20.810297] kunit_try_run_case+0x170/0x3f0 [ 20.810343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.810396] kthread+0x328/0x630 [ 20.810438] ret_from_fork+0x10/0x20 [ 20.810486] [ 20.810506] Allocated by task 265: [ 20.811185] kasan_save_stack+0x3c/0x68 [ 20.811238] kasan_save_track+0x20/0x40 [ 20.811309] kasan_save_alloc_info+0x40/0x58 [ 20.811354] __kasan_kmalloc+0xd4/0xd8 [ 20.811392] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.811433] kasan_atomics+0xb8/0x2e0 [ 20.811470] kunit_try_run_case+0x170/0x3f0 [ 20.811510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.811554] kthread+0x328/0x630 [ 20.811590] ret_from_fork+0x10/0x20 [ 20.811627] [ 20.811648] The buggy address belongs to the object at fff00000c6f13780 [ 20.811648] which belongs to the cache kmalloc-64 of size 64 [ 20.811707] The buggy address is located 0 bytes to the right of [ 20.811707] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.811773] [ 20.811794] The buggy address belongs to the physical page: [ 20.811842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.811893] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.811947] page_type: f5(slab) [ 20.811987] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.812039] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.812081] page dumped because: kasan: bad access detected [ 20.812115] [ 20.813094] Memory state around the buggy address: [ 20.813140] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.814211] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.817122] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.817249] ^ [ 20.817350] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.817435] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.817673] ================================================================== [ 20.856362] ================================================================== [ 20.856420] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 20.856626] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.856715] [ 20.856745] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.856839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.856973] Hardware name: linux,dummy-virt (DT) [ 20.857150] Call trace: [ 20.857270] show_stack+0x20/0x38 (C) [ 20.857456] dump_stack_lvl+0x8c/0xd0 [ 20.857748] print_report+0x118/0x608 [ 20.857816] kasan_report+0xdc/0x128 [ 20.857865] kasan_check_range+0x100/0x1a8 [ 20.858102] __kasan_check_write+0x20/0x30 [ 20.858297] kasan_atomics_helper+0x147c/0x4858 [ 20.858611] kasan_atomics+0x198/0x2e0 [ 20.858749] kunit_try_run_case+0x170/0x3f0 [ 20.858898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.859091] kthread+0x328/0x630 [ 20.859205] ret_from_fork+0x10/0x20 [ 20.859326] [ 20.859419] Allocated by task 265: [ 20.859491] kasan_save_stack+0x3c/0x68 [ 20.859534] kasan_save_track+0x20/0x40 [ 20.859597] kasan_save_alloc_info+0x40/0x58 [ 20.859639] __kasan_kmalloc+0xd4/0xd8 [ 20.859678] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.859718] kasan_atomics+0xb8/0x2e0 [ 20.860058] kunit_try_run_case+0x170/0x3f0 [ 20.860159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.860256] kthread+0x328/0x630 [ 20.860335] ret_from_fork+0x10/0x20 [ 20.860425] [ 20.860649] The buggy address belongs to the object at fff00000c6f13780 [ 20.860649] which belongs to the cache kmalloc-64 of size 64 [ 20.860714] The buggy address is located 0 bytes to the right of [ 20.860714] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.860975] [ 20.861012] The buggy address belongs to the physical page: [ 20.861112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.861277] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.861576] page_type: f5(slab) [ 20.861659] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.861859] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.861921] page dumped because: kasan: bad access detected [ 20.861955] [ 20.861975] Memory state around the buggy address: [ 20.862122] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.862383] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.862469] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.862564] ^ [ 20.862916] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.863060] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.863174] ================================================================== [ 20.880119] ================================================================== [ 20.880167] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 20.880216] Read of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.880267] [ 20.880298] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.880376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.880405] Hardware name: linux,dummy-virt (DT) [ 20.880436] Call trace: [ 20.880461] show_stack+0x20/0x38 (C) [ 20.880509] dump_stack_lvl+0x8c/0xd0 [ 20.880557] print_report+0x118/0x608 [ 20.880604] kasan_report+0xdc/0x128 [ 20.880651] __asan_report_load8_noabort+0x20/0x30 [ 20.880700] kasan_atomics_helper+0x3db0/0x4858 [ 20.880749] kasan_atomics+0x198/0x2e0 [ 20.880796] kunit_try_run_case+0x170/0x3f0 [ 20.880889] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.880963] kthread+0x328/0x630 [ 20.881064] ret_from_fork+0x10/0x20 [ 20.881141] [ 20.881185] Allocated by task 265: [ 20.881242] kasan_save_stack+0x3c/0x68 [ 20.881454] kasan_save_track+0x20/0x40 [ 20.881565] kasan_save_alloc_info+0x40/0x58 [ 20.881701] __kasan_kmalloc+0xd4/0xd8 [ 20.881797] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.881883] kasan_atomics+0xb8/0x2e0 [ 20.881948] kunit_try_run_case+0x170/0x3f0 [ 20.882026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.882115] kthread+0x328/0x630 [ 20.882150] ret_from_fork+0x10/0x20 [ 20.882205] [ 20.882227] The buggy address belongs to the object at fff00000c6f13780 [ 20.882227] which belongs to the cache kmalloc-64 of size 64 [ 20.882288] The buggy address is located 0 bytes to the right of [ 20.882288] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.882354] [ 20.882374] The buggy address belongs to the physical page: [ 20.882405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.882581] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.882722] page_type: f5(slab) [ 20.882857] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.882954] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.883096] page dumped because: kasan: bad access detected [ 20.883313] [ 20.883523] Memory state around the buggy address: [ 20.883591] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.883696] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.883813] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.883855] ^ [ 20.883896] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.883942] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.883982] ================================================================== [ 20.884223] ================================================================== [ 20.884418] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 20.884501] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.884554] [ 20.884602] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.884703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.884842] Hardware name: linux,dummy-virt (DT) [ 20.884997] Call trace: [ 20.885097] show_stack+0x20/0x38 (C) [ 20.885212] dump_stack_lvl+0x8c/0xd0 [ 20.885278] print_report+0x118/0x608 [ 20.885333] kasan_report+0xdc/0x128 [ 20.885395] kasan_check_range+0x100/0x1a8 [ 20.885445] __kasan_check_write+0x20/0x30 [ 20.885598] kasan_atomics_helper+0x1644/0x4858 [ 20.885654] kasan_atomics+0x198/0x2e0 [ 20.885880] kunit_try_run_case+0x170/0x3f0 [ 20.885973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.886029] kthread+0x328/0x630 [ 20.886154] ret_from_fork+0x10/0x20 [ 20.886227] [ 20.886304] Allocated by task 265: [ 20.886405] kasan_save_stack+0x3c/0x68 [ 20.886493] kasan_save_track+0x20/0x40 [ 20.886536] kasan_save_alloc_info+0x40/0x58 [ 20.886579] __kasan_kmalloc+0xd4/0xd8 [ 20.886627] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.886669] kasan_atomics+0xb8/0x2e0 [ 20.886705] kunit_try_run_case+0x170/0x3f0 [ 20.886754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.886799] kthread+0x328/0x630 [ 20.886843] ret_from_fork+0x10/0x20 [ 20.886880] [ 20.886901] The buggy address belongs to the object at fff00000c6f13780 [ 20.886901] which belongs to the cache kmalloc-64 of size 64 [ 20.886999] The buggy address is located 0 bytes to the right of [ 20.886999] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.887214] [ 20.887340] The buggy address belongs to the physical page: [ 20.887445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.887680] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.887983] page_type: f5(slab) [ 20.888075] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.888128] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.888170] page dumped because: kasan: bad access detected [ 20.888326] [ 20.888347] Memory state around the buggy address: [ 20.888382] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.888594] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.888726] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.888828] ^ [ 20.889146] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.889248] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.889289] ================================================================== [ 20.832111] ================================================================== [ 20.832166] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 20.832374] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.832435] [ 20.832543] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.832700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.832848] Hardware name: linux,dummy-virt (DT) [ 20.832885] Call trace: [ 20.833059] show_stack+0x20/0x38 (C) [ 20.833163] dump_stack_lvl+0x8c/0xd0 [ 20.833261] print_report+0x118/0x608 [ 20.833311] kasan_report+0xdc/0x128 [ 20.833405] kasan_check_range+0x100/0x1a8 [ 20.833504] __kasan_check_write+0x20/0x30 [ 20.833567] kasan_atomics_helper+0x126c/0x4858 [ 20.833616] kasan_atomics+0x198/0x2e0 [ 20.833682] kunit_try_run_case+0x170/0x3f0 [ 20.833731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.833977] kthread+0x328/0x630 [ 20.834087] ret_from_fork+0x10/0x20 [ 20.834426] [ 20.834486] Allocated by task 265: [ 20.834520] kasan_save_stack+0x3c/0x68 [ 20.834617] kasan_save_track+0x20/0x40 [ 20.834695] kasan_save_alloc_info+0x40/0x58 [ 20.834740] __kasan_kmalloc+0xd4/0xd8 [ 20.834777] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.834830] kasan_atomics+0xb8/0x2e0 [ 20.834867] kunit_try_run_case+0x170/0x3f0 [ 20.834908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.834958] kthread+0x328/0x630 [ 20.834991] ret_from_fork+0x10/0x20 [ 20.835029] [ 20.835073] The buggy address belongs to the object at fff00000c6f13780 [ 20.835073] which belongs to the cache kmalloc-64 of size 64 [ 20.835135] The buggy address is located 0 bytes to the right of [ 20.835135] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.835200] [ 20.835393] The buggy address belongs to the physical page: [ 20.835432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.835510] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.835560] page_type: f5(slab) [ 20.835598] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.835686] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.835836] page dumped because: kasan: bad access detected [ 20.835922] [ 20.836017] Memory state around the buggy address: [ 20.836102] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.836199] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.836662] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.836735] ^ [ 20.836771] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.836946] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.837150] ================================================================== [ 20.732119] ================================================================== [ 20.732172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 20.732602] Read of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.732739] [ 20.732782] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.732875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.733220] Hardware name: linux,dummy-virt (DT) [ 20.733455] Call trace: [ 20.733487] show_stack+0x20/0x38 (C) [ 20.733733] dump_stack_lvl+0x8c/0xd0 [ 20.733862] print_report+0x118/0x608 [ 20.733933] kasan_report+0xdc/0x128 [ 20.734002] kasan_check_range+0x100/0x1a8 [ 20.734052] __kasan_check_read+0x20/0x30 [ 20.734386] kasan_atomics_helper+0xdd4/0x4858 [ 20.734605] kasan_atomics+0x198/0x2e0 [ 20.734817] kunit_try_run_case+0x170/0x3f0 [ 20.734881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.735001] kthread+0x328/0x630 [ 20.735123] ret_from_fork+0x10/0x20 [ 20.735238] [ 20.735260] Allocated by task 265: [ 20.735291] kasan_save_stack+0x3c/0x68 [ 20.735562] kasan_save_track+0x20/0x40 [ 20.735726] kasan_save_alloc_info+0x40/0x58 [ 20.735962] __kasan_kmalloc+0xd4/0xd8 [ 20.736150] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.736203] kasan_atomics+0xb8/0x2e0 [ 20.736242] kunit_try_run_case+0x170/0x3f0 [ 20.736543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.736858] kthread+0x328/0x630 [ 20.737011] ret_from_fork+0x10/0x20 [ 20.737328] [ 20.737446] The buggy address belongs to the object at fff00000c6f13780 [ 20.737446] which belongs to the cache kmalloc-64 of size 64 [ 20.738055] The buggy address is located 0 bytes to the right of [ 20.738055] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.738470] [ 20.738628] The buggy address belongs to the physical page: [ 20.738673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.738776] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.738844] page_type: f5(slab) [ 20.738892] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.739182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.739394] page dumped because: kasan: bad access detected [ 20.739431] [ 20.739454] Memory state around the buggy address: [ 20.739650] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.740068] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.740298] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.740485] ^ [ 20.740606] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.740652] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.740705] ================================================================== [ 20.626588] ================================================================== [ 20.626639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 20.626707] Write of size 4 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.626759] [ 20.626824] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.626929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.627097] Hardware name: linux,dummy-virt (DT) [ 20.627352] Call trace: [ 20.627429] show_stack+0x20/0x38 (C) [ 20.627532] dump_stack_lvl+0x8c/0xd0 [ 20.627583] print_report+0x118/0x608 [ 20.627755] kasan_report+0xdc/0x128 [ 20.627815] kasan_check_range+0x100/0x1a8 [ 20.628019] __kasan_check_write+0x20/0x30 [ 20.628118] kasan_atomics_helper+0x99c/0x4858 [ 20.628278] kasan_atomics+0x198/0x2e0 [ 20.628383] kunit_try_run_case+0x170/0x3f0 [ 20.628720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.628868] kthread+0x328/0x630 [ 20.629016] ret_from_fork+0x10/0x20 [ 20.629153] [ 20.629250] Allocated by task 265: [ 20.629390] kasan_save_stack+0x3c/0x68 [ 20.629515] kasan_save_track+0x20/0x40 [ 20.629556] kasan_save_alloc_info+0x40/0x58 [ 20.629839] __kasan_kmalloc+0xd4/0xd8 [ 20.629956] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.630020] kasan_atomics+0xb8/0x2e0 [ 20.630126] kunit_try_run_case+0x170/0x3f0 [ 20.630500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.630651] kthread+0x328/0x630 [ 20.630698] ret_from_fork+0x10/0x20 [ 20.630737] [ 20.630765] The buggy address belongs to the object at fff00000c6f13780 [ 20.630765] which belongs to the cache kmalloc-64 of size 64 [ 20.630836] The buggy address is located 0 bytes to the right of [ 20.630836] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.630899] [ 20.630940] The buggy address belongs to the physical page: [ 20.630972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.631024] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.631073] page_type: f5(slab) [ 20.631111] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.631162] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.631204] page dumped because: kasan: bad access detected [ 20.631238] [ 20.631258] Memory state around the buggy address: [ 20.631291] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.631532] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.631671] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.631818] ^ [ 20.632199] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.632283] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.633024] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 20.633976] __kasan_check_write+0x20/0x30 [ 20.634318] [ 20.634338] Allocated by task 265: [ 20.634377] kasan_save_stack+0x3c/0x68 [ 20.634418] kasan_save_track+0x20/0x40 [ 20.634467] kasan_save_alloc_info+0x40/0x58 [ 20.634508] __kasan_kmalloc+0xd4/0xd8 [ 20.634548] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.634588] kasan_atomics+0xb8/0x2e0 [ 20.634631] kunit_try_run_case+0x170/0x3f0 [ 20.634670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.634724] kthread+0x328/0x630 [ 20.634758] ret_from_fork+0x10/0x20 [ 20.634796] [ 20.634828] The buggy address belongs to the object at fff00000c6f13780 [ 20.634828] which belongs to the cache kmalloc-64 of size 64 [ 20.634885] The buggy address is located 0 bytes to the right of [ 20.634885] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.634947] [ 20.634970] The buggy address belongs to the physical page: [ 20.635019] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.635072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.635118] page_type: f5(slab) [ 20.635155] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.635212] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.635255] page dumped because: kasan: bad access detected [ 20.635288] [ 20.635308] Memory state around the buggy address: [ 20.635346] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.635394] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.635438] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.635478] ^ [ 20.635512] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.635555] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.635595] ================================================================== [ 20.851869] ================================================================== [ 20.852236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 20.852528] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.852675] [ 20.852753] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.852914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.852971] Hardware name: linux,dummy-virt (DT) [ 20.853006] Call trace: [ 20.853051] show_stack+0x20/0x38 (C) [ 20.853105] dump_stack_lvl+0x8c/0xd0 [ 20.853151] print_report+0x118/0x608 [ 20.853219] kasan_report+0xdc/0x128 [ 20.853441] kasan_check_range+0x100/0x1a8 [ 20.853533] __kasan_check_write+0x20/0x30 [ 20.853652] kasan_atomics_helper+0x1414/0x4858 [ 20.853702] kasan_atomics+0x198/0x2e0 [ 20.853778] kunit_try_run_case+0x170/0x3f0 [ 20.854109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.854177] kthread+0x328/0x630 [ 20.854263] ret_from_fork+0x10/0x20 [ 20.854317] [ 20.854366] Allocated by task 265: [ 20.854400] kasan_save_stack+0x3c/0x68 [ 20.854467] kasan_save_track+0x20/0x40 [ 20.854555] kasan_save_alloc_info+0x40/0x58 [ 20.854636] __kasan_kmalloc+0xd4/0xd8 [ 20.854702] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.854744] kasan_atomics+0xb8/0x2e0 [ 20.854781] kunit_try_run_case+0x170/0x3f0 [ 20.854834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.854877] kthread+0x328/0x630 [ 20.854926] ret_from_fork+0x10/0x20 [ 20.854965] [ 20.854986] The buggy address belongs to the object at fff00000c6f13780 [ 20.854986] which belongs to the cache kmalloc-64 of size 64 [ 20.855045] The buggy address is located 0 bytes to the right of [ 20.855045] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.855109] [ 20.855130] The buggy address belongs to the physical page: [ 20.855162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.855216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.855264] page_type: f5(slab) [ 20.855302] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.855355] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.855398] page dumped because: kasan: bad access detected [ 20.855433] [ 20.855453] Memory state around the buggy address: [ 20.855486] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.855531] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.855575] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.855616] ^ [ 20.855649] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.855692] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.855730] ================================================================== [ 20.752970] ================================================================== [ 20.753019] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 20.753069] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.753119] [ 20.753150] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.753231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.753259] Hardware name: linux,dummy-virt (DT) [ 20.753292] Call trace: [ 20.753340] show_stack+0x20/0x38 (C) [ 20.753391] dump_stack_lvl+0x8c/0xd0 [ 20.753448] print_report+0x118/0x608 [ 20.753506] kasan_report+0xdc/0x128 [ 20.753553] __asan_report_store8_noabort+0x20/0x30 [ 20.753603] kasan_atomics_helper+0x3e5c/0x4858 [ 20.753661] kasan_atomics+0x198/0x2e0 [ 20.753709] kunit_try_run_case+0x170/0x3f0 [ 20.753757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.753824] kthread+0x328/0x630 [ 20.753867] ret_from_fork+0x10/0x20 [ 20.753916] [ 20.753936] Allocated by task 265: [ 20.753963] kasan_save_stack+0x3c/0x68 [ 20.754006] kasan_save_track+0x20/0x40 [ 20.754044] kasan_save_alloc_info+0x40/0x58 [ 20.754451] __kasan_kmalloc+0xd4/0xd8 [ 20.754606] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.754660] kasan_atomics+0xb8/0x2e0 [ 20.754849] kunit_try_run_case+0x170/0x3f0 [ 20.754901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.755068] kthread+0x328/0x630 [ 20.755214] ret_from_fork+0x10/0x20 [ 20.755389] [ 20.755487] The buggy address belongs to the object at fff00000c6f13780 [ 20.755487] which belongs to the cache kmalloc-64 of size 64 [ 20.755547] The buggy address is located 0 bytes to the right of [ 20.755547] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.755728] [ 20.755753] The buggy address belongs to the physical page: [ 20.755786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.755852] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.755967] page_type: f5(slab) [ 20.756139] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.756216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.756350] page dumped because: kasan: bad access detected [ 20.756630] [ 20.756712] Memory state around the buggy address: [ 20.756813] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.756917] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.756990] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.757031] ^ [ 20.757066] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.757109] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.757285] ================================================================== [ 20.779131] ================================================================== [ 20.779439] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 20.780196] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.780300] [ 20.780506] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.780893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.780986] Hardware name: linux,dummy-virt (DT) [ 20.781147] Call trace: [ 20.781254] show_stack+0x20/0x38 (C) [ 20.781329] dump_stack_lvl+0x8c/0xd0 [ 20.781657] print_report+0x118/0x608 [ 20.781781] kasan_report+0xdc/0x128 [ 20.782182] kasan_check_range+0x100/0x1a8 [ 20.782363] __kasan_check_write+0x20/0x30 [ 20.782514] kasan_atomics_helper+0xff0/0x4858 [ 20.782658] kasan_atomics+0x198/0x2e0 [ 20.782862] kunit_try_run_case+0x170/0x3f0 [ 20.783076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.783429] kthread+0x328/0x630 [ 20.783593] ret_from_fork+0x10/0x20 [ 20.783850] [ 20.783880] Allocated by task 265: [ 20.783916] kasan_save_stack+0x3c/0x68 [ 20.784275] kasan_save_track+0x20/0x40 [ 20.784362] kasan_save_alloc_info+0x40/0x58 [ 20.784670] __kasan_kmalloc+0xd4/0xd8 [ 20.784778] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.784891] kasan_atomics+0xb8/0x2e0 [ 20.785009] kunit_try_run_case+0x170/0x3f0 [ 20.785239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.785290] kthread+0x328/0x630 [ 20.785517] ret_from_fork+0x10/0x20 [ 20.785721] [ 20.785774] The buggy address belongs to the object at fff00000c6f13780 [ 20.785774] which belongs to the cache kmalloc-64 of size 64 [ 20.786015] The buggy address is located 0 bytes to the right of [ 20.786015] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.786096] [ 20.786118] The buggy address belongs to the physical page: [ 20.786761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.786848] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.787118] page_type: f5(slab) [ 20.787165] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.787496] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.787906] page dumped because: kasan: bad access detected [ 20.788011] [ 20.788032] Memory state around the buggy address: [ 20.788069] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.788629] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.788895] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.788938] ^ [ 20.788974] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.789210] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.789517] ================================================================== [ 20.869186] ================================================================== [ 20.869236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 20.869287] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.869338] [ 20.869370] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.869473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.869503] Hardware name: linux,dummy-virt (DT) [ 20.869539] Call trace: [ 20.869565] show_stack+0x20/0x38 (C) [ 20.869613] dump_stack_lvl+0x8c/0xd0 [ 20.869666] print_report+0x118/0x608 [ 20.869713] kasan_report+0xdc/0x128 [ 20.869760] kasan_check_range+0x100/0x1a8 [ 20.869821] __kasan_check_write+0x20/0x30 [ 20.869875] kasan_atomics_helper+0x154c/0x4858 [ 20.869926] kasan_atomics+0x198/0x2e0 [ 20.869980] kunit_try_run_case+0x170/0x3f0 [ 20.870030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.870083] kthread+0x328/0x630 [ 20.870125] ret_from_fork+0x10/0x20 [ 20.870173] [ 20.870202] Allocated by task 265: [ 20.870231] kasan_save_stack+0x3c/0x68 [ 20.870273] kasan_save_track+0x20/0x40 [ 20.870312] kasan_save_alloc_info+0x40/0x58 [ 20.870354] __kasan_kmalloc+0xd4/0xd8 [ 20.870392] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.870432] kasan_atomics+0xb8/0x2e0 [ 20.870478] kunit_try_run_case+0x170/0x3f0 [ 20.870518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.870561] kthread+0x328/0x630 [ 20.870611] ret_from_fork+0x10/0x20 [ 20.870650] [ 20.870670] The buggy address belongs to the object at fff00000c6f13780 [ 20.870670] which belongs to the cache kmalloc-64 of size 64 [ 20.870738] The buggy address is located 0 bytes to the right of [ 20.870738] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.870812] [ 20.870832] The buggy address belongs to the physical page: [ 20.870866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.870924] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.870971] page_type: f5(slab) [ 20.871008] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.871060] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.871102] page dumped because: kasan: bad access detected [ 20.871136] [ 20.871353] Memory state around the buggy address: [ 20.871724] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.871776] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.871857] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.871902] ^ [ 20.871965] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.872010] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.872172] ================================================================== [ 20.802059] ================================================================== [ 20.802488] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 20.802611] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.802663] [ 20.802697] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.803106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.803503] Hardware name: linux,dummy-virt (DT) [ 20.803593] Call trace: [ 20.803638] show_stack+0x20/0x38 (C) [ 20.803691] dump_stack_lvl+0x8c/0xd0 [ 20.803778] print_report+0x118/0x608 [ 20.804136] kasan_report+0xdc/0x128 [ 20.804276] kasan_check_range+0x100/0x1a8 [ 20.804619] __kasan_check_write+0x20/0x30 [ 20.804788] kasan_atomics_helper+0x10c0/0x4858 [ 20.805036] kasan_atomics+0x198/0x2e0 [ 20.805085] kunit_try_run_case+0x170/0x3f0 [ 20.805429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.805512] kthread+0x328/0x630 [ 20.805859] ret_from_fork+0x10/0x20 [ 20.805930] [ 20.805953] Allocated by task 265: [ 20.805982] kasan_save_stack+0x3c/0x68 [ 20.806063] kasan_save_track+0x20/0x40 [ 20.806104] kasan_save_alloc_info+0x40/0x58 [ 20.806145] __kasan_kmalloc+0xd4/0xd8 [ 20.806212] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.806252] kasan_atomics+0xb8/0x2e0 [ 20.806293] kunit_try_run_case+0x170/0x3f0 [ 20.806342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.806388] kthread+0x328/0x630 [ 20.806430] ret_from_fork+0x10/0x20 [ 20.806469] [ 20.806492] The buggy address belongs to the object at fff00000c6f13780 [ 20.806492] which belongs to the cache kmalloc-64 of size 64 [ 20.806551] The buggy address is located 0 bytes to the right of [ 20.806551] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.806616] [ 20.806646] The buggy address belongs to the physical page: [ 20.806681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.806745] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.808844] page_type: f5(slab) [ 20.808909] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.808962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.809005] page dumped because: kasan: bad access detected [ 20.809040] [ 20.809060] Memory state around the buggy address: [ 20.809094] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.809140] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.809185] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.809226] ^ [ 20.809260] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.809303] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.809341] ================================================================== [ 20.765375] ================================================================== [ 20.765431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 20.765483] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.765534] [ 20.765566] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.765647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.765773] Hardware name: linux,dummy-virt (DT) [ 20.765830] Call trace: [ 20.765855] show_stack+0x20/0x38 (C) [ 20.765907] dump_stack_lvl+0x8c/0xd0 [ 20.765955] print_report+0x118/0x608 [ 20.766196] kasan_report+0xdc/0x128 [ 20.766370] kasan_check_range+0x100/0x1a8 [ 20.766433] __kasan_check_write+0x20/0x30 [ 20.766721] kasan_atomics_helper+0xf20/0x4858 [ 20.767062] kasan_atomics+0x198/0x2e0 [ 20.767383] kunit_try_run_case+0x170/0x3f0 [ 20.767594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.767720] kthread+0x328/0x630 [ 20.767948] ret_from_fork+0x10/0x20 [ 20.768024] [ 20.768046] Allocated by task 265: [ 20.768270] kasan_save_stack+0x3c/0x68 [ 20.768441] kasan_save_track+0x20/0x40 [ 20.768961] kasan_save_alloc_info+0x40/0x58 [ 20.769378] __kasan_kmalloc+0xd4/0xd8 [ 20.769643] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.769692] kasan_atomics+0xb8/0x2e0 [ 20.770048] kunit_try_run_case+0x170/0x3f0 [ 20.770547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.770743] kthread+0x328/0x630 [ 20.770787] ret_from_fork+0x10/0x20 [ 20.770850] [ 20.770884] The buggy address belongs to the object at fff00000c6f13780 [ 20.770884] which belongs to the cache kmalloc-64 of size 64 [ 20.771172] The buggy address is located 0 bytes to the right of [ 20.771172] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.771480] [ 20.771661] The buggy address belongs to the physical page: [ 20.771821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.771884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.771942] page_type: f5(slab) [ 20.771984] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.772595] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.772743] page dumped because: kasan: bad access detected [ 20.772823] [ 20.772975] Memory state around the buggy address: [ 20.773214] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.773568] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.773751] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.773987] ^ [ 20.774086] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.774294] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.774479] ================================================================== [ 20.741630] ================================================================== [ 20.741685] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 20.741765] Read of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.741971] [ 20.742006] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.742086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.742427] Hardware name: linux,dummy-virt (DT) [ 20.742495] Call trace: [ 20.742522] show_stack+0x20/0x38 (C) [ 20.742585] dump_stack_lvl+0x8c/0xd0 [ 20.742638] print_report+0x118/0x608 [ 20.742687] kasan_report+0xdc/0x128 [ 20.742735] __asan_report_load8_noabort+0x20/0x30 [ 20.742782] kasan_atomics_helper+0x3f58/0x4858 [ 20.742847] kasan_atomics+0x198/0x2e0 [ 20.742894] kunit_try_run_case+0x170/0x3f0 [ 20.742980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.743033] kthread+0x328/0x630 [ 20.743156] ret_from_fork+0x10/0x20 [ 20.743435] [ 20.743718] Allocated by task 265: [ 20.744036] kasan_save_stack+0x3c/0x68 [ 20.744176] kasan_save_track+0x20/0x40 [ 20.744249] kasan_save_alloc_info+0x40/0x58 [ 20.744290] __kasan_kmalloc+0xd4/0xd8 [ 20.744329] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.744397] kasan_atomics+0xb8/0x2e0 [ 20.744435] kunit_try_run_case+0x170/0x3f0 [ 20.744507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.744553] kthread+0x328/0x630 [ 20.744671] ret_from_fork+0x10/0x20 [ 20.744853] [ 20.744994] The buggy address belongs to the object at fff00000c6f13780 [ 20.744994] which belongs to the cache kmalloc-64 of size 64 [ 20.745091] The buggy address is located 0 bytes to the right of [ 20.745091] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.745378] [ 20.745414] The buggy address belongs to the physical page: [ 20.745531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.745598] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.745648] page_type: f5(slab) [ 20.745686] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.745749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.745797] page dumped because: kasan: bad access detected [ 20.745868] [ 20.745899] Memory state around the buggy address: [ 20.745939] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.745992] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.746037] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.746076] ^ [ 20.746113] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.746157] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.746207] ================================================================== [ 20.818646] ================================================================== [ 20.818703] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 20.818963] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.819076] [ 20.819204] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.819393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.819748] Hardware name: linux,dummy-virt (DT) [ 20.819920] Call trace: [ 20.820021] show_stack+0x20/0x38 (C) [ 20.820204] dump_stack_lvl+0x8c/0xd0 [ 20.820357] print_report+0x118/0x608 [ 20.820478] kasan_report+0xdc/0x128 [ 20.820547] kasan_check_range+0x100/0x1a8 [ 20.820596] __kasan_check_write+0x20/0x30 [ 20.820642] kasan_atomics_helper+0x1190/0x4858 [ 20.820692] kasan_atomics+0x198/0x2e0 [ 20.821061] kunit_try_run_case+0x170/0x3f0 [ 20.821211] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.821393] kthread+0x328/0x630 [ 20.821485] ret_from_fork+0x10/0x20 [ 20.821877] [ 20.821926] Allocated by task 265: [ 20.822072] kasan_save_stack+0x3c/0x68 [ 20.822157] kasan_save_track+0x20/0x40 [ 20.822197] kasan_save_alloc_info+0x40/0x58 [ 20.822546] __kasan_kmalloc+0xd4/0xd8 [ 20.822687] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.822778] kasan_atomics+0xb8/0x2e0 [ 20.822885] kunit_try_run_case+0x170/0x3f0 [ 20.822954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.823002] kthread+0x328/0x630 [ 20.823216] ret_from_fork+0x10/0x20 [ 20.823371] [ 20.823470] The buggy address belongs to the object at fff00000c6f13780 [ 20.823470] which belongs to the cache kmalloc-64 of size 64 [ 20.823641] The buggy address is located 0 bytes to the right of [ 20.823641] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.823769] [ 20.823882] The buggy address belongs to the physical page: [ 20.823934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.823989] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.824065] page_type: f5(slab) [ 20.824104] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.824157] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.824200] page dumped because: kasan: bad access detected [ 20.824235] [ 20.824255] Memory state around the buggy address: [ 20.824290] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.824852] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.824936] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.824979] ^ [ 20.825016] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.825059] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.825109] ================================================================== [ 20.889458] ================================================================== [ 20.889646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 20.889695] Read of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.889877] [ 20.889920] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.890060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.890104] Hardware name: linux,dummy-virt (DT) [ 20.890138] Call trace: [ 20.890161] show_stack+0x20/0x38 (C) [ 20.890225] dump_stack_lvl+0x8c/0xd0 [ 20.890273] print_report+0x118/0x608 [ 20.890322] kasan_report+0xdc/0x128 [ 20.890368] __asan_report_load8_noabort+0x20/0x30 [ 20.890417] kasan_atomics_helper+0x3df4/0x4858 [ 20.890467] kasan_atomics+0x198/0x2e0 [ 20.890521] kunit_try_run_case+0x170/0x3f0 [ 20.890584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.890648] kthread+0x328/0x630 [ 20.890691] ret_from_fork+0x10/0x20 [ 20.890741] [ 20.890769] Allocated by task 265: [ 20.890797] kasan_save_stack+0x3c/0x68 [ 20.890853] kasan_save_track+0x20/0x40 [ 20.890893] kasan_save_alloc_info+0x40/0x58 [ 20.890936] __kasan_kmalloc+0xd4/0xd8 [ 20.890975] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.891015] kasan_atomics+0xb8/0x2e0 [ 20.891053] kunit_try_run_case+0x170/0x3f0 [ 20.891090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.891136] kthread+0x328/0x630 [ 20.891178] ret_from_fork+0x10/0x20 [ 20.891215] [ 20.891236] The buggy address belongs to the object at fff00000c6f13780 [ 20.891236] which belongs to the cache kmalloc-64 of size 64 [ 20.891304] The buggy address is located 0 bytes to the right of [ 20.891304] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.891370] [ 20.891390] The buggy address belongs to the physical page: [ 20.891423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.891475] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.891524] page_type: f5(slab) [ 20.891572] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.891624] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.891675] page dumped because: kasan: bad access detected [ 20.891710] [ 20.891743] Memory state around the buggy address: [ 20.891777] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.891831] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.891875] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.891919] ^ [ 20.891953] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.891997] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.892036] ================================================================== [ 20.775337] ================================================================== [ 20.775393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 20.775445] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.775772] [ 20.775873] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.775970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.775998] Hardware name: linux,dummy-virt (DT) [ 20.776031] Call trace: [ 20.776065] show_stack+0x20/0x38 (C) [ 20.776120] dump_stack_lvl+0x8c/0xd0 [ 20.776169] print_report+0x118/0x608 [ 20.776218] kasan_report+0xdc/0x128 [ 20.776265] kasan_check_range+0x100/0x1a8 [ 20.776315] __kasan_check_write+0x20/0x30 [ 20.776361] kasan_atomics_helper+0xf88/0x4858 [ 20.776416] kasan_atomics+0x198/0x2e0 [ 20.776474] kunit_try_run_case+0x170/0x3f0 [ 20.776521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.776574] kthread+0x328/0x630 [ 20.776628] ret_from_fork+0x10/0x20 [ 20.776675] [ 20.776696] Allocated by task 265: [ 20.776725] kasan_save_stack+0x3c/0x68 [ 20.776776] kasan_save_track+0x20/0x40 [ 20.776827] kasan_save_alloc_info+0x40/0x58 [ 20.776872] __kasan_kmalloc+0xd4/0xd8 [ 20.776910] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.776952] kasan_atomics+0xb8/0x2e0 [ 20.776989] kunit_try_run_case+0x170/0x3f0 [ 20.777038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.777085] kthread+0x328/0x630 [ 20.777136] ret_from_fork+0x10/0x20 [ 20.777174] [ 20.777195] The buggy address belongs to the object at fff00000c6f13780 [ 20.777195] which belongs to the cache kmalloc-64 of size 64 [ 20.777254] The buggy address is located 0 bytes to the right of [ 20.777254] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.777318] [ 20.777340] The buggy address belongs to the physical page: [ 20.777373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.777426] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.777474] page_type: f5(slab) [ 20.777512] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.777563] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.777605] page dumped because: kasan: bad access detected [ 20.777638] [ 20.777659] Memory state around the buggy address: [ 20.777692] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.777738] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.777780] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.778309] ^ [ 20.778353] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.778427] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.778471] ================================================================== [ 20.843277] ================================================================== [ 20.843325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 20.843399] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.843566] [ 20.843632] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.843736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.843794] Hardware name: linux,dummy-virt (DT) [ 20.843843] Call trace: [ 20.843906] show_stack+0x20/0x38 (C) [ 20.843990] dump_stack_lvl+0x8c/0xd0 [ 20.844040] print_report+0x118/0x608 [ 20.844088] kasan_report+0xdc/0x128 [ 20.844134] kasan_check_range+0x100/0x1a8 [ 20.844254] __kasan_check_write+0x20/0x30 [ 20.844309] kasan_atomics_helper+0x1384/0x4858 [ 20.844454] kasan_atomics+0x198/0x2e0 [ 20.844548] kunit_try_run_case+0x170/0x3f0 [ 20.844598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.844651] kthread+0x328/0x630 [ 20.844696] ret_from_fork+0x10/0x20 [ 20.844742] [ 20.844763] Allocated by task 265: [ 20.844793] kasan_save_stack+0x3c/0x68 [ 20.844848] kasan_save_track+0x20/0x40 [ 20.844888] kasan_save_alloc_info+0x40/0x58 [ 20.844941] __kasan_kmalloc+0xd4/0xd8 [ 20.844979] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.845020] kasan_atomics+0xb8/0x2e0 [ 20.845066] kunit_try_run_case+0x170/0x3f0 [ 20.845108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.845152] kthread+0x328/0x630 [ 20.845195] ret_from_fork+0x10/0x20 [ 20.845233] [ 20.845259] The buggy address belongs to the object at fff00000c6f13780 [ 20.845259] which belongs to the cache kmalloc-64 of size 64 [ 20.845319] The buggy address is located 0 bytes to the right of [ 20.845319] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.845384] [ 20.845413] The buggy address belongs to the physical page: [ 20.845446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.845497] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.845545] page_type: f5(slab) [ 20.845583] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.845635] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.845677] page dumped because: kasan: bad access detected [ 20.845711] [ 20.845730] Memory state around the buggy address: [ 20.845763] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.846351] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.846412] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.846548] ^ [ 20.846587] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.846631] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.846895] ================================================================== [ 20.610967] ================================================================== [ 20.611058] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 20.611196] Write of size 4 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.611266] [ 20.611297] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.611378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.611463] Hardware name: linux,dummy-virt (DT) [ 20.611500] Call trace: [ 20.611524] show_stack+0x20/0x38 (C) [ 20.611707] dump_stack_lvl+0x8c/0xd0 [ 20.611871] print_report+0x118/0x608 [ 20.611942] kasan_report+0xdc/0x128 [ 20.612018] kasan_check_range+0x100/0x1a8 [ 20.612113] kasan_atomics_helper+0x894/0x4858 [ 20.612171] kasan_atomics+0x198/0x2e0 [ 20.612218] kunit_try_run_case+0x170/0x3f0 [ 20.612326] kthread+0x328/0x630 [ 20.612370] ret_from_fork+0x10/0x20 [ 20.612419] [ 20.612440] Allocated by task 265: [ 20.612480] kasan_save_stack+0x3c/0x68 [ 20.612531] kasan_save_track+0x20/0x40 [ 20.612581] kasan_save_alloc_info+0x40/0x58 [ 20.612719] kasan_atomics+0xb8/0x2e0 [ 20.612758] kunit_try_run_case+0x170/0x3f0 [ 20.612798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.613581] [ 20.613654] The buggy address belongs to the object at fff00000c6f13780 [ 20.613654] which belongs to the cache kmalloc-64 of size 64 [ 20.613923] [ 20.614055] The buggy address belongs to the physical page: [ 20.614121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.614185] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.614251] page_type: f5(slab) [ 20.614313] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.614364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.614580] page dumped because: kasan: bad access detected [ 20.614699] [ 20.614820] Memory state around the buggy address: [ 20.614858] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.615034] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.615325] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.615495] ^ [ 20.615542] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.615585] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.615770] ================================================================== [ 20.905233] ================================================================== [ 20.905285] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 20.905336] Write of size 8 at addr fff00000c6f137b0 by task kunit_try_catch/265 [ 20.905385] [ 20.905420] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.905502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.905529] Hardware name: linux,dummy-virt (DT) [ 20.905562] Call trace: [ 20.905586] show_stack+0x20/0x38 (C) [ 20.905635] dump_stack_lvl+0x8c/0xd0 [ 20.905681] print_report+0x118/0x608 [ 20.905730] kasan_report+0xdc/0x128 [ 20.905776] kasan_check_range+0x100/0x1a8 [ 20.905926] __kasan_check_write+0x20/0x30 [ 20.906072] kasan_atomics_helper+0x175c/0x4858 [ 20.906134] kasan_atomics+0x198/0x2e0 [ 20.906231] kunit_try_run_case+0x170/0x3f0 [ 20.906285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.906339] kthread+0x328/0x630 [ 20.906383] ret_from_fork+0x10/0x20 [ 20.906430] [ 20.906486] Allocated by task 265: [ 20.906537] kasan_save_stack+0x3c/0x68 [ 20.906587] kasan_save_track+0x20/0x40 [ 20.906726] kasan_save_alloc_info+0x40/0x58 [ 20.906769] __kasan_kmalloc+0xd4/0xd8 [ 20.906817] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.906860] kasan_atomics+0xb8/0x2e0 [ 20.906896] kunit_try_run_case+0x170/0x3f0 [ 20.907661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.907727] kthread+0x328/0x630 [ 20.907770] ret_from_fork+0x10/0x20 [ 20.908763] [ 20.908866] The buggy address belongs to the object at fff00000c6f13780 [ 20.908866] which belongs to the cache kmalloc-64 of size 64 [ 20.909385] The buggy address is located 0 bytes to the right of [ 20.909385] allocated 48-byte region [fff00000c6f13780, fff00000c6f137b0) [ 20.909896] [ 20.910308] The buggy address belongs to the physical page: [ 20.910470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f13 [ 20.910628] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.910706] page_type: f5(slab) [ 20.911756] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.911940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.912373] page dumped because: kasan: bad access detected [ 20.912427] [ 20.912700] Memory state around the buggy address: [ 20.912833] fff00000c6f13680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.912881] fff00000c6f13700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.913533] >fff00000c6f13780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.913581] ^ [ 20.913618] fff00000c6f13800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.915064] fff00000c6f13880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.915315] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.293087] ================================================================== [ 20.293160] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 20.293230] Read of size 1 at addr fff00000c639a398 by task kunit_try_catch/257 [ 20.293284] [ 20.293324] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.293409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.293440] Hardware name: linux,dummy-virt (DT) [ 20.293479] Call trace: [ 20.293505] show_stack+0x20/0x38 (C) [ 20.293559] dump_stack_lvl+0x8c/0xd0 [ 20.293609] print_report+0x118/0x608 [ 20.293660] kasan_report+0xdc/0x128 [ 20.293708] __asan_report_load1_noabort+0x20/0x30 [ 20.293762] memcmp+0x198/0x1d8 [ 20.293825] kasan_memcmp+0x16c/0x300 [ 20.293873] kunit_try_run_case+0x170/0x3f0 [ 20.293925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.293981] kthread+0x328/0x630 [ 20.294869] ret_from_fork+0x10/0x20 [ 20.296141] [ 20.296199] Allocated by task 257: [ 20.296247] kasan_save_stack+0x3c/0x68 [ 20.296302] kasan_save_track+0x20/0x40 [ 20.296347] kasan_save_alloc_info+0x40/0x58 [ 20.296389] __kasan_kmalloc+0xd4/0xd8 [ 20.296922] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.296979] kasan_memcmp+0xbc/0x300 [ 20.297015] kunit_try_run_case+0x170/0x3f0 [ 20.297141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.297188] kthread+0x328/0x630 [ 20.297287] ret_from_fork+0x10/0x20 [ 20.297497] [ 20.297642] The buggy address belongs to the object at fff00000c639a380 [ 20.297642] which belongs to the cache kmalloc-32 of size 32 [ 20.297792] The buggy address is located 0 bytes to the right of [ 20.297792] allocated 24-byte region [fff00000c639a380, fff00000c639a398) [ 20.297918] [ 20.298491] page_type: f5(slab) [ 20.299602] fff00000c639a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.316237] # kasan_strings: EXPECTATION FAILED at mm/kasan/kasan_test_c.c:1612 [ 20.316237] KASAN failure expected in \"kasan_ptr_result = strrchr(ptr, '1')\", but none occurred [ 20.321908] __kasan_slab_free+0x6c/0x98 [ 20.323240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10639a [ 20.324208] fff00000c639a400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.327408] __asan_report_load1_noabort+0x20/0x30 [ 20.329834] kasan_strings+0xc8/0xb00 [ 20.331155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.331784] The buggy address belongs to the physical page: [ 20.332436] fff00000c639a400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.335456] dump_stack_lvl+0x8c/0xd0 [ 20.337050] [ 20.337713] kthread+0x328/0x630 [ 20.338875] [ 20.339389] fff00000c639a580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.341512] Call trace: [ 20.343063] kasan_save_alloc_info+0x40/0x58 [ 20.343509] Freed by task 259: [ 20.344166] The buggy address is located 16 bytes inside of [ 20.344166] freed 32-byte region [fff00000c639a540, fff00000c639a560) [ 20.355379] Call trace: [ 20.356718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.358540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.359188] The buggy address is located 8 bytes inside of [ 20.359188] allocated 9-byte region [fff00000c46e6be0, fff00000c46e6be9) [ 20.360299] fff00000c46e6a80: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 20.361043] fff00000c46e6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.361937] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.363772] __asan_report_load8_noabort+0x20/0x30 [ 20.365273] kasan_save_track+0x20/0x40 [ 20.365355] kasan_save_alloc_info+0x40/0x58 [ 20.365675] kunit_try_run_case+0x170/0x3f0 [ 20.366382] [ 20.366436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e6 [ 20.367471] >fff00000c46e6b80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.368124] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.266880] ================================================================== [ 20.267007] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 20.267094] Read of size 1 at addr ffff800080a77b4a by task kunit_try_catch/253 [ 20.267146] [ 20.267200] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.267291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.267329] Hardware name: linux,dummy-virt (DT) [ 20.267365] Call trace: [ 20.267800] show_stack+0x20/0x38 (C) [ 20.268068] dump_stack_lvl+0x8c/0xd0 [ 20.268203] print_report+0x310/0x608 [ 20.268275] kasan_report+0xdc/0x128 [ 20.268440] __asan_report_load1_noabort+0x20/0x30 [ 20.268599] kasan_alloca_oob_right+0x2dc/0x340 [ 20.268670] kunit_try_run_case+0x170/0x3f0 [ 20.268764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.269054] kthread+0x328/0x630 [ 20.269217] ret_from_fork+0x10/0x20 [ 20.269444] [ 20.269529] The buggy address belongs to stack of task kunit_try_catch/253 [ 20.269687] [ 20.269747] The buggy address belongs to the virtual mapping at [ 20.269747] [ffff800080a70000, ffff800080a79000) created by: [ 20.269747] kernel_clone+0x150/0x7a8 [ 20.269837] [ 20.269859] The buggy address belongs to the physical page: [ 20.269900] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 20.269961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.270037] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.270087] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.270138] page dumped because: kasan: bad access detected [ 20.270182] [ 20.270210] Memory state around the buggy address: [ 20.270253] ffff800080a77a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.270300] ffff800080a77a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.270353] >ffff800080a77b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.270399] ^ [ 20.270444] ffff800080a77b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.270506] ffff800080a77c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.270547] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.253781] ================================================================== [ 20.254124] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 20.254414] Read of size 1 at addr ffff800080a77b5f by task kunit_try_catch/251 [ 20.254785] [ 20.254991] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.255143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.255268] Hardware name: linux,dummy-virt (DT) [ 20.255331] Call trace: [ 20.255354] show_stack+0x20/0x38 (C) [ 20.255407] dump_stack_lvl+0x8c/0xd0 [ 20.255626] print_report+0x310/0x608 [ 20.255677] kasan_report+0xdc/0x128 [ 20.255767] __asan_report_load1_noabort+0x20/0x30 [ 20.255864] kasan_alloca_oob_left+0x2b8/0x310 [ 20.255918] kunit_try_run_case+0x170/0x3f0 [ 20.256045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.256098] kthread+0x328/0x630 [ 20.256181] ret_from_fork+0x10/0x20 [ 20.256271] [ 20.256294] The buggy address belongs to stack of task kunit_try_catch/251 [ 20.256421] [ 20.256567] The buggy address belongs to the virtual mapping at [ 20.256567] [ffff800080a70000, ffff800080a79000) created by: [ 20.256567] kernel_clone+0x150/0x7a8 [ 20.256737] [ 20.256836] The buggy address belongs to the physical page: [ 20.256931] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 20.256986] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.257349] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.257576] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.257674] page dumped because: kasan: bad access detected [ 20.257859] [ 20.257960] Memory state around the buggy address: [ 20.258126] ffff800080a77a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.258238] ffff800080a77a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.258294] >ffff800080a77b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 20.258465] ^ [ 20.258784] ffff800080a77b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.258975] ffff800080a77c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.259093] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.239018] ================================================================== [ 20.239347] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 20.239504] Read of size 1 at addr ffff800080a77c2a by task kunit_try_catch/249 [ 20.239573] [ 20.239609] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.239827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.239858] Hardware name: linux,dummy-virt (DT) [ 20.239893] Call trace: [ 20.239922] show_stack+0x20/0x38 (C) [ 20.239972] dump_stack_lvl+0x8c/0xd0 [ 20.240065] print_report+0x310/0x608 [ 20.240222] kasan_report+0xdc/0x128 [ 20.240407] __asan_report_load1_noabort+0x20/0x30 [ 20.240480] kasan_stack_oob+0x238/0x270 [ 20.240800] kunit_try_run_case+0x170/0x3f0 [ 20.241038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.241221] kthread+0x328/0x630 [ 20.241299] ret_from_fork+0x10/0x20 [ 20.241348] [ 20.241537] The buggy address belongs to stack of task kunit_try_catch/249 [ 20.242113] and is located at offset 138 in frame: [ 20.242160] kasan_stack_oob+0x0/0x270 [ 20.242851] [ 20.243016] This frame has 4 objects: [ 20.243252] [48, 49) '__assertion' [ 20.243298] [64, 72) 'array' [ 20.243330] [96, 112) '__assertion' [ 20.243542] [128, 138) 'stack_array' [ 20.243723] [ 20.243890] The buggy address belongs to the virtual mapping at [ 20.243890] [ffff800080a70000, ffff800080a79000) created by: [ 20.243890] kernel_clone+0x150/0x7a8 [ 20.244268] [ 20.244384] The buggy address belongs to the physical page: [ 20.244469] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f35 [ 20.244551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.244642] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.244690] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.244931] page dumped because: kasan: bad access detected [ 20.245110] [ 20.245221] Memory state around the buggy address: [ 20.245371] ffff800080a77b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.245454] ffff800080a77b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 20.245646] >ffff800080a77c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 20.245880] ^ [ 20.245935] ffff800080a77c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 20.246115] ffff800080a77d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.246314] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.223009] ================================================================== [ 20.223073] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 20.223185] Read of size 1 at addr ffffae9c2834f5cd by task kunit_try_catch/245 [ 20.223643] [ 20.223941] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.224048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.224075] Hardware name: linux,dummy-virt (DT) [ 20.224126] Call trace: [ 20.224149] show_stack+0x20/0x38 (C) [ 20.224231] dump_stack_lvl+0x8c/0xd0 [ 20.224417] print_report+0x310/0x608 [ 20.224568] kasan_report+0xdc/0x128 [ 20.224676] __asan_report_load1_noabort+0x20/0x30 [ 20.225012] kasan_global_oob_right+0x230/0x270 [ 20.225143] kunit_try_run_case+0x170/0x3f0 [ 20.225297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.225493] kthread+0x328/0x630 [ 20.225570] ret_from_fork+0x10/0x20 [ 20.225628] [ 20.225685] The buggy address belongs to the variable: [ 20.225793] global_array+0xd/0x40 [ 20.226070] [ 20.226459] The buggy address belongs to the virtual mapping at [ 20.226459] [ffffae9c26500000, ffffae9c28401000) created by: [ 20.226459] paging_init+0x66c/0x7d0 [ 20.226699] [ 20.227025] The buggy address belongs to the physical page: [ 20.227115] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 20.227171] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 20.227356] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 20.227443] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.227635] page dumped because: kasan: bad access detected [ 20.227795] [ 20.227866] Memory state around the buggy address: [ 20.227986] ffffae9c2834f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.228048] ffffae9c2834f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.228119] >ffffae9c2834f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 20.228523] ^ [ 20.228661] ffffae9c2834f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.228756] ffffae9c2834f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.228886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.105823] ================================================================== [ 20.105885] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.105938] Read of size 1 at addr fff00000c77f8000 by task kunit_try_catch/229 [ 20.105988] [ 20.106021] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.106103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.106146] Hardware name: linux,dummy-virt (DT) [ 20.106178] Call trace: [ 20.106201] show_stack+0x20/0x38 (C) [ 20.106250] dump_stack_lvl+0x8c/0xd0 [ 20.106309] print_report+0x118/0x608 [ 20.106354] kasan_report+0xdc/0x128 [ 20.106400] __asan_report_load1_noabort+0x20/0x30 [ 20.106451] mempool_uaf_helper+0x314/0x340 [ 20.106495] mempool_kmalloc_large_uaf+0xc4/0x120 [ 20.106552] kunit_try_run_case+0x170/0x3f0 [ 20.106600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.106649] kthread+0x328/0x630 [ 20.106689] ret_from_fork+0x10/0x20 [ 20.106741] [ 20.106762] The buggy address belongs to the physical page: [ 20.106793] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077f8 [ 20.106859] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.106904] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.106985] page_type: f8(unknown) [ 20.107024] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.107331] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.107393] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.107502] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.107563] head: 0bfffe0000000002 ffffc1ffc31dfe01 00000000ffffffff 00000000ffffffff [ 20.107691] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.107912] page dumped because: kasan: bad access detected [ 20.107944] [ 20.107962] Memory state around the buggy address: [ 20.107997] fff00000c77f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.108236] fff00000c77f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.108318] >fff00000c77f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.108415] ^ [ 20.108466] fff00000c77f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.108546] fff00000c77f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.108619] ================================================================== [ 20.148975] ================================================================== [ 20.149059] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.149168] Read of size 1 at addr fff00000c77fc000 by task kunit_try_catch/233 [ 20.149270] [ 20.149500] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.149686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.149744] Hardware name: linux,dummy-virt (DT) [ 20.150006] Call trace: [ 20.150147] show_stack+0x20/0x38 (C) [ 20.150307] dump_stack_lvl+0x8c/0xd0 [ 20.150360] print_report+0x118/0x608 [ 20.150420] kasan_report+0xdc/0x128 [ 20.150466] __asan_report_load1_noabort+0x20/0x30 [ 20.150607] mempool_uaf_helper+0x314/0x340 [ 20.150654] mempool_page_alloc_uaf+0xc0/0x118 [ 20.150796] kunit_try_run_case+0x170/0x3f0 [ 20.150892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.151073] kthread+0x328/0x630 [ 20.151156] ret_from_fork+0x10/0x20 [ 20.151227] [ 20.151248] The buggy address belongs to the physical page: [ 20.151621] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077fc [ 20.151772] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.151938] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.152108] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.152183] page dumped because: kasan: bad access detected [ 20.152215] [ 20.152361] Memory state around the buggy address: [ 20.152607] fff00000c77fbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.152843] fff00000c77fbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.152958] >fff00000c77fc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.153033] ^ [ 20.153063] fff00000c77fc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.153111] fff00000c77fc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.153423] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.116240] ================================================================== [ 20.116313] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.116375] Read of size 1 at addr fff00000c6f42240 by task kunit_try_catch/231 [ 20.116424] [ 20.116454] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.116534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.116571] Hardware name: linux,dummy-virt (DT) [ 20.116601] Call trace: [ 20.116625] show_stack+0x20/0x38 (C) [ 20.116673] dump_stack_lvl+0x8c/0xd0 [ 20.116719] print_report+0x118/0x608 [ 20.116765] kasan_report+0xdc/0x128 [ 20.116824] __asan_report_load1_noabort+0x20/0x30 [ 20.116875] mempool_uaf_helper+0x314/0x340 [ 20.116920] mempool_slab_uaf+0xc0/0x118 [ 20.116965] kunit_try_run_case+0x170/0x3f0 [ 20.117013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.117065] kthread+0x328/0x630 [ 20.117106] ret_from_fork+0x10/0x20 [ 20.117153] [ 20.117171] Allocated by task 231: [ 20.117216] kasan_save_stack+0x3c/0x68 [ 20.117258] kasan_save_track+0x20/0x40 [ 20.117297] kasan_save_alloc_info+0x40/0x58 [ 20.117337] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.117600] remove_element+0x16c/0x1f8 [ 20.117874] mempool_alloc_preallocated+0x58/0xc0 [ 20.117926] mempool_uaf_helper+0xa4/0x340 [ 20.117964] mempool_slab_uaf+0xc0/0x118 [ 20.118001] kunit_try_run_case+0x170/0x3f0 [ 20.118038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.118082] kthread+0x328/0x630 [ 20.118115] ret_from_fork+0x10/0x20 [ 20.118151] [ 20.118170] Freed by task 231: [ 20.118197] kasan_save_stack+0x3c/0x68 [ 20.118236] kasan_save_track+0x20/0x40 [ 20.118282] kasan_save_free_info+0x4c/0x78 [ 20.118320] __kasan_mempool_poison_object+0xc0/0x150 [ 20.118675] mempool_free+0x28c/0x328 [ 20.118716] mempool_uaf_helper+0x104/0x340 [ 20.118752] mempool_slab_uaf+0xc0/0x118 [ 20.118790] kunit_try_run_case+0x170/0x3f0 [ 20.118838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.118891] kthread+0x328/0x630 [ 20.118949] ret_from_fork+0x10/0x20 [ 20.119326] [ 20.119346] The buggy address belongs to the object at fff00000c6f42240 [ 20.119346] which belongs to the cache test_cache of size 123 [ 20.119413] The buggy address is located 0 bytes inside of [ 20.119413] freed 123-byte region [fff00000c6f42240, fff00000c6f422bb) [ 20.119614] [ 20.119634] The buggy address belongs to the physical page: [ 20.119669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f42 [ 20.119749] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.119796] page_type: f5(slab) [ 20.119866] raw: 0bfffe0000000000 fff00000c6f47140 dead000000000122 0000000000000000 [ 20.119920] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.119959] page dumped because: kasan: bad access detected [ 20.119990] [ 20.120009] Memory state around the buggy address: [ 20.120040] fff00000c6f42100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.120282] fff00000c6f42180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.120330] >fff00000c6f42200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.120482] ^ [ 20.120550] fff00000c6f42280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.120592] fff00000c6f42300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.120630] ================================================================== [ 20.092215] ================================================================== [ 20.092447] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.092636] Read of size 1 at addr fff00000c76c4500 by task kunit_try_catch/227 [ 20.092721] [ 20.092843] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.092934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.092963] Hardware name: linux,dummy-virt (DT) [ 20.093004] Call trace: [ 20.093028] show_stack+0x20/0x38 (C) [ 20.093082] dump_stack_lvl+0x8c/0xd0 [ 20.093132] print_report+0x118/0x608 [ 20.093180] kasan_report+0xdc/0x128 [ 20.093225] __asan_report_load1_noabort+0x20/0x30 [ 20.093275] mempool_uaf_helper+0x314/0x340 [ 20.093321] mempool_kmalloc_uaf+0xc4/0x120 [ 20.093387] kunit_try_run_case+0x170/0x3f0 [ 20.093438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.093501] kthread+0x328/0x630 [ 20.093545] ret_from_fork+0x10/0x20 [ 20.093602] [ 20.093623] Allocated by task 227: [ 20.093650] kasan_save_stack+0x3c/0x68 [ 20.093698] kasan_save_track+0x20/0x40 [ 20.093746] kasan_save_alloc_info+0x40/0x58 [ 20.093793] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.094159] remove_element+0x130/0x1f8 [ 20.094349] mempool_alloc_preallocated+0x58/0xc0 [ 20.094478] mempool_uaf_helper+0xa4/0x340 [ 20.094522] mempool_kmalloc_uaf+0xc4/0x120 [ 20.094560] kunit_try_run_case+0x170/0x3f0 [ 20.094604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.094816] kthread+0x328/0x630 [ 20.095070] ret_from_fork+0x10/0x20 [ 20.095188] [ 20.095241] Freed by task 227: [ 20.095271] kasan_save_stack+0x3c/0x68 [ 20.095311] kasan_save_track+0x20/0x40 [ 20.095604] kasan_save_free_info+0x4c/0x78 [ 20.095730] __kasan_mempool_poison_object+0xc0/0x150 [ 20.095894] mempool_free+0x28c/0x328 [ 20.096011] mempool_uaf_helper+0x104/0x340 [ 20.096054] mempool_kmalloc_uaf+0xc4/0x120 [ 20.096267] kunit_try_run_case+0x170/0x3f0 [ 20.096347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.096389] kthread+0x328/0x630 [ 20.096454] ret_from_fork+0x10/0x20 [ 20.096616] [ 20.096645] The buggy address belongs to the object at fff00000c76c4500 [ 20.096645] which belongs to the cache kmalloc-128 of size 128 [ 20.096957] The buggy address is located 0 bytes inside of [ 20.096957] freed 128-byte region [fff00000c76c4500, fff00000c76c4580) [ 20.097167] [ 20.097302] The buggy address belongs to the physical page: [ 20.097392] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 20.097577] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.097666] page_type: f5(slab) [ 20.097707] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.097826] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.097972] page dumped because: kasan: bad access detected [ 20.098072] [ 20.098139] Memory state around the buggy address: [ 20.098173] fff00000c76c4400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.098363] fff00000c76c4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.098412] >fff00000c76c4500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.098546] ^ [ 20.098651] fff00000c76c4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.098796] fff00000c76c4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.098879] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.017556] ================================================================== [ 20.017639] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.017713] Read of size 1 at addr fff00000c76c4173 by task kunit_try_catch/221 [ 20.017764] [ 20.017823] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.017908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.017935] Hardware name: linux,dummy-virt (DT) [ 20.017969] Call trace: [ 20.017993] show_stack+0x20/0x38 (C) [ 20.018046] dump_stack_lvl+0x8c/0xd0 [ 20.018095] print_report+0x118/0x608 [ 20.018143] kasan_report+0xdc/0x128 [ 20.018186] __asan_report_load1_noabort+0x20/0x30 [ 20.018237] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.018285] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.018332] kunit_try_run_case+0x170/0x3f0 [ 20.018381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.018433] kthread+0x328/0x630 [ 20.018475] ret_from_fork+0x10/0x20 [ 20.018524] [ 20.018543] Allocated by task 221: [ 20.018571] kasan_save_stack+0x3c/0x68 [ 20.018612] kasan_save_track+0x20/0x40 [ 20.018649] kasan_save_alloc_info+0x40/0x58 [ 20.018689] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.018732] remove_element+0x130/0x1f8 [ 20.018769] mempool_alloc_preallocated+0x58/0xc0 [ 20.018818] mempool_oob_right_helper+0x98/0x2f0 [ 20.018856] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.018896] kunit_try_run_case+0x170/0x3f0 [ 20.018956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.018998] kthread+0x328/0x630 [ 20.019033] ret_from_fork+0x10/0x20 [ 20.019067] [ 20.019087] The buggy address belongs to the object at fff00000c76c4100 [ 20.019087] which belongs to the cache kmalloc-128 of size 128 [ 20.019145] The buggy address is located 0 bytes to the right of [ 20.019145] allocated 115-byte region [fff00000c76c4100, fff00000c76c4173) [ 20.019209] [ 20.019231] The buggy address belongs to the physical page: [ 20.019264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 20.019319] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.019373] page_type: f5(slab) [ 20.019413] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.019462] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.019503] page dumped because: kasan: bad access detected [ 20.019536] [ 20.019555] Memory state around the buggy address: [ 20.019588] fff00000c76c4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.019631] fff00000c76c4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.019674] >fff00000c76c4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.019712] ^ [ 20.019751] fff00000c76c4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.019792] fff00000c76c4200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.019842] ================================================================== [ 20.060056] ================================================================== [ 20.060130] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.060190] Read of size 1 at addr fff00000c6f442bb by task kunit_try_catch/225 [ 20.060243] [ 20.060280] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.060361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.060387] Hardware name: linux,dummy-virt (DT) [ 20.060420] Call trace: [ 20.060443] show_stack+0x20/0x38 (C) [ 20.060491] dump_stack_lvl+0x8c/0xd0 [ 20.060660] print_report+0x118/0x608 [ 20.061082] kasan_report+0xdc/0x128 [ 20.061250] __asan_report_load1_noabort+0x20/0x30 [ 20.061302] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.061348] mempool_slab_oob_right+0xc0/0x118 [ 20.061395] kunit_try_run_case+0x170/0x3f0 [ 20.061440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.061491] kthread+0x328/0x630 [ 20.061536] ret_from_fork+0x10/0x20 [ 20.061585] [ 20.061604] Allocated by task 225: [ 20.061631] kasan_save_stack+0x3c/0x68 [ 20.061673] kasan_save_track+0x20/0x40 [ 20.061709] kasan_save_alloc_info+0x40/0x58 [ 20.061748] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.061789] remove_element+0x16c/0x1f8 [ 20.061839] mempool_alloc_preallocated+0x58/0xc0 [ 20.061878] mempool_oob_right_helper+0x98/0x2f0 [ 20.062845] mempool_slab_oob_right+0xc0/0x118 [ 20.062975] kunit_try_run_case+0x170/0x3f0 [ 20.063223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.063395] kthread+0x328/0x630 [ 20.063453] ret_from_fork+0x10/0x20 [ 20.063552] [ 20.063584] The buggy address belongs to the object at fff00000c6f44240 [ 20.063584] which belongs to the cache test_cache of size 123 [ 20.063642] The buggy address is located 0 bytes to the right of [ 20.063642] allocated 123-byte region [fff00000c6f44240, fff00000c6f442bb) [ 20.063712] [ 20.063740] The buggy address belongs to the physical page: [ 20.063783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f44 [ 20.063847] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.063910] page_type: f5(slab) [ 20.063950] raw: 0bfffe0000000000 fff00000c6f47000 dead000000000122 0000000000000000 [ 20.064017] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.064066] page dumped because: kasan: bad access detected [ 20.064098] [ 20.064115] Memory state around the buggy address: [ 20.064173] fff00000c6f44180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.064215] fff00000c6f44200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.064257] >fff00000c6f44280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.064296] ^ [ 20.064336] fff00000c6f44300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.064389] fff00000c6f44380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.064442] ================================================================== [ 20.043850] ================================================================== [ 20.043927] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.044610] Read of size 1 at addr fff00000c77f6001 by task kunit_try_catch/223 [ 20.044682] [ 20.044754] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.045022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.045050] Hardware name: linux,dummy-virt (DT) [ 20.045084] Call trace: [ 20.045108] show_stack+0x20/0x38 (C) [ 20.045161] dump_stack_lvl+0x8c/0xd0 [ 20.045257] print_report+0x118/0x608 [ 20.045303] kasan_report+0xdc/0x128 [ 20.045348] __asan_report_load1_noabort+0x20/0x30 [ 20.045405] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.045454] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 20.045510] kunit_try_run_case+0x170/0x3f0 [ 20.045574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.045626] kthread+0x328/0x630 [ 20.045667] ret_from_fork+0x10/0x20 [ 20.045723] [ 20.045753] The buggy address belongs to the physical page: [ 20.045790] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077f4 [ 20.045855] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.045902] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.045957] page_type: f8(unknown) [ 20.045999] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.046047] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.046096] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.046150] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.046199] head: 0bfffe0000000002 ffffc1ffc31dfd01 00000000ffffffff 00000000ffffffff [ 20.046270] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.046310] page dumped because: kasan: bad access detected [ 20.046341] [ 20.046360] Memory state around the buggy address: [ 20.046393] fff00000c77f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.046435] fff00000c77f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.046476] >fff00000c77f6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.046521] ^ [ 20.046559] fff00000c77f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.046601] fff00000c77f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.046639] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.461871] ================================================================== [ 19.461957] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 19.462029] Read of size 1 at addr fff00000c56b6140 by task kunit_try_catch/215 [ 19.462081] [ 19.462120] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.462206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.462234] Hardware name: linux,dummy-virt (DT) [ 19.462267] Call trace: [ 19.462292] show_stack+0x20/0x38 (C) [ 19.462343] dump_stack_lvl+0x8c/0xd0 [ 19.462392] print_report+0x118/0x608 [ 19.462439] kasan_report+0xdc/0x128 [ 19.462485] __kasan_check_byte+0x54/0x70 [ 19.462530] kmem_cache_destroy+0x34/0x218 [ 19.462577] kmem_cache_double_destroy+0x174/0x300 [ 19.462625] kunit_try_run_case+0x170/0x3f0 [ 19.462672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.462726] kthread+0x328/0x630 [ 19.462767] ret_from_fork+0x10/0x20 [ 19.462830] [ 19.462849] Allocated by task 215: [ 19.462877] kasan_save_stack+0x3c/0x68 [ 19.462919] kasan_save_track+0x20/0x40 [ 19.462960] kasan_save_alloc_info+0x40/0x58 [ 19.463001] __kasan_slab_alloc+0xa8/0xb0 [ 19.463039] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.463079] __kmem_cache_create_args+0x178/0x280 [ 19.463119] kmem_cache_double_destroy+0xc0/0x300 [ 19.463157] kunit_try_run_case+0x170/0x3f0 [ 19.463194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.463237] kthread+0x328/0x630 [ 19.463271] ret_from_fork+0x10/0x20 [ 19.463306] [ 19.463324] Freed by task 215: [ 19.463350] kasan_save_stack+0x3c/0x68 [ 19.463387] kasan_save_track+0x20/0x40 [ 19.463424] kasan_save_free_info+0x4c/0x78 [ 19.463462] __kasan_slab_free+0x6c/0x98 [ 19.463500] kmem_cache_free+0x260/0x468 [ 19.463537] slab_kmem_cache_release+0x38/0x50 [ 19.463574] kmem_cache_release+0x1c/0x30 [ 19.463610] kobject_put+0x17c/0x420 [ 19.463646] sysfs_slab_release+0x1c/0x30 [ 19.463684] kmem_cache_destroy+0x118/0x218 [ 19.463720] kmem_cache_double_destroy+0x128/0x300 [ 19.463760] kunit_try_run_case+0x170/0x3f0 [ 19.463796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.463848] kthread+0x328/0x630 [ 19.463881] ret_from_fork+0x10/0x20 [ 19.463925] [ 19.463946] The buggy address belongs to the object at fff00000c56b6140 [ 19.463946] which belongs to the cache kmem_cache of size 208 [ 19.464002] The buggy address is located 0 bytes inside of [ 19.464002] freed 208-byte region [fff00000c56b6140, fff00000c56b6210) [ 19.464063] [ 19.464083] The buggy address belongs to the physical page: [ 19.464118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056b6 [ 19.464171] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.464223] page_type: f5(slab) [ 19.464264] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 19.464314] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.464355] page dumped because: kasan: bad access detected [ 19.464386] [ 19.464405] Memory state around the buggy address: [ 19.464439] fff00000c56b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.464481] fff00000c56b6080: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 19.464523] >fff00000c56b6100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.464561] ^ [ 19.464594] fff00000c56b6180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.464635] fff00000c56b6200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.464671] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.321104] ================================================================== [ 19.321206] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 19.321286] Read of size 1 at addr fff00000c76e6000 by task kunit_try_catch/213 [ 19.321596] [ 19.321696] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.322108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.322155] Hardware name: linux,dummy-virt (DT) [ 19.322192] Call trace: [ 19.322226] show_stack+0x20/0x38 (C) [ 19.322283] dump_stack_lvl+0x8c/0xd0 [ 19.322374] print_report+0x118/0x608 [ 19.322434] kasan_report+0xdc/0x128 [ 19.322481] __asan_report_load1_noabort+0x20/0x30 [ 19.322532] kmem_cache_rcu_uaf+0x388/0x468 [ 19.322577] kunit_try_run_case+0x170/0x3f0 [ 19.322628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.322680] kthread+0x328/0x630 [ 19.322723] ret_from_fork+0x10/0x20 [ 19.322782] [ 19.322801] Allocated by task 213: [ 19.323045] kasan_save_stack+0x3c/0x68 [ 19.323209] kasan_save_track+0x20/0x40 [ 19.323255] kasan_save_alloc_info+0x40/0x58 [ 19.323508] __kasan_slab_alloc+0xa8/0xb0 [ 19.323728] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.323897] kmem_cache_rcu_uaf+0x12c/0x468 [ 19.324018] kunit_try_run_case+0x170/0x3f0 [ 19.324166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.324215] kthread+0x328/0x630 [ 19.324249] ret_from_fork+0x10/0x20 [ 19.324292] [ 19.324587] Freed by task 0: [ 19.324780] kasan_save_stack+0x3c/0x68 [ 19.325005] kasan_save_track+0x20/0x40 [ 19.325045] kasan_save_free_info+0x4c/0x78 [ 19.325307] __kasan_slab_free+0x6c/0x98 [ 19.325448] slab_free_after_rcu_debug+0xd4/0x2f8 [ 19.325677] rcu_core+0x9f4/0x1e20 [ 19.325746] rcu_core_si+0x18/0x30 [ 19.326006] handle_softirqs+0x374/0xb28 [ 19.326088] __do_softirq+0x1c/0x28 [ 19.326248] [ 19.326769] Last potentially related work creation: [ 19.326986] kasan_save_stack+0x3c/0x68 [ 19.327172] kasan_record_aux_stack+0xb4/0xc8 [ 19.327228] kmem_cache_free+0x120/0x468 [ 19.327267] kmem_cache_rcu_uaf+0x16c/0x468 [ 19.327615] kunit_try_run_case+0x170/0x3f0 [ 19.327720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.327784] kthread+0x328/0x630 [ 19.327826] ret_from_fork+0x10/0x20 [ 19.327862] [ 19.327882] The buggy address belongs to the object at fff00000c76e6000 [ 19.327882] which belongs to the cache test_cache of size 200 [ 19.327973] The buggy address is located 0 bytes inside of [ 19.327973] freed 200-byte region [fff00000c76e6000, fff00000c76e60c8) [ 19.328037] [ 19.328059] The buggy address belongs to the physical page: [ 19.328093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e6 [ 19.328180] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.328234] page_type: f5(slab) [ 19.328282] raw: 0bfffe0000000000 fff00000c46f5c80 dead000000000122 0000000000000000 [ 19.328342] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.328391] page dumped because: kasan: bad access detected [ 19.328422] [ 19.328445] Memory state around the buggy address: [ 19.328479] fff00000c76e5f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.328523] fff00000c76e5f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.328564] >fff00000c76e6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.328602] ^ [ 19.328629] fff00000c76e6080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.328674] fff00000c76e6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.328718] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.714627] ================================================================== [ 18.714690] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 18.715977] Free of addr fff00000c76e8001 by task kunit_try_catch/211 [ 18.716282] [ 18.716512] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.716833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.717247] Hardware name: linux,dummy-virt (DT) [ 18.717319] Call trace: [ 18.717427] show_stack+0x20/0x38 (C) [ 18.717538] dump_stack_lvl+0x8c/0xd0 [ 18.717608] print_report+0x118/0x608 [ 18.718180] kasan_report_invalid_free+0xc0/0xe8 [ 18.718275] check_slab_allocation+0xfc/0x108 [ 18.718663] __kasan_slab_pre_free+0x2c/0x48 [ 18.718736] kmem_cache_free+0xf0/0x468 [ 18.718989] kmem_cache_invalid_free+0x184/0x3c8 [ 18.719152] kunit_try_run_case+0x170/0x3f0 [ 18.719368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.719621] kthread+0x328/0x630 [ 18.719766] ret_from_fork+0x10/0x20 [ 18.720195] [ 18.720239] Allocated by task 211: [ 18.720272] kasan_save_stack+0x3c/0x68 [ 18.720334] kasan_save_track+0x20/0x40 [ 18.720797] kasan_save_alloc_info+0x40/0x58 [ 18.720992] __kasan_slab_alloc+0xa8/0xb0 [ 18.721135] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.721208] kmem_cache_invalid_free+0x12c/0x3c8 [ 18.721264] kunit_try_run_case+0x170/0x3f0 [ 18.721432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.721772] kthread+0x328/0x630 [ 18.721903] ret_from_fork+0x10/0x20 [ 18.721969] [ 18.722063] The buggy address belongs to the object at fff00000c76e8000 [ 18.722063] which belongs to the cache test_cache of size 200 [ 18.722124] The buggy address is located 1 bytes inside of [ 18.722124] 200-byte region [fff00000c76e8000, fff00000c76e80c8) [ 18.722527] [ 18.722555] The buggy address belongs to the physical page: [ 18.722862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e8 [ 18.723086] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.723370] page_type: f5(slab) [ 18.723629] raw: 0bfffe0000000000 fff00000c46f5b40 dead000000000122 0000000000000000 [ 18.723878] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.724124] page dumped because: kasan: bad access detected [ 18.724192] [ 18.724244] Memory state around the buggy address: [ 18.724409] fff00000c76e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.724463] fff00000c76e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.724592] >fff00000c76e8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.724633] ^ [ 18.724661] fff00000c76e8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.724912] fff00000c76e8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.725048] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.686581] ================================================================== [ 18.686657] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 18.686729] Free of addr fff00000c76e9000 by task kunit_try_catch/209 [ 18.686774] [ 18.686826] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.686910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.686947] Hardware name: linux,dummy-virt (DT) [ 18.686981] Call trace: [ 18.687006] show_stack+0x20/0x38 (C) [ 18.687059] dump_stack_lvl+0x8c/0xd0 [ 18.687111] print_report+0x118/0x608 [ 18.687157] kasan_report_invalid_free+0xc0/0xe8 [ 18.687221] check_slab_allocation+0xd4/0x108 [ 18.687270] __kasan_slab_pre_free+0x2c/0x48 [ 18.687316] kmem_cache_free+0xf0/0x468 [ 18.687362] kmem_cache_double_free+0x190/0x3c8 [ 18.687410] kunit_try_run_case+0x170/0x3f0 [ 18.687466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.687518] kthread+0x328/0x630 [ 18.687561] ret_from_fork+0x10/0x20 [ 18.687616] [ 18.687639] Allocated by task 209: [ 18.687677] kasan_save_stack+0x3c/0x68 [ 18.687717] kasan_save_track+0x20/0x40 [ 18.687754] kasan_save_alloc_info+0x40/0x58 [ 18.687794] __kasan_slab_alloc+0xa8/0xb0 [ 18.688005] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.688645] kmem_cache_double_free+0x12c/0x3c8 [ 18.688855] kunit_try_run_case+0x170/0x3f0 [ 18.689098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.689212] kthread+0x328/0x630 [ 18.689298] ret_from_fork+0x10/0x20 [ 18.689448] [ 18.689787] Freed by task 209: [ 18.689925] kasan_save_stack+0x3c/0x68 [ 18.690005] kasan_save_track+0x20/0x40 [ 18.690124] kasan_save_free_info+0x4c/0x78 [ 18.690193] __kasan_slab_free+0x6c/0x98 [ 18.690278] kmem_cache_free+0x260/0x468 [ 18.690414] kmem_cache_double_free+0x140/0x3c8 [ 18.690472] kunit_try_run_case+0x170/0x3f0 [ 18.690617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.690662] kthread+0x328/0x630 [ 18.690850] ret_from_fork+0x10/0x20 [ 18.691066] [ 18.691106] The buggy address belongs to the object at fff00000c76e9000 [ 18.691106] which belongs to the cache test_cache of size 200 [ 18.691286] The buggy address is located 0 bytes inside of [ 18.691286] 200-byte region [fff00000c76e9000, fff00000c76e90c8) [ 18.691374] [ 18.691495] The buggy address belongs to the physical page: [ 18.691552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e9 [ 18.691615] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.691828] page_type: f5(slab) [ 18.691904] raw: 0bfffe0000000000 fff00000c46f5a00 dead000000000122 0000000000000000 [ 18.692096] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.692174] page dumped because: kasan: bad access detected [ 18.692266] [ 18.692307] Memory state around the buggy address: [ 18.692375] fff00000c76e8f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.692442] fff00000c76e8f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.692535] >fff00000c76e9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.692601] ^ [ 18.692722] fff00000c76e9080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.692812] fff00000c76e9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.692851] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.446047] ================================================================== [ 18.446130] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 18.446188] Read of size 1 at addr fff00000c76ef0c8 by task kunit_try_catch/207 [ 18.446237] [ 18.446270] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.446367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.446621] Hardware name: linux,dummy-virt (DT) [ 18.446676] Call trace: [ 18.446715] show_stack+0x20/0x38 (C) [ 18.446783] dump_stack_lvl+0x8c/0xd0 [ 18.446848] print_report+0x118/0x608 [ 18.446901] kasan_report+0xdc/0x128 [ 18.447046] __asan_report_load1_noabort+0x20/0x30 [ 18.447105] kmem_cache_oob+0x344/0x430 [ 18.447150] kunit_try_run_case+0x170/0x3f0 [ 18.447199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.447251] kthread+0x328/0x630 [ 18.447295] ret_from_fork+0x10/0x20 [ 18.447342] [ 18.447359] Allocated by task 207: [ 18.447388] kasan_save_stack+0x3c/0x68 [ 18.447427] kasan_save_track+0x20/0x40 [ 18.447464] kasan_save_alloc_info+0x40/0x58 [ 18.447504] __kasan_slab_alloc+0xa8/0xb0 [ 18.447541] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.447580] kmem_cache_oob+0x12c/0x430 [ 18.447617] kunit_try_run_case+0x170/0x3f0 [ 18.447654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.447696] kthread+0x328/0x630 [ 18.447728] ret_from_fork+0x10/0x20 [ 18.447762] [ 18.447782] The buggy address belongs to the object at fff00000c76ef000 [ 18.447782] which belongs to the cache test_cache of size 200 [ 18.447850] The buggy address is located 0 bytes to the right of [ 18.447850] allocated 200-byte region [fff00000c76ef000, fff00000c76ef0c8) [ 18.447920] [ 18.447939] The buggy address belongs to the physical page: [ 18.447970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076ef [ 18.448024] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.448073] page_type: f5(slab) [ 18.448261] raw: 0bfffe0000000000 fff00000c46f58c0 dead000000000122 0000000000000000 [ 18.448315] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.448359] page dumped because: kasan: bad access detected [ 18.448392] [ 18.448543] Memory state around the buggy address: [ 18.448621] fff00000c76eef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.448714] fff00000c76ef000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.448792] >fff00000c76ef080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.448874] ^ [ 18.448952] fff00000c76ef100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.448995] fff00000c76ef180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.449034] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.422360] ================================================================== [ 18.422630] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 18.422739] Read of size 8 at addr fff00000c5a51b80 by task kunit_try_catch/200 [ 18.422792] [ 18.422857] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.423003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.423032] Hardware name: linux,dummy-virt (DT) [ 18.423065] Call trace: [ 18.423107] show_stack+0x20/0x38 (C) [ 18.423162] dump_stack_lvl+0x8c/0xd0 [ 18.423351] print_report+0x118/0x608 [ 18.423548] kasan_report+0xdc/0x128 [ 18.423646] __asan_report_load8_noabort+0x20/0x30 [ 18.423730] workqueue_uaf+0x480/0x4a8 [ 18.423794] kunit_try_run_case+0x170/0x3f0 [ 18.423889] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.423993] kthread+0x328/0x630 [ 18.424058] ret_from_fork+0x10/0x20 [ 18.424140] [ 18.424217] Allocated by task 200: [ 18.424288] kasan_save_stack+0x3c/0x68 [ 18.424336] kasan_save_track+0x20/0x40 [ 18.424373] kasan_save_alloc_info+0x40/0x58 [ 18.424640] __kasan_kmalloc+0xd4/0xd8 [ 18.424763] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.424839] workqueue_uaf+0x13c/0x4a8 [ 18.424875] kunit_try_run_case+0x170/0x3f0 [ 18.424913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.424967] kthread+0x328/0x630 [ 18.425010] ret_from_fork+0x10/0x20 [ 18.425062] [ 18.425081] Freed by task 47: [ 18.425108] kasan_save_stack+0x3c/0x68 [ 18.425161] kasan_save_track+0x20/0x40 [ 18.425199] kasan_save_free_info+0x4c/0x78 [ 18.425240] __kasan_slab_free+0x6c/0x98 [ 18.425278] kfree+0x214/0x3c8 [ 18.425310] workqueue_uaf_work+0x18/0x30 [ 18.425354] process_one_work+0x530/0xf98 [ 18.425392] worker_thread+0x618/0xf38 [ 18.425433] kthread+0x328/0x630 [ 18.425476] ret_from_fork+0x10/0x20 [ 18.425520] [ 18.425550] Last potentially related work creation: [ 18.425577] kasan_save_stack+0x3c/0x68 [ 18.425615] kasan_record_aux_stack+0xb4/0xc8 [ 18.425657] __queue_work+0x65c/0x1008 [ 18.425695] queue_work_on+0xbc/0xf8 [ 18.425731] workqueue_uaf+0x210/0x4a8 [ 18.425774] kunit_try_run_case+0x170/0x3f0 [ 18.425828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.425871] kthread+0x328/0x630 [ 18.425903] ret_from_fork+0x10/0x20 [ 18.425937] [ 18.425955] The buggy address belongs to the object at fff00000c5a51b80 [ 18.425955] which belongs to the cache kmalloc-32 of size 32 [ 18.426347] The buggy address is located 0 bytes inside of [ 18.426347] freed 32-byte region [fff00000c5a51b80, fff00000c5a51ba0) [ 18.426453] [ 18.426549] The buggy address belongs to the physical page: [ 18.426595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a51 [ 18.426652] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.426973] page_type: f5(slab) [ 18.427100] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.427166] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.427246] page dumped because: kasan: bad access detected [ 18.427333] [ 18.427394] Memory state around the buggy address: [ 18.427450] fff00000c5a51a80: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.427573] fff00000c5a51b00: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 18.427651] >fff00000c5a51b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.427716] ^ [ 18.427772] fff00000c5a51c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.427869] fff00000c5a51c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.427932] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.403557] ================================================================== [ 18.403684] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 18.403754] Read of size 4 at addr fff00000c5a51980 by task swapper/1/0 [ 18.403800] [ 18.403854] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.403938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.403965] Hardware name: linux,dummy-virt (DT) [ 18.403998] Call trace: [ 18.404022] show_stack+0x20/0x38 (C) [ 18.404073] dump_stack_lvl+0x8c/0xd0 [ 18.404123] print_report+0x118/0x608 [ 18.404168] kasan_report+0xdc/0x128 [ 18.404213] __asan_report_load4_noabort+0x20/0x30 [ 18.404601] rcu_uaf_reclaim+0x64/0x70 [ 18.404689] rcu_core+0x9f4/0x1e20 [ 18.404745] rcu_core_si+0x18/0x30 [ 18.404800] handle_softirqs+0x374/0xb28 [ 18.404863] __do_softirq+0x1c/0x28 [ 18.404915] ____do_softirq+0x18/0x30 [ 18.404959] call_on_irq_stack+0x24/0x30 [ 18.405004] do_softirq_own_stack+0x24/0x38 [ 18.405048] __irq_exit_rcu+0x1fc/0x318 [ 18.405113] irq_exit_rcu+0x1c/0x80 [ 18.405157] el1_interrupt+0x38/0x58 [ 18.405203] el1h_64_irq_handler+0x18/0x28 [ 18.405250] el1h_64_irq+0x6c/0x70 [ 18.405414] arch_local_irq_enable+0x4/0x8 (P) [ 18.405476] do_idle+0x384/0x4e8 [ 18.405534] cpu_startup_entry+0x64/0x80 [ 18.405581] secondary_start_kernel+0x288/0x340 [ 18.405628] __secondary_switched+0xc0/0xc8 [ 18.405801] [ 18.406115] Allocated by task 198: [ 18.406223] kasan_save_stack+0x3c/0x68 [ 18.406288] kasan_save_track+0x20/0x40 [ 18.406342] kasan_save_alloc_info+0x40/0x58 [ 18.406406] __kasan_kmalloc+0xd4/0xd8 [ 18.406443] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.406490] rcu_uaf+0xb0/0x2d8 [ 18.406776] kunit_try_run_case+0x170/0x3f0 [ 18.406846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.406950] kthread+0x328/0x630 [ 18.407031] ret_from_fork+0x10/0x20 [ 18.407100] [ 18.407153] Freed by task 0: [ 18.407211] kasan_save_stack+0x3c/0x68 [ 18.407291] kasan_save_track+0x20/0x40 [ 18.407359] kasan_save_free_info+0x4c/0x78 [ 18.407424] __kasan_slab_free+0x6c/0x98 [ 18.407516] kfree+0x214/0x3c8 [ 18.407563] rcu_uaf_reclaim+0x28/0x70 [ 18.407598] rcu_core+0x9f4/0x1e20 [ 18.407654] rcu_core_si+0x18/0x30 [ 18.407688] handle_softirqs+0x374/0xb28 [ 18.407724] __do_softirq+0x1c/0x28 [ 18.407933] [ 18.408026] Last potentially related work creation: [ 18.409433] kasan_save_stack+0x3c/0x68 [ 18.409695] kasan_record_aux_stack+0xb4/0xc8 [ 18.409746] __call_rcu_common.constprop.0+0x74/0x8c8 [ 18.409812] call_rcu+0x18/0x30 [ 18.409848] rcu_uaf+0x14c/0x2d8 [ 18.409884] kunit_try_run_case+0x170/0x3f0 [ 18.409924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.409987] kthread+0x328/0x630 [ 18.410036] ret_from_fork+0x10/0x20 [ 18.410089] [ 18.410130] The buggy address belongs to the object at fff00000c5a51980 [ 18.410130] which belongs to the cache kmalloc-32 of size 32 [ 18.410198] The buggy address is located 0 bytes inside of [ 18.410198] freed 32-byte region [fff00000c5a51980, fff00000c5a519a0) [ 18.410258] [ 18.410285] The buggy address belongs to the physical page: [ 18.410334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a51 [ 18.410388] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.410452] page_type: f5(slab) [ 18.410502] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.410572] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.410611] page dumped because: kasan: bad access detected [ 18.410642] [ 18.410659] Memory state around the buggy address: [ 18.410700] fff00000c5a51880: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.410765] fff00000c5a51900: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.410818] >fff00000c5a51980: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 18.410855] ^ [ 18.410902] fff00000c5a51a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.410951] fff00000c5a51a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.411013] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.341731] ================================================================== [ 18.341785] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 18.341850] Read of size 1 at addr fff00000c46ece78 by task kunit_try_catch/196 [ 18.341899] [ 18.341928] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.342019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.342047] Hardware name: linux,dummy-virt (DT) [ 18.342078] Call trace: [ 18.342101] show_stack+0x20/0x38 (C) [ 18.342148] dump_stack_lvl+0x8c/0xd0 [ 18.342194] print_report+0x118/0x608 [ 18.342240] kasan_report+0xdc/0x128 [ 18.342293] __asan_report_load1_noabort+0x20/0x30 [ 18.342344] ksize_uaf+0x544/0x5f8 [ 18.342388] kunit_try_run_case+0x170/0x3f0 [ 18.342434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.342485] kthread+0x328/0x630 [ 18.342526] ret_from_fork+0x10/0x20 [ 18.342573] [ 18.342591] Allocated by task 196: [ 18.342623] kasan_save_stack+0x3c/0x68 [ 18.342670] kasan_save_track+0x20/0x40 [ 18.342708] kasan_save_alloc_info+0x40/0x58 [ 18.342747] __kasan_kmalloc+0xd4/0xd8 [ 18.342792] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.343784] ksize_uaf+0xb8/0x5f8 [ 18.343881] kunit_try_run_case+0x170/0x3f0 [ 18.343958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.344246] kthread+0x328/0x630 [ 18.344415] ret_from_fork+0x10/0x20 [ 18.344511] [ 18.344615] Freed by task 196: [ 18.344645] kasan_save_stack+0x3c/0x68 [ 18.344911] kasan_save_track+0x20/0x40 [ 18.345033] kasan_save_free_info+0x4c/0x78 [ 18.345188] __kasan_slab_free+0x6c/0x98 [ 18.345229] kfree+0x214/0x3c8 [ 18.345285] ksize_uaf+0x11c/0x5f8 [ 18.345711] kunit_try_run_case+0x170/0x3f0 [ 18.345821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.346112] kthread+0x328/0x630 [ 18.346235] ret_from_fork+0x10/0x20 [ 18.346610] [ 18.346758] The buggy address belongs to the object at fff00000c46ece00 [ 18.346758] which belongs to the cache kmalloc-128 of size 128 [ 18.346873] The buggy address is located 120 bytes inside of [ 18.346873] freed 128-byte region [fff00000c46ece00, fff00000c46ece80) [ 18.347250] [ 18.347318] The buggy address belongs to the physical page: [ 18.347397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ec [ 18.347493] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.347626] page_type: f5(slab) [ 18.347697] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.348032] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.348107] page dumped because: kasan: bad access detected [ 18.348138] [ 18.348156] Memory state around the buggy address: [ 18.348189] fff00000c46ecd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.348280] fff00000c46ecd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.348325] >fff00000c46ece00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.348363] ^ [ 18.348404] fff00000c46ece80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.348445] fff00000c46ecf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.348483] ================================================================== [ 18.324945] ================================================================== [ 18.325016] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 18.325304] Read of size 1 at addr fff00000c46ece00 by task kunit_try_catch/196 [ 18.325644] [ 18.325690] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.325775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.325867] Hardware name: linux,dummy-virt (DT) [ 18.325903] Call trace: [ 18.325938] show_stack+0x20/0x38 (C) [ 18.325993] dump_stack_lvl+0x8c/0xd0 [ 18.326053] print_report+0x118/0x608 [ 18.326101] kasan_report+0xdc/0x128 [ 18.326146] __kasan_check_byte+0x54/0x70 [ 18.326193] ksize+0x30/0x88 [ 18.326246] ksize_uaf+0x168/0x5f8 [ 18.326291] kunit_try_run_case+0x170/0x3f0 [ 18.326345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.326405] kthread+0x328/0x630 [ 18.326450] ret_from_fork+0x10/0x20 [ 18.326508] [ 18.326527] Allocated by task 196: [ 18.326557] kasan_save_stack+0x3c/0x68 [ 18.326598] kasan_save_track+0x20/0x40 [ 18.326635] kasan_save_alloc_info+0x40/0x58 [ 18.326676] __kasan_kmalloc+0xd4/0xd8 [ 18.326713] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.326762] ksize_uaf+0xb8/0x5f8 [ 18.326797] kunit_try_run_case+0x170/0x3f0 [ 18.327134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.327382] kthread+0x328/0x630 [ 18.327426] ret_from_fork+0x10/0x20 [ 18.327890] [ 18.327994] Freed by task 196: [ 18.328047] kasan_save_stack+0x3c/0x68 [ 18.328233] kasan_save_track+0x20/0x40 [ 18.328388] kasan_save_free_info+0x4c/0x78 [ 18.328431] __kasan_slab_free+0x6c/0x98 [ 18.328850] kfree+0x214/0x3c8 [ 18.329000] ksize_uaf+0x11c/0x5f8 [ 18.329216] kunit_try_run_case+0x170/0x3f0 [ 18.329613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.329687] kthread+0x328/0x630 [ 18.329750] ret_from_fork+0x10/0x20 [ 18.329824] [ 18.329984] The buggy address belongs to the object at fff00000c46ece00 [ 18.329984] which belongs to the cache kmalloc-128 of size 128 [ 18.330167] The buggy address is located 0 bytes inside of [ 18.330167] freed 128-byte region [fff00000c46ece00, fff00000c46ece80) [ 18.330292] [ 18.330345] The buggy address belongs to the physical page: [ 18.330378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ec [ 18.330675] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.330847] page_type: f5(slab) [ 18.331272] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.331358] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.331408] page dumped because: kasan: bad access detected [ 18.331440] [ 18.331459] Memory state around the buggy address: [ 18.331735] fff00000c46ecd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.331792] fff00000c46ecd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.332124] >fff00000c46ece00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.332537] ^ [ 18.332619] fff00000c46ece80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.332675] fff00000c46ecf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.332742] ================================================================== [ 18.334555] ================================================================== [ 18.334608] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 18.334701] Read of size 1 at addr fff00000c46ece00 by task kunit_try_catch/196 [ 18.334765] [ 18.334891] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.335033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.335061] Hardware name: linux,dummy-virt (DT) [ 18.335116] Call trace: [ 18.335138] show_stack+0x20/0x38 (C) [ 18.335531] dump_stack_lvl+0x8c/0xd0 [ 18.335626] print_report+0x118/0x608 [ 18.335723] kasan_report+0xdc/0x128 [ 18.336094] __asan_report_load1_noabort+0x20/0x30 [ 18.336161] ksize_uaf+0x598/0x5f8 [ 18.336205] kunit_try_run_case+0x170/0x3f0 [ 18.336260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.336313] kthread+0x328/0x630 [ 18.336358] ret_from_fork+0x10/0x20 [ 18.336406] [ 18.336425] Allocated by task 196: [ 18.336454] kasan_save_stack+0x3c/0x68 [ 18.336496] kasan_save_track+0x20/0x40 [ 18.336534] kasan_save_alloc_info+0x40/0x58 [ 18.336575] __kasan_kmalloc+0xd4/0xd8 [ 18.336612] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.336649] ksize_uaf+0xb8/0x5f8 [ 18.336683] kunit_try_run_case+0x170/0x3f0 [ 18.336721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.336764] kthread+0x328/0x630 [ 18.336795] ret_from_fork+0x10/0x20 [ 18.336841] [ 18.336860] Freed by task 196: [ 18.336885] kasan_save_stack+0x3c/0x68 [ 18.336921] kasan_save_track+0x20/0x40 [ 18.336956] kasan_save_free_info+0x4c/0x78 [ 18.336996] __kasan_slab_free+0x6c/0x98 [ 18.337032] kfree+0x214/0x3c8 [ 18.337065] ksize_uaf+0x11c/0x5f8 [ 18.337097] kunit_try_run_case+0x170/0x3f0 [ 18.337135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.337177] kthread+0x328/0x630 [ 18.337209] ret_from_fork+0x10/0x20 [ 18.337243] [ 18.337261] The buggy address belongs to the object at fff00000c46ece00 [ 18.337261] which belongs to the cache kmalloc-128 of size 128 [ 18.337317] The buggy address is located 0 bytes inside of [ 18.337317] freed 128-byte region [fff00000c46ece00, fff00000c46ece80) [ 18.337521] [ 18.337661] The buggy address belongs to the physical page: [ 18.337694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ec [ 18.338077] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.338386] page_type: f5(slab) [ 18.338493] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.338835] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.338898] page dumped because: kasan: bad access detected [ 18.339033] [ 18.339120] Memory state around the buggy address: [ 18.339163] fff00000c46ecd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.339641] fff00000c46ecd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.339766] >fff00000c46ece00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.339857] ^ [ 18.339921] fff00000c46ece80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.340252] fff00000c46ecf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.340587] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.302598] ================================================================== [ 18.302647] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 18.302699] Read of size 1 at addr fff00000c7742078 by task kunit_try_catch/194 [ 18.302747] [ 18.302779] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.302873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.302900] Hardware name: linux,dummy-virt (DT) [ 18.302945] Call trace: [ 18.302968] show_stack+0x20/0x38 (C) [ 18.303017] dump_stack_lvl+0x8c/0xd0 [ 18.303062] print_report+0x118/0x608 [ 18.303108] kasan_report+0xdc/0x128 [ 18.303152] __asan_report_load1_noabort+0x20/0x30 [ 18.303260] ksize_unpoisons_memory+0x618/0x740 [ 18.303836] kunit_try_run_case+0x170/0x3f0 [ 18.303988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.304164] kthread+0x328/0x630 [ 18.304256] ret_from_fork+0x10/0x20 [ 18.304353] [ 18.304393] Allocated by task 194: [ 18.304463] kasan_save_stack+0x3c/0x68 [ 18.304546] kasan_save_track+0x20/0x40 [ 18.304625] kasan_save_alloc_info+0x40/0x58 [ 18.304682] __kasan_kmalloc+0xd4/0xd8 [ 18.304771] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.304831] ksize_unpoisons_memory+0xc0/0x740 [ 18.304870] kunit_try_run_case+0x170/0x3f0 [ 18.304907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.304950] kthread+0x328/0x630 [ 18.304983] ret_from_fork+0x10/0x20 [ 18.305018] [ 18.305038] The buggy address belongs to the object at fff00000c7742000 [ 18.305038] which belongs to the cache kmalloc-128 of size 128 [ 18.305378] The buggy address is located 5 bytes to the right of [ 18.305378] allocated 115-byte region [fff00000c7742000, fff00000c7742073) [ 18.305477] [ 18.305529] The buggy address belongs to the physical page: [ 18.305597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107742 [ 18.305688] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.305747] page_type: f5(slab) [ 18.305786] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.306116] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.306243] page dumped because: kasan: bad access detected [ 18.306329] [ 18.306381] Memory state around the buggy address: [ 18.306450] fff00000c7741f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.306495] fff00000c7741f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.306538] >fff00000c7742000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.306694] ^ [ 18.306882] fff00000c7742080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.306976] fff00000c7742100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.307021] ================================================================== [ 18.297186] ================================================================== [ 18.297258] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 18.297314] Read of size 1 at addr fff00000c7742073 by task kunit_try_catch/194 [ 18.297369] [ 18.297404] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.297487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.297564] Hardware name: linux,dummy-virt (DT) [ 18.297602] Call trace: [ 18.297625] show_stack+0x20/0x38 (C) [ 18.297672] dump_stack_lvl+0x8c/0xd0 [ 18.297726] print_report+0x118/0x608 [ 18.297772] kasan_report+0xdc/0x128 [ 18.298377] __asan_report_load1_noabort+0x20/0x30 [ 18.298462] ksize_unpoisons_memory+0x628/0x740 [ 18.298511] kunit_try_run_case+0x170/0x3f0 [ 18.298563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.298616] kthread+0x328/0x630 [ 18.298658] ret_from_fork+0x10/0x20 [ 18.298706] [ 18.298724] Allocated by task 194: [ 18.298752] kasan_save_stack+0x3c/0x68 [ 18.298792] kasan_save_track+0x20/0x40 [ 18.298842] kasan_save_alloc_info+0x40/0x58 [ 18.298880] __kasan_kmalloc+0xd4/0xd8 [ 18.298915] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.299633] ksize_unpoisons_memory+0xc0/0x740 [ 18.299675] kunit_try_run_case+0x170/0x3f0 [ 18.299713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.299756] kthread+0x328/0x630 [ 18.299787] ret_from_fork+0x10/0x20 [ 18.299836] [ 18.299857] The buggy address belongs to the object at fff00000c7742000 [ 18.299857] which belongs to the cache kmalloc-128 of size 128 [ 18.299919] The buggy address is located 0 bytes to the right of [ 18.299919] allocated 115-byte region [fff00000c7742000, fff00000c7742073) [ 18.299990] [ 18.300012] The buggy address belongs to the physical page: [ 18.300043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107742 [ 18.300096] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.300146] page_type: f5(slab) [ 18.300189] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.300239] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.300283] page dumped because: kasan: bad access detected [ 18.300315] [ 18.300335] Memory state around the buggy address: [ 18.300367] fff00000c7741f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.300412] fff00000c7741f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.300457] >fff00000c7742000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.300494] ^ [ 18.300534] fff00000c7742080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.300577] fff00000c7742100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.300614] ================================================================== [ 18.307566] ================================================================== [ 18.307631] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 18.307698] Read of size 1 at addr fff00000c774207f by task kunit_try_catch/194 [ 18.307753] [ 18.307789] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.307895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.307940] Hardware name: linux,dummy-virt (DT) [ 18.307976] Call trace: [ 18.308004] show_stack+0x20/0x38 (C) [ 18.308067] dump_stack_lvl+0x8c/0xd0 [ 18.308124] print_report+0x118/0x608 [ 18.308179] kasan_report+0xdc/0x128 [ 18.308233] __asan_report_load1_noabort+0x20/0x30 [ 18.308283] ksize_unpoisons_memory+0x690/0x740 [ 18.308348] kunit_try_run_case+0x170/0x3f0 [ 18.308403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.308454] kthread+0x328/0x630 [ 18.308495] ret_from_fork+0x10/0x20 [ 18.308654] [ 18.308674] Allocated by task 194: [ 18.308832] kasan_save_stack+0x3c/0x68 [ 18.308883] kasan_save_track+0x20/0x40 [ 18.308919] kasan_save_alloc_info+0x40/0x58 [ 18.308989] __kasan_kmalloc+0xd4/0xd8 [ 18.309035] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.309080] ksize_unpoisons_memory+0xc0/0x740 [ 18.309131] kunit_try_run_case+0x170/0x3f0 [ 18.309182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.309224] kthread+0x328/0x630 [ 18.309259] ret_from_fork+0x10/0x20 [ 18.309295] [ 18.309314] The buggy address belongs to the object at fff00000c7742000 [ 18.309314] which belongs to the cache kmalloc-128 of size 128 [ 18.309480] The buggy address is located 12 bytes to the right of [ 18.309480] allocated 115-byte region [fff00000c7742000, fff00000c7742073) [ 18.309636] [ 18.309664] The buggy address belongs to the physical page: [ 18.309759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107742 [ 18.309828] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.309894] page_type: f5(slab) [ 18.309941] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.309993] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.310033] page dumped because: kasan: bad access detected [ 18.310064] [ 18.310090] Memory state around the buggy address: [ 18.310122] fff00000c7741f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.310178] fff00000c7741f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.310225] >fff00000c7742000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.310271] ^ [ 18.310312] fff00000c7742080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310358] fff00000c7742100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310404] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.275646] ================================================================== [ 18.275728] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 18.275779] Free of addr fff00000c6173820 by task kunit_try_catch/192 [ 18.275832] [ 18.275863] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.275952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.275978] Hardware name: linux,dummy-virt (DT) [ 18.276009] Call trace: [ 18.276030] show_stack+0x20/0x38 (C) [ 18.276082] dump_stack_lvl+0x8c/0xd0 [ 18.276135] print_report+0x118/0x608 [ 18.276229] kasan_report_invalid_free+0xc0/0xe8 [ 18.276342] check_slab_allocation+0xd4/0x108 [ 18.276391] __kasan_slab_pre_free+0x2c/0x48 [ 18.276438] kfree+0xe8/0x3c8 [ 18.276483] kfree_sensitive+0x3c/0xb0 [ 18.276807] kmalloc_double_kzfree+0x168/0x308 [ 18.276863] kunit_try_run_case+0x170/0x3f0 [ 18.278184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.278272] kthread+0x328/0x630 [ 18.278322] ret_from_fork+0x10/0x20 [ 18.278369] [ 18.278429] Allocated by task 192: [ 18.278595] kasan_save_stack+0x3c/0x68 [ 18.278636] kasan_save_track+0x20/0x40 [ 18.278674] kasan_save_alloc_info+0x40/0x58 [ 18.278715] __kasan_kmalloc+0xd4/0xd8 [ 18.278750] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.278789] kmalloc_double_kzfree+0xb8/0x308 [ 18.278838] kunit_try_run_case+0x170/0x3f0 [ 18.278886] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.279240] kthread+0x328/0x630 [ 18.279351] ret_from_fork+0x10/0x20 [ 18.279548] [ 18.279641] Freed by task 192: [ 18.279758] kasan_save_stack+0x3c/0x68 [ 18.279827] kasan_save_track+0x20/0x40 [ 18.279867] kasan_save_free_info+0x4c/0x78 [ 18.279916] __kasan_slab_free+0x6c/0x98 [ 18.279954] kfree+0x214/0x3c8 [ 18.279993] kfree_sensitive+0x80/0xb0 [ 18.280068] kmalloc_double_kzfree+0x11c/0x308 [ 18.280107] kunit_try_run_case+0x170/0x3f0 [ 18.280289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.280357] kthread+0x328/0x630 [ 18.280500] ret_from_fork+0x10/0x20 [ 18.280641] [ 18.280677] The buggy address belongs to the object at fff00000c6173820 [ 18.280677] which belongs to the cache kmalloc-16 of size 16 [ 18.280763] The buggy address is located 0 bytes inside of [ 18.280763] 16-byte region [fff00000c6173820, fff00000c6173830) [ 18.280846] [ 18.280895] The buggy address belongs to the physical page: [ 18.281519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106173 [ 18.281572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.281618] page_type: f5(slab) [ 18.281653] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.281701] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.281740] page dumped because: kasan: bad access detected [ 18.281771] [ 18.281789] Memory state around the buggy address: [ 18.282315] fff00000c6173700: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.282361] fff00000c6173780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.282404] >fff00000c6173800: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.282442] ^ [ 18.282477] fff00000c6173880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.282518] fff00000c6173900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.282555] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.263627] ================================================================== [ 18.263690] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 18.263754] Read of size 1 at addr fff00000c6173820 by task kunit_try_catch/192 [ 18.263819] [ 18.263857] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.263944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.263970] Hardware name: linux,dummy-virt (DT) [ 18.264003] Call trace: [ 18.264028] show_stack+0x20/0x38 (C) [ 18.264076] dump_stack_lvl+0x8c/0xd0 [ 18.264868] print_report+0x118/0x608 [ 18.265012] kasan_report+0xdc/0x128 [ 18.265618] __kasan_check_byte+0x54/0x70 [ 18.265674] kfree_sensitive+0x30/0xb0 [ 18.265723] kmalloc_double_kzfree+0x168/0x308 [ 18.266181] kunit_try_run_case+0x170/0x3f0 [ 18.266339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.266438] kthread+0x328/0x630 [ 18.266527] ret_from_fork+0x10/0x20 [ 18.266681] [ 18.266702] Allocated by task 192: [ 18.266742] kasan_save_stack+0x3c/0x68 [ 18.266976] kasan_save_track+0x20/0x40 [ 18.267196] kasan_save_alloc_info+0x40/0x58 [ 18.267448] __kasan_kmalloc+0xd4/0xd8 [ 18.267524] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.267688] kmalloc_double_kzfree+0xb8/0x308 [ 18.267750] kunit_try_run_case+0x170/0x3f0 [ 18.267788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.267843] kthread+0x328/0x630 [ 18.267877] ret_from_fork+0x10/0x20 [ 18.268317] [ 18.268381] Freed by task 192: [ 18.268541] kasan_save_stack+0x3c/0x68 [ 18.268610] kasan_save_track+0x20/0x40 [ 18.268742] kasan_save_free_info+0x4c/0x78 [ 18.268856] __kasan_slab_free+0x6c/0x98 [ 18.268915] kfree+0x214/0x3c8 [ 18.269139] kfree_sensitive+0x80/0xb0 [ 18.270723] kmalloc_double_kzfree+0x11c/0x308 [ 18.270791] kunit_try_run_case+0x170/0x3f0 [ 18.270890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.271007] kthread+0x328/0x630 [ 18.271175] ret_from_fork+0x10/0x20 [ 18.271483] [ 18.271538] The buggy address belongs to the object at fff00000c6173820 [ 18.271538] which belongs to the cache kmalloc-16 of size 16 [ 18.271905] The buggy address is located 0 bytes inside of [ 18.271905] freed 16-byte region [fff00000c6173820, fff00000c6173830) [ 18.272077] [ 18.272132] The buggy address belongs to the physical page: [ 18.272343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106173 [ 18.272513] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.272597] page_type: f5(slab) [ 18.272658] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.272921] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.273112] page dumped because: kasan: bad access detected [ 18.273166] [ 18.273942] Memory state around the buggy address: [ 18.273992] fff00000c6173700: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.274039] fff00000c6173780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.274082] >fff00000c6173800: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.274428] ^ [ 18.274481] fff00000c6173880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.274524] fff00000c6173900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.274573] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.231261] ================================================================== [ 18.231373] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 18.231581] Read of size 1 at addr fff00000c7747b28 by task kunit_try_catch/188 [ 18.231674] [ 18.231721] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.231910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.231966] Hardware name: linux,dummy-virt (DT) [ 18.232004] Call trace: [ 18.232027] show_stack+0x20/0x38 (C) [ 18.232092] dump_stack_lvl+0x8c/0xd0 [ 18.232320] print_report+0x118/0x608 [ 18.232369] kasan_report+0xdc/0x128 [ 18.232459] __asan_report_load1_noabort+0x20/0x30 [ 18.232607] kmalloc_uaf2+0x3f4/0x468 [ 18.232893] kunit_try_run_case+0x170/0x3f0 [ 18.233161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.233275] kthread+0x328/0x630 [ 18.233327] ret_from_fork+0x10/0x20 [ 18.233647] [ 18.233698] Allocated by task 188: [ 18.234317] kasan_save_stack+0x3c/0x68 [ 18.234392] kasan_save_track+0x20/0x40 [ 18.234440] kasan_save_alloc_info+0x40/0x58 [ 18.234488] __kasan_kmalloc+0xd4/0xd8 [ 18.234525] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.234563] kmalloc_uaf2+0xc4/0x468 [ 18.234598] kunit_try_run_case+0x170/0x3f0 [ 18.234636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.234679] kthread+0x328/0x630 [ 18.234710] ret_from_fork+0x10/0x20 [ 18.234747] [ 18.234765] Freed by task 188: [ 18.234812] kasan_save_stack+0x3c/0x68 [ 18.235181] kasan_save_track+0x20/0x40 [ 18.235322] kasan_save_free_info+0x4c/0x78 [ 18.235361] __kasan_slab_free+0x6c/0x98 [ 18.235755] kfree+0x214/0x3c8 [ 18.236168] kmalloc_uaf2+0x134/0x468 [ 18.236335] kunit_try_run_case+0x170/0x3f0 [ 18.236764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.236927] kthread+0x328/0x630 [ 18.237118] ret_from_fork+0x10/0x20 [ 18.237155] [ 18.237175] The buggy address belongs to the object at fff00000c7747b00 [ 18.237175] which belongs to the cache kmalloc-64 of size 64 [ 18.237240] The buggy address is located 40 bytes inside of [ 18.237240] freed 64-byte region [fff00000c7747b00, fff00000c7747b40) [ 18.237782] [ 18.237816] The buggy address belongs to the physical page: [ 18.237849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 18.237907] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.237958] page_type: f5(slab) [ 18.238000] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.238050] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.238089] page dumped because: kasan: bad access detected [ 18.238120] [ 18.238138] Memory state around the buggy address: [ 18.238170] fff00000c7747a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.238213] fff00000c7747a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.238254] >fff00000c7747b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.238292] ^ [ 18.238322] fff00000c7747b80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.238364] fff00000c7747c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.238402] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 18.217159] ================================================================== [ 18.217227] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 18.217290] Write of size 33 at addr fff00000c7747980 by task kunit_try_catch/186 [ 18.217341] [ 18.217378] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.217460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.217487] Hardware name: linux,dummy-virt (DT) [ 18.217521] Call trace: [ 18.217544] show_stack+0x20/0x38 (C) [ 18.217596] dump_stack_lvl+0x8c/0xd0 [ 18.217645] print_report+0x118/0x608 [ 18.217692] kasan_report+0xdc/0x128 [ 18.217739] kasan_check_range+0x100/0x1a8 [ 18.217787] __asan_memset+0x34/0x78 [ 18.217864] kmalloc_uaf_memset+0x170/0x310 [ 18.217910] kunit_try_run_case+0x170/0x3f0 [ 18.217956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.218008] kthread+0x328/0x630 [ 18.218051] ret_from_fork+0x10/0x20 [ 18.218098] [ 18.218116] Allocated by task 186: [ 18.218144] kasan_save_stack+0x3c/0x68 [ 18.218183] kasan_save_track+0x20/0x40 [ 18.218219] kasan_save_alloc_info+0x40/0x58 [ 18.218258] __kasan_kmalloc+0xd4/0xd8 [ 18.218293] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.218332] kmalloc_uaf_memset+0xb8/0x310 [ 18.218368] kunit_try_run_case+0x170/0x3f0 [ 18.218403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.218445] kthread+0x328/0x630 [ 18.218475] ret_from_fork+0x10/0x20 [ 18.218511] [ 18.218528] Freed by task 186: [ 18.218553] kasan_save_stack+0x3c/0x68 [ 18.218588] kasan_save_track+0x20/0x40 [ 18.218624] kasan_save_free_info+0x4c/0x78 [ 18.218661] __kasan_slab_free+0x6c/0x98 [ 18.218698] kfree+0x214/0x3c8 [ 18.218729] kmalloc_uaf_memset+0x11c/0x310 [ 18.218763] kunit_try_run_case+0x170/0x3f0 [ 18.218800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.218861] kthread+0x328/0x630 [ 18.218892] ret_from_fork+0x10/0x20 [ 18.218952] [ 18.218971] The buggy address belongs to the object at fff00000c7747980 [ 18.218971] which belongs to the cache kmalloc-64 of size 64 [ 18.219028] The buggy address is located 0 bytes inside of [ 18.219028] freed 64-byte region [fff00000c7747980, fff00000c77479c0) [ 18.219088] [ 18.219108] The buggy address belongs to the physical page: [ 18.219140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 18.219194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.219246] page_type: f5(slab) [ 18.219286] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.219334] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.219376] page dumped because: kasan: bad access detected [ 18.219431] [ 18.219449] Memory state around the buggy address: [ 18.219484] fff00000c7747880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.219526] fff00000c7747900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.219568] >fff00000c7747980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.220913] ^ [ 18.220952] fff00000c7747a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.221255] fff00000c7747a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.221300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 18.199506] ================================================================== [ 18.199582] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 18.199652] Read of size 1 at addr fff00000c6173808 by task kunit_try_catch/184 [ 18.199701] [ 18.199740] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.199864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.199892] Hardware name: linux,dummy-virt (DT) [ 18.200384] Call trace: [ 18.201203] show_stack+0x20/0x38 (C) [ 18.201302] dump_stack_lvl+0x8c/0xd0 [ 18.201944] print_report+0x118/0x608 [ 18.202073] kasan_report+0xdc/0x128 [ 18.202120] __asan_report_load1_noabort+0x20/0x30 [ 18.202425] kmalloc_uaf+0x300/0x338 [ 18.202690] kunit_try_run_case+0x170/0x3f0 [ 18.202905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.203239] kthread+0x328/0x630 [ 18.203324] ret_from_fork+0x10/0x20 [ 18.203468] [ 18.203489] Allocated by task 184: [ 18.203518] kasan_save_stack+0x3c/0x68 [ 18.203561] kasan_save_track+0x20/0x40 [ 18.203599] kasan_save_alloc_info+0x40/0x58 [ 18.203643] __kasan_kmalloc+0xd4/0xd8 [ 18.203696] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.204213] kmalloc_uaf+0xb8/0x338 [ 18.204252] kunit_try_run_case+0x170/0x3f0 [ 18.204291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.204334] kthread+0x328/0x630 [ 18.204379] ret_from_fork+0x10/0x20 [ 18.204513] [ 18.204595] Freed by task 184: [ 18.204622] kasan_save_stack+0x3c/0x68 [ 18.204697] kasan_save_track+0x20/0x40 [ 18.204733] kasan_save_free_info+0x4c/0x78 [ 18.204823] __kasan_slab_free+0x6c/0x98 [ 18.204995] kfree+0x214/0x3c8 [ 18.205028] kmalloc_uaf+0x11c/0x338 [ 18.205102] kunit_try_run_case+0x170/0x3f0 [ 18.205157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.205237] kthread+0x328/0x630 [ 18.205290] ret_from_fork+0x10/0x20 [ 18.205342] [ 18.205388] The buggy address belongs to the object at fff00000c6173800 [ 18.205388] which belongs to the cache kmalloc-16 of size 16 [ 18.205453] The buggy address is located 8 bytes inside of [ 18.205453] freed 16-byte region [fff00000c6173800, fff00000c6173810) [ 18.205672] [ 18.205735] The buggy address belongs to the physical page: [ 18.205813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106173 [ 18.205898] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.205951] page_type: f5(slab) [ 18.206090] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.206300] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.206403] page dumped because: kasan: bad access detected [ 18.206492] [ 18.206510] Memory state around the buggy address: [ 18.206591] fff00000c6173700: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.206640] fff00000c6173780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.206724] >fff00000c6173800: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.206832] ^ [ 18.206862] fff00000c6173880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.206903] fff00000c6173900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.206965] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.145365] ================================================================== [ 18.145436] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.146971] Read of size 18446744073709551614 at addr fff00000c7747404 by task kunit_try_catch/180 [ 18.147243] [ 18.147291] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.147373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.147565] Hardware name: linux,dummy-virt (DT) [ 18.147615] Call trace: [ 18.147654] show_stack+0x20/0x38 (C) [ 18.147768] dump_stack_lvl+0x8c/0xd0 [ 18.147866] print_report+0x118/0x608 [ 18.148029] kasan_report+0xdc/0x128 [ 18.148115] kasan_check_range+0x100/0x1a8 [ 18.148198] __asan_memmove+0x3c/0x98 [ 18.148307] kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.148384] kunit_try_run_case+0x170/0x3f0 [ 18.148470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.148574] kthread+0x328/0x630 [ 18.148627] ret_from_fork+0x10/0x20 [ 18.148675] [ 18.148716] Allocated by task 180: [ 18.149030] kasan_save_stack+0x3c/0x68 [ 18.149106] kasan_save_track+0x20/0x40 [ 18.149186] kasan_save_alloc_info+0x40/0x58 [ 18.149255] __kasan_kmalloc+0xd4/0xd8 [ 18.149314] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.149441] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 18.149510] kunit_try_run_case+0x170/0x3f0 [ 18.149588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.149629] kthread+0x328/0x630 [ 18.150772] ret_from_fork+0x10/0x20 [ 18.150830] [ 18.150850] The buggy address belongs to the object at fff00000c7747400 [ 18.150850] which belongs to the cache kmalloc-64 of size 64 [ 18.151011] The buggy address is located 4 bytes inside of [ 18.151011] 64-byte region [fff00000c7747400, fff00000c7747440) [ 18.151098] [ 18.151155] The buggy address belongs to the physical page: [ 18.151187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 18.151242] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.151290] page_type: f5(slab) [ 18.151355] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.151414] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.151668] page dumped because: kasan: bad access detected [ 18.151886] [ 18.151921] Memory state around the buggy address: [ 18.152406] fff00000c7747300: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 18.152846] fff00000c7747380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.155637] >fff00000c7747400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.155814] ^ [ 18.156097] fff00000c7747480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.157089] fff00000c7747500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.157701] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.137116] ================================================================== [ 18.137181] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 18.137241] Write of size 16 at addr fff00000c638ee69 by task kunit_try_catch/178 [ 18.137289] [ 18.137326] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.137407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.137433] Hardware name: linux,dummy-virt (DT) [ 18.137464] Call trace: [ 18.137541] show_stack+0x20/0x38 (C) [ 18.137592] dump_stack_lvl+0x8c/0xd0 [ 18.137639] print_report+0x118/0x608 [ 18.137685] kasan_report+0xdc/0x128 [ 18.137736] kasan_check_range+0x100/0x1a8 [ 18.137783] __asan_memset+0x34/0x78 [ 18.137842] kmalloc_oob_memset_16+0x150/0x2f8 [ 18.137887] kunit_try_run_case+0x170/0x3f0 [ 18.137939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.137990] kthread+0x328/0x630 [ 18.138032] ret_from_fork+0x10/0x20 [ 18.138079] [ 18.138098] Allocated by task 178: [ 18.138242] kasan_save_stack+0x3c/0x68 [ 18.138291] kasan_save_track+0x20/0x40 [ 18.138328] kasan_save_alloc_info+0x40/0x58 [ 18.138554] __kasan_kmalloc+0xd4/0xd8 [ 18.138683] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.138724] kmalloc_oob_memset_16+0xb0/0x2f8 [ 18.138823] kunit_try_run_case+0x170/0x3f0 [ 18.138865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.138953] kthread+0x328/0x630 [ 18.139033] ret_from_fork+0x10/0x20 [ 18.139145] [ 18.139184] The buggy address belongs to the object at fff00000c638ee00 [ 18.139184] which belongs to the cache kmalloc-128 of size 128 [ 18.139267] The buggy address is located 105 bytes inside of [ 18.139267] allocated 120-byte region [fff00000c638ee00, fff00000c638ee78) [ 18.139369] [ 18.139416] The buggy address belongs to the physical page: [ 18.139470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638e [ 18.139542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.139650] page_type: f5(slab) [ 18.139696] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.139765] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.139814] page dumped because: kasan: bad access detected [ 18.139845] [ 18.139868] Memory state around the buggy address: [ 18.139905] fff00000c638ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.139946] fff00000c638ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.140102] >fff00000c638ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.140140] ^ [ 18.140226] fff00000c638ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.140324] fff00000c638ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.140393] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.116740] ================================================================== [ 18.116870] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 18.117159] Write of size 8 at addr fff00000c638ed71 by task kunit_try_catch/176 [ 18.117211] [ 18.117533] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.117631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.117656] Hardware name: linux,dummy-virt (DT) [ 18.117814] Call trace: [ 18.117842] show_stack+0x20/0x38 (C) [ 18.117895] dump_stack_lvl+0x8c/0xd0 [ 18.118259] print_report+0x118/0x608 [ 18.118328] kasan_report+0xdc/0x128 [ 18.118373] kasan_check_range+0x100/0x1a8 [ 18.118427] __asan_memset+0x34/0x78 [ 18.118724] kmalloc_oob_memset_8+0x150/0x2f8 [ 18.118907] kunit_try_run_case+0x170/0x3f0 [ 18.119189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.119471] kthread+0x328/0x630 [ 18.120970] ret_from_fork+0x10/0x20 [ 18.121029] [ 18.121293] Allocated by task 176: [ 18.121460] kasan_save_stack+0x3c/0x68 [ 18.121510] kasan_save_track+0x20/0x40 [ 18.121737] kasan_save_alloc_info+0x40/0x58 [ 18.122250] __kasan_kmalloc+0xd4/0xd8 [ 18.122367] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.122636] kmalloc_oob_memset_8+0xb0/0x2f8 [ 18.123560] kunit_try_run_case+0x170/0x3f0 [ 18.123610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.124057] kthread+0x328/0x630 [ 18.124230] ret_from_fork+0x10/0x20 [ 18.124314] [ 18.124336] The buggy address belongs to the object at fff00000c638ed00 [ 18.124336] which belongs to the cache kmalloc-128 of size 128 [ 18.124554] The buggy address is located 113 bytes inside of [ 18.124554] allocated 120-byte region [fff00000c638ed00, fff00000c638ed78) [ 18.125167] [ 18.125224] The buggy address belongs to the physical page: [ 18.125264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638e [ 18.125441] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.125703] page_type: f5(slab) [ 18.125886] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.126056] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.126455] page dumped because: kasan: bad access detected [ 18.126634] [ 18.126681] Memory state around the buggy address: [ 18.126751] fff00000c638ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.127119] fff00000c638ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.127275] >fff00000c638ed00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.127315] ^ [ 18.127495] fff00000c638ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.127535] fff00000c638ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.127773] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.103979] ================================================================== [ 18.104047] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 18.104109] Write of size 4 at addr fff00000c638ec75 by task kunit_try_catch/174 [ 18.104159] [ 18.104196] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.104286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.104330] Hardware name: linux,dummy-virt (DT) [ 18.104363] Call trace: [ 18.104386] show_stack+0x20/0x38 (C) [ 18.104434] dump_stack_lvl+0x8c/0xd0 [ 18.104482] print_report+0x118/0x608 [ 18.104526] kasan_report+0xdc/0x128 [ 18.104569] kasan_check_range+0x100/0x1a8 [ 18.104615] __asan_memset+0x34/0x78 [ 18.104656] kmalloc_oob_memset_4+0x150/0x300 [ 18.104710] kunit_try_run_case+0x170/0x3f0 [ 18.104760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.104823] kthread+0x328/0x630 [ 18.104872] ret_from_fork+0x10/0x20 [ 18.104920] [ 18.104945] Allocated by task 174: [ 18.104973] kasan_save_stack+0x3c/0x68 [ 18.105013] kasan_save_track+0x20/0x40 [ 18.105050] kasan_save_alloc_info+0x40/0x58 [ 18.105088] __kasan_kmalloc+0xd4/0xd8 [ 18.105124] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.105164] kmalloc_oob_memset_4+0xb0/0x300 [ 18.105200] kunit_try_run_case+0x170/0x3f0 [ 18.105237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.105288] kthread+0x328/0x630 [ 18.105320] ret_from_fork+0x10/0x20 [ 18.105363] [ 18.105383] The buggy address belongs to the object at fff00000c638ec00 [ 18.105383] which belongs to the cache kmalloc-128 of size 128 [ 18.105438] The buggy address is located 117 bytes inside of [ 18.105438] allocated 120-byte region [fff00000c638ec00, fff00000c638ec78) [ 18.105506] [ 18.105532] The buggy address belongs to the physical page: [ 18.105563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638e [ 18.105615] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.105663] page_type: f5(slab) [ 18.105701] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.105748] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.105793] page dumped because: kasan: bad access detected [ 18.106135] [ 18.106157] Memory state around the buggy address: [ 18.106191] fff00000c638eb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.106535] fff00000c638eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.106588] >fff00000c638ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.106625] ^ [ 18.106667] fff00000c638ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.106706] fff00000c638ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.106897] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.081249] ================================================================== [ 18.081325] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 18.081394] Write of size 2 at addr fff00000c638eb77 by task kunit_try_catch/172 [ 18.081443] [ 18.081480] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.081560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.081596] Hardware name: linux,dummy-virt (DT) [ 18.081628] Call trace: [ 18.081650] show_stack+0x20/0x38 (C) [ 18.081708] dump_stack_lvl+0x8c/0xd0 [ 18.081756] print_report+0x118/0x608 [ 18.081801] kasan_report+0xdc/0x128 [ 18.082794] kasan_check_range+0x100/0x1a8 [ 18.082905] __asan_memset+0x34/0x78 [ 18.082978] kmalloc_oob_memset_2+0x150/0x2f8 [ 18.083052] kunit_try_run_case+0x170/0x3f0 [ 18.083098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.083258] kthread+0x328/0x630 [ 18.083498] ret_from_fork+0x10/0x20 [ 18.083656] [ 18.083839] Allocated by task 172: [ 18.083910] kasan_save_stack+0x3c/0x68 [ 18.084357] kasan_save_track+0x20/0x40 [ 18.084531] kasan_save_alloc_info+0x40/0x58 [ 18.084787] __kasan_kmalloc+0xd4/0xd8 [ 18.084876] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.085030] kmalloc_oob_memset_2+0xb0/0x2f8 [ 18.085440] kunit_try_run_case+0x170/0x3f0 [ 18.085728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.085859] kthread+0x328/0x630 [ 18.085938] ret_from_fork+0x10/0x20 [ 18.086266] [ 18.086396] The buggy address belongs to the object at fff00000c638eb00 [ 18.086396] which belongs to the cache kmalloc-128 of size 128 [ 18.086774] The buggy address is located 119 bytes inside of [ 18.086774] allocated 120-byte region [fff00000c638eb00, fff00000c638eb78) [ 18.086893] [ 18.086942] The buggy address belongs to the physical page: [ 18.086972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638e [ 18.087296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.087670] page_type: f5(slab) [ 18.087736] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.088076] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.088149] page dumped because: kasan: bad access detected [ 18.088275] [ 18.088718] Memory state around the buggy address: [ 18.088849] fff00000c638ea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.088992] fff00000c638ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.089074] >fff00000c638eb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.089435] ^ [ 18.089499] fff00000c638eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.089690] fff00000c638ec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.090150] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.067647] ================================================================== [ 18.067872] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 18.067945] Write of size 128 at addr fff00000c638ea00 by task kunit_try_catch/170 [ 18.068072] [ 18.068160] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.068261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.068288] Hardware name: linux,dummy-virt (DT) [ 18.068319] Call trace: [ 18.068587] show_stack+0x20/0x38 (C) [ 18.069213] dump_stack_lvl+0x8c/0xd0 [ 18.069511] print_report+0x118/0x608 [ 18.069571] kasan_report+0xdc/0x128 [ 18.069624] kasan_check_range+0x100/0x1a8 [ 18.069682] __asan_memset+0x34/0x78 [ 18.069745] kmalloc_oob_in_memset+0x144/0x2d0 [ 18.069792] kunit_try_run_case+0x170/0x3f0 [ 18.069849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.069899] kthread+0x328/0x630 [ 18.069940] ret_from_fork+0x10/0x20 [ 18.069989] [ 18.070008] Allocated by task 170: [ 18.070034] kasan_save_stack+0x3c/0x68 [ 18.070085] kasan_save_track+0x20/0x40 [ 18.070123] kasan_save_alloc_info+0x40/0x58 [ 18.070171] __kasan_kmalloc+0xd4/0xd8 [ 18.070207] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.070245] kmalloc_oob_in_memset+0xb0/0x2d0 [ 18.070280] kunit_try_run_case+0x170/0x3f0 [ 18.070316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.070358] kthread+0x328/0x630 [ 18.070389] ret_from_fork+0x10/0x20 [ 18.070424] [ 18.070443] The buggy address belongs to the object at fff00000c638ea00 [ 18.070443] which belongs to the cache kmalloc-128 of size 128 [ 18.070497] The buggy address is located 0 bytes inside of [ 18.070497] allocated 120-byte region [fff00000c638ea00, fff00000c638ea78) [ 18.070562] [ 18.070583] The buggy address belongs to the physical page: [ 18.070614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638e [ 18.070664] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.070711] page_type: f5(slab) [ 18.070748] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.070795] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.070844] page dumped because: kasan: bad access detected [ 18.070873] [ 18.070898] Memory state around the buggy address: [ 18.071814] fff00000c638e900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.072051] fff00000c638e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.072237] >fff00000c638ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.072286] ^ [ 18.072327] fff00000c638ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.072369] fff00000c638eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.072405] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.052350] ================================================================== [ 18.052856] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 18.052936] Read of size 16 at addr fff00000c61737e0 by task kunit_try_catch/168 [ 18.053058] [ 18.053104] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.053426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.053487] Hardware name: linux,dummy-virt (DT) [ 18.053522] Call trace: [ 18.053555] show_stack+0x20/0x38 (C) [ 18.053735] dump_stack_lvl+0x8c/0xd0 [ 18.053966] print_report+0x118/0x608 [ 18.054027] kasan_report+0xdc/0x128 [ 18.054072] __asan_report_load16_noabort+0x20/0x30 [ 18.054118] kmalloc_uaf_16+0x3bc/0x438 [ 18.054231] kunit_try_run_case+0x170/0x3f0 [ 18.054285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.054431] kthread+0x328/0x630 [ 18.054480] ret_from_fork+0x10/0x20 [ 18.054749] [ 18.054839] Allocated by task 168: [ 18.054875] kasan_save_stack+0x3c/0x68 [ 18.055048] kasan_save_track+0x20/0x40 [ 18.055235] kasan_save_alloc_info+0x40/0x58 [ 18.055374] __kasan_kmalloc+0xd4/0xd8 [ 18.055495] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.055536] kmalloc_uaf_16+0x140/0x438 [ 18.055570] kunit_try_run_case+0x170/0x3f0 [ 18.055717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.055767] kthread+0x328/0x630 [ 18.055909] ret_from_fork+0x10/0x20 [ 18.056053] [ 18.056079] Freed by task 168: [ 18.056174] kasan_save_stack+0x3c/0x68 [ 18.056638] kasan_save_track+0x20/0x40 [ 18.056723] kasan_save_free_info+0x4c/0x78 [ 18.056797] __kasan_slab_free+0x6c/0x98 [ 18.056860] kfree+0x214/0x3c8 [ 18.056903] kmalloc_uaf_16+0x190/0x438 [ 18.056938] kunit_try_run_case+0x170/0x3f0 [ 18.056975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.057016] kthread+0x328/0x630 [ 18.057047] ret_from_fork+0x10/0x20 [ 18.057093] [ 18.057122] The buggy address belongs to the object at fff00000c61737e0 [ 18.057122] which belongs to the cache kmalloc-16 of size 16 [ 18.057185] The buggy address is located 0 bytes inside of [ 18.057185] freed 16-byte region [fff00000c61737e0, fff00000c61737f0) [ 18.057259] [ 18.057281] The buggy address belongs to the physical page: [ 18.057312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106173 [ 18.057391] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.057453] page_type: f5(slab) [ 18.057495] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.057559] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.057613] page dumped because: kasan: bad access detected [ 18.057651] [ 18.057668] Memory state around the buggy address: [ 18.057701] fff00000c6173680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.057741] fff00000c6173700: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.057782] >fff00000c6173780: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 18.057828] ^ [ 18.057863] fff00000c6173800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.057912] fff00000c6173880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.057949] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.034410] ================================================================== [ 18.034861] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 18.034941] Write of size 16 at addr fff00000c6173780 by task kunit_try_catch/166 [ 18.035123] [ 18.035361] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.035637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.035712] Hardware name: linux,dummy-virt (DT) [ 18.035800] Call trace: [ 18.035958] show_stack+0x20/0x38 (C) [ 18.036112] dump_stack_lvl+0x8c/0xd0 [ 18.036244] print_report+0x118/0x608 [ 18.036589] kasan_report+0xdc/0x128 [ 18.036727] __asan_report_store16_noabort+0x20/0x30 [ 18.036932] kmalloc_oob_16+0x3a0/0x3f8 [ 18.037093] kunit_try_run_case+0x170/0x3f0 [ 18.037223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.037355] kthread+0x328/0x630 [ 18.037716] ret_from_fork+0x10/0x20 [ 18.037999] [ 18.038136] Allocated by task 166: [ 18.038315] kasan_save_stack+0x3c/0x68 [ 18.038372] kasan_save_track+0x20/0x40 [ 18.038434] kasan_save_alloc_info+0x40/0x58 [ 18.038788] __kasan_kmalloc+0xd4/0xd8 [ 18.038846] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.039218] kmalloc_oob_16+0xb4/0x3f8 [ 18.039327] kunit_try_run_case+0x170/0x3f0 [ 18.039418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.039586] kthread+0x328/0x630 [ 18.039772] ret_from_fork+0x10/0x20 [ 18.039823] [ 18.039843] The buggy address belongs to the object at fff00000c6173780 [ 18.039843] which belongs to the cache kmalloc-16 of size 16 [ 18.039919] The buggy address is located 0 bytes inside of [ 18.039919] allocated 13-byte region [fff00000c6173780, fff00000c617378d) [ 18.040334] [ 18.040571] The buggy address belongs to the physical page: [ 18.040648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106173 [ 18.040772] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.041227] page_type: f5(slab) [ 18.041388] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.041558] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.041627] page dumped because: kasan: bad access detected [ 18.041789] [ 18.041867] Memory state around the buggy address: [ 18.041907] fff00000c6173680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.042277] fff00000c6173700: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.042353] >fff00000c6173780: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.043083] ^ [ 18.043157] fff00000c6173800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.043225] fff00000c6173880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.043332] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 18.005758] ================================================================== [ 18.006100] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 18.006371] Read of size 1 at addr fff00000c5d29600 by task kunit_try_catch/164 [ 18.006695] [ 18.006748] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.006950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.007000] Hardware name: linux,dummy-virt (DT) [ 18.007139] Call trace: [ 18.007338] show_stack+0x20/0x38 (C) [ 18.007475] dump_stack_lvl+0x8c/0xd0 [ 18.007648] print_report+0x118/0x608 [ 18.007880] kasan_report+0xdc/0x128 [ 18.007972] __kasan_check_byte+0x54/0x70 [ 18.008206] krealloc_noprof+0x44/0x360 [ 18.008381] krealloc_uaf+0x180/0x520 [ 18.008564] kunit_try_run_case+0x170/0x3f0 [ 18.008926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.009116] kthread+0x328/0x630 [ 18.009166] ret_from_fork+0x10/0x20 [ 18.009545] [ 18.009592] Allocated by task 164: [ 18.009720] kasan_save_stack+0x3c/0x68 [ 18.009881] kasan_save_track+0x20/0x40 [ 18.009979] kasan_save_alloc_info+0x40/0x58 [ 18.010095] __kasan_kmalloc+0xd4/0xd8 [ 18.010130] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.010426] krealloc_uaf+0xc8/0x520 [ 18.010555] kunit_try_run_case+0x170/0x3f0 [ 18.010708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.010849] kthread+0x328/0x630 [ 18.011024] ret_from_fork+0x10/0x20 [ 18.011085] [ 18.011151] Freed by task 164: [ 18.011199] kasan_save_stack+0x3c/0x68 [ 18.011517] kasan_save_track+0x20/0x40 [ 18.011631] kasan_save_free_info+0x4c/0x78 [ 18.011706] __kasan_slab_free+0x6c/0x98 [ 18.011853] kfree+0x214/0x3c8 [ 18.011976] krealloc_uaf+0x12c/0x520 [ 18.012138] kunit_try_run_case+0x170/0x3f0 [ 18.012176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.012234] kthread+0x328/0x630 [ 18.012382] ret_from_fork+0x10/0x20 [ 18.012452] [ 18.012478] The buggy address belongs to the object at fff00000c5d29600 [ 18.012478] which belongs to the cache kmalloc-256 of size 256 [ 18.012586] The buggy address is located 0 bytes inside of [ 18.012586] freed 256-byte region [fff00000c5d29600, fff00000c5d29700) [ 18.012646] [ 18.012675] The buggy address belongs to the physical page: [ 18.012709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d28 [ 18.012763] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.012827] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.012900] page_type: f5(slab) [ 18.012948] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.012996] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.013044] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.013101] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.013149] head: 0bfffe0000000001 ffffc1ffc3174a01 00000000ffffffff 00000000ffffffff [ 18.013199] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.013245] page dumped because: kasan: bad access detected [ 18.013275] [ 18.013309] Memory state around the buggy address: [ 18.013342] fff00000c5d29500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.013383] fff00000c5d29580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.013433] >fff00000c5d29600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.013469] ^ [ 18.013497] fff00000c5d29680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.013546] fff00000c5d29700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.013591] ================================================================== [ 18.016040] ================================================================== [ 18.016100] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 18.016153] Read of size 1 at addr fff00000c5d29600 by task kunit_try_catch/164 [ 18.016200] [ 18.016234] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.016499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.016761] Hardware name: linux,dummy-virt (DT) [ 18.017248] Call trace: [ 18.017317] show_stack+0x20/0x38 (C) [ 18.017593] dump_stack_lvl+0x8c/0xd0 [ 18.017686] print_report+0x118/0x608 [ 18.017817] kasan_report+0xdc/0x128 [ 18.017912] __asan_report_load1_noabort+0x20/0x30 [ 18.017966] krealloc_uaf+0x4c8/0x520 [ 18.018050] kunit_try_run_case+0x170/0x3f0 [ 18.018220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.018450] kthread+0x328/0x630 [ 18.018778] ret_from_fork+0x10/0x20 [ 18.018870] [ 18.018941] Allocated by task 164: [ 18.019035] kasan_save_stack+0x3c/0x68 [ 18.019366] kasan_save_track+0x20/0x40 [ 18.019449] kasan_save_alloc_info+0x40/0x58 [ 18.019613] __kasan_kmalloc+0xd4/0xd8 [ 18.019758] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.019878] krealloc_uaf+0xc8/0x520 [ 18.019920] kunit_try_run_case+0x170/0x3f0 [ 18.020280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.020385] kthread+0x328/0x630 [ 18.020502] ret_from_fork+0x10/0x20 [ 18.020779] [ 18.020851] Freed by task 164: [ 18.020946] kasan_save_stack+0x3c/0x68 [ 18.021088] kasan_save_track+0x20/0x40 [ 18.021141] kasan_save_free_info+0x4c/0x78 [ 18.021243] __kasan_slab_free+0x6c/0x98 [ 18.021704] kfree+0x214/0x3c8 [ 18.021820] krealloc_uaf+0x12c/0x520 [ 18.022042] kunit_try_run_case+0x170/0x3f0 [ 18.022159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.022523] kthread+0x328/0x630 [ 18.022691] ret_from_fork+0x10/0x20 [ 18.022799] [ 18.022911] The buggy address belongs to the object at fff00000c5d29600 [ 18.022911] which belongs to the cache kmalloc-256 of size 256 [ 18.023018] The buggy address is located 0 bytes inside of [ 18.023018] freed 256-byte region [fff00000c5d29600, fff00000c5d29700) [ 18.023518] [ 18.023645] The buggy address belongs to the physical page: [ 18.023699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d28 [ 18.023768] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.023959] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.024149] page_type: f5(slab) [ 18.024292] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.024676] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.024747] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.025151] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.025376] head: 0bfffe0000000001 ffffc1ffc3174a01 00000000ffffffff 00000000ffffffff [ 18.025617] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.025839] page dumped because: kasan: bad access detected [ 18.025905] [ 18.025924] Memory state around the buggy address: [ 18.025957] fff00000c5d29500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.026125] fff00000c5d29580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.026191] >fff00000c5d29600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.026228] ^ [ 18.026257] fff00000c5d29680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.026296] fff00000c5d29700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.026339] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.890676] ================================================================== [ 17.890740] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.890797] Write of size 1 at addr fff00000c5d294c9 by task kunit_try_catch/158 [ 17.891678] [ 17.891715] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.891793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.891832] Hardware name: linux,dummy-virt (DT) [ 17.891863] Call trace: [ 17.891885] show_stack+0x20/0x38 (C) [ 17.891940] dump_stack_lvl+0x8c/0xd0 [ 17.891988] print_report+0x118/0x608 [ 17.892033] kasan_report+0xdc/0x128 [ 17.892078] __asan_report_store1_noabort+0x20/0x30 [ 17.892124] krealloc_less_oob_helper+0xa48/0xc50 [ 17.892171] krealloc_less_oob+0x20/0x38 [ 17.892214] kunit_try_run_case+0x170/0x3f0 [ 17.892260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.892310] kthread+0x328/0x630 [ 17.892352] ret_from_fork+0x10/0x20 [ 17.892399] [ 17.892417] Allocated by task 158: [ 17.892443] kasan_save_stack+0x3c/0x68 [ 17.892482] kasan_save_track+0x20/0x40 [ 17.892518] kasan_save_alloc_info+0x40/0x58 [ 17.892557] __kasan_krealloc+0x118/0x178 [ 17.892593] krealloc_noprof+0x128/0x360 [ 17.892629] krealloc_less_oob_helper+0x168/0xc50 [ 17.892666] krealloc_less_oob+0x20/0x38 [ 17.892701] kunit_try_run_case+0x170/0x3f0 [ 17.892737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.892778] kthread+0x328/0x630 [ 17.892818] ret_from_fork+0x10/0x20 [ 17.892853] [ 17.892871] The buggy address belongs to the object at fff00000c5d29400 [ 17.892871] which belongs to the cache kmalloc-256 of size 256 [ 17.892926] The buggy address is located 0 bytes to the right of [ 17.892926] allocated 201-byte region [fff00000c5d29400, fff00000c5d294c9) [ 17.892986] [ 17.893105] The buggy address belongs to the physical page: [ 17.893189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d28 [ 17.893406] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.893599] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.893664] page_type: f5(slab) [ 17.893767] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.894168] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.894403] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.894456] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.894504] head: 0bfffe0000000001 ffffc1ffc3174a01 00000000ffffffff 00000000ffffffff [ 17.894723] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.894866] page dumped because: kasan: bad access detected [ 17.894904] [ 17.894922] Memory state around the buggy address: [ 17.894956] fff00000c5d29380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.894997] fff00000c5d29400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.895038] >fff00000c5d29480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.895074] ^ [ 17.895109] fff00000c5d29500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.895149] fff00000c5d29580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.895185] ================================================================== [ 17.976567] ================================================================== [ 17.976700] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.976797] Write of size 1 at addr fff00000c76c20d0 by task kunit_try_catch/162 [ 17.976856] [ 17.976932] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.977051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.977150] Hardware name: linux,dummy-virt (DT) [ 17.977207] Call trace: [ 17.977230] show_stack+0x20/0x38 (C) [ 17.977415] dump_stack_lvl+0x8c/0xd0 [ 17.977483] print_report+0x118/0x608 [ 17.977666] kasan_report+0xdc/0x128 [ 17.977823] __asan_report_store1_noabort+0x20/0x30 [ 17.977876] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.977949] krealloc_large_less_oob+0x20/0x38 [ 17.978032] kunit_try_run_case+0x170/0x3f0 [ 17.978129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.978274] kthread+0x328/0x630 [ 17.978326] ret_from_fork+0x10/0x20 [ 17.978448] [ 17.978473] The buggy address belongs to the physical page: [ 17.978503] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c0 [ 17.978751] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.978861] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.978968] page_type: f8(unknown) [ 17.979055] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.979193] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.979365] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.979413] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.979669] head: 0bfffe0000000002 ffffc1ffc31db001 00000000ffffffff 00000000ffffffff [ 17.979883] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.979930] page dumped because: kasan: bad access detected [ 17.980165] [ 17.980344] Memory state around the buggy address: [ 17.980407] fff00000c76c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.980501] fff00000c76c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.980544] >fff00000c76c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.980581] ^ [ 17.980615] fff00000c76c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.980664] fff00000c76c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.980700] ================================================================== [ 17.987153] ================================================================== [ 17.987197] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.987246] Write of size 1 at addr fff00000c76c20ea by task kunit_try_catch/162 [ 17.987294] [ 17.987322] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.987397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.987422] Hardware name: linux,dummy-virt (DT) [ 17.987452] Call trace: [ 17.987472] show_stack+0x20/0x38 (C) [ 17.987517] dump_stack_lvl+0x8c/0xd0 [ 17.987563] print_report+0x118/0x608 [ 17.987609] kasan_report+0xdc/0x128 [ 17.987653] __asan_report_store1_noabort+0x20/0x30 [ 17.987700] krealloc_less_oob_helper+0xae4/0xc50 [ 17.987747] krealloc_large_less_oob+0x20/0x38 [ 17.987792] kunit_try_run_case+0x170/0x3f0 [ 17.987849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.988025] kthread+0x328/0x630 [ 17.988081] ret_from_fork+0x10/0x20 [ 17.988209] [ 17.988428] The buggy address belongs to the physical page: [ 17.988473] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c0 [ 17.988525] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.988571] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.988742] page_type: f8(unknown) [ 17.988855] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.988954] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.989006] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.989052] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.989098] head: 0bfffe0000000002 ffffc1ffc31db001 00000000ffffffff 00000000ffffffff [ 17.989329] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.989796] page dumped because: kasan: bad access detected [ 17.989927] [ 17.989952] Memory state around the buggy address: [ 17.989984] fff00000c76c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.990589] fff00000c76c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.990748] >fff00000c76c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.990840] ^ [ 17.990888] fff00000c76c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.991021] fff00000c76c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.991062] ================================================================== [ 17.969568] ================================================================== [ 17.969640] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.969700] Write of size 1 at addr fff00000c76c20c9 by task kunit_try_catch/162 [ 17.969880] [ 17.969939] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.970030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.970057] Hardware name: linux,dummy-virt (DT) [ 17.970089] Call trace: [ 17.970112] show_stack+0x20/0x38 (C) [ 17.970164] dump_stack_lvl+0x8c/0xd0 [ 17.970213] print_report+0x118/0x608 [ 17.970259] kasan_report+0xdc/0x128 [ 17.970326] __asan_report_store1_noabort+0x20/0x30 [ 17.970382] krealloc_less_oob_helper+0xa48/0xc50 [ 17.970438] krealloc_large_less_oob+0x20/0x38 [ 17.970485] kunit_try_run_case+0x170/0x3f0 [ 17.970533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.970584] kthread+0x328/0x630 [ 17.970626] ret_from_fork+0x10/0x20 [ 17.970674] [ 17.970696] The buggy address belongs to the physical page: [ 17.970728] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c0 [ 17.970789] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.970892] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.971317] page_type: f8(unknown) [ 17.971371] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.971489] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.971538] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.971609] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.971736] head: 0bfffe0000000002 ffffc1ffc31db001 00000000ffffffff 00000000ffffffff [ 17.971891] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.972015] page dumped because: kasan: bad access detected [ 17.972187] [ 17.972382] Memory state around the buggy address: [ 17.972491] fff00000c76c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.972714] fff00000c76c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.972922] >fff00000c76c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.973098] ^ [ 17.973264] fff00000c76c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.973339] fff00000c76c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.973478] ================================================================== [ 17.912250] ================================================================== [ 17.912642] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.912707] Write of size 1 at addr fff00000c5d294ea by task kunit_try_catch/158 [ 17.912852] [ 17.912920] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.913011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.913037] Hardware name: linux,dummy-virt (DT) [ 17.913114] Call trace: [ 17.913175] show_stack+0x20/0x38 (C) [ 17.913226] dump_stack_lvl+0x8c/0xd0 [ 17.913273] print_report+0x118/0x608 [ 17.913563] kasan_report+0xdc/0x128 [ 17.913619] __asan_report_store1_noabort+0x20/0x30 [ 17.913672] krealloc_less_oob_helper+0xae4/0xc50 [ 17.913918] krealloc_less_oob+0x20/0x38 [ 17.914001] kunit_try_run_case+0x170/0x3f0 [ 17.914101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.914212] kthread+0x328/0x630 [ 17.914263] ret_from_fork+0x10/0x20 [ 17.914309] [ 17.914327] Allocated by task 158: [ 17.914354] kasan_save_stack+0x3c/0x68 [ 17.914393] kasan_save_track+0x20/0x40 [ 17.914429] kasan_save_alloc_info+0x40/0x58 [ 17.914501] __kasan_krealloc+0x118/0x178 [ 17.914541] krealloc_noprof+0x128/0x360 [ 17.914579] krealloc_less_oob_helper+0x168/0xc50 [ 17.914616] krealloc_less_oob+0x20/0x38 [ 17.914661] kunit_try_run_case+0x170/0x3f0 [ 17.914698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.914739] kthread+0x328/0x630 [ 17.914770] ret_from_fork+0x10/0x20 [ 17.914815] [ 17.914834] The buggy address belongs to the object at fff00000c5d29400 [ 17.914834] which belongs to the cache kmalloc-256 of size 256 [ 17.914888] The buggy address is located 33 bytes to the right of [ 17.914888] allocated 201-byte region [fff00000c5d29400, fff00000c5d294c9) [ 17.914949] [ 17.914967] The buggy address belongs to the physical page: [ 17.914998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d28 [ 17.915049] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.915094] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.915144] page_type: f5(slab) [ 17.915180] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.915227] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.915274] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.915833] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.915912] head: 0bfffe0000000001 ffffc1ffc3174a01 00000000ffffffff 00000000ffffffff [ 17.916053] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.916401] page dumped because: kasan: bad access detected [ 17.916432] [ 17.916450] Memory state around the buggy address: [ 17.916482] fff00000c5d29380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.916525] fff00000c5d29400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.916566] >fff00000c5d29480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.916602] ^ [ 17.917518] fff00000c5d29500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.917567] fff00000c5d29580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.917604] ================================================================== [ 17.981148] ================================================================== [ 17.981193] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.981240] Write of size 1 at addr fff00000c76c20da by task kunit_try_catch/162 [ 17.981297] [ 17.981341] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.981419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.981445] Hardware name: linux,dummy-virt (DT) [ 17.981474] Call trace: [ 17.981495] show_stack+0x20/0x38 (C) [ 17.981551] dump_stack_lvl+0x8c/0xd0 [ 17.981607] print_report+0x118/0x608 [ 17.981653] kasan_report+0xdc/0x128 [ 17.981697] __asan_report_store1_noabort+0x20/0x30 [ 17.981742] krealloc_less_oob_helper+0xa80/0xc50 [ 17.981788] krealloc_large_less_oob+0x20/0x38 [ 17.982338] kunit_try_run_case+0x170/0x3f0 [ 17.982406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.982515] kthread+0x328/0x630 [ 17.982706] ret_from_fork+0x10/0x20 [ 17.982760] [ 17.982779] The buggy address belongs to the physical page: [ 17.983347] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c0 [ 17.983489] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.983648] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.983812] page_type: f8(unknown) [ 17.983985] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.984164] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.984372] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.984498] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.984747] head: 0bfffe0000000002 ffffc1ffc31db001 00000000ffffffff 00000000ffffffff [ 17.984934] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.985051] page dumped because: kasan: bad access detected [ 17.985081] [ 17.985098] Memory state around the buggy address: [ 17.985392] fff00000c76c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.985527] fff00000c76c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.985673] >fff00000c76c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.985836] ^ [ 17.986035] fff00000c76c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.986119] fff00000c76c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.986161] ================================================================== [ 17.918708] ================================================================== [ 17.918757] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.918816] Write of size 1 at addr fff00000c5d294eb by task kunit_try_catch/158 [ 17.918863] [ 17.918988] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.919146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.919176] Hardware name: linux,dummy-virt (DT) [ 17.919244] Call trace: [ 17.919311] show_stack+0x20/0x38 (C) [ 17.919547] dump_stack_lvl+0x8c/0xd0 [ 17.919597] print_report+0x118/0x608 [ 17.919643] kasan_report+0xdc/0x128 [ 17.919687] __asan_report_store1_noabort+0x20/0x30 [ 17.920263] krealloc_less_oob_helper+0xa58/0xc50 [ 17.920659] krealloc_less_oob+0x20/0x38 [ 17.920731] kunit_try_run_case+0x170/0x3f0 [ 17.920777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.921338] kthread+0x328/0x630 [ 17.921594] ret_from_fork+0x10/0x20 [ 17.921895] [ 17.921918] Allocated by task 158: [ 17.922001] kasan_save_stack+0x3c/0x68 [ 17.922194] kasan_save_track+0x20/0x40 [ 17.922239] kasan_save_alloc_info+0x40/0x58 [ 17.922770] __kasan_krealloc+0x118/0x178 [ 17.922861] krealloc_noprof+0x128/0x360 [ 17.923188] krealloc_less_oob_helper+0x168/0xc50 [ 17.923435] krealloc_less_oob+0x20/0x38 [ 17.923474] kunit_try_run_case+0x170/0x3f0 [ 17.923510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.923552] kthread+0x328/0x630 [ 17.923583] ret_from_fork+0x10/0x20 [ 17.924028] [ 17.924051] The buggy address belongs to the object at fff00000c5d29400 [ 17.924051] which belongs to the cache kmalloc-256 of size 256 [ 17.924248] The buggy address is located 34 bytes to the right of [ 17.924248] allocated 201-byte region [fff00000c5d29400, fff00000c5d294c9) [ 17.924448] [ 17.924661] The buggy address belongs to the physical page: [ 17.924799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d28 [ 17.924864] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.924909] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.924960] page_type: f5(slab) [ 17.924998] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.925297] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.925955] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.926008] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.926333] head: 0bfffe0000000001 ffffc1ffc3174a01 00000000ffffffff 00000000ffffffff [ 17.926384] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.926659] page dumped because: kasan: bad access detected [ 17.926691] [ 17.926713] Memory state around the buggy address: [ 17.926745] fff00000c5d29380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.926788] fff00000c5d29400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.927306] >fff00000c5d29480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.927389] ^ [ 17.927828] fff00000c5d29500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927876] fff00000c5d29580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927916] ================================================================== [ 17.904910] ================================================================== [ 17.904966] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.905159] Write of size 1 at addr fff00000c5d294da by task kunit_try_catch/158 [ 17.905210] [ 17.905307] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.905408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.905441] Hardware name: linux,dummy-virt (DT) [ 17.905575] Call trace: [ 17.905606] show_stack+0x20/0x38 (C) [ 17.905682] dump_stack_lvl+0x8c/0xd0 [ 17.905886] print_report+0x118/0x608 [ 17.906123] kasan_report+0xdc/0x128 [ 17.906238] __asan_report_store1_noabort+0x20/0x30 [ 17.906289] krealloc_less_oob_helper+0xa80/0xc50 [ 17.906336] krealloc_less_oob+0x20/0x38 [ 17.906379] kunit_try_run_case+0x170/0x3f0 [ 17.906425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.906505] kthread+0x328/0x630 [ 17.906552] ret_from_fork+0x10/0x20 [ 17.906598] [ 17.906616] Allocated by task 158: [ 17.906654] kasan_save_stack+0x3c/0x68 [ 17.906694] kasan_save_track+0x20/0x40 [ 17.906731] kasan_save_alloc_info+0x40/0x58 [ 17.906769] __kasan_krealloc+0x118/0x178 [ 17.906824] krealloc_noprof+0x128/0x360 [ 17.906862] krealloc_less_oob_helper+0x168/0xc50 [ 17.906910] krealloc_less_oob+0x20/0x38 [ 17.907131] kunit_try_run_case+0x170/0x3f0 [ 17.907226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.907271] kthread+0x328/0x630 [ 17.907401] ret_from_fork+0x10/0x20 [ 17.907576] [ 17.907674] The buggy address belongs to the object at fff00000c5d29400 [ 17.907674] which belongs to the cache kmalloc-256 of size 256 [ 17.907842] The buggy address is located 17 bytes to the right of [ 17.907842] allocated 201-byte region [fff00000c5d29400, fff00000c5d294c9) [ 17.908214] [ 17.908264] The buggy address belongs to the physical page: [ 17.908424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d28 [ 17.908589] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.908655] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.908732] page_type: f5(slab) [ 17.909082] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.909183] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.909440] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.909621] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.909748] head: 0bfffe0000000001 ffffc1ffc3174a01 00000000ffffffff 00000000ffffffff [ 17.909826] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.910127] page dumped because: kasan: bad access detected [ 17.910171] [ 17.910430] Memory state around the buggy address: [ 17.910630] fff00000c5d29380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.910734] fff00000c5d29400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.910812] >fff00000c5d29480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.910894] ^ [ 17.911016] fff00000c5d29500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.911076] fff00000c5d29580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.911112] ================================================================== [ 17.896580] ================================================================== [ 17.896635] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.896689] Write of size 1 at addr fff00000c5d294d0 by task kunit_try_catch/158 [ 17.896737] [ 17.896767] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.896857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.896972] Hardware name: linux,dummy-virt (DT) [ 17.897006] Call trace: [ 17.897107] show_stack+0x20/0x38 (C) [ 17.897343] dump_stack_lvl+0x8c/0xd0 [ 17.897446] print_report+0x118/0x608 [ 17.897503] kasan_report+0xdc/0x128 [ 17.897567] __asan_report_store1_noabort+0x20/0x30 [ 17.897621] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.897669] krealloc_less_oob+0x20/0x38 [ 17.897714] kunit_try_run_case+0x170/0x3f0 [ 17.897762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.897822] kthread+0x328/0x630 [ 17.898091] ret_from_fork+0x10/0x20 [ 17.898468] [ 17.898509] Allocated by task 158: [ 17.898653] kasan_save_stack+0x3c/0x68 [ 17.898773] kasan_save_track+0x20/0x40 [ 17.898826] kasan_save_alloc_info+0x40/0x58 [ 17.898902] __kasan_krealloc+0x118/0x178 [ 17.899333] krealloc_noprof+0x128/0x360 [ 17.899391] krealloc_less_oob_helper+0x168/0xc50 [ 17.899439] krealloc_less_oob+0x20/0x38 [ 17.899474] kunit_try_run_case+0x170/0x3f0 [ 17.899829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.899985] kthread+0x328/0x630 [ 17.900151] ret_from_fork+0x10/0x20 [ 17.900270] [ 17.900402] The buggy address belongs to the object at fff00000c5d29400 [ 17.900402] which belongs to the cache kmalloc-256 of size 256 [ 17.900624] The buggy address is located 7 bytes to the right of [ 17.900624] allocated 201-byte region [fff00000c5d29400, fff00000c5d294c9) [ 17.900746] [ 17.900768] The buggy address belongs to the physical page: [ 17.900813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d28 [ 17.901048] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.901113] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.901287] page_type: f5(slab) [ 17.901434] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.901548] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.901857] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.902002] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.902205] head: 0bfffe0000000001 ffffc1ffc3174a01 00000000ffffffff 00000000ffffffff [ 17.902274] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.902607] page dumped because: kasan: bad access detected [ 17.902685] [ 17.902768] Memory state around the buggy address: [ 17.902844] fff00000c5d29380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.902887] fff00000c5d29400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.903134] >fff00000c5d29480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.903184] ^ [ 17.903261] fff00000c5d29500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.903351] fff00000c5d29580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.903504] ================================================================== [ 17.992121] ================================================================== [ 17.992173] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.992226] Write of size 1 at addr fff00000c76c20eb by task kunit_try_catch/162 [ 17.992330] [ 17.992364] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.992475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.992542] Hardware name: linux,dummy-virt (DT) [ 17.992589] Call trace: [ 17.992660] show_stack+0x20/0x38 (C) [ 17.993010] dump_stack_lvl+0x8c/0xd0 [ 17.993083] print_report+0x118/0x608 [ 17.993256] kasan_report+0xdc/0x128 [ 17.993355] __asan_report_store1_noabort+0x20/0x30 [ 17.993742] krealloc_less_oob_helper+0xa58/0xc50 [ 17.993877] krealloc_large_less_oob+0x20/0x38 [ 17.993930] kunit_try_run_case+0x170/0x3f0 [ 17.994375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.994489] kthread+0x328/0x630 [ 17.994618] ret_from_fork+0x10/0x20 [ 17.994672] [ 17.994720] The buggy address belongs to the physical page: [ 17.994753] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c0 [ 17.994835] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.994891] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.995175] page_type: f8(unknown) [ 17.995500] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.995595] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.995731] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.995797] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.996106] head: 0bfffe0000000002 ffffc1ffc31db001 00000000ffffffff 00000000ffffffff [ 17.996276] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.996335] page dumped because: kasan: bad access detected [ 17.996365] [ 17.996544] Memory state around the buggy address: [ 17.996790] fff00000c76c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.996947] fff00000c76c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.997300] >fff00000c76c2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.997415] ^ [ 17.997576] fff00000c76c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.997661] fff00000c76c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.997853] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.874408] ================================================================== [ 17.874502] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.874904] Write of size 1 at addr fff00000c5d292f0 by task kunit_try_catch/156 [ 17.875446] [ 17.875731] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.875831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.875857] Hardware name: linux,dummy-virt (DT) [ 17.876211] Call trace: [ 17.876266] show_stack+0x20/0x38 (C) [ 17.876402] dump_stack_lvl+0x8c/0xd0 [ 17.876506] print_report+0x118/0x608 [ 17.876565] kasan_report+0xdc/0x128 [ 17.876942] __asan_report_store1_noabort+0x20/0x30 [ 17.877159] krealloc_more_oob_helper+0x5c0/0x678 [ 17.877281] krealloc_more_oob+0x20/0x38 [ 17.877406] kunit_try_run_case+0x170/0x3f0 [ 17.877511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.877672] kthread+0x328/0x630 [ 17.877752] ret_from_fork+0x10/0x20 [ 17.878056] [ 17.878572] Allocated by task 156: [ 17.878628] kasan_save_stack+0x3c/0x68 [ 17.878757] kasan_save_track+0x20/0x40 [ 17.878897] kasan_save_alloc_info+0x40/0x58 [ 17.880076] __kasan_krealloc+0x118/0x178 [ 17.880114] krealloc_noprof+0x128/0x360 [ 17.880151] krealloc_more_oob_helper+0x168/0x678 [ 17.880189] krealloc_more_oob+0x20/0x38 [ 17.880224] kunit_try_run_case+0x170/0x3f0 [ 17.880259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.880301] kthread+0x328/0x630 [ 17.880332] ret_from_fork+0x10/0x20 [ 17.880366] [ 17.880385] The buggy address belongs to the object at fff00000c5d29200 [ 17.880385] which belongs to the cache kmalloc-256 of size 256 [ 17.880440] The buggy address is located 5 bytes to the right of [ 17.880440] allocated 235-byte region [fff00000c5d29200, fff00000c5d292eb) [ 17.880500] [ 17.880519] The buggy address belongs to the physical page: [ 17.880551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d28 [ 17.880604] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.880648] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.880699] page_type: f5(slab) [ 17.880736] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.880783] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.880842] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.880888] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.880934] head: 0bfffe0000000001 ffffc1ffc3174a01 00000000ffffffff 00000000ffffffff [ 17.880982] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.881020] page dumped because: kasan: bad access detected [ 17.881171] [ 17.881387] Memory state around the buggy address: [ 17.881430] fff00000c5d29180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.881619] fff00000c5d29200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.881794] >fff00000c5d29280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.881967] ^ [ 17.882056] fff00000c5d29300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.882148] fff00000c5d29380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.882464] ================================================================== [ 17.865122] ================================================================== [ 17.865184] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.865233] Write of size 1 at addr fff00000c5d292eb by task kunit_try_catch/156 [ 17.865645] [ 17.865692] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.866016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.866071] Hardware name: linux,dummy-virt (DT) [ 17.866144] Call trace: [ 17.866214] show_stack+0x20/0x38 (C) [ 17.866268] dump_stack_lvl+0x8c/0xd0 [ 17.866446] print_report+0x118/0x608 [ 17.866494] kasan_report+0xdc/0x128 [ 17.866567] __asan_report_store1_noabort+0x20/0x30 [ 17.866648] krealloc_more_oob_helper+0x60c/0x678 [ 17.866699] krealloc_more_oob+0x20/0x38 [ 17.866743] kunit_try_run_case+0x170/0x3f0 [ 17.866789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.866850] kthread+0x328/0x630 [ 17.866894] ret_from_fork+0x10/0x20 [ 17.867185] [ 17.867206] Allocated by task 156: [ 17.867236] kasan_save_stack+0x3c/0x68 [ 17.867545] kasan_save_track+0x20/0x40 [ 17.867615] kasan_save_alloc_info+0x40/0x58 [ 17.867731] __kasan_krealloc+0x118/0x178 [ 17.867772] krealloc_noprof+0x128/0x360 [ 17.868242] krealloc_more_oob_helper+0x168/0x678 [ 17.868363] krealloc_more_oob+0x20/0x38 [ 17.868617] kunit_try_run_case+0x170/0x3f0 [ 17.868831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.868905] kthread+0x328/0x630 [ 17.869121] ret_from_fork+0x10/0x20 [ 17.869276] [ 17.869414] The buggy address belongs to the object at fff00000c5d29200 [ 17.869414] which belongs to the cache kmalloc-256 of size 256 [ 17.869527] The buggy address is located 0 bytes to the right of [ 17.869527] allocated 235-byte region [fff00000c5d29200, fff00000c5d292eb) [ 17.869634] [ 17.870058] The buggy address belongs to the physical page: [ 17.870191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d28 [ 17.870325] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.870373] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.870591] page_type: f5(slab) [ 17.870826] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.870899] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.871075] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.871127] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.871526] head: 0bfffe0000000001 ffffc1ffc3174a01 00000000ffffffff 00000000ffffffff [ 17.871640] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.871784] page dumped because: kasan: bad access detected [ 17.871872] [ 17.871891] Memory state around the buggy address: [ 17.872206] fff00000c5d29180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.872253] fff00000c5d29200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.872294] >fff00000c5d29280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.872370] ^ [ 17.872431] fff00000c5d29300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.872472] fff00000c5d29380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.872509] ================================================================== [ 17.957872] ================================================================== [ 17.957917] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.957968] Write of size 1 at addr fff00000c76c20f0 by task kunit_try_catch/160 [ 17.958015] [ 17.958046] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.958123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.958148] Hardware name: linux,dummy-virt (DT) [ 17.958178] Call trace: [ 17.958199] show_stack+0x20/0x38 (C) [ 17.958245] dump_stack_lvl+0x8c/0xd0 [ 17.958292] print_report+0x118/0x608 [ 17.958337] kasan_report+0xdc/0x128 [ 17.958381] __asan_report_store1_noabort+0x20/0x30 [ 17.958427] krealloc_more_oob_helper+0x5c0/0x678 [ 17.958476] krealloc_large_more_oob+0x20/0x38 [ 17.958525] kunit_try_run_case+0x170/0x3f0 [ 17.958572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.958623] kthread+0x328/0x630 [ 17.958664] ret_from_fork+0x10/0x20 [ 17.958709] [ 17.958728] The buggy address belongs to the physical page: [ 17.958757] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c0 [ 17.959600] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.959894] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.960138] page_type: f8(unknown) [ 17.960187] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.960400] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.960454] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.960535] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.960681] head: 0bfffe0000000002 ffffc1ffc31db001 00000000ffffffff 00000000ffffffff [ 17.960889] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.961069] page dumped because: kasan: bad access detected [ 17.961152] [ 17.961257] Memory state around the buggy address: [ 17.961326] fff00000c76c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.961417] fff00000c76c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.961692] >fff00000c76c2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.961763] ^ [ 17.961950] fff00000c76c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.962282] fff00000c76c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.962350] ================================================================== [ 17.953936] ================================================================== [ 17.954003] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.954070] Write of size 1 at addr fff00000c76c20eb by task kunit_try_catch/160 [ 17.954119] [ 17.954157] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.954238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.954264] Hardware name: linux,dummy-virt (DT) [ 17.954297] Call trace: [ 17.954319] show_stack+0x20/0x38 (C) [ 17.954369] dump_stack_lvl+0x8c/0xd0 [ 17.954416] print_report+0x118/0x608 [ 17.954461] kasan_report+0xdc/0x128 [ 17.954507] __asan_report_store1_noabort+0x20/0x30 [ 17.954554] krealloc_more_oob_helper+0x60c/0x678 [ 17.954601] krealloc_large_more_oob+0x20/0x38 [ 17.954648] kunit_try_run_case+0x170/0x3f0 [ 17.954695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.954745] kthread+0x328/0x630 [ 17.955561] ret_from_fork+0x10/0x20 [ 17.955644] [ 17.955943] The buggy address belongs to the physical page: [ 17.955983] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c0 [ 17.956040] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.956550] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.956613] page_type: f8(unknown) [ 17.956869] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.956923] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.956971] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.957017] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.957063] head: 0bfffe0000000002 ffffc1ffc31db001 00000000ffffffff 00000000ffffffff [ 17.957109] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.957146] page dumped because: kasan: bad access detected [ 17.957176] [ 17.957193] Memory state around the buggy address: [ 17.957226] fff00000c76c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.957267] fff00000c76c2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.957307] >fff00000c76c2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.957344] ^ [ 17.957381] fff00000c76c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.957420] fff00000c76c2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.957456] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 17.850281] ================================================================== [ 17.850339] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 17.850394] Read of size 1 at addr fff00000c7770000 by task kunit_try_catch/154 [ 17.850442] [ 17.850473] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.850573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.850609] Hardware name: linux,dummy-virt (DT) [ 17.850641] Call trace: [ 17.850671] show_stack+0x20/0x38 (C) [ 17.850720] dump_stack_lvl+0x8c/0xd0 [ 17.850769] print_report+0x118/0x608 [ 17.850864] kasan_report+0xdc/0x128 [ 17.851049] __asan_report_load1_noabort+0x20/0x30 [ 17.851566] page_alloc_uaf+0x328/0x350 [ 17.851924] kunit_try_run_case+0x170/0x3f0 [ 17.851977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.852246] kthread+0x328/0x630 [ 17.852488] ret_from_fork+0x10/0x20 [ 17.852698] [ 17.852777] The buggy address belongs to the physical page: [ 17.852874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107770 [ 17.852927] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.853581] page_type: f0(buddy) [ 17.853638] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 17.854164] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 17.854399] page dumped because: kasan: bad access detected [ 17.854534] [ 17.854573] Memory state around the buggy address: [ 17.855088] fff00000c776ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.855544] fff00000c776ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.855649] >fff00000c7770000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.855705] ^ [ 17.855733] fff00000c7770080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.855773] fff00000c7770100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.856165] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 17.829711] ================================================================== [ 17.829835] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 17.829992] Free of addr fff00000c64bc001 by task kunit_try_catch/150 [ 17.830044] [ 17.830134] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.830637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.830765] Hardware name: linux,dummy-virt (DT) [ 17.830801] Call trace: [ 17.830949] show_stack+0x20/0x38 (C) [ 17.831152] dump_stack_lvl+0x8c/0xd0 [ 17.831219] print_report+0x118/0x608 [ 17.831266] kasan_report_invalid_free+0xc0/0xe8 [ 17.831475] __kasan_kfree_large+0x5c/0xa8 [ 17.831547] free_large_kmalloc+0x64/0x190 [ 17.831717] kfree+0x270/0x3c8 [ 17.831850] kmalloc_large_invalid_free+0x108/0x270 [ 17.831962] kunit_try_run_case+0x170/0x3f0 [ 17.832139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.832361] kthread+0x328/0x630 [ 17.832416] ret_from_fork+0x10/0x20 [ 17.832476] [ 17.832498] The buggy address belongs to the physical page: [ 17.832560] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 17.832612] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.832656] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.832707] page_type: f8(unknown) [ 17.832752] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.832799] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.832858] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.832904] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.832951] head: 0bfffe0000000002 ffffc1ffc3192f01 00000000ffffffff 00000000ffffffff [ 17.832996] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.833033] page dumped because: kasan: bad access detected [ 17.833073] [ 17.833100] Memory state around the buggy address: [ 17.833131] fff00000c64bbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.833171] fff00000c64bbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.833212] >fff00000c64bc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.833263] ^ [ 17.833290] fff00000c64bc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.833339] fff00000c64bc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.833408] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 17.814496] ================================================================== [ 17.814571] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 17.815047] Read of size 1 at addr fff00000c64bc000 by task kunit_try_catch/148 [ 17.815245] [ 17.815345] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.815522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.815670] Hardware name: linux,dummy-virt (DT) [ 17.815731] Call trace: [ 17.815855] show_stack+0x20/0x38 (C) [ 17.815983] dump_stack_lvl+0x8c/0xd0 [ 17.816052] print_report+0x118/0x608 [ 17.816174] kasan_report+0xdc/0x128 [ 17.816225] __asan_report_load1_noabort+0x20/0x30 [ 17.816502] kmalloc_large_uaf+0x2cc/0x2f8 [ 17.816740] kunit_try_run_case+0x170/0x3f0 [ 17.816848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.816937] kthread+0x328/0x630 [ 17.817129] ret_from_fork+0x10/0x20 [ 17.817179] [ 17.817230] The buggy address belongs to the physical page: [ 17.817262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 17.817314] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.817389] raw: 0bfffe0000000000 ffffc1ffc31db008 fff00000da456c40 0000000000000000 [ 17.817438] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 17.817476] page dumped because: kasan: bad access detected [ 17.817514] [ 17.817532] Memory state around the buggy address: [ 17.817581] fff00000c64bbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.817622] fff00000c64bbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.817662] >fff00000c64bc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.817697] ^ [ 17.817732] fff00000c64bc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.817780] fff00000c64bc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.817829] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 17.798083] ================================================================== [ 17.798155] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 17.798226] Write of size 1 at addr fff00000c64ba00a by task kunit_try_catch/146 [ 17.798276] [ 17.798311] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.798390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.798415] Hardware name: linux,dummy-virt (DT) [ 17.798446] Call trace: [ 17.798468] show_stack+0x20/0x38 (C) [ 17.798527] dump_stack_lvl+0x8c/0xd0 [ 17.798575] print_report+0x118/0x608 [ 17.798628] kasan_report+0xdc/0x128 [ 17.798683] __asan_report_store1_noabort+0x20/0x30 [ 17.798739] kmalloc_large_oob_right+0x278/0x2b8 [ 17.798785] kunit_try_run_case+0x170/0x3f0 [ 17.799216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.799271] kthread+0x328/0x630 [ 17.799689] ret_from_fork+0x10/0x20 [ 17.799827] [ 17.799873] The buggy address belongs to the physical page: [ 17.800038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b8 [ 17.800537] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.801020] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.801198] page_type: f8(unknown) [ 17.801296] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.801465] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.801558] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.801817] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.802000] head: 0bfffe0000000002 ffffc1ffc3192e01 00000000ffffffff 00000000ffffffff [ 17.802117] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.802280] page dumped because: kasan: bad access detected [ 17.802348] [ 17.802486] Memory state around the buggy address: [ 17.802576] fff00000c64b9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.802620] fff00000c64b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.803120] >fff00000c64ba000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.803195] ^ [ 17.803334] fff00000c64ba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.803509] fff00000c64ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.803570] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 17.778372] ================================================================== [ 17.778443] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.778571] Write of size 1 at addr fff00000c642df00 by task kunit_try_catch/144 [ 17.778625] [ 17.778733] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.778828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.778893] Hardware name: linux,dummy-virt (DT) [ 17.779148] Call trace: [ 17.779180] show_stack+0x20/0x38 (C) [ 17.779232] dump_stack_lvl+0x8c/0xd0 [ 17.779664] print_report+0x118/0x608 [ 17.779817] kasan_report+0xdc/0x128 [ 17.779943] __asan_report_store1_noabort+0x20/0x30 [ 17.780094] kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.780249] kunit_try_run_case+0x170/0x3f0 [ 17.780415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.780506] kthread+0x328/0x630 [ 17.780688] ret_from_fork+0x10/0x20 [ 17.780914] [ 17.781046] Allocated by task 144: [ 17.781131] kasan_save_stack+0x3c/0x68 [ 17.781579] kasan_save_track+0x20/0x40 [ 17.781782] kasan_save_alloc_info+0x40/0x58 [ 17.781877] __kasan_kmalloc+0xd4/0xd8 [ 17.782230] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.782614] kmalloc_big_oob_right+0xb8/0x2f0 [ 17.782730] kunit_try_run_case+0x170/0x3f0 [ 17.782776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.783287] kthread+0x328/0x630 [ 17.784240] ret_from_fork+0x10/0x20 [ 17.784332] [ 17.784372] The buggy address belongs to the object at fff00000c642c000 [ 17.784372] which belongs to the cache kmalloc-8k of size 8192 [ 17.784429] The buggy address is located 0 bytes to the right of [ 17.784429] allocated 7936-byte region [fff00000c642c000, fff00000c642df00) [ 17.784491] [ 17.784886] The buggy address belongs to the physical page: [ 17.784949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106428 [ 17.785141] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.785219] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.785573] page_type: f5(slab) [ 17.785738] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.786104] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.786181] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.786394] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.786468] head: 0bfffe0000000003 ffffc1ffc3190a01 00000000ffffffff 00000000ffffffff [ 17.786629] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.786839] page dumped because: kasan: bad access detected [ 17.786964] [ 17.787144] Memory state around the buggy address: [ 17.787364] fff00000c642de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.787569] fff00000c642de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.787644] >fff00000c642df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.788048] ^ [ 17.788241] fff00000c642df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.788306] fff00000c642e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.788581] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 17.746064] ================================================================== [ 17.746125] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.746183] Write of size 1 at addr fff00000c638e878 by task kunit_try_catch/142 [ 17.746388] [ 17.746427] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.746888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.746967] Hardware name: linux,dummy-virt (DT) [ 17.747027] Call trace: [ 17.747069] show_stack+0x20/0x38 (C) [ 17.747137] dump_stack_lvl+0x8c/0xd0 [ 17.747189] print_report+0x118/0x608 [ 17.747235] kasan_report+0xdc/0x128 [ 17.747279] __asan_report_store1_noabort+0x20/0x30 [ 17.747325] kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.747498] kunit_try_run_case+0x170/0x3f0 [ 17.747717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.747860] kthread+0x328/0x630 [ 17.747963] ret_from_fork+0x10/0x20 [ 17.748393] [ 17.748452] Allocated by task 142: [ 17.748574] kasan_save_stack+0x3c/0x68 [ 17.748660] kasan_save_track+0x20/0x40 [ 17.748713] kasan_save_alloc_info+0x40/0x58 [ 17.748996] __kasan_kmalloc+0xd4/0xd8 [ 17.749055] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.749107] kmalloc_track_caller_oob_right+0xa8/0x488 [ 17.749475] kunit_try_run_case+0x170/0x3f0 [ 17.749621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.749701] kthread+0x328/0x630 [ 17.749878] ret_from_fork+0x10/0x20 [ 17.750063] [ 17.750131] The buggy address belongs to the object at fff00000c638e800 [ 17.750131] which belongs to the cache kmalloc-128 of size 128 [ 17.750326] The buggy address is located 0 bytes to the right of [ 17.750326] allocated 120-byte region [fff00000c638e800, fff00000c638e878) [ 17.750518] [ 17.750562] The buggy address belongs to the physical page: [ 17.750656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638e [ 17.750766] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.750974] page_type: f5(slab) [ 17.751209] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.751406] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.751469] page dumped because: kasan: bad access detected [ 17.751655] [ 17.751756] Memory state around the buggy address: [ 17.751850] fff00000c638e700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.751938] fff00000c638e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.751980] >fff00000c638e800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.752016] ^ [ 17.752065] fff00000c638e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.752111] fff00000c638e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.752149] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 17.721993] ================================================================== [ 17.722057] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 17.722111] Read of size 1 at addr fff00000c6407000 by task kunit_try_catch/140 [ 17.722159] [ 17.722192] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.722269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.722296] Hardware name: linux,dummy-virt (DT) [ 17.722326] Call trace: [ 17.722348] show_stack+0x20/0x38 (C) [ 17.722394] dump_stack_lvl+0x8c/0xd0 [ 17.722445] print_report+0x118/0x608 [ 17.722494] kasan_report+0xdc/0x128 [ 17.722538] __asan_report_load1_noabort+0x20/0x30 [ 17.722598] kmalloc_node_oob_right+0x2f4/0x330 [ 17.722645] kunit_try_run_case+0x170/0x3f0 [ 17.722691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.722742] kthread+0x328/0x630 [ 17.722793] ret_from_fork+0x10/0x20 [ 17.723551] [ 17.723574] Allocated by task 140: [ 17.724547] kasan_save_stack+0x3c/0x68 [ 17.724763] kasan_save_track+0x20/0x40 [ 17.724932] kasan_save_alloc_info+0x40/0x58 [ 17.724975] __kasan_kmalloc+0xd4/0xd8 [ 17.725195] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 17.725383] kmalloc_node_oob_right+0xbc/0x330 [ 17.725432] kunit_try_run_case+0x170/0x3f0 [ 17.725826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.725923] kthread+0x328/0x630 [ 17.726163] ret_from_fork+0x10/0x20 [ 17.726218] [ 17.726311] The buggy address belongs to the object at fff00000c6406000 [ 17.726311] which belongs to the cache kmalloc-4k of size 4096 [ 17.726668] The buggy address is located 0 bytes to the right of [ 17.726668] allocated 4096-byte region [fff00000c6406000, fff00000c6407000) [ 17.726786] [ 17.726965] The buggy address belongs to the physical page: [ 17.727411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106400 [ 17.728420] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.728594] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.729293] page_type: f5(slab) [ 17.729456] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.729649] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.729723] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.730184] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.730302] head: 0bfffe0000000003 ffffc1ffc3190001 00000000ffffffff 00000000ffffffff [ 17.730469] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.730662] page dumped because: kasan: bad access detected [ 17.730695] [ 17.730772] Memory state around the buggy address: [ 17.731311] fff00000c6406f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.731465] fff00000c6406f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.731521] >fff00000c6407000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.731570] ^ [ 17.731730] fff00000c6407080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.731790] fff00000c6407100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.731839] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.705776] ================================================================== [ 17.705897] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 17.706368] Read of size 1 at addr fff00000c617375f by task kunit_try_catch/138 [ 17.706495] [ 17.706548] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.706631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.706656] Hardware name: linux,dummy-virt (DT) [ 17.706842] Call trace: [ 17.706910] show_stack+0x20/0x38 (C) [ 17.707042] dump_stack_lvl+0x8c/0xd0 [ 17.707092] print_report+0x118/0x608 [ 17.707137] kasan_report+0xdc/0x128 [ 17.707182] __asan_report_load1_noabort+0x20/0x30 [ 17.707231] kmalloc_oob_left+0x2ec/0x320 [ 17.707737] kunit_try_run_case+0x170/0x3f0 [ 17.707936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.708110] kthread+0x328/0x630 [ 17.708189] ret_from_fork+0x10/0x20 [ 17.708276] [ 17.708714] Allocated by task 11: [ 17.708852] kasan_save_stack+0x3c/0x68 [ 17.709021] kasan_save_track+0x20/0x40 [ 17.709144] kasan_save_alloc_info+0x40/0x58 [ 17.709185] __kasan_kmalloc+0xd4/0xd8 [ 17.709750] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.710213] kvasprintf+0xe0/0x180 [ 17.710784] __kthread_create_on_node+0x16c/0x350 [ 17.710957] kthread_create_on_node+0xe4/0x130 [ 17.711002] create_worker+0x380/0x6b8 [ 17.711037] worker_thread+0x808/0xf38 [ 17.711095] kthread+0x328/0x630 [ 17.711349] ret_from_fork+0x10/0x20 [ 17.711499] [ 17.711638] The buggy address belongs to the object at fff00000c6173740 [ 17.711638] which belongs to the cache kmalloc-16 of size 16 [ 17.712056] The buggy address is located 19 bytes to the right of [ 17.712056] allocated 12-byte region [fff00000c6173740, fff00000c617374c) [ 17.712502] [ 17.712670] The buggy address belongs to the physical page: [ 17.712746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106173 [ 17.712877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.712939] page_type: f5(slab) [ 17.712986] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.713065] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.713104] page dumped because: kasan: bad access detected [ 17.713134] [ 17.713180] Memory state around the buggy address: [ 17.713232] fff00000c6173600: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 17.713284] fff00000c6173680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.713326] >fff00000c6173700: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 17.713371] ^ [ 17.713412] fff00000c6173780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.713463] fff00000c6173800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.713509] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 17.675871] ================================================================== [ 17.675917] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.675967] Write of size 1 at addr fff00000c638e778 by task kunit_try_catch/136 [ 17.676014] [ 17.676058] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.676171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.676201] Hardware name: linux,dummy-virt (DT) [ 17.676231] Call trace: [ 17.676252] show_stack+0x20/0x38 (C) [ 17.676467] dump_stack_lvl+0x8c/0xd0 [ 17.676579] print_report+0x118/0x608 [ 17.676703] kasan_report+0xdc/0x128 [ 17.676929] __asan_report_store1_noabort+0x20/0x30 [ 17.677004] kmalloc_oob_right+0x538/0x660 [ 17.677214] kunit_try_run_case+0x170/0x3f0 [ 17.677315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.677475] kthread+0x328/0x630 [ 17.677516] ret_from_fork+0x10/0x20 [ 17.677563] [ 17.677587] Allocated by task 136: [ 17.677691] kasan_save_stack+0x3c/0x68 [ 17.677771] kasan_save_track+0x20/0x40 [ 17.678123] kasan_save_alloc_info+0x40/0x58 [ 17.678242] __kasan_kmalloc+0xd4/0xd8 [ 17.678365] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.678403] kmalloc_oob_right+0xb0/0x660 [ 17.678438] kunit_try_run_case+0x170/0x3f0 [ 17.678474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.678515] kthread+0x328/0x630 [ 17.678972] ret_from_fork+0x10/0x20 [ 17.679025] [ 17.679044] The buggy address belongs to the object at fff00000c638e700 [ 17.679044] which belongs to the cache kmalloc-128 of size 128 [ 17.679213] The buggy address is located 5 bytes to the right of [ 17.679213] allocated 115-byte region [fff00000c638e700, fff00000c638e773) [ 17.679280] [ 17.679299] The buggy address belongs to the physical page: [ 17.679328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638e [ 17.679378] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.679422] page_type: f5(slab) [ 17.679458] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.679506] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.679544] page dumped because: kasan: bad access detected [ 17.679573] [ 17.679591] Memory state around the buggy address: [ 17.679623] fff00000c638e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.679665] fff00000c638e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.679705] >fff00000c638e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.679740] ^ [ 17.679778] fff00000c638e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.679828] fff00000c638e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.679867] ================================================================== [ 17.664002] ================================================================== [ 17.664366] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.665846] Write of size 1 at addr fff00000c638e773 by task kunit_try_catch/136 [ 17.665959] [ 17.667077] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 17.667419] Tainted: [N]=TEST [ 17.667454] Hardware name: linux,dummy-virt (DT) [ 17.667684] Call trace: [ 17.668102] show_stack+0x20/0x38 (C) [ 17.668453] dump_stack_lvl+0x8c/0xd0 [ 17.668668] print_report+0x118/0x608 [ 17.668740] kasan_report+0xdc/0x128 [ 17.668784] __asan_report_store1_noabort+0x20/0x30 [ 17.669290] kmalloc_oob_right+0x5a4/0x660 [ 17.669382] kunit_try_run_case+0x170/0x3f0 [ 17.669433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.669484] kthread+0x328/0x630 [ 17.669527] ret_from_fork+0x10/0x20 [ 17.669783] [ 17.669837] Allocated by task 136: [ 17.670030] kasan_save_stack+0x3c/0x68 [ 17.670115] kasan_save_track+0x20/0x40 [ 17.670155] kasan_save_alloc_info+0x40/0x58 [ 17.670228] __kasan_kmalloc+0xd4/0xd8 [ 17.670265] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.670305] kmalloc_oob_right+0xb0/0x660 [ 17.670339] kunit_try_run_case+0x170/0x3f0 [ 17.670375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.670416] kthread+0x328/0x630 [ 17.670477] ret_from_fork+0x10/0x20 [ 17.670537] [ 17.670599] The buggy address belongs to the object at fff00000c638e700 [ 17.670599] which belongs to the cache kmalloc-128 of size 128 [ 17.670994] The buggy address is located 0 bytes to the right of [ 17.670994] allocated 115-byte region [fff00000c638e700, fff00000c638e773) [ 17.671081] [ 17.671190] The buggy address belongs to the physical page: [ 17.671446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638e [ 17.672037] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.672447] page_type: f5(slab) [ 17.672878] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.673034] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.673241] page dumped because: kasan: bad access detected [ 17.673425] [ 17.673453] Memory state around the buggy address: [ 17.674220] fff00000c638e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.674325] fff00000c638e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.674380] >fff00000c638e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.674503] ^ [ 17.674714] fff00000c638e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.674795] fff00000c638e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.674876] ================================================================== [ 17.680724] ================================================================== [ 17.680768] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.680828] Read of size 1 at addr fff00000c638e780 by task kunit_try_catch/136 [ 17.680874] [ 17.680902] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.680992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.681018] Hardware name: linux,dummy-virt (DT) [ 17.681047] Call trace: [ 17.681068] show_stack+0x20/0x38 (C) [ 17.681291] dump_stack_lvl+0x8c/0xd0 [ 17.681517] print_report+0x118/0x608 [ 17.681706] kasan_report+0xdc/0x128 [ 17.681750] __asan_report_load1_noabort+0x20/0x30 [ 17.681994] kmalloc_oob_right+0x5d0/0x660 [ 17.682041] kunit_try_run_case+0x170/0x3f0 [ 17.682244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.682485] kthread+0x328/0x630 [ 17.682567] ret_from_fork+0x10/0x20 [ 17.682855] [ 17.682874] Allocated by task 136: [ 17.682902] kasan_save_stack+0x3c/0x68 [ 17.683171] kasan_save_track+0x20/0x40 [ 17.683335] kasan_save_alloc_info+0x40/0x58 [ 17.683455] __kasan_kmalloc+0xd4/0xd8 [ 17.683521] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.683560] kmalloc_oob_right+0xb0/0x660 [ 17.683596] kunit_try_run_case+0x170/0x3f0 [ 17.683632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.683699] kthread+0x328/0x630 [ 17.683815] ret_from_fork+0x10/0x20 [ 17.683855] [ 17.683873] The buggy address belongs to the object at fff00000c638e700 [ 17.683873] which belongs to the cache kmalloc-128 of size 128 [ 17.683932] The buggy address is located 13 bytes to the right of [ 17.683932] allocated 115-byte region [fff00000c638e700, fff00000c638e773) [ 17.683993] [ 17.684011] The buggy address belongs to the physical page: [ 17.684039] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638e [ 17.684086] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.684131] page_type: f5(slab) [ 17.684166] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.684214] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.684251] page dumped because: kasan: bad access detected [ 17.684280] [ 17.684297] Memory state around the buggy address: [ 17.684344] fff00000c638e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684469] fff00000c638e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.684565] >fff00000c638e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684651] ^ [ 17.684731] fff00000c638e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684772] fff00000c638e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684844] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.946838] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.949963] Modules linked in: [ 95.950583] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 95.951595] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.952039] Hardware name: linux,dummy-virt (DT) [ 95.952636] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.953249] pc : intlog10+0x38/0x48 [ 95.953444] lr : intlog10_test+0xe4/0x200 [ 95.953636] sp : ffff800082337c10 [ 95.953793] x29: ffff800082337c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.954960] x26: 1ffe0000198a1401 x25: 0000000000000000 x24: ffff800082337ce0 [ 95.955883] x23: ffff800082337d00 x22: 0000000000000000 x21: 1ffff00010466f82 [ 95.956815] x20: ffffae9c24489ec0 x19: ffff800080087990 x18: 0000000041d045ec [ 95.957821] x17: 000000002851d58a x16: fff00000c097583c x15: fff00000ff616b08 [ 95.958948] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff75d385063381 [ 95.959635] x11: 1ffff5d385063380 x10: ffff75d385063380 x9 : ffffae9c21a36bdc [ 95.960229] x8 : ffffae9c28319c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.960590] x5 : ffff700010466f82 x4 : 1ffff00010010f3a x3 : 1ffff5d3848913d8 [ 95.960957] x2 : 1ffff5d3848913d8 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.961573] Call trace: [ 95.961763] intlog10+0x38/0x48 (P) [ 95.962152] kunit_try_run_case+0x170/0x3f0 [ 95.962515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.962966] kthread+0x328/0x630 [ 95.963374] ret_from_fork+0x10/0x20 [ 95.963643] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.898151] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.903221] Modules linked in: [ 95.903939] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 95.905048] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.905674] Hardware name: linux,dummy-virt (DT) [ 95.906173] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.906461] pc : intlog2+0xd8/0xf8 [ 95.906640] lr : intlog2_test+0xe4/0x200 [ 95.906844] sp : ffff800082277c10 [ 95.907275] x29: ffff800082277c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.907663] x26: 1ffe000018fe1021 x25: 0000000000000000 x24: ffff800082277ce0 [ 95.908126] x23: ffff800082277d00 x22: 0000000000000000 x21: 1ffff0001044ef82 [ 95.908577] x20: ffffae9c24489dc0 x19: ffff800080087990 x18: 000000003c0cda33 [ 95.909018] x17: 000000000563c8e7 x16: fff00000c097583c x15: 00000000575eaadd [ 95.909473] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e9cd x12: ffff75d385063381 [ 95.909941] x11: 1ffff5d385063380 x10: ffff75d385063380 x9 : ffffae9c21a36ddc [ 95.910380] x8 : ffffae9c28319c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.910840] x5 : ffff70001044ef82 x4 : 1ffff00010010f3a x3 : 1ffff5d3848913b8 [ 95.911484] x2 : 1ffff5d3848913b8 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.911938] Call trace: [ 95.912110] intlog2+0xd8/0xf8 (P) [ 95.912309] kunit_try_run_case+0x170/0x3f0 [ 95.912571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.912972] kthread+0x328/0x630 [ 95.913332] ret_from_fork+0x10/0x20 [ 95.913758] ---[ end trace 0000000000000000 ]---