Date
July 5, 2025, 11:09 a.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 22.008583] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-use-after-free-in-strnlen
[ 21.978146] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 22.152299] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 22.137308] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.253682] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 22.301693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4e4/0x4858 [ 22.236946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 22.192439] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 96.772501] Internal error: Oops: 0000000096000005 [#1] SMP [ 96.776185] Modules linked in: [ 96.776969] CPU: 1 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 96.777864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 96.778309] Hardware name: linux,dummy-virt (DT) [ 96.778988] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.779769] pc : kunit_test_null_dereference+0x70/0x170 [ 96.780298] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.780881] sp : ffff800081fc7d30 [ 96.781221] x29: ffff800081fc7d90 x28: 0000000000000000 x27: 0000000000000000 [ 96.781984] x26: 1ffe000018f3c701 x25: 0000000000000000 x24: 0000000000000004 [ 96.782719] x23: fff00000c79e380c x22: ffff95d571a241b8 x21: fff00000c1afba08 [ 96.783279] x20: 1ffff000103f8fa6 x19: ffff800080087990 x18: 00000000972ae675 [ 96.783916] x17: 0000000000000001 x16: fff00000da474d28 x15: 00000000d4fab7ba [ 96.784531] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e989 x12: fffd8000196e13a4 [ 96.785017] x11: 1ffe0000196e13a3 x10: fffd8000196e13a3 x9 : ffff95d571a1b620 [ 96.785393] x8 : ffff800081fc7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 96.785882] x5 : ffff7000103f8fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 96.786419] x2 : dfff800000000000 x1 : fff00000cb709440 x0 : ffff800080087990 [ 96.787158] Call trace: [ 96.787466] kunit_test_null_dereference+0x70/0x170 (P) [ 96.787975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.788496] kthread+0x328/0x630 [ 96.788864] ret_from_fork+0x10/0x20 [ 96.789662] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 96.790427] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 53.371646] ================================================================== [ 53.371726] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 53.371726] [ 53.371817] Use-after-free read at 0x0000000024d668b1 (in kfence-#194): [ 53.371871] test_krealloc+0x51c/0x830 [ 53.371919] kunit_try_run_case+0x170/0x3f0 [ 53.371963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.372009] kthread+0x328/0x630 [ 53.372047] ret_from_fork+0x10/0x20 [ 53.372086] [ 53.372112] kfence-#194: 0x0000000024d668b1-0x00000000458f7052, size=32, cache=kmalloc-32 [ 53.372112] [ 53.372168] allocated by task 338 on cpu 0 at 53.370802s (0.001362s ago): [ 53.372242] test_alloc+0x29c/0x628 [ 53.372285] test_krealloc+0xc0/0x830 [ 53.372324] kunit_try_run_case+0x170/0x3f0 [ 53.372389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.372435] kthread+0x328/0x630 [ 53.372473] ret_from_fork+0x10/0x20 [ 53.372510] [ 53.372535] freed by task 338 on cpu 0 at 53.371160s (0.001371s ago): [ 53.372598] krealloc_noprof+0x148/0x360 [ 53.372640] test_krealloc+0x1dc/0x830 [ 53.372679] kunit_try_run_case+0x170/0x3f0 [ 53.372719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.372763] kthread+0x328/0x630 [ 53.372797] ret_from_fork+0x10/0x20 [ 53.372838] [ 53.372882] CPU: 0 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 53.372960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 53.372992] Hardware name: linux,dummy-virt (DT) [ 53.373027] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 53.302692] ================================================================== [ 53.302814] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 53.302814] [ 53.302936] Use-after-free read at 0x000000005e726d8d (in kfence-#193): [ 53.302995] test_memcache_typesafe_by_rcu+0x280/0x560 [ 53.303047] kunit_try_run_case+0x170/0x3f0 [ 53.303097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.303142] kthread+0x328/0x630 [ 53.303183] ret_from_fork+0x10/0x20 [ 53.303226] [ 53.303251] kfence-#193: 0x000000005e726d8d-0x0000000014b95ed0, size=32, cache=test [ 53.303251] [ 53.303305] allocated by task 336 on cpu 1 at 53.266737s (0.036564s ago): [ 53.303400] test_alloc+0x230/0x628 [ 53.303445] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 53.303489] kunit_try_run_case+0x170/0x3f0 [ 53.303530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.303574] kthread+0x328/0x630 [ 53.303613] ret_from_fork+0x10/0x20 [ 53.303653] [ 53.303678] freed by task 336 on cpu 1 at 53.266889s (0.036785s ago): [ 53.303737] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 53.303782] kunit_try_run_case+0x170/0x3f0 [ 53.303823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.303867] kthread+0x328/0x630 [ 53.303904] ret_from_fork+0x10/0x20 [ 53.303945] [ 53.303994] CPU: 1 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 53.304077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 53.304109] Hardware name: linux,dummy-virt (DT) [ 53.304147] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 32.072896] ================================================================== [ 32.073084] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 32.073084] [ 32.073280] Invalid read at 0x00000000f120f441: [ 32.073459] test_invalid_access+0xdc/0x1f0 [ 32.073583] kunit_try_run_case+0x170/0x3f0 [ 32.073698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.073814] kthread+0x328/0x630 [ 32.073911] ret_from_fork+0x10/0x20 [ 32.074042] [ 32.074156] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 32.074369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.074464] Hardware name: linux,dummy-virt (DT) [ 32.074565] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 31.835481] ================================================================== [ 31.835621] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 31.835621] [ 31.835701] Corrupted memory at 0x0000000054b91cea [ ! . . . . . . . . . . . . . . . ] (in kfence-#188): [ 31.836014] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 31.836072] kunit_try_run_case+0x170/0x3f0 [ 31.836121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.836168] kthread+0x328/0x630 [ 31.836212] ret_from_fork+0x10/0x20 [ 31.836253] [ 31.836281] kfence-#188: 0x00000000b9335a6a-0x0000000009613791, size=73, cache=kmalloc-96 [ 31.836281] [ 31.836341] allocated by task 326 on cpu 1 at 31.835049s (0.001288s ago): [ 31.836432] test_alloc+0x29c/0x628 [ 31.836476] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 31.836522] kunit_try_run_case+0x170/0x3f0 [ 31.836564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.836607] kthread+0x328/0x630 [ 31.836646] ret_from_fork+0x10/0x20 [ 31.836685] [ 31.836710] freed by task 326 on cpu 1 at 31.835303s (0.001404s ago): [ 31.836776] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 31.836822] kunit_try_run_case+0x170/0x3f0 [ 31.836863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.836907] kthread+0x328/0x630 [ 31.836945] ret_from_fork+0x10/0x20 [ 31.836985] [ 31.837035] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 31.837124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.837158] Hardware name: linux,dummy-virt (DT) [ 31.837196] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 31.211030] ================================================================== [ 31.211162] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 31.211162] [ 31.211276] Out-of-bounds read at 0x0000000029bd3a52 (105B right of kfence-#182): [ 31.211340] test_kmalloc_aligned_oob_read+0x238/0x468 [ 31.211420] kunit_try_run_case+0x170/0x3f0 [ 31.211469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.211514] kthread+0x328/0x630 [ 31.211556] ret_from_fork+0x10/0x20 [ 31.211597] [ 31.211623] kfence-#182: 0x00000000a45795dc-0x00000000836f6167, size=73, cache=kmalloc-96 [ 31.211623] [ 31.211680] allocated by task 324 on cpu 1 at 31.210653s (0.001023s ago): [ 31.211757] test_alloc+0x29c/0x628 [ 31.211800] test_kmalloc_aligned_oob_read+0x100/0x468 [ 31.211845] kunit_try_run_case+0x170/0x3f0 [ 31.211887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.211930] kthread+0x328/0x630 [ 31.211968] ret_from_fork+0x10/0x20 [ 31.212007] [ 31.212058] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 31.212142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.212174] Hardware name: linux,dummy-virt (DT) [ 31.212209] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 26.426860] ================================================================== [ 26.427007] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 26.427007] [ 26.427088] Corrupted memory at 0x000000003ab2e1b9 [ ! ] (in kfence-#136): [ 26.427212] test_corruption+0x1d8/0x378 [ 26.427265] kunit_try_run_case+0x170/0x3f0 [ 26.427313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.427382] kthread+0x328/0x630 [ 26.427428] ret_from_fork+0x10/0x20 [ 26.427469] [ 26.427494] kfence-#136: 0x00000000621378c6-0x00000000435a5ed4, size=32, cache=test [ 26.427494] [ 26.427554] allocated by task 314 on cpu 1 at 26.426593s (0.000957s ago): [ 26.427618] test_alloc+0x230/0x628 [ 26.427660] test_corruption+0x198/0x378 [ 26.427702] kunit_try_run_case+0x170/0x3f0 [ 26.427742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.427786] kthread+0x328/0x630 [ 26.427822] ret_from_fork+0x10/0x20 [ 26.427862] [ 26.427886] freed by task 314 on cpu 1 at 26.426691s (0.001192s ago): [ 26.427947] test_corruption+0x1d8/0x378 [ 26.427989] kunit_try_run_case+0x170/0x3f0 [ 26.428028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.428072] kthread+0x328/0x630 [ 26.428108] ret_from_fork+0x10/0x20 [ 26.428149] [ 26.428195] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 26.428273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.428304] Hardware name: linux,dummy-virt (DT) [ 26.428341] ================================================================== [ 25.482920] ================================================================== [ 25.483211] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 25.483211] [ 25.483420] Corrupted memory at 0x00000000b4f388e5 [ ! ] (in kfence-#127): [ 25.484556] test_corruption+0x284/0x378 [ 25.484690] kunit_try_run_case+0x170/0x3f0 [ 25.484829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.484925] kthread+0x328/0x630 [ 25.486754] ret_from_fork+0x10/0x20 [ 25.486889] [ 25.486943] kfence-#127: 0x000000005d0b16d6-0x00000000990e84dc, size=32, cache=kmalloc-32 [ 25.486943] [ 25.487024] allocated by task 312 on cpu 1 at 25.481037s (0.005982s ago): [ 25.487096] test_alloc+0x29c/0x628 [ 25.487138] test_corruption+0x198/0x378 [ 25.487178] kunit_try_run_case+0x170/0x3f0 [ 25.487219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.487261] kthread+0x328/0x630 [ 25.487298] ret_from_fork+0x10/0x20 [ 25.487337] [ 25.487381] freed by task 312 on cpu 1 at 25.481578s (0.005797s ago): [ 25.487495] test_corruption+0x284/0x378 [ 25.487579] kunit_try_run_case+0x170/0x3f0 [ 25.487692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.487802] kthread+0x328/0x630 [ 25.487972] ret_from_fork+0x10/0x20 [ 25.488059] [ 25.488159] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.488859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.489303] Hardware name: linux,dummy-virt (DT) [ 25.489596] ================================================================== [ 25.372077] ================================================================== [ 25.372235] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 25.372235] [ 25.372371] Corrupted memory at 0x000000001b9f67c4 [ ! . . . . . . . . . . . . . . . ] (in kfence-#126): [ 25.372993] test_corruption+0x278/0x378 [ 25.373098] kunit_try_run_case+0x170/0x3f0 [ 25.373193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.373295] kthread+0x328/0x630 [ 25.373396] ret_from_fork+0x10/0x20 [ 25.373485] [ 25.373550] kfence-#126: 0x000000008ecbb845-0x00000000650ac9e7, size=32, cache=kmalloc-32 [ 25.373550] [ 25.373666] allocated by task 312 on cpu 1 at 25.371710s (0.001948s ago): [ 25.373797] test_alloc+0x29c/0x628 [ 25.373903] test_corruption+0xdc/0x378 [ 25.374055] kunit_try_run_case+0x170/0x3f0 [ 25.374145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.374270] kthread+0x328/0x630 [ 25.374431] ret_from_fork+0x10/0x20 [ 25.374581] [ 25.374658] freed by task 312 on cpu 1 at 25.371911s (0.002735s ago): [ 25.374820] test_corruption+0x278/0x378 [ 25.374899] kunit_try_run_case+0x170/0x3f0 [ 25.374968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.375066] kthread+0x328/0x630 [ 25.375142] ret_from_fork+0x10/0x20 [ 25.375231] [ 25.375339] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.375512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.375610] Hardware name: linux,dummy-virt (DT) [ 25.375706] ================================================================== [ 25.903666] ================================================================== [ 25.903889] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 25.903889] [ 25.904052] Corrupted memory at 0x00000000284f4363 [ ! . . . . . . . . . . . . . . . ] (in kfence-#131): [ 25.904688] test_corruption+0x120/0x378 [ 25.904785] kunit_try_run_case+0x170/0x3f0 [ 25.904885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.904983] kthread+0x328/0x630 [ 25.905065] ret_from_fork+0x10/0x20 [ 25.905152] [ 25.905206] kfence-#131: 0x00000000a6d55b77-0x000000005408f938, size=32, cache=test [ 25.905206] [ 25.905320] allocated by task 314 on cpu 1 at 25.903309s (0.002004s ago): [ 25.905467] test_alloc+0x230/0x628 [ 25.905560] test_corruption+0xdc/0x378 [ 25.905648] kunit_try_run_case+0x170/0x3f0 [ 25.905736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.905832] kthread+0x328/0x630 [ 25.905916] ret_from_fork+0x10/0x20 [ 25.906001] [ 25.906052] freed by task 314 on cpu 1 at 25.903422s (0.002624s ago): [ 25.906202] test_corruption+0x120/0x378 [ 25.906308] kunit_try_run_case+0x170/0x3f0 [ 25.906436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.906561] kthread+0x328/0x630 [ 25.906648] ret_from_fork+0x10/0x20 [ 25.906743] [ 25.906837] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.907023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.907092] Hardware name: linux,dummy-virt (DT) [ 25.907171] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 25.052944] ================================================================== [ 25.053050] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 25.053050] [ 25.053160] Invalid free of 0x000000008640128d (in kfence-#123): [ 25.053268] test_invalid_addr_free+0x1ac/0x238 [ 25.055400] kunit_try_run_case+0x170/0x3f0 [ 25.055656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.055914] kthread+0x328/0x630 [ 25.056038] ret_from_fork+0x10/0x20 [ 25.056206] [ 25.056321] kfence-#123: 0x00000000e501787f-0x00000000b15db126, size=32, cache=kmalloc-32 [ 25.056321] [ 25.056668] allocated by task 308 on cpu 1 at 25.052744s (0.003882s ago): [ 25.057026] test_alloc+0x29c/0x628 [ 25.057142] test_invalid_addr_free+0xd4/0x238 [ 25.057227] kunit_try_run_case+0x170/0x3f0 [ 25.057319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.057437] kthread+0x328/0x630 [ 25.057520] ret_from_fork+0x10/0x20 [ 25.057607] [ 25.057692] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.058172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.058327] Hardware name: linux,dummy-virt (DT) [ 25.058491] ================================================================== [ 25.160437] ================================================================== [ 25.160688] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 25.160688] [ 25.160841] Invalid free of 0x000000000293f505 (in kfence-#124): [ 25.161293] test_invalid_addr_free+0xec/0x238 [ 25.161615] kunit_try_run_case+0x170/0x3f0 [ 25.161769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.162378] kthread+0x328/0x630 [ 25.162557] ret_from_fork+0x10/0x20 [ 25.162841] [ 25.162935] kfence-#124: 0x00000000ac62b8a9-0x000000001d031ed6, size=32, cache=test [ 25.162935] [ 25.163067] allocated by task 310 on cpu 1 at 25.159794s (0.003265s ago): [ 25.163570] test_alloc+0x230/0x628 [ 25.163826] test_invalid_addr_free+0xd4/0x238 [ 25.164168] kunit_try_run_case+0x170/0x3f0 [ 25.164274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.164464] kthread+0x328/0x630 [ 25.164951] ret_from_fork+0x10/0x20 [ 25.165086] [ 25.165853] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 25.166058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.166289] Hardware name: linux,dummy-virt (DT) [ 25.166381] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 24.835899] ================================================================== [ 24.836059] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 24.836059] [ 24.836191] Invalid free of 0x0000000066efedde (in kfence-#121): [ 24.836324] test_double_free+0x1bc/0x238 [ 24.836439] kunit_try_run_case+0x170/0x3f0 [ 24.836989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.837205] kthread+0x328/0x630 [ 24.837366] ret_from_fork+0x10/0x20 [ 24.837467] [ 24.837579] kfence-#121: 0x0000000066efedde-0x000000002f3a3889, size=32, cache=kmalloc-32 [ 24.837579] [ 24.838091] allocated by task 304 on cpu 1 at 24.835433s (0.002633s ago): [ 24.838289] test_alloc+0x29c/0x628 [ 24.838589] test_double_free+0xd4/0x238 [ 24.838700] kunit_try_run_case+0x170/0x3f0 [ 24.838794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.838975] kthread+0x328/0x630 [ 24.839395] ret_from_fork+0x10/0x20 [ 24.839498] [ 24.839533] freed by task 304 on cpu 1 at 24.835541s (0.003987s ago): [ 24.839611] test_double_free+0x1ac/0x238 [ 24.839660] kunit_try_run_case+0x170/0x3f0 [ 24.839703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.839750] kthread+0x328/0x630 [ 24.839788] ret_from_fork+0x10/0x20 [ 24.839830] [ 24.839882] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.839969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.840001] Hardware name: linux,dummy-virt (DT) [ 24.840040] ================================================================== [ 24.945426] ================================================================== [ 24.945533] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 24.945533] [ 24.945645] Invalid free of 0x00000000e33e160b (in kfence-#122): [ 24.945749] test_double_free+0x100/0x238 [ 24.946580] kunit_try_run_case+0x170/0x3f0 [ 24.946803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.946917] kthread+0x328/0x630 [ 24.947011] ret_from_fork+0x10/0x20 [ 24.947087] [ 24.947140] kfence-#122: 0x00000000e33e160b-0x000000002068a3e3, size=32, cache=test [ 24.947140] [ 24.947644] allocated by task 306 on cpu 1 at 24.943734s (0.003515s ago): [ 24.948161] test_alloc+0x230/0x628 [ 24.948291] test_double_free+0xd4/0x238 [ 24.948404] kunit_try_run_case+0x170/0x3f0 [ 24.948877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.948999] kthread+0x328/0x630 [ 24.949074] ret_from_fork+0x10/0x20 [ 24.949163] [ 24.949444] freed by task 306 on cpu 1 at 24.943821s (0.005608s ago): [ 24.950137] test_double_free+0xf0/0x238 [ 24.950311] kunit_try_run_case+0x170/0x3f0 [ 24.950412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.950938] kthread+0x328/0x630 [ 24.951099] ret_from_fork+0x10/0x20 [ 24.951209] [ 24.951312] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.951491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.952028] Hardware name: linux,dummy-virt (DT) [ 24.952376] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 24.413990] ================================================================== [ 24.414173] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 24.414173] [ 24.414504] Use-after-free read at 0x0000000014b2c949 (in kfence-#117): [ 24.414608] test_use_after_free_read+0x114/0x248 [ 24.414992] kunit_try_run_case+0x170/0x3f0 [ 24.415493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.415844] kthread+0x328/0x630 [ 24.416285] ret_from_fork+0x10/0x20 [ 24.416404] [ 24.416458] kfence-#117: 0x0000000014b2c949-0x000000009713ff7d, size=32, cache=kmalloc-32 [ 24.416458] [ 24.416993] allocated by task 296 on cpu 1 at 24.413530s (0.003452s ago): [ 24.417885] test_alloc+0x29c/0x628 [ 24.418045] test_use_after_free_read+0xd0/0x248 [ 24.418167] kunit_try_run_case+0x170/0x3f0 [ 24.418437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.418618] kthread+0x328/0x630 [ 24.418904] ret_from_fork+0x10/0x20 [ 24.419052] [ 24.419107] freed by task 296 on cpu 1 at 24.413646s (0.005453s ago): [ 24.419506] test_use_after_free_read+0x1c0/0x248 [ 24.419838] kunit_try_run_case+0x170/0x3f0 [ 24.420299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.420421] kthread+0x328/0x630 [ 24.420503] ret_from_fork+0x10/0x20 [ 24.420941] [ 24.421384] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.421660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.421893] Hardware name: linux,dummy-virt (DT) [ 24.422162] ================================================================== [ 24.516944] ================================================================== [ 24.517301] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 24.517301] [ 24.517668] Use-after-free read at 0x00000000b01fdd1e (in kfence-#118): [ 24.517967] test_use_after_free_read+0x114/0x248 [ 24.518114] kunit_try_run_case+0x170/0x3f0 [ 24.518257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.518381] kthread+0x328/0x630 [ 24.518470] ret_from_fork+0x10/0x20 [ 24.518548] [ 24.518614] kfence-#118: 0x00000000b01fdd1e-0x00000000981370e1, size=32, cache=test [ 24.518614] [ 24.518722] allocated by task 298 on cpu 1 at 24.516690s (0.002025s ago): [ 24.518980] test_alloc+0x230/0x628 [ 24.519075] test_use_after_free_read+0xd0/0x248 [ 24.519341] kunit_try_run_case+0x170/0x3f0 [ 24.519576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.519852] kthread+0x328/0x630 [ 24.519943] ret_from_fork+0x10/0x20 [ 24.520033] [ 24.520085] freed by task 298 on cpu 1 at 24.516774s (0.003304s ago): [ 24.520235] test_use_after_free_read+0xf0/0x248 [ 24.520350] kunit_try_run_case+0x170/0x3f0 [ 24.520500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.520642] kthread+0x328/0x630 [ 24.520731] ret_from_fork+0x10/0x20 [ 24.520829] [ 24.520954] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.521202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.521293] Hardware name: linux,dummy-virt (DT) [ 24.521399] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 24.199394] ================================================================== [ 24.199713] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 24.199713] [ 24.199885] Out-of-bounds write at 0x000000006c7acb7f (1B left of kfence-#115): [ 24.200247] test_out_of_bounds_write+0x100/0x240 [ 24.200436] kunit_try_run_case+0x170/0x3f0 [ 24.200545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.200703] kthread+0x328/0x630 [ 24.200870] ret_from_fork+0x10/0x20 [ 24.201190] [ 24.201258] kfence-#115: 0x000000000bcb79dc-0x000000002342c2b0, size=32, cache=kmalloc-32 [ 24.201258] [ 24.201456] allocated by task 292 on cpu 1 at 24.199162s (0.002285s ago): [ 24.201672] test_alloc+0x29c/0x628 [ 24.201827] test_out_of_bounds_write+0xc8/0x240 [ 24.201920] kunit_try_run_case+0x170/0x3f0 [ 24.202351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.202760] kthread+0x328/0x630 [ 24.202899] ret_from_fork+0x10/0x20 [ 24.203303] [ 24.203432] CPU: 1 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.203807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.204049] Hardware name: linux,dummy-virt (DT) [ 24.204213] ================================================================== [ 24.304968] ================================================================== [ 24.305072] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 24.305072] [ 24.305225] Out-of-bounds write at 0x000000000d44f7ea (1B left of kfence-#116): [ 24.305341] test_out_of_bounds_write+0x100/0x240 [ 24.305460] kunit_try_run_case+0x170/0x3f0 [ 24.305559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.305659] kthread+0x328/0x630 [ 24.305739] ret_from_fork+0x10/0x20 [ 24.305826] [ 24.305883] kfence-#116: 0x000000003dc0b80a-0x0000000059dc8f93, size=32, cache=test [ 24.305883] [ 24.306005] allocated by task 294 on cpu 1 at 24.304828s (0.001161s ago): [ 24.306153] test_alloc+0x230/0x628 [ 24.306243] test_out_of_bounds_write+0xc8/0x240 [ 24.306339] kunit_try_run_case+0x170/0x3f0 [ 24.306865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.306965] kthread+0x328/0x630 [ 24.307037] ret_from_fork+0x10/0x20 [ 24.307120] [ 24.307205] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.307429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.307494] Hardware name: linux,dummy-virt (DT) [ 24.307793] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 22.079970] ================================================================== [ 22.080328] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 22.080475] Read of size 8 at addr fff00000c5672908 by task kunit_try_catch/262 [ 22.080579] [ 22.080653] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.081338] kasan_report+0xdc/0x128 [ 22.083337] kasan_save_alloc_info+0x40/0x58 [ 22.085405] [ 22.086545] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.088010] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 23.663232] ================================================================== [ 23.663325] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 23.663325] [ 23.663512] Out-of-bounds read at 0x0000000062c2adcf (32B right of kfence-#110): [ 23.663628] test_out_of_bounds_read+0x1c8/0x3e0 [ 23.663739] kunit_try_run_case+0x170/0x3f0 [ 23.663826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.663923] kthread+0x328/0x630 [ 23.664007] ret_from_fork+0x10/0x20 [ 23.664090] [ 23.664143] kfence-#110: 0x00000000923e9b8e-0x0000000064346708, size=32, cache=kmalloc-32 [ 23.664143] [ 23.664284] allocated by task 288 on cpu 1 at 23.663039s (0.001236s ago): [ 23.664441] test_alloc+0x29c/0x628 [ 23.664526] test_out_of_bounds_read+0x198/0x3e0 [ 23.664764] kunit_try_run_case+0x170/0x3f0 [ 23.664867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.664967] kthread+0x328/0x630 [ 23.665048] ret_from_fork+0x10/0x20 [ 23.665284] [ 23.665401] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.665676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.665903] Hardware name: linux,dummy-virt (DT) [ 23.665981] ================================================================== [ 23.772212] ================================================================== [ 23.772332] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 23.772332] [ 23.772525] Out-of-bounds read at 0x0000000091a5b6e5 (1B left of kfence-#111): [ 23.772657] test_out_of_bounds_read+0x114/0x3e0 [ 23.772758] kunit_try_run_case+0x170/0x3f0 [ 23.772866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.773309] kthread+0x328/0x630 [ 23.773475] ret_from_fork+0x10/0x20 [ 23.773576] [ 23.773637] kfence-#111: 0x00000000b81bb0a2-0x00000000297008f2, size=32, cache=test [ 23.773637] [ 23.773753] allocated by task 290 on cpu 1 at 23.771629s (0.002116s ago): [ 23.773891] test_alloc+0x230/0x628 [ 23.774136] test_out_of_bounds_read+0xdc/0x3e0 [ 23.774250] kunit_try_run_case+0x170/0x3f0 [ 23.774344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.774463] kthread+0x328/0x630 [ 23.774555] ret_from_fork+0x10/0x20 [ 23.774914] [ 23.775048] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.775515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.775634] Hardware name: linux,dummy-virt (DT) [ 23.775718] ================================================================== [ 23.348980] ================================================================== [ 23.349143] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 23.349143] [ 23.349392] Out-of-bounds read at 0x000000004126075a (1B left of kfence-#107): [ 23.349562] test_out_of_bounds_read+0x114/0x3e0 [ 23.349674] kunit_try_run_case+0x170/0x3f0 [ 23.349775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.349876] kthread+0x328/0x630 [ 23.349959] ret_from_fork+0x10/0x20 [ 23.351224] [ 23.351302] kfence-#107: 0x00000000e47973f4-0x0000000012c4529e, size=32, cache=kmalloc-32 [ 23.351302] [ 23.351923] allocated by task 288 on cpu 1 at 23.347729s (0.004171s ago): [ 23.352596] test_alloc+0x29c/0x628 [ 23.353340] test_out_of_bounds_read+0xdc/0x3e0 [ 23.353488] kunit_try_run_case+0x170/0x3f0 [ 23.354121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.354239] kthread+0x328/0x630 [ 23.354307] ret_from_fork+0x10/0x20 [ 23.355173] [ 23.355372] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.356509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.356615] Hardware name: linux,dummy-virt (DT) [ 23.356860] ================================================================== [ 24.091229] ================================================================== [ 24.091511] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 24.091511] [ 24.092140] Out-of-bounds read at 0x00000000ec9468fd (32B right of kfence-#114): [ 24.092332] test_out_of_bounds_read+0x1c8/0x3e0 [ 24.092743] kunit_try_run_case+0x170/0x3f0 [ 24.093459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.093581] kthread+0x328/0x630 [ 24.093681] ret_from_fork+0x10/0x20 [ 24.094049] [ 24.094155] kfence-#114: 0x00000000d2762a38-0x000000004467ec4a, size=32, cache=test [ 24.094155] [ 24.094628] allocated by task 290 on cpu 1 at 24.091032s (0.003585s ago): [ 24.095015] test_alloc+0x230/0x628 [ 24.095293] test_out_of_bounds_read+0x198/0x3e0 [ 24.095487] kunit_try_run_case+0x170/0x3f0 [ 24.095592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.095684] kthread+0x328/0x630 [ 24.095754] ret_from_fork+0x10/0x20 [ 24.095855] [ 24.095946] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.096188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.096255] Hardware name: linux,dummy-virt (DT) [ 24.096378] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-kmem_cache_rcu_uaf
[ 20.500748] ================================================================== [ 20.501406] BUG: KFENCE: use-after-free read in kmem_cache_rcu_uaf+0x1f4/0x468 [ 20.501406] [ 20.502864] Use-after-free read at 0x000000003ea1bd46 (in kfence-#86): [ 20.503616] kmem_cache_rcu_uaf+0x1f4/0x468 [ 20.503737] kunit_try_run_case+0x170/0x3f0 [ 20.504210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.504849] kthread+0x328/0x630 [ 20.505339] ret_from_fork+0x10/0x20 [ 20.506009] [ 20.506147] kfence-#86: 0x000000003ea1bd46-0x000000001853a2fa, size=200, cache=test_cache [ 20.506147] [ 20.506790] allocated by task 214 on cpu 0 at 20.349545s (0.157194s ago): [ 20.507014] kmem_cache_rcu_uaf+0x12c/0x468 [ 20.507789] kunit_try_run_case+0x170/0x3f0 [ 20.508340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.508697] kthread+0x328/0x630 [ 20.509214] ret_from_fork+0x10/0x20 [ 20.509772] [ 20.509869] freed by task 214 on cpu 0 at 20.349901s (0.159957s ago): [ 20.511085] kmem_cache_rcu_uaf+0x16c/0x468 [ 20.511457] kunit_try_run_case+0x170/0x3f0 [ 20.512077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.512598] kthread+0x328/0x630 [ 20.512697] ret_from_fork+0x10/0x20 [ 20.512783] [ 20.512873] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.513064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.513130] Hardware name: linux,dummy-virt (DT) [ 20.513205] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 18.541691] ================================================================== [ 18.542381] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x224/0x488 [ 18.542381] [ 18.542596] Corrupted memory at 0x0000000095df37af [ ! . . . . . . . ] (in kfence-#73): [ 18.547573] kmalloc_track_caller_oob_right+0x224/0x488 [ 18.547672] kunit_try_run_case+0x170/0x3f0 [ 18.547742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.547837] kthread+0x328/0x630 [ 18.547918] ret_from_fork+0x10/0x20 [ 18.547995] [ 18.548716] kfence-#73: 0x00000000001a1b76-0x0000000098a0fb03, size=120, cache=kmalloc-128 [ 18.548716] [ 18.549667] allocated by task 143 on cpu 0 at 18.538985s (0.009979s ago): [ 18.550423] kmalloc_track_caller_oob_right+0x184/0x488 [ 18.550675] kunit_try_run_case+0x170/0x3f0 [ 18.550795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.550935] kthread+0x328/0x630 [ 18.551014] ret_from_fork+0x10/0x20 [ 18.551199] [ 18.551411] freed by task 143 on cpu 0 at 18.540737s (0.010539s ago): [ 18.551574] kmalloc_track_caller_oob_right+0x224/0x488 [ 18.551672] kunit_try_run_case+0x170/0x3f0 [ 18.551763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.551893] kthread+0x328/0x630 [ 18.551969] ret_from_fork+0x10/0x20 [ 18.552080] [ 18.552187] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.552372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.552427] Hardware name: linux,dummy-virt (DT) [ 18.552489] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 23.159812] ================================================================== [ 23.159937] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 23.160062] Write of size 121 at addr fff00000c56e5100 by task kunit_try_catch/286 [ 23.160181] [ 23.160252] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.161151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.161255] Hardware name: linux,dummy-virt (DT) [ 23.161335] Call trace: [ 23.161408] show_stack+0x20/0x38 (C) [ 23.161529] dump_stack_lvl+0x8c/0xd0 [ 23.161645] print_report+0x118/0x608 [ 23.161752] kasan_report+0xdc/0x128 [ 23.161860] kasan_check_range+0x100/0x1a8 [ 23.161974] __kasan_check_write+0x20/0x30 [ 23.162539] strncpy_from_user+0x3c/0x2a0 [ 23.162766] copy_user_test_oob+0x5c0/0xec8 [ 23.162906] kunit_try_run_case+0x170/0x3f0 [ 23.163016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.163224] kthread+0x328/0x630 [ 23.163794] ret_from_fork+0x10/0x20 [ 23.164076] [ 23.164132] Allocated by task 286: [ 23.164196] kasan_save_stack+0x3c/0x68 [ 23.164292] kasan_save_track+0x20/0x40 [ 23.164401] kasan_save_alloc_info+0x40/0x58 [ 23.164501] __kasan_kmalloc+0xd4/0xd8 [ 23.164587] __kmalloc_noprof+0x198/0x4c8 [ 23.164678] kunit_kmalloc_array+0x34/0x88 [ 23.165583] copy_user_test_oob+0xac/0xec8 [ 23.166137] kunit_try_run_case+0x170/0x3f0 [ 23.166286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.166460] kthread+0x328/0x630 [ 23.166560] ret_from_fork+0x10/0x20 [ 23.166684] [ 23.166761] The buggy address belongs to the object at fff00000c56e5100 [ 23.166761] which belongs to the cache kmalloc-128 of size 128 [ 23.166952] The buggy address is located 0 bytes inside of [ 23.166952] allocated 120-byte region [fff00000c56e5100, fff00000c56e5178) [ 23.167103] [ 23.167154] The buggy address belongs to the physical page: [ 23.167224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e5 [ 23.167334] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.167440] page_type: f5(slab) [ 23.167522] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.167664] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.167753] page dumped because: kasan: bad access detected [ 23.167828] [ 23.167870] Memory state around the buggy address: [ 23.167951] fff00000c56e5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.168408] fff00000c56e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.168802] >fff00000c56e5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.169170] ^ [ 23.169289] fff00000c56e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.169771] fff00000c56e5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.169951] ================================================================== [ 23.171784] ================================================================== [ 23.171916] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 23.172474] Write of size 1 at addr fff00000c56e5178 by task kunit_try_catch/286 [ 23.172759] [ 23.172915] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.173455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.173678] Hardware name: linux,dummy-virt (DT) [ 23.173798] Call trace: [ 23.173882] show_stack+0x20/0x38 (C) [ 23.174386] dump_stack_lvl+0x8c/0xd0 [ 23.174742] print_report+0x118/0x608 [ 23.175213] kasan_report+0xdc/0x128 [ 23.175528] __asan_report_store1_noabort+0x20/0x30 [ 23.175659] strncpy_from_user+0x270/0x2a0 [ 23.175785] copy_user_test_oob+0x5c0/0xec8 [ 23.175899] kunit_try_run_case+0x170/0x3f0 [ 23.176008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.176134] kthread+0x328/0x630 [ 23.176238] ret_from_fork+0x10/0x20 [ 23.176631] [ 23.176987] Allocated by task 286: [ 23.177486] kasan_save_stack+0x3c/0x68 [ 23.177721] kasan_save_track+0x20/0x40 [ 23.177990] kasan_save_alloc_info+0x40/0x58 [ 23.178148] __kasan_kmalloc+0xd4/0xd8 [ 23.178259] __kmalloc_noprof+0x198/0x4c8 [ 23.178562] kunit_kmalloc_array+0x34/0x88 [ 23.178648] copy_user_test_oob+0xac/0xec8 [ 23.178726] kunit_try_run_case+0x170/0x3f0 [ 23.179108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.179621] kthread+0x328/0x630 [ 23.179996] ret_from_fork+0x10/0x20 [ 23.180329] [ 23.180428] The buggy address belongs to the object at fff00000c56e5100 [ 23.180428] which belongs to the cache kmalloc-128 of size 128 [ 23.180571] The buggy address is located 0 bytes to the right of [ 23.180571] allocated 120-byte region [fff00000c56e5100, fff00000c56e5178) [ 23.180721] [ 23.181339] The buggy address belongs to the physical page: [ 23.181457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e5 [ 23.181599] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.181901] page_type: f5(slab) [ 23.182252] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.183031] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.183227] page dumped because: kasan: bad access detected [ 23.183312] [ 23.183383] Memory state around the buggy address: [ 23.183469] fff00000c56e5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.183582] fff00000c56e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.183816] >fff00000c56e5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.183950] ^ [ 23.184457] fff00000c56e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.184571] fff00000c56e5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.184672] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 23.131520] ================================================================== [ 23.131811] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 23.131942] Read of size 121 at addr fff00000c56e5100 by task kunit_try_catch/286 [ 23.132146] [ 23.132227] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.132429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.132496] Hardware name: linux,dummy-virt (DT) [ 23.132573] Call trace: [ 23.132627] show_stack+0x20/0x38 (C) [ 23.132739] dump_stack_lvl+0x8c/0xd0 [ 23.132857] print_report+0x118/0x608 [ 23.132964] kasan_report+0xdc/0x128 [ 23.133072] kasan_check_range+0x100/0x1a8 [ 23.133182] __kasan_check_read+0x20/0x30 [ 23.133288] copy_user_test_oob+0x3c8/0xec8 [ 23.133413] kunit_try_run_case+0x170/0x3f0 [ 23.133530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.133651] kthread+0x328/0x630 [ 23.133754] ret_from_fork+0x10/0x20 [ 23.133860] [ 23.133909] Allocated by task 286: [ 23.133979] kasan_save_stack+0x3c/0x68 [ 23.135120] kasan_save_track+0x20/0x40 [ 23.135323] kasan_save_alloc_info+0x40/0x58 [ 23.135519] __kasan_kmalloc+0xd4/0xd8 [ 23.135837] __kmalloc_noprof+0x198/0x4c8 [ 23.135923] kunit_kmalloc_array+0x34/0x88 [ 23.136001] copy_user_test_oob+0xac/0xec8 [ 23.136085] kunit_try_run_case+0x170/0x3f0 [ 23.136179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.136411] kthread+0x328/0x630 [ 23.136674] ret_from_fork+0x10/0x20 [ 23.136811] [ 23.136862] The buggy address belongs to the object at fff00000c56e5100 [ 23.136862] which belongs to the cache kmalloc-128 of size 128 [ 23.136993] The buggy address is located 0 bytes inside of [ 23.136993] allocated 120-byte region [fff00000c56e5100, fff00000c56e5178) [ 23.137139] [ 23.137189] The buggy address belongs to the physical page: [ 23.137263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e5 [ 23.137389] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.137493] page_type: f5(slab) [ 23.137582] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.137700] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.137799] page dumped because: kasan: bad access detected [ 23.137909] [ 23.137959] Memory state around the buggy address: [ 23.138519] fff00000c56e5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.139089] fff00000c56e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.139206] >fff00000c56e5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.139286] ^ [ 23.139397] fff00000c56e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.139493] fff00000c56e5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.139585] ================================================================== [ 23.121427] ================================================================== [ 23.121549] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 23.121671] Write of size 121 at addr fff00000c56e5100 by task kunit_try_catch/286 [ 23.121789] [ 23.121859] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.122048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.122103] Hardware name: linux,dummy-virt (DT) [ 23.122168] Call trace: [ 23.122598] show_stack+0x20/0x38 (C) [ 23.122886] dump_stack_lvl+0x8c/0xd0 [ 23.123029] print_report+0x118/0x608 [ 23.123127] kasan_report+0xdc/0x128 [ 23.123377] kasan_check_range+0x100/0x1a8 [ 23.123475] __kasan_check_write+0x20/0x30 [ 23.123569] copy_user_test_oob+0x35c/0xec8 [ 23.123843] kunit_try_run_case+0x170/0x3f0 [ 23.124002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.124163] kthread+0x328/0x630 [ 23.124711] ret_from_fork+0x10/0x20 [ 23.124902] [ 23.124982] Allocated by task 286: [ 23.125050] kasan_save_stack+0x3c/0x68 [ 23.125147] kasan_save_track+0x20/0x40 [ 23.125222] kasan_save_alloc_info+0x40/0x58 [ 23.125315] __kasan_kmalloc+0xd4/0xd8 [ 23.125423] __kmalloc_noprof+0x198/0x4c8 [ 23.125512] kunit_kmalloc_array+0x34/0x88 [ 23.125601] copy_user_test_oob+0xac/0xec8 [ 23.125687] kunit_try_run_case+0x170/0x3f0 [ 23.125776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.125876] kthread+0x328/0x630 [ 23.125957] ret_from_fork+0x10/0x20 [ 23.126402] [ 23.126618] The buggy address belongs to the object at fff00000c56e5100 [ 23.126618] which belongs to the cache kmalloc-128 of size 128 [ 23.127183] The buggy address is located 0 bytes inside of [ 23.127183] allocated 120-byte region [fff00000c56e5100, fff00000c56e5178) [ 23.127768] [ 23.127810] The buggy address belongs to the physical page: [ 23.127852] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e5 [ 23.127946] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.128000] page_type: f5(slab) [ 23.128041] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.128094] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.128136] page dumped because: kasan: bad access detected [ 23.128171] [ 23.128192] Memory state around the buggy address: [ 23.128228] fff00000c56e5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.128272] fff00000c56e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.128317] >fff00000c56e5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.128376] ^ [ 23.128467] fff00000c56e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.128567] fff00000c56e5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.128806] ================================================================== [ 23.082513] ================================================================== [ 23.082748] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 23.082885] Write of size 121 at addr fff00000c56e5100 by task kunit_try_catch/286 [ 23.082998] [ 23.083106] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.083343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.083451] Hardware name: linux,dummy-virt (DT) [ 23.083559] Call trace: [ 23.083639] show_stack+0x20/0x38 (C) [ 23.083802] dump_stack_lvl+0x8c/0xd0 [ 23.083960] print_report+0x118/0x608 [ 23.084090] kasan_report+0xdc/0x128 [ 23.084204] kasan_check_range+0x100/0x1a8 [ 23.084371] __kasan_check_write+0x20/0x30 [ 23.084465] copy_user_test_oob+0x234/0xec8 [ 23.084564] kunit_try_run_case+0x170/0x3f0 [ 23.085068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.085447] kthread+0x328/0x630 [ 23.085617] ret_from_fork+0x10/0x20 [ 23.085732] [ 23.085778] Allocated by task 286: [ 23.085845] kasan_save_stack+0x3c/0x68 [ 23.085932] kasan_save_track+0x20/0x40 [ 23.086067] kasan_save_alloc_info+0x40/0x58 [ 23.086296] __kasan_kmalloc+0xd4/0xd8 [ 23.086649] __kmalloc_noprof+0x198/0x4c8 [ 23.086775] kunit_kmalloc_array+0x34/0x88 [ 23.086888] copy_user_test_oob+0xac/0xec8 [ 23.086993] kunit_try_run_case+0x170/0x3f0 [ 23.087105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.087219] kthread+0x328/0x630 [ 23.087327] ret_from_fork+0x10/0x20 [ 23.087438] [ 23.087500] The buggy address belongs to the object at fff00000c56e5100 [ 23.087500] which belongs to the cache kmalloc-128 of size 128 [ 23.087932] The buggy address is located 0 bytes inside of [ 23.087932] allocated 120-byte region [fff00000c56e5100, fff00000c56e5178) [ 23.088078] [ 23.088132] The buggy address belongs to the physical page: [ 23.088254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e5 [ 23.088393] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.088511] page_type: f5(slab) [ 23.088606] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.088721] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.088819] page dumped because: kasan: bad access detected [ 23.088897] [ 23.088940] Memory state around the buggy address: [ 23.089016] fff00000c56e5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.089122] fff00000c56e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.089224] >fff00000c56e5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.089315] ^ [ 23.089425] fff00000c56e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.089611] fff00000c56e5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.089909] ================================================================== [ 23.100287] ================================================================== [ 23.100428] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 23.100551] Read of size 121 at addr fff00000c56e5100 by task kunit_try_catch/286 [ 23.100671] [ 23.100743] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.100936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.101001] Hardware name: linux,dummy-virt (DT) [ 23.101073] Call trace: [ 23.101125] show_stack+0x20/0x38 (C) [ 23.101235] dump_stack_lvl+0x8c/0xd0 [ 23.101344] print_report+0x118/0x608 [ 23.101453] kasan_report+0xdc/0x128 [ 23.101562] kasan_check_range+0x100/0x1a8 [ 23.101676] __kasan_check_read+0x20/0x30 [ 23.101781] copy_user_test_oob+0x728/0xec8 [ 23.101886] kunit_try_run_case+0x170/0x3f0 [ 23.102336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.102730] kthread+0x328/0x630 [ 23.102901] ret_from_fork+0x10/0x20 [ 23.103057] [ 23.103116] Allocated by task 286: [ 23.103410] kasan_save_stack+0x3c/0x68 [ 23.103611] kasan_save_track+0x20/0x40 [ 23.103695] kasan_save_alloc_info+0x40/0x58 [ 23.103783] __kasan_kmalloc+0xd4/0xd8 [ 23.103889] __kmalloc_noprof+0x198/0x4c8 [ 23.104020] kunit_kmalloc_array+0x34/0x88 [ 23.104127] copy_user_test_oob+0xac/0xec8 [ 23.104219] kunit_try_run_case+0x170/0x3f0 [ 23.104303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.104421] kthread+0x328/0x630 [ 23.104502] ret_from_fork+0x10/0x20 [ 23.104588] [ 23.104646] The buggy address belongs to the object at fff00000c56e5100 [ 23.104646] which belongs to the cache kmalloc-128 of size 128 [ 23.104766] The buggy address is located 0 bytes inside of [ 23.104766] allocated 120-byte region [fff00000c56e5100, fff00000c56e5178) [ 23.105298] [ 23.105501] The buggy address belongs to the physical page: [ 23.105582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e5 [ 23.105707] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.105813] page_type: f5(slab) [ 23.105904] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.106060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.106453] page dumped because: kasan: bad access detected [ 23.106567] [ 23.106736] Memory state around the buggy address: [ 23.106816] fff00000c56e5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.107018] fff00000c56e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.107153] >fff00000c56e5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.107293] ^ [ 23.107457] fff00000c56e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.107610] fff00000c56e5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.107752] ================================================================== [ 23.140500] ================================================================== [ 23.140633] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 23.140756] Write of size 121 at addr fff00000c56e5100 by task kunit_try_catch/286 [ 23.140872] [ 23.140944] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.141136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.141204] Hardware name: linux,dummy-virt (DT) [ 23.141276] Call trace: [ 23.141329] show_stack+0x20/0x38 (C) [ 23.141461] dump_stack_lvl+0x8c/0xd0 [ 23.141577] print_report+0x118/0x608 [ 23.141687] kasan_report+0xdc/0x128 [ 23.141790] kasan_check_range+0x100/0x1a8 [ 23.141902] __kasan_check_write+0x20/0x30 [ 23.142017] copy_user_test_oob+0x434/0xec8 [ 23.142133] kunit_try_run_case+0x170/0x3f0 [ 23.142246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.144073] kthread+0x328/0x630 [ 23.144228] ret_from_fork+0x10/0x20 [ 23.144514] [ 23.144629] Allocated by task 286: [ 23.144859] kasan_save_stack+0x3c/0x68 [ 23.145210] kasan_save_track+0x20/0x40 [ 23.145304] kasan_save_alloc_info+0x40/0x58 [ 23.145670] __kasan_kmalloc+0xd4/0xd8 [ 23.145923] __kmalloc_noprof+0x198/0x4c8 [ 23.146027] kunit_kmalloc_array+0x34/0x88 [ 23.146123] copy_user_test_oob+0xac/0xec8 [ 23.146408] kunit_try_run_case+0x170/0x3f0 [ 23.146639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.146766] kthread+0x328/0x630 [ 23.146873] ret_from_fork+0x10/0x20 [ 23.146976] [ 23.147020] The buggy address belongs to the object at fff00000c56e5100 [ 23.147020] which belongs to the cache kmalloc-128 of size 128 [ 23.147158] The buggy address is located 0 bytes inside of [ 23.147158] allocated 120-byte region [fff00000c56e5100, fff00000c56e5178) [ 23.147298] [ 23.147349] The buggy address belongs to the physical page: [ 23.147490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e5 [ 23.147668] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.147782] page_type: f5(slab) [ 23.147878] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.148049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.148192] page dumped because: kasan: bad access detected [ 23.148304] [ 23.148394] Memory state around the buggy address: [ 23.148475] fff00000c56e5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.148577] fff00000c56e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.148682] >fff00000c56e5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.148785] ^ [ 23.148931] fff00000c56e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.149080] fff00000c56e5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.149214] ================================================================== [ 23.150524] ================================================================== [ 23.150665] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 23.150799] Read of size 121 at addr fff00000c56e5100 by task kunit_try_catch/286 [ 23.150911] [ 23.150983] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.151218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.151278] Hardware name: linux,dummy-virt (DT) [ 23.151347] Call trace: [ 23.151424] show_stack+0x20/0x38 (C) [ 23.151543] dump_stack_lvl+0x8c/0xd0 [ 23.151707] print_report+0x118/0x608 [ 23.151831] kasan_report+0xdc/0x128 [ 23.151993] kasan_check_range+0x100/0x1a8 [ 23.152149] __kasan_check_read+0x20/0x30 [ 23.152303] copy_user_test_oob+0x4a0/0xec8 [ 23.152469] kunit_try_run_case+0x170/0x3f0 [ 23.152630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.152752] kthread+0x328/0x630 [ 23.152855] ret_from_fork+0x10/0x20 [ 23.152965] [ 23.153014] Allocated by task 286: [ 23.153080] kasan_save_stack+0x3c/0x68 [ 23.153179] kasan_save_track+0x20/0x40 [ 23.153268] kasan_save_alloc_info+0x40/0x58 [ 23.153383] __kasan_kmalloc+0xd4/0xd8 [ 23.153514] __kmalloc_noprof+0x198/0x4c8 [ 23.153642] kunit_kmalloc_array+0x34/0x88 [ 23.153765] copy_user_test_oob+0xac/0xec8 [ 23.153895] kunit_try_run_case+0x170/0x3f0 [ 23.154053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.154151] kthread+0x328/0x630 [ 23.154255] ret_from_fork+0x10/0x20 [ 23.154368] [ 23.154450] The buggy address belongs to the object at fff00000c56e5100 [ 23.154450] which belongs to the cache kmalloc-128 of size 128 [ 23.154600] The buggy address is located 0 bytes inside of [ 23.154600] allocated 120-byte region [fff00000c56e5100, fff00000c56e5178) [ 23.154783] [ 23.154830] The buggy address belongs to the physical page: [ 23.154926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e5 [ 23.155077] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.155227] page_type: f5(slab) [ 23.155319] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.155447] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.155534] page dumped because: kasan: bad access detected [ 23.155606] [ 23.155655] Memory state around the buggy address: [ 23.155778] fff00000c56e5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.155884] fff00000c56e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.155969] >fff00000c56e5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.156074] ^ [ 23.156178] fff00000c56e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.156281] fff00000c56e5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.156436] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 22.985321] ================================================================== [ 22.985953] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 22.986565] Read of size 8 at addr fff00000c7a37278 by task kunit_try_catch/282 [ 22.986753] [ 22.986906] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.987172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.987263] Hardware name: linux,dummy-virt (DT) [ 22.987347] Call trace: [ 22.987797] show_stack+0x20/0x38 (C) [ 22.987941] dump_stack_lvl+0x8c/0xd0 [ 22.988056] print_report+0x118/0x608 [ 22.988164] kasan_report+0xdc/0x128 [ 22.988257] __asan_report_load8_noabort+0x20/0x30 [ 22.988378] copy_to_kernel_nofault+0x204/0x250 [ 22.988498] copy_to_kernel_nofault_oob+0x158/0x418 [ 22.988609] kunit_try_run_case+0x170/0x3f0 [ 22.988727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.988850] kthread+0x328/0x630 [ 22.988947] ret_from_fork+0x10/0x20 [ 22.989053] [ 22.989104] Allocated by task 282: [ 22.989171] kasan_save_stack+0x3c/0x68 [ 22.989270] kasan_save_track+0x20/0x40 [ 22.990194] kasan_save_alloc_info+0x40/0x58 [ 22.990803] __kasan_kmalloc+0xd4/0xd8 [ 22.990974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.991144] copy_to_kernel_nofault_oob+0xc8/0x418 [ 22.991311] kunit_try_run_case+0x170/0x3f0 [ 22.991818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.992343] kthread+0x328/0x630 [ 22.992465] ret_from_fork+0x10/0x20 [ 22.992563] [ 22.992673] The buggy address belongs to the object at fff00000c7a37200 [ 22.992673] which belongs to the cache kmalloc-128 of size 128 [ 22.992888] The buggy address is located 0 bytes to the right of [ 22.992888] allocated 120-byte region [fff00000c7a37200, fff00000c7a37278) [ 22.993049] [ 22.993530] The buggy address belongs to the physical page: [ 22.993627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a37 [ 22.993830] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.993956] page_type: f5(slab) [ 22.994106] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.994297] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.994818] page dumped because: kasan: bad access detected [ 22.994996] [ 22.995066] Memory state around the buggy address: [ 22.995161] fff00000c7a37100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.995351] fff00000c7a37180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.995480] >fff00000c7a37200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.995571] ^ [ 22.995675] fff00000c7a37280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.996398] fff00000c7a37300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.996515] ================================================================== [ 22.999743] ================================================================== [ 22.999944] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 23.000149] Write of size 8 at addr fff00000c7a37278 by task kunit_try_catch/282 [ 23.000274] [ 23.000619] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.000819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.001259] Hardware name: linux,dummy-virt (DT) [ 23.001531] Call trace: [ 23.001615] show_stack+0x20/0x38 (C) [ 23.001749] dump_stack_lvl+0x8c/0xd0 [ 23.001951] print_report+0x118/0x608 [ 23.002134] kasan_report+0xdc/0x128 [ 23.002233] kasan_check_range+0x100/0x1a8 [ 23.002327] __kasan_check_write+0x20/0x30 [ 23.002452] copy_to_kernel_nofault+0x8c/0x250 [ 23.002572] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 23.002694] kunit_try_run_case+0x170/0x3f0 [ 23.002805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.002931] kthread+0x328/0x630 [ 23.003533] ret_from_fork+0x10/0x20 [ 23.004000] [ 23.004240] Allocated by task 282: [ 23.004324] kasan_save_stack+0x3c/0x68 [ 23.004532] kasan_save_track+0x20/0x40 [ 23.004625] kasan_save_alloc_info+0x40/0x58 [ 23.005133] __kasan_kmalloc+0xd4/0xd8 [ 23.005790] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.006461] copy_to_kernel_nofault_oob+0xc8/0x418 [ 23.006601] kunit_try_run_case+0x170/0x3f0 [ 23.006709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.006816] kthread+0x328/0x630 [ 23.006889] ret_from_fork+0x10/0x20 [ 23.006962] [ 23.007001] The buggy address belongs to the object at fff00000c7a37200 [ 23.007001] which belongs to the cache kmalloc-128 of size 128 [ 23.007119] The buggy address is located 0 bytes to the right of [ 23.007119] allocated 120-byte region [fff00000c7a37200, fff00000c7a37278) [ 23.007268] [ 23.007749] The buggy address belongs to the physical page: [ 23.008004] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a37 [ 23.008484] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.008616] page_type: f5(slab) [ 23.009000] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.009134] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.009544] page dumped because: kasan: bad access detected [ 23.009632] [ 23.009722] Memory state around the buggy address: [ 23.009818] fff00000c7a37100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.009967] fff00000c7a37180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.010070] >fff00000c7a37200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.010146] ^ [ 23.010464] fff00000c7a37280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.010796] fff00000c7a37300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.010904] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 22.908062] ================================================================== [ 22.908206] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 22.908321] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 22.908522] [ 22.908610] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.908856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.908913] Hardware name: linux,dummy-virt (DT) [ 22.908976] Call trace: [ 22.909030] show_stack+0x20/0x38 (C) [ 22.909185] dump_stack_lvl+0x8c/0xd0 [ 22.909314] print_report+0x310/0x608 [ 22.909436] kasan_report+0xdc/0x128 [ 22.909573] __asan_report_load1_noabort+0x20/0x30 [ 22.909742] vmalloc_oob+0x51c/0x5d0 [ 22.909884] kunit_try_run_case+0x170/0x3f0 [ 22.910042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.910213] kthread+0x328/0x630 [ 22.910365] ret_from_fork+0x10/0x20 [ 22.910475] [ 22.910574] The buggy address belongs to the virtual mapping at [ 22.910574] [ffff8000800fe000, ffff800080100000) created by: [ 22.910574] vmalloc_oob+0x98/0x5d0 [ 22.910752] [ 22.910814] The buggy address belongs to the physical page: [ 22.910896] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107871 [ 22.911016] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.911151] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.911295] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.911423] page dumped because: kasan: bad access detected [ 22.911492] [ 22.911530] Memory state around the buggy address: [ 22.911606] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.911703] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.911801] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 22.911894] ^ [ 22.912037] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.912160] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.912270] ================================================================== [ 22.901401] ================================================================== [ 22.901579] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 22.901735] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 22.901848] [ 22.901925] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.902141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.902272] Hardware name: linux,dummy-virt (DT) [ 22.902399] Call trace: [ 22.902488] show_stack+0x20/0x38 (C) [ 22.902607] dump_stack_lvl+0x8c/0xd0 [ 22.902699] print_report+0x310/0x608 [ 22.902792] kasan_report+0xdc/0x128 [ 22.902890] __asan_report_load1_noabort+0x20/0x30 [ 22.903015] vmalloc_oob+0x578/0x5d0 [ 22.903118] kunit_try_run_case+0x170/0x3f0 [ 22.903243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.903376] kthread+0x328/0x630 [ 22.903504] ret_from_fork+0x10/0x20 [ 22.903626] [ 22.903699] The buggy address belongs to the virtual mapping at [ 22.903699] [ffff8000800fe000, ffff800080100000) created by: [ 22.903699] vmalloc_oob+0x98/0x5d0 [ 22.903884] [ 22.903935] The buggy address belongs to the physical page: [ 22.904008] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107871 [ 22.904165] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.904296] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.904467] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.904592] page dumped because: kasan: bad access detected [ 22.904688] [ 22.904735] Memory state around the buggy address: [ 22.904849] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.904980] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.905105] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 22.905204] ^ [ 22.905291] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.905399] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.905491] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.741216] ================================================================== [ 22.741317] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 22.741439] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.741548] [ 22.741617] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.741805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.741868] Hardware name: linux,dummy-virt (DT) [ 22.741941] Call trace: [ 22.741992] show_stack+0x20/0x38 (C) [ 22.742103] dump_stack_lvl+0x8c/0xd0 [ 22.742209] print_report+0x118/0x608 [ 22.742312] kasan_report+0xdc/0x128 [ 22.742435] kasan_check_range+0x100/0x1a8 [ 22.742559] __kasan_check_write+0x20/0x30 [ 22.742662] kasan_atomics_helper+0x1414/0x4858 [ 22.742772] kasan_atomics+0x198/0x2e0 [ 22.742880] kunit_try_run_case+0x170/0x3f0 [ 22.742989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.743109] kthread+0x328/0x630 [ 22.743203] ret_from_fork+0x10/0x20 [ 22.743308] [ 22.744857] Allocated by task 266: [ 22.745301] kasan_save_stack+0x3c/0x68 [ 22.745649] kasan_save_track+0x20/0x40 [ 22.746533] kasan_save_alloc_info+0x40/0x58 [ 22.746645] __kasan_kmalloc+0xd4/0xd8 [ 22.746735] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.746819] kasan_atomics+0xb8/0x2e0 [ 22.746884] kunit_try_run_case+0x170/0x3f0 [ 22.746967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.747060] kthread+0x328/0x630 [ 22.747140] ret_from_fork+0x10/0x20 [ 22.747230] [ 22.747284] The buggy address belongs to the object at fff00000c79e4c00 [ 22.747284] which belongs to the cache kmalloc-64 of size 64 [ 22.747440] The buggy address is located 0 bytes to the right of [ 22.747440] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.747593] [ 22.748387] The buggy address belongs to the physical page: [ 22.748485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.748664] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.748826] page_type: f5(slab) [ 22.748910] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.749037] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.749144] page dumped because: kasan: bad access detected [ 22.749229] [ 22.749285] Memory state around the buggy address: [ 22.749383] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.749561] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.749784] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.749939] ^ [ 22.750056] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.750156] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.750540] ================================================================== [ 22.484441] ================================================================== [ 22.484610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 22.484779] Write of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.484900] [ 22.484973] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.485156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.485219] Hardware name: linux,dummy-virt (DT) [ 22.485284] Call trace: [ 22.485340] show_stack+0x20/0x38 (C) [ 22.485468] dump_stack_lvl+0x8c/0xd0 [ 22.485572] print_report+0x118/0x608 [ 22.485684] kasan_report+0xdc/0x128 [ 22.485840] kasan_check_range+0x100/0x1a8 [ 22.485951] __kasan_check_write+0x20/0x30 [ 22.486089] kasan_atomics_helper+0xd3c/0x4858 [ 22.486193] kasan_atomics+0x198/0x2e0 [ 22.486323] kunit_try_run_case+0x170/0x3f0 [ 22.486488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.486697] kthread+0x328/0x630 [ 22.487161] ret_from_fork+0x10/0x20 [ 22.489377] [ 22.489448] Allocated by task 266: [ 22.489526] kasan_save_stack+0x3c/0x68 [ 22.489673] kasan_save_track+0x20/0x40 [ 22.489769] kasan_save_alloc_info+0x40/0x58 [ 22.489870] __kasan_kmalloc+0xd4/0xd8 [ 22.489964] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.490095] kasan_atomics+0xb8/0x2e0 [ 22.490321] kunit_try_run_case+0x170/0x3f0 [ 22.490451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.491404] kthread+0x328/0x630 [ 22.491652] ret_from_fork+0x10/0x20 [ 22.491743] [ 22.492329] The buggy address belongs to the object at fff00000c79e4c00 [ 22.492329] which belongs to the cache kmalloc-64 of size 64 [ 22.492676] The buggy address is located 0 bytes to the right of [ 22.492676] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.492891] [ 22.492968] The buggy address belongs to the physical page: [ 22.493036] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.493154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.493269] page_type: f5(slab) [ 22.493396] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.493567] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.493702] page dumped because: kasan: bad access detected [ 22.493810] [ 22.493876] Memory state around the buggy address: [ 22.493982] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.494254] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.494489] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.494583] ^ [ 22.494661] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.494743] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.494818] ================================================================== [ 22.828096] ================================================================== [ 22.828229] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 22.828343] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.828620] [ 22.828717] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.829377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.829486] Hardware name: linux,dummy-virt (DT) [ 22.829667] Call trace: [ 22.829765] show_stack+0x20/0x38 (C) [ 22.829999] dump_stack_lvl+0x8c/0xd0 [ 22.830180] print_report+0x118/0x608 [ 22.830295] kasan_report+0xdc/0x128 [ 22.830623] kasan_check_range+0x100/0x1a8 [ 22.830823] __kasan_check_write+0x20/0x30 [ 22.831047] kasan_atomics_helper+0x16d0/0x4858 [ 22.831184] kasan_atomics+0x198/0x2e0 [ 22.831294] kunit_try_run_case+0x170/0x3f0 [ 22.831427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.831556] kthread+0x328/0x630 [ 22.831659] ret_from_fork+0x10/0x20 [ 22.831769] [ 22.831815] Allocated by task 266: [ 22.831882] kasan_save_stack+0x3c/0x68 [ 22.831977] kasan_save_track+0x20/0x40 [ 22.832069] kasan_save_alloc_info+0x40/0x58 [ 22.832683] __kasan_kmalloc+0xd4/0xd8 [ 22.832853] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.833057] kasan_atomics+0xb8/0x2e0 [ 22.833241] kunit_try_run_case+0x170/0x3f0 [ 22.833334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.833813] kthread+0x328/0x630 [ 22.834029] ret_from_fork+0x10/0x20 [ 22.834616] [ 22.834713] The buggy address belongs to the object at fff00000c79e4c00 [ 22.834713] which belongs to the cache kmalloc-64 of size 64 [ 22.835120] The buggy address is located 0 bytes to the right of [ 22.835120] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.835606] [ 22.835787] The buggy address belongs to the physical page: [ 22.835935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.836314] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.836757] page_type: f5(slab) [ 22.836964] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.837095] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.837198] page dumped because: kasan: bad access detected [ 22.837696] [ 22.837901] Memory state around the buggy address: [ 22.837987] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.838186] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.838476] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.838651] ^ [ 22.838744] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.839172] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.839308] ================================================================== [ 22.508251] ================================================================== [ 22.508389] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 22.508498] Read of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.508614] [ 22.508687] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.508878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.508945] Hardware name: linux,dummy-virt (DT) [ 22.509016] Call trace: [ 22.509071] show_stack+0x20/0x38 (C) [ 22.509177] dump_stack_lvl+0x8c/0xd0 [ 22.509287] print_report+0x118/0x608 [ 22.511438] kasan_report+0xdc/0x128 [ 22.512220] kasan_check_range+0x100/0x1a8 [ 22.512786] __kasan_check_read+0x20/0x30 [ 22.513410] kasan_atomics_helper+0xdd4/0x4858 [ 22.514755] kasan_atomics+0x198/0x2e0 [ 22.515128] kunit_try_run_case+0x170/0x3f0 [ 22.515447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.515969] kthread+0x328/0x630 [ 22.516500] ret_from_fork+0x10/0x20 [ 22.516609] [ 22.517370] Allocated by task 266: [ 22.517721] kasan_save_stack+0x3c/0x68 [ 22.518065] kasan_save_track+0x20/0x40 [ 22.518191] kasan_save_alloc_info+0x40/0x58 [ 22.518303] __kasan_kmalloc+0xd4/0xd8 [ 22.518406] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.518500] kasan_atomics+0xb8/0x2e0 [ 22.518571] kunit_try_run_case+0x170/0x3f0 [ 22.518650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.518747] kthread+0x328/0x630 [ 22.518823] ret_from_fork+0x10/0x20 [ 22.518926] [ 22.518973] The buggy address belongs to the object at fff00000c79e4c00 [ 22.518973] which belongs to the cache kmalloc-64 of size 64 [ 22.519323] The buggy address is located 0 bytes to the right of [ 22.519323] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.519721] [ 22.519788] The buggy address belongs to the physical page: [ 22.519858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.519979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.520093] page_type: f5(slab) [ 22.520181] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.520300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.520407] page dumped because: kasan: bad access detected [ 22.520479] [ 22.520646] Memory state around the buggy address: [ 22.520950] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.521472] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.521582] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.521800] ^ [ 22.521925] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.522045] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.522160] ================================================================== [ 22.261600] ================================================================== [ 22.261727] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 22.262226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.263036] kasan_atomics_helper+0x3f94/0x4858 [ 22.266130] [ 22.266253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.266839] page dumped because: kasan: bad access detected [ 22.266964] Memory state around the buggy address: [ 22.267260] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.268040] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.269120] ================================================================== [ 22.638402] ================================================================== [ 22.638556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 22.638808] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.639476] [ 22.639794] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.640139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.640212] Hardware name: linux,dummy-virt (DT) [ 22.640650] Call trace: [ 22.640965] show_stack+0x20/0x38 (C) [ 22.641144] dump_stack_lvl+0x8c/0xd0 [ 22.641317] print_report+0x118/0x608 [ 22.641440] kasan_report+0xdc/0x128 [ 22.641941] kasan_check_range+0x100/0x1a8 [ 22.642075] __kasan_check_write+0x20/0x30 [ 22.642186] kasan_atomics_helper+0x1128/0x4858 [ 22.642303] kasan_atomics+0x198/0x2e0 [ 22.642948] kunit_try_run_case+0x170/0x3f0 [ 22.643286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.643688] kthread+0x328/0x630 [ 22.643980] ret_from_fork+0x10/0x20 [ 22.644183] [ 22.644244] Allocated by task 266: [ 22.644328] kasan_save_stack+0x3c/0x68 [ 22.644447] kasan_save_track+0x20/0x40 [ 22.644529] kasan_save_alloc_info+0x40/0x58 [ 22.644622] __kasan_kmalloc+0xd4/0xd8 [ 22.644872] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.645000] kasan_atomics+0xb8/0x2e0 [ 22.645262] kunit_try_run_case+0x170/0x3f0 [ 22.646181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.646258] kthread+0x328/0x630 [ 22.646297] ret_from_fork+0x10/0x20 [ 22.646336] [ 22.646383] The buggy address belongs to the object at fff00000c79e4c00 [ 22.646383] which belongs to the cache kmalloc-64 of size 64 [ 22.646573] The buggy address is located 0 bytes to the right of [ 22.646573] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.646702] [ 22.646751] The buggy address belongs to the physical page: [ 22.646824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.646972] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.647087] page_type: f5(slab) [ 22.647178] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.647299] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.647421] page dumped because: kasan: bad access detected [ 22.647536] [ 22.647607] Memory state around the buggy address: [ 22.647699] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.647804] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.647941] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.648070] ^ [ 22.648165] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.648267] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.648373] ================================================================== [ 22.550268] ================================================================== [ 22.550558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 22.550705] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.550822] [ 22.550893] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.551579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.551718] Hardware name: linux,dummy-virt (DT) [ 22.551909] Call trace: [ 22.552001] show_stack+0x20/0x38 (C) [ 22.552214] dump_stack_lvl+0x8c/0xd0 [ 22.552317] print_report+0x118/0x608 [ 22.552437] kasan_report+0xdc/0x128 [ 22.552546] kasan_check_range+0x100/0x1a8 [ 22.552660] __kasan_check_write+0x20/0x30 [ 22.552768] kasan_atomics_helper+0xeb8/0x4858 [ 22.552878] kasan_atomics+0x198/0x2e0 [ 22.552986] kunit_try_run_case+0x170/0x3f0 [ 22.553098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.553231] kthread+0x328/0x630 [ 22.553795] ret_from_fork+0x10/0x20 [ 22.554063] [ 22.554125] Allocated by task 266: [ 22.554344] kasan_save_stack+0x3c/0x68 [ 22.554560] kasan_save_track+0x20/0x40 [ 22.554898] kasan_save_alloc_info+0x40/0x58 [ 22.555110] __kasan_kmalloc+0xd4/0xd8 [ 22.555818] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.555970] kasan_atomics+0xb8/0x2e0 [ 22.556055] kunit_try_run_case+0x170/0x3f0 [ 22.556445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.556548] kthread+0x328/0x630 [ 22.556956] ret_from_fork+0x10/0x20 [ 22.557260] [ 22.557314] The buggy address belongs to the object at fff00000c79e4c00 [ 22.557314] which belongs to the cache kmalloc-64 of size 64 [ 22.557768] The buggy address is located 0 bytes to the right of [ 22.557768] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.558153] [ 22.558212] The buggy address belongs to the physical page: [ 22.558403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.558566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.558698] page_type: f5(slab) [ 22.558883] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.559009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.559291] page dumped because: kasan: bad access detected [ 22.559393] [ 22.559450] Memory state around the buggy address: [ 22.559609] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.559833] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.560182] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.560442] ^ [ 22.560531] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.560703] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.560796] ================================================================== [ 22.772272] ================================================================== [ 22.772453] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 22.772817] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.773037] [ 22.773188] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.773560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.773731] Hardware name: linux,dummy-virt (DT) [ 22.773804] Call trace: [ 22.773861] show_stack+0x20/0x38 (C) [ 22.774124] dump_stack_lvl+0x8c/0xd0 [ 22.774286] print_report+0x118/0x608 [ 22.774416] kasan_report+0xdc/0x128 [ 22.774543] kasan_check_range+0x100/0x1a8 [ 22.774664] __kasan_check_write+0x20/0x30 [ 22.774809] kasan_atomics_helper+0x154c/0x4858 [ 22.774930] kasan_atomics+0x198/0x2e0 [ 22.775040] kunit_try_run_case+0x170/0x3f0 [ 22.775504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.775737] kthread+0x328/0x630 [ 22.775838] ret_from_fork+0x10/0x20 [ 22.776025] [ 22.776182] Allocated by task 266: [ 22.776296] kasan_save_stack+0x3c/0x68 [ 22.776698] kasan_save_track+0x20/0x40 [ 22.776919] kasan_save_alloc_info+0x40/0x58 [ 22.777130] __kasan_kmalloc+0xd4/0xd8 [ 22.777466] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.777577] kasan_atomics+0xb8/0x2e0 [ 22.777704] kunit_try_run_case+0x170/0x3f0 [ 22.777803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.777910] kthread+0x328/0x630 [ 22.778056] ret_from_fork+0x10/0x20 [ 22.778144] [ 22.778240] The buggy address belongs to the object at fff00000c79e4c00 [ 22.778240] which belongs to the cache kmalloc-64 of size 64 [ 22.778608] The buggy address is located 0 bytes to the right of [ 22.778608] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.778802] [ 22.778855] The buggy address belongs to the physical page: [ 22.779068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.779346] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.779734] page_type: f5(slab) [ 22.779886] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.780021] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.780127] page dumped because: kasan: bad access detected [ 22.780208] [ 22.780260] Memory state around the buggy address: [ 22.780339] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.780448] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.780546] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.780653] ^ [ 22.781178] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.781539] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.781752] ================================================================== [ 22.602900] ================================================================== [ 22.603430] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 22.603671] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.603800] [ 22.603875] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.604063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.604313] Hardware name: linux,dummy-virt (DT) [ 22.605350] Call trace: [ 22.605442] show_stack+0x20/0x38 (C) [ 22.606046] dump_stack_lvl+0x8c/0xd0 [ 22.606198] print_report+0x118/0x608 [ 22.606315] kasan_report+0xdc/0x128 [ 22.606842] kasan_check_range+0x100/0x1a8 [ 22.607118] __kasan_check_write+0x20/0x30 [ 22.607429] kasan_atomics_helper+0x1058/0x4858 [ 22.607606] kasan_atomics+0x198/0x2e0 [ 22.608160] kunit_try_run_case+0x170/0x3f0 [ 22.608660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.609261] kthread+0x328/0x630 [ 22.609472] ret_from_fork+0x10/0x20 [ 22.609593] [ 22.609647] Allocated by task 266: [ 22.609715] kasan_save_stack+0x3c/0x68 [ 22.610099] kasan_save_track+0x20/0x40 [ 22.610564] kasan_save_alloc_info+0x40/0x58 [ 22.610830] __kasan_kmalloc+0xd4/0xd8 [ 22.610934] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.611231] kasan_atomics+0xb8/0x2e0 [ 22.611816] kunit_try_run_case+0x170/0x3f0 [ 22.611959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.612064] kthread+0x328/0x630 [ 22.612147] ret_from_fork+0x10/0x20 [ 22.612704] [ 22.612774] The buggy address belongs to the object at fff00000c79e4c00 [ 22.612774] which belongs to the cache kmalloc-64 of size 64 [ 22.612921] The buggy address is located 0 bytes to the right of [ 22.612921] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.613073] [ 22.613658] The buggy address belongs to the physical page: [ 22.614159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.614452] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.614866] page_type: f5(slab) [ 22.615111] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.615570] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.615944] page dumped because: kasan: bad access detected [ 22.616029] [ 22.616080] Memory state around the buggy address: [ 22.616755] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.617238] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.617384] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.617481] ^ [ 22.618048] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.618374] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.618566] ================================================================== [ 22.622782] ================================================================== [ 22.622925] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 22.623048] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.623170] [ 22.623243] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.623453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.623521] Hardware name: linux,dummy-virt (DT) [ 22.623599] Call trace: [ 22.623661] show_stack+0x20/0x38 (C) [ 22.623778] dump_stack_lvl+0x8c/0xd0 [ 22.623888] print_report+0x118/0x608 [ 22.623998] kasan_report+0xdc/0x128 [ 22.625180] kasan_check_range+0x100/0x1a8 [ 22.626091] __kasan_check_write+0x20/0x30 [ 22.626205] kasan_atomics_helper+0x10c0/0x4858 [ 22.626315] kasan_atomics+0x198/0x2e0 [ 22.627576] kunit_try_run_case+0x170/0x3f0 [ 22.627968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.628109] kthread+0x328/0x630 [ 22.628289] ret_from_fork+0x10/0x20 [ 22.628716] [ 22.629142] Allocated by task 266: [ 22.629244] kasan_save_stack+0x3c/0x68 [ 22.629350] kasan_save_track+0x20/0x40 [ 22.629604] kasan_save_alloc_info+0x40/0x58 [ 22.629708] __kasan_kmalloc+0xd4/0xd8 [ 22.630137] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.631005] kasan_atomics+0xb8/0x2e0 [ 22.631104] kunit_try_run_case+0x170/0x3f0 [ 22.631187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.631268] kthread+0x328/0x630 [ 22.631340] ret_from_fork+0x10/0x20 [ 22.631443] [ 22.631495] The buggy address belongs to the object at fff00000c79e4c00 [ 22.631495] which belongs to the cache kmalloc-64 of size 64 [ 22.631640] The buggy address is located 0 bytes to the right of [ 22.631640] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.631795] [ 22.631844] The buggy address belongs to the physical page: [ 22.631919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.632039] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.632154] page_type: f5(slab) [ 22.632247] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.634221] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.634523] page dumped because: kasan: bad access detected [ 22.634631] [ 22.635025] Memory state around the buggy address: [ 22.635383] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.635658] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.635765] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.635868] ^ [ 22.635953] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.636056] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.636704] ================================================================== [ 22.419822] ================================================================== [ 22.419948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 22.420066] Write of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.420181] [ 22.420250] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.420461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.420531] Hardware name: linux,dummy-virt (DT) [ 22.420607] Call trace: [ 22.420660] show_stack+0x20/0x38 (C) [ 22.420768] dump_stack_lvl+0x8c/0xd0 [ 22.421138] print_report+0x118/0x608 [ 22.422594] __kasan_check_write+0x20/0x30 [ 22.424222] __kasan_kmalloc+0xd4/0xd8 [ 22.424338] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.424486] kasan_atomics+0xb8/0x2e0 [ 22.424603] kunit_try_run_case+0x170/0x3f0 [ 22.424690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.424787] kthread+0x328/0x630 [ 22.424883] ret_from_fork+0x10/0x20 [ 22.424970] [ 22.425018] The buggy address belongs to the object at fff00000c79e4c00 [ 22.425018] which belongs to the cache kmalloc-64 of size 64 [ 22.425157] The buggy address is located 0 bytes to the right of [ 22.425157] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.425314] [ 22.425382] The buggy address belongs to the physical page: [ 22.425589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.426068] [ 22.426599] ^ [ 22.430253] kasan_save_stack+0x3c/0x68 [ 22.430654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.430754] kasan_atomics+0xb8/0x2e0 [ 22.431440] The buggy address is located 0 bytes to the right of [ 22.431440] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.433112] page dumped because: kasan: bad access detected [ 22.434086] ^ [ 22.437107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.439587] kasan_atomics+0xb8/0x2e0 [ 22.440394] The buggy address belongs to the object at fff00000c79e4c00 [ 22.440394] which belongs to the cache kmalloc-64 of size 64 [ 22.441586] page dumped because: kasan: bad access detected [ 22.441657] [ 22.441707] Memory state around the buggy address: [ 22.441875] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.443606] Read of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.447707] kthread+0x328/0x630 [ 22.448645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.449869] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.453909] __kasan_kmalloc+0xd4/0xd8 [ 22.454176] kunit_try_run_case+0x170/0x3f0 [ 22.454264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.454376] kthread+0x328/0x630 [ 22.454453] ret_from_fork+0x10/0x20 [ 22.454788] The buggy address is located 0 bytes to the right of [ 22.454788] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.456648] page dumped because: kasan: bad access detected [ 22.457178] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.457860] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.460245] kasan_report+0xdc/0x128 [ 22.462264] __kasan_kmalloc+0xd4/0xd8 [ 22.462817] kthread+0x328/0x630 [ 22.463062] ret_from_fork+0x10/0x20 [ 22.463486] The buggy address is located 0 bytes to the right of [ 22.463486] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.464302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.464827] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.465363] ================================================================== [ 22.649909] ================================================================== [ 22.650073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 22.650244] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.650432] [ 22.650560] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.650721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.651161] Hardware name: linux,dummy-virt (DT) [ 22.651249] Call trace: [ 22.651475] show_stack+0x20/0x38 (C) [ 22.651714] dump_stack_lvl+0x8c/0xd0 [ 22.652076] print_report+0x118/0x608 [ 22.652289] kasan_report+0xdc/0x128 [ 22.652424] kasan_check_range+0x100/0x1a8 [ 22.652549] __kasan_check_write+0x20/0x30 [ 22.652668] kasan_atomics_helper+0x1190/0x4858 [ 22.652780] kasan_atomics+0x198/0x2e0 [ 22.652877] kunit_try_run_case+0x170/0x3f0 [ 22.652985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.653108] kthread+0x328/0x630 [ 22.653465] ret_from_fork+0x10/0x20 [ 22.653727] [ 22.653797] Allocated by task 266: [ 22.653896] kasan_save_stack+0x3c/0x68 [ 22.654130] kasan_save_track+0x20/0x40 [ 22.654232] kasan_save_alloc_info+0x40/0x58 [ 22.654326] __kasan_kmalloc+0xd4/0xd8 [ 22.654506] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.654609] kasan_atomics+0xb8/0x2e0 [ 22.654731] kunit_try_run_case+0x170/0x3f0 [ 22.654805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.654899] kthread+0x328/0x630 [ 22.654973] ret_from_fork+0x10/0x20 [ 22.655575] [ 22.655903] The buggy address belongs to the object at fff00000c79e4c00 [ 22.655903] which belongs to the cache kmalloc-64 of size 64 [ 22.656261] The buggy address is located 0 bytes to the right of [ 22.656261] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.656784] [ 22.657142] The buggy address belongs to the physical page: [ 22.657418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.657553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.658020] page_type: f5(slab) [ 22.658382] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.658892] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.659178] page dumped because: kasan: bad access detected [ 22.659546] [ 22.659616] Memory state around the buggy address: [ 22.659889] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.660030] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.660128] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.660260] ^ [ 22.660371] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.660477] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.660572] ================================================================== [ 22.855348] ================================================================== [ 22.855507] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 22.855661] Read of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.855819] [ 22.855911] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.856122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.856174] Hardware name: linux,dummy-virt (DT) [ 22.856238] Call trace: [ 22.856285] show_stack+0x20/0x38 (C) [ 22.856410] dump_stack_lvl+0x8c/0xd0 [ 22.856512] print_report+0x118/0x608 [ 22.856654] kasan_report+0xdc/0x128 [ 22.856806] __asan_report_load8_noabort+0x20/0x30 [ 22.856955] kasan_atomics_helper+0x3e20/0x4858 [ 22.857112] kasan_atomics+0x198/0x2e0 [ 22.857229] kunit_try_run_case+0x170/0x3f0 [ 22.857364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.857471] kthread+0x328/0x630 [ 22.857591] ret_from_fork+0x10/0x20 [ 22.857720] [ 22.857779] Allocated by task 266: [ 22.857870] kasan_save_stack+0x3c/0x68 [ 22.858039] kasan_save_track+0x20/0x40 [ 22.858257] kasan_save_alloc_info+0x40/0x58 [ 22.858485] __kasan_kmalloc+0xd4/0xd8 [ 22.858574] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.859095] kasan_atomics+0xb8/0x2e0 [ 22.859301] kunit_try_run_case+0x170/0x3f0 [ 22.859448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.859547] kthread+0x328/0x630 [ 22.859614] ret_from_fork+0x10/0x20 [ 22.859680] [ 22.859943] The buggy address belongs to the object at fff00000c79e4c00 [ 22.859943] which belongs to the cache kmalloc-64 of size 64 [ 22.860215] The buggy address is located 0 bytes to the right of [ 22.860215] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.860557] [ 22.860613] The buggy address belongs to the physical page: [ 22.860688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.860811] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.860912] page_type: f5(slab) [ 22.860995] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.861121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.861260] page dumped because: kasan: bad access detected [ 22.861388] [ 22.861458] Memory state around the buggy address: [ 22.861560] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.861705] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.861845] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.861971] ^ [ 22.862041] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.862128] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.862245] ================================================================== [ 22.863319] ================================================================== [ 22.863446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 22.863569] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.863690] [ 22.863761] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.863964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.864033] Hardware name: linux,dummy-virt (DT) [ 22.864111] Call trace: [ 22.864168] show_stack+0x20/0x38 (C) [ 22.864282] dump_stack_lvl+0x8c/0xd0 [ 22.864451] print_report+0x118/0x608 [ 22.864910] kasan_report+0xdc/0x128 [ 22.865189] kasan_check_range+0x100/0x1a8 [ 22.865307] __kasan_check_write+0x20/0x30 [ 22.865430] kasan_atomics_helper+0x17ec/0x4858 [ 22.866215] kasan_atomics+0x198/0x2e0 [ 22.866367] kunit_try_run_case+0x170/0x3f0 [ 22.866748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.867266] kthread+0x328/0x630 [ 22.867450] ret_from_fork+0x10/0x20 [ 22.867565] [ 22.867613] Allocated by task 266: [ 22.867851] kasan_save_stack+0x3c/0x68 [ 22.868327] kasan_save_track+0x20/0x40 [ 22.868553] kasan_save_alloc_info+0x40/0x58 [ 22.868772] __kasan_kmalloc+0xd4/0xd8 [ 22.868933] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.869021] kasan_atomics+0xb8/0x2e0 [ 22.869105] kunit_try_run_case+0x170/0x3f0 [ 22.869194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.869299] kthread+0x328/0x630 [ 22.869394] ret_from_fork+0x10/0x20 [ 22.869486] [ 22.869537] The buggy address belongs to the object at fff00000c79e4c00 [ 22.869537] which belongs to the cache kmalloc-64 of size 64 [ 22.870166] The buggy address is located 0 bytes to the right of [ 22.870166] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.870845] [ 22.870967] The buggy address belongs to the physical page: [ 22.871233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.871754] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.871998] page_type: f5(slab) [ 22.872480] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.872934] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.873179] page dumped because: kasan: bad access detected [ 22.873329] [ 22.873398] Memory state around the buggy address: [ 22.873779] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.874083] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.874460] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.874590] ^ [ 22.874768] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.875005] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.875272] ================================================================== [ 22.751456] ================================================================== [ 22.751578] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 22.751692] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.752442] [ 22.752545] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.753659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.753793] Hardware name: linux,dummy-virt (DT) [ 22.754249] Call trace: [ 22.754386] show_stack+0x20/0x38 (C) [ 22.755000] dump_stack_lvl+0x8c/0xd0 [ 22.755108] print_report+0x118/0x608 [ 22.755655] kasan_report+0xdc/0x128 [ 22.755971] kasan_check_range+0x100/0x1a8 [ 22.756099] __kasan_check_write+0x20/0x30 [ 22.756204] kasan_atomics_helper+0x147c/0x4858 [ 22.756587] kasan_atomics+0x198/0x2e0 [ 22.756698] kunit_try_run_case+0x170/0x3f0 [ 22.757542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.757726] kthread+0x328/0x630 [ 22.757894] ret_from_fork+0x10/0x20 [ 22.758219] [ 22.758597] Allocated by task 266: [ 22.758686] kasan_save_stack+0x3c/0x68 [ 22.759037] kasan_save_track+0x20/0x40 [ 22.759154] kasan_save_alloc_info+0x40/0x58 [ 22.759249] __kasan_kmalloc+0xd4/0xd8 [ 22.759338] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.761115] kasan_atomics+0xb8/0x2e0 [ 22.761244] kunit_try_run_case+0x170/0x3f0 [ 22.761375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.761488] kthread+0x328/0x630 [ 22.761564] ret_from_fork+0x10/0x20 [ 22.761658] [ 22.761730] The buggy address belongs to the object at fff00000c79e4c00 [ 22.761730] which belongs to the cache kmalloc-64 of size 64 [ 22.761863] The buggy address is located 0 bytes to the right of [ 22.761863] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.762002] [ 22.762046] The buggy address belongs to the physical page: [ 22.762116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.762320] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.762477] page_type: f5(slab) [ 22.762955] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.763128] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.763245] page dumped because: kasan: bad access detected [ 22.763332] [ 22.763400] Memory state around the buggy address: [ 22.763473] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.763560] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.763976] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.764119] ^ [ 22.764212] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.764315] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.764433] ================================================================== [ 22.585855] ================================================================== [ 22.585978] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 22.586750] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.587106] [ 22.587661] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.588099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.588346] Hardware name: linux,dummy-virt (DT) [ 22.588449] Call trace: [ 22.588592] show_stack+0x20/0x38 (C) [ 22.588965] dump_stack_lvl+0x8c/0xd0 [ 22.589531] print_report+0x118/0x608 [ 22.589837] kasan_report+0xdc/0x128 [ 22.589955] kasan_check_range+0x100/0x1a8 [ 22.590057] __kasan_check_write+0x20/0x30 [ 22.590171] kasan_atomics_helper+0xff0/0x4858 [ 22.590288] kasan_atomics+0x198/0x2e0 [ 22.591591] kunit_try_run_case+0x170/0x3f0 [ 22.592332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.592514] kthread+0x328/0x630 [ 22.592841] ret_from_fork+0x10/0x20 [ 22.593320] [ 22.593440] Allocated by task 266: [ 22.593646] kasan_save_stack+0x3c/0x68 [ 22.593758] kasan_save_track+0x20/0x40 [ 22.593844] kasan_save_alloc_info+0x40/0x58 [ 22.593933] __kasan_kmalloc+0xd4/0xd8 [ 22.594243] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.594581] kasan_atomics+0xb8/0x2e0 [ 22.596226] kunit_try_run_case+0x170/0x3f0 [ 22.596370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.596492] kthread+0x328/0x630 [ 22.596577] ret_from_fork+0x10/0x20 [ 22.596680] [ 22.596735] The buggy address belongs to the object at fff00000c79e4c00 [ 22.596735] which belongs to the cache kmalloc-64 of size 64 [ 22.596876] The buggy address is located 0 bytes to the right of [ 22.596876] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.597491] [ 22.597569] The buggy address belongs to the physical page: [ 22.597660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.597921] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.598041] page_type: f5(slab) [ 22.598635] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.598784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.598870] page dumped because: kasan: bad access detected [ 22.598942] [ 22.598990] Memory state around the buggy address: [ 22.599068] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.600008] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.600648] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.600761] ^ [ 22.600843] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.600941] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.601026] ================================================================== [ 22.724809] ================================================================== [ 22.724929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 22.725048] Read of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.725168] [ 22.725238] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.726460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.726709] Hardware name: linux,dummy-virt (DT) [ 22.727426] Call trace: [ 22.728219] show_stack+0x20/0x38 (C) [ 22.728728] dump_stack_lvl+0x8c/0xd0 [ 22.729365] print_report+0x118/0x608 [ 22.730049] kasan_report+0xdc/0x128 [ 22.730274] __asan_report_load8_noabort+0x20/0x30 [ 22.731045] kasan_atomics_helper+0x3f04/0x4858 [ 22.731521] kasan_atomics+0x198/0x2e0 [ 22.731756] kunit_try_run_case+0x170/0x3f0 [ 22.731882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.732009] kthread+0x328/0x630 [ 22.732112] ret_from_fork+0x10/0x20 [ 22.732221] [ 22.732271] Allocated by task 266: [ 22.732336] kasan_save_stack+0x3c/0x68 [ 22.732446] kasan_save_track+0x20/0x40 [ 22.732538] kasan_save_alloc_info+0x40/0x58 [ 22.732634] __kasan_kmalloc+0xd4/0xd8 [ 22.732719] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.732812] kasan_atomics+0xb8/0x2e0 [ 22.733329] kunit_try_run_case+0x170/0x3f0 [ 22.734601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.735284] kthread+0x328/0x630 [ 22.735680] ret_from_fork+0x10/0x20 [ 22.736289] [ 22.736601] The buggy address belongs to the object at fff00000c79e4c00 [ 22.736601] which belongs to the cache kmalloc-64 of size 64 [ 22.737427] The buggy address is located 0 bytes to the right of [ 22.737427] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.737923] [ 22.737980] The buggy address belongs to the physical page: [ 22.739341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.739510] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.740200] page_type: f5(slab) [ 22.740304] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.740434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.740496] page dumped because: kasan: bad access detected [ 22.740534] [ 22.740557] Memory state around the buggy address: [ 22.740593] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.740640] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.740684] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.740725] ^ [ 22.740763] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.740805] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.740845] ================================================================== [ 22.532288] ================================================================== [ 22.532421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 22.532537] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.532646] [ 22.532713] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.532914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.532972] Hardware name: linux,dummy-virt (DT) [ 22.533042] Call trace: [ 22.533370] show_stack+0x20/0x38 (C) [ 22.533716] dump_stack_lvl+0x8c/0xd0 [ 22.533826] print_report+0x118/0x608 [ 22.534251] kasan_report+0xdc/0x128 [ 22.534705] kasan_check_range+0x100/0x1a8 [ 22.534867] __kasan_check_write+0x20/0x30 [ 22.535017] kasan_atomics_helper+0xe44/0x4858 [ 22.535174] kasan_atomics+0x198/0x2e0 [ 22.535265] kunit_try_run_case+0x170/0x3f0 [ 22.535348] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.535499] kthread+0x328/0x630 [ 22.535593] ret_from_fork+0x10/0x20 [ 22.535692] [ 22.535735] Allocated by task 266: [ 22.535799] kasan_save_stack+0x3c/0x68 [ 22.535883] kasan_save_track+0x20/0x40 [ 22.536128] kasan_save_alloc_info+0x40/0x58 [ 22.536245] __kasan_kmalloc+0xd4/0xd8 [ 22.536401] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.536847] kasan_atomics+0xb8/0x2e0 [ 22.536959] kunit_try_run_case+0x170/0x3f0 [ 22.537260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.537822] kthread+0x328/0x630 [ 22.537922] ret_from_fork+0x10/0x20 [ 22.538006] [ 22.538348] The buggy address belongs to the object at fff00000c79e4c00 [ 22.538348] which belongs to the cache kmalloc-64 of size 64 [ 22.538931] The buggy address is located 0 bytes to the right of [ 22.538931] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.539080] [ 22.539131] The buggy address belongs to the physical page: [ 22.539206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.539876] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.540304] page_type: f5(slab) [ 22.540430] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.540967] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.541204] page dumped because: kasan: bad access detected [ 22.541298] [ 22.541346] Memory state around the buggy address: [ 22.541922] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.542192] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.542293] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.542604] ^ [ 22.542805] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.543240] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.543384] ================================================================== [ 22.384833] ================================================================== [ 22.384983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 22.385136] Read of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.385289] [ 22.385402] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.385660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.385731] Hardware name: linux,dummy-virt (DT) [ 22.387686] kasan_save_track+0x20/0x40 [ 22.388020] __kasan_kmalloc+0xd4/0xd8 [ 22.389221] The buggy address belongs to the physical page: [ 22.392410] Write of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.392958] show_stack+0x20/0x38 (C) [ 22.393069] dump_stack_lvl+0x8c/0xd0 [ 22.393179] print_report+0x118/0x608 [ 22.393285] kasan_report+0xdc/0x128 [ 22.393406] kasan_check_range+0x100/0x1a8 [ 22.393518] __kasan_check_write+0x20/0x30 [ 22.393623] kasan_atomics_helper+0x934/0x4858 [ 22.393733] kasan_atomics+0x198/0x2e0 [ 22.393844] kunit_try_run_case+0x170/0x3f0 [ 22.393955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.394058] kthread+0x328/0x630 [ 22.394156] ret_from_fork+0x10/0x20 [ 22.394286] [ 22.394364] Allocated by task 266: [ 22.394457] kasan_save_stack+0x3c/0x68 [ 22.394564] kasan_save_track+0x20/0x40 [ 22.394644] kasan_save_alloc_info+0x40/0x58 [ 22.394735] __kasan_kmalloc+0xd4/0xd8 [ 22.394828] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.394934] kasan_atomics+0xb8/0x2e0 [ 22.395044] kunit_try_run_case+0x170/0x3f0 [ 22.395125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.395221] kthread+0x328/0x630 [ 22.395332] ret_from_fork+0x10/0x20 [ 22.395438] [ 22.395484] The buggy address belongs to the object at fff00000c79e4c00 [ 22.395484] which belongs to the cache kmalloc-64 of size 64 [ 22.395597] The buggy address is located 0 bytes to the right of [ 22.395597] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.395722] [ 22.395766] The buggy address belongs to the physical page: [ 22.395850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.395976] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.396077] page_type: f5(slab) [ 22.396162] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.396279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.396382] page dumped because: kasan: bad access detected [ 22.396462] [ 22.396509] Memory state around the buggy address: [ 22.396586] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.396689] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.396797] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.397000] ^ [ 22.397080] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.397170] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.397293] ================================================================== [ 22.562417] ================================================================== [ 22.562775] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 22.562991] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.563094] [ 22.563163] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.563450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.563541] Hardware name: linux,dummy-virt (DT) [ 22.563616] Call trace: [ 22.563645] show_stack+0x20/0x38 (C) [ 22.563705] dump_stack_lvl+0x8c/0xd0 [ 22.563765] print_report+0x118/0x608 [ 22.563869] kasan_report+0xdc/0x128 [ 22.563973] kasan_check_range+0x100/0x1a8 [ 22.564086] __kasan_check_write+0x20/0x30 [ 22.564191] kasan_atomics_helper+0xf20/0x4858 [ 22.564301] kasan_atomics+0x198/0x2e0 [ 22.564422] kunit_try_run_case+0x170/0x3f0 [ 22.564525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.564649] kthread+0x328/0x630 [ 22.564743] ret_from_fork+0x10/0x20 [ 22.564850] [ 22.564896] Allocated by task 266: [ 22.564963] kasan_save_stack+0x3c/0x68 [ 22.565054] kasan_save_track+0x20/0x40 [ 22.565142] kasan_save_alloc_info+0x40/0x58 [ 22.565231] __kasan_kmalloc+0xd4/0xd8 [ 22.565323] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.565458] kasan_atomics+0xb8/0x2e0 [ 22.565703] kunit_try_run_case+0x170/0x3f0 [ 22.565818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.565933] kthread+0x328/0x630 [ 22.566134] ret_from_fork+0x10/0x20 [ 22.566242] [ 22.566525] The buggy address belongs to the object at fff00000c79e4c00 [ 22.566525] which belongs to the cache kmalloc-64 of size 64 [ 22.566681] The buggy address is located 0 bytes to the right of [ 22.566681] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.566829] [ 22.566877] The buggy address belongs to the physical page: [ 22.567056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.567282] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.567624] page_type: f5(slab) [ 22.567732] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.567951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.568063] page dumped because: kasan: bad access detected [ 22.568141] [ 22.568396] Memory state around the buggy address: [ 22.568486] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.568612] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.568908] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.569011] ^ [ 22.569111] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.569218] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.569315] ================================================================== [ 22.476128] ================================================================== [ 22.476274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 22.476405] Read of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.476932] [ 22.477029] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.477218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.477286] Hardware name: linux,dummy-virt (DT) [ 22.477597] Call trace: [ 22.477677] show_stack+0x20/0x38 (C) [ 22.477881] dump_stack_lvl+0x8c/0xd0 [ 22.478254] print_report+0x118/0x608 [ 22.478378] kasan_report+0xdc/0x128 [ 22.478596] __asan_report_load4_noabort+0x20/0x30 [ 22.478735] kasan_atomics_helper+0x3dd8/0x4858 [ 22.478856] kasan_atomics+0x198/0x2e0 [ 22.479207] kunit_try_run_case+0x170/0x3f0 [ 22.479461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.479601] kthread+0x328/0x630 [ 22.479780] ret_from_fork+0x10/0x20 [ 22.480087] [ 22.480138] Allocated by task 266: [ 22.480257] kasan_save_stack+0x3c/0x68 [ 22.480505] kasan_save_track+0x20/0x40 [ 22.480806] kasan_save_alloc_info+0x40/0x58 [ 22.480903] __kasan_kmalloc+0xd4/0xd8 [ 22.481000] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.481410] kasan_atomics+0xb8/0x2e0 [ 22.481508] kunit_try_run_case+0x170/0x3f0 [ 22.481555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.481602] kthread+0x328/0x630 [ 22.481639] ret_from_fork+0x10/0x20 [ 22.481677] [ 22.481702] The buggy address belongs to the object at fff00000c79e4c00 [ 22.481702] which belongs to the cache kmalloc-64 of size 64 [ 22.481763] The buggy address is located 0 bytes to the right of [ 22.481763] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.481827] [ 22.481849] The buggy address belongs to the physical page: [ 22.481884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.481938] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.481988] page_type: f5(slab) [ 22.482161] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.482648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.482806] page dumped because: kasan: bad access detected [ 22.482880] [ 22.482943] Memory state around the buggy address: [ 22.483032] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.483125] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.483219] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.483310] ^ [ 22.483398] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.483493] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.483590] ================================================================== [ 22.397789] ================================================================== [ 22.397898] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 22.398060] Write of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.398205] [ 22.398301] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.398501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.398567] Hardware name: linux,dummy-virt (DT) [ 22.398635] Call trace: [ 22.398699] show_stack+0x20/0x38 (C) [ 22.398862] dump_stack_lvl+0x8c/0xd0 [ 22.398978] print_report+0x118/0x608 [ 22.399088] kasan_report+0xdc/0x128 [ 22.399187] kasan_check_range+0x100/0x1a8 [ 22.399297] __kasan_check_write+0x20/0x30 [ 22.399411] kasan_atomics_helper+0x99c/0x4858 [ 22.399513] kasan_atomics+0x198/0x2e0 [ 22.399647] kunit_try_run_case+0x170/0x3f0 [ 22.399772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.399904] kthread+0x328/0x630 [ 22.400014] ret_from_fork+0x10/0x20 [ 22.400110] [ 22.400156] Allocated by task 266: [ 22.400218] kasan_save_stack+0x3c/0x68 [ 22.400308] kasan_save_track+0x20/0x40 [ 22.400421] kasan_save_alloc_info+0x40/0x58 [ 22.400600] __kasan_kmalloc+0xd4/0xd8 [ 22.400709] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.400823] kasan_atomics+0xb8/0x2e0 [ 22.400910] kunit_try_run_case+0x170/0x3f0 [ 22.400994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.401095] kthread+0x328/0x630 [ 22.401175] ret_from_fork+0x10/0x20 [ 22.401257] [ 22.401305] The buggy address belongs to the object at fff00000c79e4c00 [ 22.401305] which belongs to the cache kmalloc-64 of size 64 [ 22.401444] The buggy address is located 0 bytes to the right of [ 22.401444] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.401594] [ 22.401644] The buggy address belongs to the physical page: [ 22.401715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.401868] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.401978] page_type: f5(slab) [ 22.402065] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.402224] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.402351] page dumped because: kasan: bad access detected [ 22.402488] [ 22.402564] Memory state around the buggy address: [ 22.402674] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.402824] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.402968] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.403099] ^ [ 22.403218] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.403372] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.403455] ================================================================== [ 22.708408] ================================================================== [ 22.708534] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 22.708657] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.708776] [ 22.708851] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.709039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.709104] Hardware name: linux,dummy-virt (DT) [ 22.709563] Call trace: [ 22.710723] show_stack+0x20/0x38 (C) [ 22.710879] dump_stack_lvl+0x8c/0xd0 [ 22.711001] print_report+0x118/0x608 [ 22.711401] kasan_report+0xdc/0x128 [ 22.711722] kasan_check_range+0x100/0x1a8 [ 22.712117] __kasan_check_write+0x20/0x30 [ 22.712410] kasan_atomics_helper+0x1384/0x4858 [ 22.712711] kasan_atomics+0x198/0x2e0 [ 22.713027] kunit_try_run_case+0x170/0x3f0 [ 22.713328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.713767] kthread+0x328/0x630 [ 22.714057] ret_from_fork+0x10/0x20 [ 22.714550] [ 22.714622] Allocated by task 266: [ 22.714799] kasan_save_stack+0x3c/0x68 [ 22.714926] kasan_save_track+0x20/0x40 [ 22.715077] kasan_save_alloc_info+0x40/0x58 [ 22.715164] __kasan_kmalloc+0xd4/0xd8 [ 22.715475] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.715783] kasan_atomics+0xb8/0x2e0 [ 22.716902] kunit_try_run_case+0x170/0x3f0 [ 22.717041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.717141] kthread+0x328/0x630 [ 22.717225] ret_from_fork+0x10/0x20 [ 22.717661] [ 22.717752] The buggy address belongs to the object at fff00000c79e4c00 [ 22.717752] which belongs to the cache kmalloc-64 of size 64 [ 22.717928] The buggy address is located 0 bytes to the right of [ 22.717928] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.718086] [ 22.718135] The buggy address belongs to the physical page: [ 22.718201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.718891] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.719478] page_type: f5(slab) [ 22.719770] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.719916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.720015] page dumped because: kasan: bad access detected [ 22.720712] [ 22.720778] Memory state around the buggy address: [ 22.720859] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.721300] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.721750] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.721895] ^ [ 22.722583] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.722696] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.722769] ================================================================== [ 22.847203] ================================================================== [ 22.847332] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 22.847471] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.847976] [ 22.848069] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.848418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.848488] Hardware name: linux,dummy-virt (DT) [ 22.848742] Call trace: [ 22.848823] show_stack+0x20/0x38 (C) [ 22.848954] dump_stack_lvl+0x8c/0xd0 [ 22.849185] print_report+0x118/0x608 [ 22.849408] kasan_report+0xdc/0x128 [ 22.849532] kasan_check_range+0x100/0x1a8 [ 22.849877] __kasan_check_write+0x20/0x30 [ 22.850241] kasan_atomics_helper+0x175c/0x4858 [ 22.850872] kasan_atomics+0x198/0x2e0 [ 22.851037] kunit_try_run_case+0x170/0x3f0 [ 22.851158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.851370] kthread+0x328/0x630 [ 22.851469] ret_from_fork+0x10/0x20 [ 22.851814] [ 22.851990] Allocated by task 266: [ 22.852191] kasan_save_stack+0x3c/0x68 [ 22.852563] kasan_save_track+0x20/0x40 [ 22.852819] kasan_save_alloc_info+0x40/0x58 [ 22.852938] __kasan_kmalloc+0xd4/0xd8 [ 22.853032] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.853200] kasan_atomics+0xb8/0x2e0 [ 22.853281] kunit_try_run_case+0x170/0x3f0 [ 22.853653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.853845] kthread+0x328/0x630 [ 22.853947] ret_from_fork+0x10/0x20 [ 22.854067] [ 22.854116] The buggy address belongs to the object at fff00000c79e4c00 [ 22.854116] which belongs to the cache kmalloc-64 of size 64 [ 22.854222] The buggy address is located 0 bytes to the right of [ 22.854222] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.854291] [ 22.854317] The buggy address belongs to the physical page: [ 22.854379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.854470] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.854525] page_type: f5(slab) [ 22.854568] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.854622] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.854666] page dumped because: kasan: bad access detected [ 22.854713] [ 22.854735] Memory state around the buggy address: [ 22.854770] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.854816] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.854861] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.854900] ^ [ 22.854937] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.854981] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.855019] ================================================================== [ 22.692850] ================================================================== [ 22.692966] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 22.693079] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.693196] [ 22.693269] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.693474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.693539] Hardware name: linux,dummy-virt (DT) [ 22.693614] Call trace: [ 22.695149] show_stack+0x20/0x38 (C) [ 22.695341] dump_stack_lvl+0x8c/0xd0 [ 22.695471] print_report+0x118/0x608 [ 22.695573] kasan_report+0xdc/0x128 [ 22.695687] kasan_check_range+0x100/0x1a8 [ 22.696342] __kasan_check_write+0x20/0x30 [ 22.696781] kasan_atomics_helper+0x12d8/0x4858 [ 22.696894] kasan_atomics+0x198/0x2e0 [ 22.697465] kunit_try_run_case+0x170/0x3f0 [ 22.697860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.698707] kthread+0x328/0x630 [ 22.698841] ret_from_fork+0x10/0x20 [ 22.699006] [ 22.699311] Allocated by task 266: [ 22.699393] kasan_save_stack+0x3c/0x68 [ 22.699487] kasan_save_track+0x20/0x40 [ 22.699568] kasan_save_alloc_info+0x40/0x58 [ 22.700122] __kasan_kmalloc+0xd4/0xd8 [ 22.700561] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.700733] kasan_atomics+0xb8/0x2e0 [ 22.700829] kunit_try_run_case+0x170/0x3f0 [ 22.701895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.702021] kthread+0x328/0x630 [ 22.702105] ret_from_fork+0x10/0x20 [ 22.702430] [ 22.702543] The buggy address belongs to the object at fff00000c79e4c00 [ 22.702543] which belongs to the cache kmalloc-64 of size 64 [ 22.702685] The buggy address is located 0 bytes to the right of [ 22.702685] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.702983] [ 22.703709] The buggy address belongs to the physical page: [ 22.703813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.703942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.704388] page_type: f5(slab) [ 22.704499] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.704625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.705426] page dumped because: kasan: bad access detected [ 22.705589] [ 22.705660] Memory state around the buggy address: [ 22.706089] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.706211] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.706294] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.706392] ^ [ 22.706488] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.707172] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.707445] ================================================================== [ 22.765088] ================================================================== [ 22.765202] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 22.765309] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.765769] [ 22.765866] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.766054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.766204] Hardware name: linux,dummy-virt (DT) [ 22.766463] Call trace: [ 22.766549] show_stack+0x20/0x38 (C) [ 22.766662] dump_stack_lvl+0x8c/0xd0 [ 22.766749] print_report+0x118/0x608 [ 22.766999] kasan_report+0xdc/0x128 [ 22.767125] kasan_check_range+0x100/0x1a8 [ 22.767231] __kasan_check_write+0x20/0x30 [ 22.767540] kasan_atomics_helper+0x14e4/0x4858 [ 22.767670] kasan_atomics+0x198/0x2e0 [ 22.767782] kunit_try_run_case+0x170/0x3f0 [ 22.768097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.768316] kthread+0x328/0x630 [ 22.768444] ret_from_fork+0x10/0x20 [ 22.768569] [ 22.768623] Allocated by task 266: [ 22.768693] kasan_save_stack+0x3c/0x68 [ 22.768784] kasan_save_track+0x20/0x40 [ 22.768884] kasan_save_alloc_info+0x40/0x58 [ 22.768966] __kasan_kmalloc+0xd4/0xd8 [ 22.769050] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.769424] kasan_atomics+0xb8/0x2e0 [ 22.769610] kunit_try_run_case+0x170/0x3f0 [ 22.769708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.769973] kthread+0x328/0x630 [ 22.770835] ret_from_fork+0x10/0x20 [ 22.770939] [ 22.770966] The buggy address belongs to the object at fff00000c79e4c00 [ 22.770966] which belongs to the cache kmalloc-64 of size 64 [ 22.771031] The buggy address is located 0 bytes to the right of [ 22.771031] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.771096] [ 22.771118] The buggy address belongs to the physical page: [ 22.771153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.771206] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.771256] page_type: f5(slab) [ 22.771298] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.771352] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.771413] page dumped because: kasan: bad access detected [ 22.771447] [ 22.771470] Memory state around the buggy address: [ 22.771505] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.771550] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.771594] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.771635] ^ [ 22.771669] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.771712] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.771750] ================================================================== [ 22.570060] ================================================================== [ 22.570623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 22.570848] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.570994] [ 22.571075] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.571495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.571769] Hardware name: linux,dummy-virt (DT) [ 22.572136] Call trace: [ 22.572497] show_stack+0x20/0x38 (C) [ 22.572937] dump_stack_lvl+0x8c/0xd0 [ 22.573158] print_report+0x118/0x608 [ 22.573388] kasan_report+0xdc/0x128 [ 22.573506] kasan_check_range+0x100/0x1a8 [ 22.573617] __kasan_check_write+0x20/0x30 [ 22.573730] kasan_atomics_helper+0xf88/0x4858 [ 22.573847] kasan_atomics+0x198/0x2e0 [ 22.574762] kunit_try_run_case+0x170/0x3f0 [ 22.575073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.575606] kthread+0x328/0x630 [ 22.575734] ret_from_fork+0x10/0x20 [ 22.576461] [ 22.576772] Allocated by task 266: [ 22.576874] kasan_save_stack+0x3c/0x68 [ 22.577222] kasan_save_track+0x20/0x40 [ 22.577378] kasan_save_alloc_info+0x40/0x58 [ 22.577901] __kasan_kmalloc+0xd4/0xd8 [ 22.578378] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.578493] kasan_atomics+0xb8/0x2e0 [ 22.578585] kunit_try_run_case+0x170/0x3f0 [ 22.578670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.578776] kthread+0x328/0x630 [ 22.578863] ret_from_fork+0x10/0x20 [ 22.579388] [ 22.579529] The buggy address belongs to the object at fff00000c79e4c00 [ 22.579529] which belongs to the cache kmalloc-64 of size 64 [ 22.579687] The buggy address is located 0 bytes to the right of [ 22.579687] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.580519] [ 22.580696] The buggy address belongs to the physical page: [ 22.580779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.581548] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.581749] page_type: f5(slab) [ 22.581851] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.582222] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.582686] page dumped because: kasan: bad access detected [ 22.582824] [ 22.582996] Memory state around the buggy address: [ 22.583074] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.583171] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.583270] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.583379] ^ [ 22.583682] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.584022] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.584754] ================================================================== [ 22.522860] ================================================================== [ 22.523155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 22.523305] Read of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.523478] [ 22.523587] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.523841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.523934] Hardware name: linux,dummy-virt (DT) [ 22.524037] Call trace: [ 22.524107] show_stack+0x20/0x38 (C) [ 22.524255] dump_stack_lvl+0x8c/0xd0 [ 22.524425] print_report+0x118/0x608 [ 22.524576] kasan_report+0xdc/0x128 [ 22.524691] __asan_report_load8_noabort+0x20/0x30 [ 22.524796] kasan_atomics_helper+0x3f58/0x4858 [ 22.524925] kasan_atomics+0x198/0x2e0 [ 22.525072] kunit_try_run_case+0x170/0x3f0 [ 22.525225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.525656] kthread+0x328/0x630 [ 22.525942] ret_from_fork+0x10/0x20 [ 22.526278] [ 22.526457] Allocated by task 266: [ 22.526651] kasan_save_stack+0x3c/0x68 [ 22.526757] kasan_save_track+0x20/0x40 [ 22.526840] kasan_save_alloc_info+0x40/0x58 [ 22.526911] __kasan_kmalloc+0xd4/0xd8 [ 22.526995] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.527079] kasan_atomics+0xb8/0x2e0 [ 22.527280] kunit_try_run_case+0x170/0x3f0 [ 22.527387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.527485] kthread+0x328/0x630 [ 22.527568] ret_from_fork+0x10/0x20 [ 22.527657] [ 22.527703] The buggy address belongs to the object at fff00000c79e4c00 [ 22.527703] which belongs to the cache kmalloc-64 of size 64 [ 22.528696] The buggy address is located 0 bytes to the right of [ 22.528696] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.528860] [ 22.528998] The buggy address belongs to the physical page: [ 22.529076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.529202] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.529315] page_type: f5(slab) [ 22.529417] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.529543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.529683] page dumped because: kasan: bad access detected [ 22.529772] [ 22.529815] Memory state around the buggy address: [ 22.529887] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.530019] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.530102] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.530185] ^ [ 22.531154] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.531369] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.531493] ================================================================== [ 22.544209] ================================================================== [ 22.544336] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 22.544482] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.544604] [ 22.544705] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.544889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.544955] Hardware name: linux,dummy-virt (DT) [ 22.545035] Call trace: [ 22.545087] show_stack+0x20/0x38 (C) [ 22.545210] dump_stack_lvl+0x8c/0xd0 [ 22.545319] print_report+0x118/0x608 [ 22.545451] kasan_report+0xdc/0x128 [ 22.545562] __asan_report_store8_noabort+0x20/0x30 [ 22.545675] kasan_atomics_helper+0x3e5c/0x4858 [ 22.545790] kasan_atomics+0x198/0x2e0 [ 22.545893] kunit_try_run_case+0x170/0x3f0 [ 22.546008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.546121] kthread+0x328/0x630 [ 22.546217] ret_from_fork+0x10/0x20 [ 22.546336] [ 22.546403] Allocated by task 266: [ 22.546482] kasan_save_stack+0x3c/0x68 [ 22.546592] kasan_save_track+0x20/0x40 [ 22.546682] kasan_save_alloc_info+0x40/0x58 [ 22.546789] __kasan_kmalloc+0xd4/0xd8 [ 22.546905] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.547011] kasan_atomics+0xb8/0x2e0 [ 22.547103] kunit_try_run_case+0x170/0x3f0 [ 22.547201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.547310] kthread+0x328/0x630 [ 22.547413] ret_from_fork+0x10/0x20 [ 22.547493] [ 22.547545] The buggy address belongs to the object at fff00000c79e4c00 [ 22.547545] which belongs to the cache kmalloc-64 of size 64 [ 22.547686] The buggy address is located 0 bytes to the right of [ 22.547686] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.547870] [ 22.547925] The buggy address belongs to the physical page: [ 22.548003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.548124] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.548257] page_type: f5(slab) [ 22.548381] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.548561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.548672] page dumped because: kasan: bad access detected [ 22.548736] [ 22.548770] Memory state around the buggy address: [ 22.548999] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.549122] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.549222] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.549306] ^ [ 22.549404] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.549499] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.549615] ================================================================== [ 22.660992] ================================================================== [ 22.661093] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 22.661203] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.661318] [ 22.661906] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.662103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.662684] Hardware name: linux,dummy-virt (DT) [ 22.662793] Call trace: [ 22.662862] show_stack+0x20/0x38 (C) [ 22.663422] dump_stack_lvl+0x8c/0xd0 [ 22.663591] print_report+0x118/0x608 [ 22.664548] kasan_report+0xdc/0x128 [ 22.664762] kasan_check_range+0x100/0x1a8 [ 22.664875] __kasan_check_write+0x20/0x30 [ 22.665243] kasan_atomics_helper+0x11f8/0x4858 [ 22.665383] kasan_atomics+0x198/0x2e0 [ 22.665562] kunit_try_run_case+0x170/0x3f0 [ 22.666062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.666335] kthread+0x328/0x630 [ 22.666926] ret_from_fork+0x10/0x20 [ 22.667134] [ 22.667205] Allocated by task 266: [ 22.667278] kasan_save_stack+0x3c/0x68 [ 22.667376] kasan_save_track+0x20/0x40 [ 22.667452] kasan_save_alloc_info+0x40/0x58 [ 22.667539] __kasan_kmalloc+0xd4/0xd8 [ 22.668266] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.668536] kasan_atomics+0xb8/0x2e0 [ 22.668639] kunit_try_run_case+0x170/0x3f0 [ 22.668810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.668912] kthread+0x328/0x630 [ 22.668990] ret_from_fork+0x10/0x20 [ 22.669705] [ 22.669780] The buggy address belongs to the object at fff00000c79e4c00 [ 22.669780] which belongs to the cache kmalloc-64 of size 64 [ 22.669918] The buggy address is located 0 bytes to the right of [ 22.669918] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.670792] [ 22.670866] The buggy address belongs to the physical page: [ 22.670940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.671047] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.671156] page_type: f5(slab) [ 22.671505] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.672018] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.672126] page dumped because: kasan: bad access detected [ 22.672208] [ 22.672261] Memory state around the buggy address: [ 22.672895] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.673479] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.673757] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.674039] ^ [ 22.674312] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.674928] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.675391] ================================================================== [ 22.797478] ================================================================== [ 22.797595] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 22.798325] Read of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.798500] [ 22.798566] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.798731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.799050] Hardware name: linux,dummy-virt (DT) [ 22.799588] Call trace: [ 22.799658] show_stack+0x20/0x38 (C) [ 22.799776] dump_stack_lvl+0x8c/0xd0 [ 22.799883] print_report+0x118/0x608 [ 22.799995] kasan_report+0xdc/0x128 [ 22.800124] __asan_report_load8_noabort+0x20/0x30 [ 22.800248] kasan_atomics_helper+0x3db0/0x4858 [ 22.802037] kasan_atomics+0x198/0x2e0 [ 22.802183] kunit_try_run_case+0x170/0x3f0 [ 22.802292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.802434] kthread+0x328/0x630 [ 22.802505] ret_from_fork+0x10/0x20 [ 22.802558] [ 22.802584] Allocated by task 266: [ 22.802640] kasan_save_stack+0x3c/0x68 [ 22.802691] kasan_save_track+0x20/0x40 [ 22.802732] kasan_save_alloc_info+0x40/0x58 [ 22.802776] __kasan_kmalloc+0xd4/0xd8 [ 22.802815] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.802858] kasan_atomics+0xb8/0x2e0 [ 22.802897] kunit_try_run_case+0x170/0x3f0 [ 22.802939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.802984] kthread+0x328/0x630 [ 22.803019] ret_from_fork+0x10/0x20 [ 22.803058] [ 22.803082] The buggy address belongs to the object at fff00000c79e4c00 [ 22.803082] which belongs to the cache kmalloc-64 of size 64 [ 22.803143] The buggy address is located 0 bytes to the right of [ 22.803143] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.803209] [ 22.803232] The buggy address belongs to the physical page: [ 22.803266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.803322] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.803408] page_type: f5(slab) [ 22.803528] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.803673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.803853] page dumped because: kasan: bad access detected [ 22.803940] [ 22.804038] Memory state around the buggy address: [ 22.804125] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.804296] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.804610] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.804708] ^ [ 22.804897] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.804951] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.804995] ================================================================== [ 22.805288] ================================================================== [ 22.805338] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 22.805453] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.805567] [ 22.805637] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.805865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.805939] Hardware name: linux,dummy-virt (DT) [ 22.806014] Call trace: [ 22.806073] show_stack+0x20/0x38 (C) [ 22.806233] dump_stack_lvl+0x8c/0xd0 [ 22.806401] print_report+0x118/0x608 [ 22.806576] kasan_report+0xdc/0x128 [ 22.806733] kasan_check_range+0x100/0x1a8 [ 22.806884] __kasan_check_write+0x20/0x30 [ 22.807038] kasan_atomics_helper+0x1644/0x4858 [ 22.807156] kasan_atomics+0x198/0x2e0 [ 22.807285] kunit_try_run_case+0x170/0x3f0 [ 22.807419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.807535] kthread+0x328/0x630 [ 22.807849] ret_from_fork+0x10/0x20 [ 22.808046] [ 22.808100] Allocated by task 266: [ 22.808494] kasan_save_stack+0x3c/0x68 [ 22.808837] kasan_save_track+0x20/0x40 [ 22.808923] kasan_save_alloc_info+0x40/0x58 [ 22.809014] __kasan_kmalloc+0xd4/0xd8 [ 22.809087] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.809164] kasan_atomics+0xb8/0x2e0 [ 22.809538] kunit_try_run_case+0x170/0x3f0 [ 22.809685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.809795] kthread+0x328/0x630 [ 22.809882] ret_from_fork+0x10/0x20 [ 22.809969] [ 22.810022] The buggy address belongs to the object at fff00000c79e4c00 [ 22.810022] which belongs to the cache kmalloc-64 of size 64 [ 22.810434] The buggy address is located 0 bytes to the right of [ 22.810434] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.810586] [ 22.810636] The buggy address belongs to the physical page: [ 22.810730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.810911] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.811070] page_type: f5(slab) [ 22.811188] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.811314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.811420] page dumped because: kasan: bad access detected [ 22.811493] [ 22.811540] Memory state around the buggy address: [ 22.811945] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.812049] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.812149] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.812241] ^ [ 22.812762] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.812884] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.812981] ================================================================== [ 22.404697] ================================================================== [ 22.404831] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 22.404972] Write of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.405284] [ 22.405380] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.406629] kasan_atomics+0x198/0x2e0 [ 22.407214] [ 22.407262] Allocated by task 266: [ 22.407327] kasan_save_stack+0x3c/0x68 [ 22.407472] kasan_save_track+0x20/0x40 [ 22.407633] kasan_save_alloc_info+0x40/0x58 [ 22.407734] __kasan_kmalloc+0xd4/0xd8 [ 22.407814] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.407909] kasan_atomics+0xb8/0x2e0 [ 22.407995] kunit_try_run_case+0x170/0x3f0 [ 22.408091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.408213] kthread+0x328/0x630 [ 22.408321] ret_from_fork+0x10/0x20 [ 22.408433] [ 22.408504] The buggy address belongs to the object at fff00000c79e4c00 [ 22.408504] which belongs to the cache kmalloc-64 of size 64 [ 22.408666] The buggy address is located 0 bytes to the right of [ 22.408666] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.408814] [ 22.408871] The buggy address belongs to the physical page: [ 22.408940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.409087] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.409242] page_type: f5(slab) [ 22.409375] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.409544] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.409682] page dumped because: kasan: bad access detected [ 22.409789] [ 22.409854] Memory state around the buggy address: [ 22.409957] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.410057] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.410149] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.410281] ^ [ 22.410380] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.410487] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.410585] ================================================================== [ 22.782567] ================================================================== [ 22.782677] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 22.782788] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.782903] [ 22.783422] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.783650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.783720] Hardware name: linux,dummy-virt (DT) [ 22.783998] Call trace: [ 22.784082] show_stack+0x20/0x38 (C) [ 22.784491] dump_stack_lvl+0x8c/0xd0 [ 22.784608] print_report+0x118/0x608 [ 22.784712] kasan_report+0xdc/0x128 [ 22.785456] kasan_check_range+0x100/0x1a8 [ 22.785665] __kasan_check_write+0x20/0x30 [ 22.785766] kasan_atomics_helper+0x15b4/0x4858 [ 22.786122] kasan_atomics+0x198/0x2e0 [ 22.786620] kunit_try_run_case+0x170/0x3f0 [ 22.787039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.787502] kthread+0x328/0x630 [ 22.787623] ret_from_fork+0x10/0x20 [ 22.787736] [ 22.787783] Allocated by task 266: [ 22.788242] kasan_save_stack+0x3c/0x68 [ 22.788571] kasan_save_track+0x20/0x40 [ 22.788676] kasan_save_alloc_info+0x40/0x58 [ 22.789219] __kasan_kmalloc+0xd4/0xd8 [ 22.789451] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.789569] kasan_atomics+0xb8/0x2e0 [ 22.790072] kunit_try_run_case+0x170/0x3f0 [ 22.790555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.790684] kthread+0x328/0x630 [ 22.790934] ret_from_fork+0x10/0x20 [ 22.791069] [ 22.791113] The buggy address belongs to the object at fff00000c79e4c00 [ 22.791113] which belongs to the cache kmalloc-64 of size 64 [ 22.791237] The buggy address is located 0 bytes to the right of [ 22.791237] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.791877] [ 22.792155] The buggy address belongs to the physical page: [ 22.792257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.792384] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.793068] page_type: f5(slab) [ 22.793492] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.793792] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.793895] page dumped because: kasan: bad access detected [ 22.793970] [ 22.794324] Memory state around the buggy address: [ 22.794437] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.794984] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.795586] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.795756] ^ [ 22.795850] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.796312] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.796580] ================================================================== [ 22.839724] ================================================================== [ 22.839885] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 22.840004] Read of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.840132] [ 22.840239] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.840445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.840516] Hardware name: linux,dummy-virt (DT) [ 22.840589] Call trace: [ 22.840644] show_stack+0x20/0x38 (C) [ 22.840755] dump_stack_lvl+0x8c/0xd0 [ 22.840872] print_report+0x118/0x608 [ 22.841020] kasan_report+0xdc/0x128 [ 22.841125] __asan_report_load8_noabort+0x20/0x30 [ 22.841276] kasan_atomics_helper+0x3e10/0x4858 [ 22.841814] kasan_atomics+0x198/0x2e0 [ 22.841982] kunit_try_run_case+0x170/0x3f0 [ 22.842114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.842326] kthread+0x328/0x630 [ 22.842456] ret_from_fork+0x10/0x20 [ 22.842615] [ 22.842691] Allocated by task 266: [ 22.842763] kasan_save_stack+0x3c/0x68 [ 22.842863] kasan_save_track+0x20/0x40 [ 22.842953] kasan_save_alloc_info+0x40/0x58 [ 22.843050] __kasan_kmalloc+0xd4/0xd8 [ 22.843154] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.843271] kasan_atomics+0xb8/0x2e0 [ 22.843341] kunit_try_run_case+0x170/0x3f0 [ 22.843436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.843537] kthread+0x328/0x630 [ 22.843648] ret_from_fork+0x10/0x20 [ 22.843724] [ 22.843772] The buggy address belongs to the object at fff00000c79e4c00 [ 22.843772] which belongs to the cache kmalloc-64 of size 64 [ 22.843948] The buggy address is located 0 bytes to the right of [ 22.843948] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.844107] [ 22.844164] The buggy address belongs to the physical page: [ 22.844240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.844373] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.844493] page_type: f5(slab) [ 22.844580] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.844734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.844848] page dumped because: kasan: bad access detected [ 22.844927] [ 22.844991] Memory state around the buggy address: [ 22.845242] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.845455] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.845673] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.845773] ^ [ 22.845860] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.845957] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.846473] ================================================================== [ 22.676696] ================================================================== [ 22.676820] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 22.676934] Write of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.677051] [ 22.677661] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.678132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.678413] Hardware name: linux,dummy-virt (DT) [ 22.678858] Call trace: [ 22.679040] show_stack+0x20/0x38 (C) [ 22.679186] dump_stack_lvl+0x8c/0xd0 [ 22.679283] print_report+0x118/0x608 [ 22.679611] kasan_report+0xdc/0x128 [ 22.680052] kasan_check_range+0x100/0x1a8 [ 22.680174] __kasan_check_write+0x20/0x30 [ 22.680706] kasan_atomics_helper+0x126c/0x4858 [ 22.680840] kasan_atomics+0x198/0x2e0 [ 22.680945] kunit_try_run_case+0x170/0x3f0 [ 22.681605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.682031] kthread+0x328/0x630 [ 22.682158] ret_from_fork+0x10/0x20 [ 22.682316] [ 22.682645] Allocated by task 266: [ 22.682733] kasan_save_stack+0x3c/0x68 [ 22.682845] kasan_save_track+0x20/0x40 [ 22.683494] kasan_save_alloc_info+0x40/0x58 [ 22.683662] __kasan_kmalloc+0xd4/0xd8 [ 22.683756] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.683936] kasan_atomics+0xb8/0x2e0 [ 22.684024] kunit_try_run_case+0x170/0x3f0 [ 22.684526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.684648] kthread+0x328/0x630 [ 22.685065] ret_from_fork+0x10/0x20 [ 22.685719] [ 22.685788] The buggy address belongs to the object at fff00000c79e4c00 [ 22.685788] which belongs to the cache kmalloc-64 of size 64 [ 22.686049] The buggy address is located 0 bytes to the right of [ 22.686049] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.686476] [ 22.686829] The buggy address belongs to the physical page: [ 22.687191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.687573] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.687707] page_type: f5(slab) [ 22.688470] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.688610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.689239] page dumped because: kasan: bad access detected [ 22.689529] [ 22.689852] Memory state around the buggy address: [ 22.689954] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.690270] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.690395] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.690493] ^ [ 22.691056] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.691544] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.691674] ================================================================== [ 22.813890] ================================================================== [ 22.814302] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 22.815118] Read of size 8 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.815258] [ 22.815517] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.815838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.816060] Hardware name: linux,dummy-virt (DT) [ 22.816285] Call trace: [ 22.816380] show_stack+0x20/0x38 (C) [ 22.816928] dump_stack_lvl+0x8c/0xd0 [ 22.817049] print_report+0x118/0x608 [ 22.817160] kasan_report+0xdc/0x128 [ 22.817272] __asan_report_load8_noabort+0x20/0x30 [ 22.817406] kasan_atomics_helper+0x3df4/0x4858 [ 22.817531] kasan_atomics+0x198/0x2e0 [ 22.817641] kunit_try_run_case+0x170/0x3f0 [ 22.817758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.818682] kthread+0x328/0x630 [ 22.820126] ret_from_fork+0x10/0x20 [ 22.821025] [ 22.821114] Allocated by task 266: [ 22.821207] kasan_save_stack+0x3c/0x68 [ 22.821578] kasan_save_track+0x20/0x40 [ 22.821774] kasan_save_alloc_info+0x40/0x58 [ 22.822064] __kasan_kmalloc+0xd4/0xd8 [ 22.822628] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.822799] kasan_atomics+0xb8/0x2e0 [ 22.822881] kunit_try_run_case+0x170/0x3f0 [ 22.823312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.823577] kthread+0x328/0x630 [ 22.823769] ret_from_fork+0x10/0x20 [ 22.823946] [ 22.824139] The buggy address belongs to the object at fff00000c79e4c00 [ 22.824139] which belongs to the cache kmalloc-64 of size 64 [ 22.824643] The buggy address is located 0 bytes to the right of [ 22.824643] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.824815] [ 22.824885] The buggy address belongs to the physical page: [ 22.824955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.825076] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.825189] page_type: f5(slab) [ 22.825277] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.825411] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.825508] page dumped because: kasan: bad access detected [ 22.825579] [ 22.825625] Memory state around the buggy address: [ 22.825701] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.825807] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.825911] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.826052] ^ [ 22.826134] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.826238] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.826331] ================================================================== [ 22.495779] ================================================================== [ 22.495883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 22.496279] Read of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.496480] [ 22.496583] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.496839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.496905] Hardware name: linux,dummy-virt (DT) [ 22.496973] Call trace: [ 22.497020] show_stack+0x20/0x38 (C) [ 22.497271] dump_stack_lvl+0x8c/0xd0 [ 22.497489] print_report+0x118/0x608 [ 22.497692] kasan_report+0xdc/0x128 [ 22.497868] __asan_report_load4_noabort+0x20/0x30 [ 22.498016] kasan_atomics_helper+0x3e04/0x4858 [ 22.498134] kasan_atomics+0x198/0x2e0 [ 22.498277] kunit_try_run_case+0x170/0x3f0 [ 22.498687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.498992] kthread+0x328/0x630 [ 22.499094] ret_from_fork+0x10/0x20 [ 22.499454] [ 22.499531] Allocated by task 266: [ 22.499612] kasan_save_stack+0x3c/0x68 [ 22.499722] kasan_save_track+0x20/0x40 [ 22.499839] kasan_save_alloc_info+0x40/0x58 [ 22.499962] __kasan_kmalloc+0xd4/0xd8 [ 22.500051] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.500126] kasan_atomics+0xb8/0x2e0 [ 22.500580] kunit_try_run_case+0x170/0x3f0 [ 22.500704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.500811] kthread+0x328/0x630 [ 22.500916] ret_from_fork+0x10/0x20 [ 22.500998] [ 22.501040] The buggy address belongs to the object at fff00000c79e4c00 [ 22.501040] which belongs to the cache kmalloc-64 of size 64 [ 22.501182] The buggy address is located 0 bytes to the right of [ 22.501182] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.501337] [ 22.501410] The buggy address belongs to the physical page: [ 22.501481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.501722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.501996] page_type: f5(slab) [ 22.502081] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.502266] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.502370] page dumped because: kasan: bad access detected [ 22.502692] [ 22.502781] Memory state around the buggy address: [ 22.502994] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.503334] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.503665] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.503752] ^ [ 22.503832] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.505011] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.505292] ================================================================== [ 22.411866] ================================================================== [ 22.411982] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 22.412091] Write of size 4 at addr fff00000c79e4c30 by task kunit_try_catch/266 [ 22.412210] [ 22.412278] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.412708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.412839] Hardware name: linux,dummy-virt (DT) [ 22.412916] Call trace: [ 22.412973] show_stack+0x20/0x38 (C) [ 22.413107] dump_stack_lvl+0x8c/0xd0 [ 22.413212] print_report+0x118/0x608 [ 22.413350] kasan_report+0xdc/0x128 [ 22.413528] kasan_check_range+0x100/0x1a8 [ 22.413685] __kasan_check_write+0x20/0x30 [ 22.413829] kasan_atomics_helper+0xa6c/0x4858 [ 22.413985] kasan_atomics+0x198/0x2e0 [ 22.414131] kunit_try_run_case+0x170/0x3f0 [ 22.414270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.414400] kthread+0x328/0x630 [ 22.414506] ret_from_fork+0x10/0x20 [ 22.414624] [ 22.414672] Allocated by task 266: [ 22.414738] kasan_save_stack+0x3c/0x68 [ 22.414841] kasan_save_track+0x20/0x40 [ 22.414966] kasan_save_alloc_info+0x40/0x58 [ 22.415056] __kasan_kmalloc+0xd4/0xd8 [ 22.415144] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.415249] kasan_atomics+0xb8/0x2e0 [ 22.415344] kunit_try_run_case+0x170/0x3f0 [ 22.415462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.415580] kthread+0x328/0x630 [ 22.415650] ret_from_fork+0x10/0x20 [ 22.415727] [ 22.415805] The buggy address belongs to the object at fff00000c79e4c00 [ 22.415805] which belongs to the cache kmalloc-64 of size 64 [ 22.415981] The buggy address is located 0 bytes to the right of [ 22.415981] allocated 48-byte region [fff00000c79e4c00, fff00000c79e4c30) [ 22.416155] [ 22.416203] The buggy address belongs to the physical page: [ 22.416278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e4 [ 22.416411] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.416527] page_type: f5(slab) [ 22.416692] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.416835] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.416919] page dumped because: kasan: bad access detected [ 22.416979] [ 22.417455] Memory state around the buggy address: [ 22.417552] fff00000c79e4b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.417605] fff00000c79e4b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.417651] >fff00000c79e4c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.417691] ^ [ 22.417729] fff00000c79e4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.417772] fff00000c79e4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.417812] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 21.935991] ================================================================== [ 21.936108] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 21.936323] Read of size 1 at addr fff00000c79e2910 by task kunit_try_catch/260 [ 21.936478] [ 21.936556] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.936737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.936811] Hardware name: linux,dummy-virt (DT) [ 21.936888] Call trace: [ 21.936942] show_stack+0x20/0x38 (C) [ 21.937056] dump_stack_lvl+0x8c/0xd0 [ 21.937162] print_report+0x118/0x608 [ 21.937272] kasan_report+0xdc/0x128 [ 21.937389] __asan_report_load1_noabort+0x20/0x30 [ 21.937518] strcmp+0xc0/0xc8 [ 21.937621] kasan_strings+0x340/0xb00 [ 21.937724] kunit_try_run_case+0x170/0x3f0 [ 21.937836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.937959] kthread+0x328/0x630 [ 21.939795] ret_from_fork+0x10/0x20 [ 21.939998] [ 21.940110] Allocated by task 260: [ 21.940190] kasan_save_stack+0x3c/0x68 [ 21.940324] kasan_save_track+0x20/0x40 [ 21.940651] kasan_save_alloc_info+0x40/0x58 [ 21.940760] __kasan_kmalloc+0xd4/0xd8 [ 21.940909] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.942226] kasan_strings+0xc8/0xb00 [ 21.942419] kunit_try_run_case+0x170/0x3f0 [ 21.942540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.942657] kthread+0x328/0x630 [ 21.942766] ret_from_fork+0x10/0x20 [ 21.943980] kasan_save_free_info+0x4c/0x78 [ 21.947438] page dumped because: kasan: bad access detected [ 21.951471] print_report+0x118/0x608 [ 21.954629] kasan_save_track+0x20/0x40 [ 21.957815] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.960614] [ 21.961565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.963687] kunit_try_run_case+0x170/0x3f0 [ 21.966630] __kasan_kmalloc+0xd4/0xd8 [ 21.973394] fff00000c79e2a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.973491] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 21.909996] ================================================================== [ 21.910180] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 21.910303] Read of size 1 at addr fff00000c79e2758 by task kunit_try_catch/258 [ 21.910423] [ 21.910507] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.910906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.911018] Hardware name: linux,dummy-virt (DT) [ 21.911125] Call trace: [ 21.911179] show_stack+0x20/0x38 (C) [ 21.911335] dump_stack_lvl+0x8c/0xd0 [ 21.911504] print_report+0x118/0x608 [ 21.911634] kasan_report+0xdc/0x128 [ 21.911805] __asan_report_load1_noabort+0x20/0x30 [ 21.911926] memcmp+0x198/0x1d8 [ 21.912016] kasan_memcmp+0x16c/0x300 [ 21.912222] kunit_try_run_case+0x170/0x3f0 [ 21.912583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.912736] kthread+0x328/0x630 [ 21.912924] ret_from_fork+0x10/0x20 [ 21.913091] [ 21.913135] Allocated by task 258: [ 21.913204] kasan_save_stack+0x3c/0x68 [ 21.913301] kasan_save_track+0x20/0x40 [ 21.913406] kasan_save_alloc_info+0x40/0x58 [ 21.913505] __kasan_kmalloc+0xd4/0xd8 [ 21.913588] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.913691] kasan_memcmp+0xbc/0x300 [ 21.913779] kunit_try_run_case+0x170/0x3f0 [ 21.913874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.914015] kthread+0x328/0x630 [ 21.914095] ret_from_fork+0x10/0x20 [ 21.914170] [ 21.914216] The buggy address belongs to the object at fff00000c79e2740 [ 21.914216] which belongs to the cache kmalloc-32 of size 32 [ 21.914404] The buggy address is located 0 bytes to the right of [ 21.914404] allocated 24-byte region [fff00000c79e2740, fff00000c79e2758) [ 21.915016] [ 21.915244] The buggy address belongs to the physical page: [ 21.915325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e2 [ 21.915493] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.915621] page_type: f5(slab) [ 21.915752] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.915927] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.916076] page dumped because: kasan: bad access detected [ 21.916168] [ 21.916242] Memory state around the buggy address: [ 21.916347] fff00000c79e2600: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 21.916462] fff00000c79e2680: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.916560] >fff00000c79e2700: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.916870] ^ [ 21.917078] fff00000c79e2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.917187] fff00000c79e2800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.917287] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 21.873783] ================================================================== [ 21.874087] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 21.874529] Read of size 1 at addr ffff800080ab7b4a by task kunit_try_catch/254 [ 21.874751] [ 21.874828] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.875065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.875131] Hardware name: linux,dummy-virt (DT) [ 21.875214] Call trace: [ 21.875288] show_stack+0x20/0x38 (C) [ 21.875457] dump_stack_lvl+0x8c/0xd0 [ 21.875569] print_report+0x310/0x608 [ 21.875958] kasan_report+0xdc/0x128 [ 21.876108] __asan_report_load1_noabort+0x20/0x30 [ 21.876267] kasan_alloca_oob_right+0x2dc/0x340 [ 21.876428] kunit_try_run_case+0x170/0x3f0 [ 21.876536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.876688] kthread+0x328/0x630 [ 21.876837] ret_from_fork+0x10/0x20 [ 21.877205] [ 21.877271] The buggy address belongs to stack of task kunit_try_catch/254 [ 21.877475] [ 21.877565] The buggy address belongs to the virtual mapping at [ 21.877565] [ffff800080ab0000, ffff800080ab9000) created by: [ 21.877565] kernel_clone+0x150/0x7a8 [ 21.877761] [ 21.877812] The buggy address belongs to the physical page: [ 21.877888] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a36 [ 21.878008] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.878127] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.878270] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.878757] page dumped because: kasan: bad access detected [ 21.878937] [ 21.878982] Memory state around the buggy address: [ 21.879233] ffff800080ab7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.879466] ffff800080ab7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.879567] >ffff800080ab7b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 21.879821] ^ [ 21.879935] ffff800080ab7b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 21.880044] ffff800080ab7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.880142] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 21.858646] ================================================================== [ 21.858867] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 21.858976] Read of size 1 at addr ffff800080a87b5f by task kunit_try_catch/252 [ 21.859486] [ 21.859546] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.859679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.859770] Hardware name: linux,dummy-virt (DT) [ 21.859870] Call trace: [ 21.859942] show_stack+0x20/0x38 (C) [ 21.860106] dump_stack_lvl+0x8c/0xd0 [ 21.860206] print_report+0x310/0x608 [ 21.860347] kasan_report+0xdc/0x128 [ 21.860512] __asan_report_load1_noabort+0x20/0x30 [ 21.860680] kasan_alloca_oob_left+0x2b8/0x310 [ 21.860840] kunit_try_run_case+0x170/0x3f0 [ 21.860990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.861157] kthread+0x328/0x630 [ 21.861272] ret_from_fork+0x10/0x20 [ 21.861606] [ 21.861833] The buggy address belongs to stack of task kunit_try_catch/252 [ 21.862422] [ 21.862538] The buggy address belongs to the virtual mapping at [ 21.862538] [ffff800080a80000, ffff800080a89000) created by: [ 21.862538] kernel_clone+0x150/0x7a8 [ 21.862843] [ 21.862925] The buggy address belongs to the physical page: [ 21.862999] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107942 [ 21.863105] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.863394] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.863751] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.863863] page dumped because: kasan: bad access detected [ 21.863931] [ 21.863982] Memory state around the buggy address: [ 21.864059] ffff800080a87a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.864166] ffff800080a87a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.864273] >ffff800080a87b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 21.864391] ^ [ 21.864523] ffff800080a87b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 21.864612] ffff800080a87c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.864734] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 21.840638] ================================================================== [ 21.840795] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 21.840905] Read of size 1 at addr ffff800080aa7c2a by task kunit_try_catch/250 [ 21.841008] [ 21.841263] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.841481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.841545] Hardware name: linux,dummy-virt (DT) [ 21.841611] Call trace: [ 21.841660] show_stack+0x20/0x38 (C) [ 21.841771] dump_stack_lvl+0x8c/0xd0 [ 21.841959] print_report+0x310/0x608 [ 21.842341] kasan_report+0xdc/0x128 [ 21.842488] __asan_report_load1_noabort+0x20/0x30 [ 21.842595] kasan_stack_oob+0x238/0x270 [ 21.842702] kunit_try_run_case+0x170/0x3f0 [ 21.842802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.842911] kthread+0x328/0x630 [ 21.843002] ret_from_fork+0x10/0x20 [ 21.843370] [ 21.843506] The buggy address belongs to stack of task kunit_try_catch/250 [ 21.844085] and is located at offset 138 in frame: [ 21.844208] kasan_stack_oob+0x0/0x270 [ 21.844542] [ 21.844609] This frame has 4 objects: [ 21.844819] [48, 49) '__assertion' [ 21.844923] [64, 72) 'array' [ 21.845028] [96, 112) '__assertion' [ 21.845169] [128, 138) 'stack_array' [ 21.845286] [ 21.845366] The buggy address belongs to the virtual mapping at [ 21.845366] [ffff800080aa0000, ffff800080aa9000) created by: [ 21.845366] kernel_clone+0x150/0x7a8 [ 21.845538] [ 21.845585] The buggy address belongs to the physical page: [ 21.845656] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079e0 [ 21.845775] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.845957] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.846108] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.846198] page dumped because: kasan: bad access detected [ 21.846276] [ 21.846386] Memory state around the buggy address: [ 21.846720] ffff800080aa7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.846815] ffff800080aa7b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 21.846901] >ffff800080aa7c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 21.846986] ^ [ 21.847050] ffff800080aa7c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 21.847513] ffff800080aa7d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.847730] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 21.812410] ================================================================== [ 21.812543] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 21.813121] Read of size 1 at addr ffff95d57834f5cd by task kunit_try_catch/246 [ 21.813552] [ 21.813647] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.813781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.813813] Hardware name: linux,dummy-virt (DT) [ 21.813848] Call trace: [ 21.813871] show_stack+0x20/0x38 (C) [ 21.813930] dump_stack_lvl+0x8c/0xd0 [ 21.813981] print_report+0x310/0x608 [ 21.814127] kasan_report+0xdc/0x128 [ 21.814216] __asan_report_load1_noabort+0x20/0x30 [ 21.814315] kasan_global_oob_right+0x230/0x270 [ 21.814437] kunit_try_run_case+0x170/0x3f0 [ 21.815119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.815414] kthread+0x328/0x630 [ 21.815515] ret_from_fork+0x10/0x20 [ 21.816402] [ 21.816760] The buggy address belongs to the variable: [ 21.817049] global_array+0xd/0x40 [ 21.817230] [ 21.817424] The buggy address belongs to the virtual mapping at [ 21.817424] [ffff95d576500000, ffff95d578401000) created by: [ 21.817424] paging_init+0x66c/0x7d0 [ 21.817614] [ 21.817727] The buggy address belongs to the physical page: [ 21.817796] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 21.817921] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 21.818350] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 21.818609] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.818710] page dumped because: kasan: bad access detected [ 21.818789] [ 21.818829] Memory state around the buggy address: [ 21.818905] ffff95d57834f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.818985] ffff95d57834f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.819094] >ffff95d57834f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 21.819172] ^ [ 21.819255] ffff95d57834f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 21.819342] ffff95d57834f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 21.819441] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 21.772937] ================================================================== [ 21.773111] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.773239] Free of addr fff00000c7938e01 by task kunit_try_catch/242 [ 21.773398] [ 21.773464] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.773718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.773809] Hardware name: linux,dummy-virt (DT) [ 21.773910] Call trace: [ 21.773976] show_stack+0x20/0x38 (C) [ 21.774114] dump_stack_lvl+0x8c/0xd0 [ 21.774215] print_report+0x118/0x608 [ 21.774328] kasan_report_invalid_free+0xc0/0xe8 [ 21.775036] check_slab_allocation+0xfc/0x108 [ 21.775194] __kasan_mempool_poison_object+0x78/0x150 [ 21.775298] mempool_free+0x28c/0x328 [ 21.775658] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.775930] mempool_kmalloc_invalid_free+0xc0/0x118 [ 21.776185] kunit_try_run_case+0x170/0x3f0 [ 21.776609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.776868] kthread+0x328/0x630 [ 21.777037] ret_from_fork+0x10/0x20 [ 21.777151] [ 21.777488] Allocated by task 242: [ 21.777631] kasan_save_stack+0x3c/0x68 [ 21.777739] kasan_save_track+0x20/0x40 [ 21.777819] kasan_save_alloc_info+0x40/0x58 [ 21.777905] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.777999] remove_element+0x130/0x1f8 [ 21.778079] mempool_alloc_preallocated+0x58/0xc0 [ 21.778162] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 21.778256] mempool_kmalloc_invalid_free+0xc0/0x118 [ 21.778343] kunit_try_run_case+0x170/0x3f0 [ 21.778430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.778539] kthread+0x328/0x630 [ 21.778617] ret_from_fork+0x10/0x20 [ 21.778695] [ 21.778742] The buggy address belongs to the object at fff00000c7938e00 [ 21.778742] which belongs to the cache kmalloc-128 of size 128 [ 21.778880] The buggy address is located 1 bytes inside of [ 21.778880] 128-byte region [fff00000c7938e00, fff00000c7938e80) [ 21.779015] [ 21.779058] The buggy address belongs to the physical page: [ 21.779125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107938 [ 21.779221] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.780020] page_type: f5(slab) [ 21.780197] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.780325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.780436] page dumped because: kasan: bad access detected [ 21.780504] [ 21.780541] Memory state around the buggy address: [ 21.780612] fff00000c7938d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.780700] fff00000c7938d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.780792] >fff00000c7938e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.781026] ^ [ 21.781105] fff00000c7938e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.781207] fff00000c7938f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.781298] ================================================================== [ 21.793040] ================================================================== [ 21.793312] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.793561] Free of addr fff00000c79b0001 by task kunit_try_catch/244 [ 21.793674] [ 21.793741] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.793910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.793965] Hardware name: linux,dummy-virt (DT) [ 21.794216] Call trace: [ 21.794991] show_stack+0x20/0x38 (C) [ 21.795249] dump_stack_lvl+0x8c/0xd0 [ 21.795440] print_report+0x118/0x608 [ 21.795546] kasan_report_invalid_free+0xc0/0xe8 [ 21.795654] __kasan_mempool_poison_object+0xfc/0x150 [ 21.795782] mempool_free+0x28c/0x328 [ 21.795891] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.796013] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 21.796131] kunit_try_run_case+0x170/0x3f0 [ 21.796236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.796370] kthread+0x328/0x630 [ 21.796470] ret_from_fork+0x10/0x20 [ 21.796574] [ 21.796622] The buggy address belongs to the physical page: [ 21.796689] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b0 [ 21.796812] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.796921] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.797034] page_type: f8(unknown) [ 21.797118] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.797233] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.797348] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.798314] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.798558] head: 0bfffe0000000002 ffffc1ffc31e6c01 00000000ffffffff 00000000ffffffff [ 21.798749] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.798854] page dumped because: kasan: bad access detected [ 21.799126] [ 21.799171] Memory state around the buggy address: [ 21.799261] fff00000c79aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.799461] fff00000c79aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.799638] >fff00000c79b0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.799733] ^ [ 21.799804] fff00000c79b0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.799885] fff00000c79b0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.800180] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 21.730961] ================================================================== [ 21.731083] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.731196] Free of addr fff00000c797c000 by task kunit_try_catch/238 [ 21.731293] [ 21.731379] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.731567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.731628] Hardware name: linux,dummy-virt (DT) [ 21.731697] Call trace: [ 21.731746] show_stack+0x20/0x38 (C) [ 21.731850] dump_stack_lvl+0x8c/0xd0 [ 21.731950] print_report+0x118/0x608 [ 21.732053] kasan_report_invalid_free+0xc0/0xe8 [ 21.732164] __kasan_mempool_poison_object+0x14c/0x150 [ 21.732279] mempool_free+0x28c/0x328 [ 21.732397] mempool_double_free_helper+0x150/0x2e8 [ 21.732496] mempool_kmalloc_large_double_free+0xc0/0x118 [ 21.732980] kunit_try_run_case+0x170/0x3f0 [ 21.733282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.733632] kthread+0x328/0x630 [ 21.733763] ret_from_fork+0x10/0x20 [ 21.733906] [ 21.733971] The buggy address belongs to the physical page: [ 21.734052] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10797c [ 21.734194] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.734290] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.734406] page_type: f8(unknown) [ 21.734487] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.734588] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.734926] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.735046] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.735160] head: 0bfffe0000000002 ffffc1ffc31e5f01 00000000ffffffff 00000000ffffffff [ 21.735271] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.735376] page dumped because: kasan: bad access detected [ 21.735434] [ 21.735471] Memory state around the buggy address: [ 21.735542] fff00000c797bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.735646] fff00000c797bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.735783] >fff00000c797c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.735890] ^ [ 21.735961] fff00000c797c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.736046] fff00000c797c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.736130] ================================================================== [ 21.751291] ================================================================== [ 21.751442] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.751563] Free of addr fff00000c797c000 by task kunit_try_catch/240 [ 21.751657] [ 21.751721] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.751894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.751956] Hardware name: linux,dummy-virt (DT) [ 21.752024] Call trace: [ 21.752074] show_stack+0x20/0x38 (C) [ 21.752177] dump_stack_lvl+0x8c/0xd0 [ 21.752283] print_report+0x118/0x608 [ 21.752397] kasan_report_invalid_free+0xc0/0xe8 [ 21.752534] __kasan_mempool_poison_pages+0xe0/0xe8 [ 21.752651] mempool_free+0x24c/0x328 [ 21.753856] mempool_double_free_helper+0x150/0x2e8 [ 21.753997] mempool_page_alloc_double_free+0xbc/0x118 [ 21.754528] kunit_try_run_case+0x170/0x3f0 [ 21.754796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.754983] kthread+0x328/0x630 [ 21.755295] ret_from_fork+0x10/0x20 [ 21.755431] [ 21.755567] The buggy address belongs to the physical page: [ 21.755814] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10797c [ 21.755938] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.756103] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.756233] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.757104] page dumped because: kasan: bad access detected [ 21.757195] [ 21.757246] Memory state around the buggy address: [ 21.757320] fff00000c797bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.757639] fff00000c797bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.757808] >fff00000c797c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.758046] ^ [ 21.758149] fff00000c797c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.758276] fff00000c797c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.758476] ================================================================== [ 21.704903] ================================================================== [ 21.705093] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.705249] Free of addr fff00000c7938a00 by task kunit_try_catch/236 [ 21.705396] [ 21.705494] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.705734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.705789] Hardware name: linux,dummy-virt (DT) [ 21.705863] Call trace: [ 21.705932] show_stack+0x20/0x38 (C) [ 21.706523] dump_stack_lvl+0x8c/0xd0 [ 21.706816] print_report+0x118/0x608 [ 21.706957] kasan_report_invalid_free+0xc0/0xe8 [ 21.707076] check_slab_allocation+0xd4/0x108 [ 21.707182] __kasan_mempool_poison_object+0x78/0x150 [ 21.707279] mempool_free+0x28c/0x328 [ 21.707374] mempool_double_free_helper+0x150/0x2e8 [ 21.707470] mempool_kmalloc_double_free+0xc0/0x118 [ 21.707579] kunit_try_run_case+0x170/0x3f0 [ 21.707683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.707797] kthread+0x328/0x630 [ 21.707889] ret_from_fork+0x10/0x20 [ 21.707992] [ 21.708504] Allocated by task 236: [ 21.708772] kasan_save_stack+0x3c/0x68 [ 21.709856] kasan_save_track+0x20/0x40 [ 21.710099] kasan_save_alloc_info+0x40/0x58 [ 21.710208] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.710315] remove_element+0x130/0x1f8 [ 21.710415] mempool_alloc_preallocated+0x58/0xc0 [ 21.710520] mempool_double_free_helper+0x94/0x2e8 [ 21.710623] mempool_kmalloc_double_free+0xc0/0x118 [ 21.710786] kunit_try_run_case+0x170/0x3f0 [ 21.710896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.711056] kthread+0x328/0x630 [ 21.711351] ret_from_fork+0x10/0x20 [ 21.711528] [ 21.711570] Freed by task 236: [ 21.711633] kasan_save_stack+0x3c/0x68 [ 21.711785] kasan_save_track+0x20/0x40 [ 21.711981] kasan_save_free_info+0x4c/0x78 [ 21.712163] __kasan_mempool_poison_object+0xc0/0x150 [ 21.712808] mempool_free+0x28c/0x328 [ 21.713127] mempool_double_free_helper+0x100/0x2e8 [ 21.713251] mempool_kmalloc_double_free+0xc0/0x118 [ 21.713421] kunit_try_run_case+0x170/0x3f0 [ 21.713646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.714073] kthread+0x328/0x630 [ 21.714171] ret_from_fork+0x10/0x20 [ 21.714258] [ 21.714304] The buggy address belongs to the object at fff00000c7938a00 [ 21.714304] which belongs to the cache kmalloc-128 of size 128 [ 21.714475] The buggy address is located 0 bytes inside of [ 21.714475] 128-byte region [fff00000c7938a00, fff00000c7938a80) [ 21.714731] [ 21.714859] The buggy address belongs to the physical page: [ 21.714932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107938 [ 21.715207] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.715444] page_type: f5(slab) [ 21.715589] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.715959] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.716121] page dumped because: kasan: bad access detected [ 21.716188] [ 21.716225] Memory state around the buggy address: [ 21.716326] fff00000c7938900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.716447] fff00000c7938980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.716646] >fff00000c7938a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.716814] ^ [ 21.716884] fff00000c7938a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.717236] fff00000c7938b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.717541] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 21.607842] ================================================================== [ 21.607964] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.608075] Read of size 1 at addr fff00000c797c000 by task kunit_try_catch/230 [ 21.608180] [ 21.608243] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.609153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.609240] Hardware name: linux,dummy-virt (DT) [ 21.609717] Call trace: [ 21.609778] show_stack+0x20/0x38 (C) [ 21.609936] dump_stack_lvl+0x8c/0xd0 [ 21.610395] print_report+0x118/0x608 [ 21.610580] kasan_report+0xdc/0x128 [ 21.610675] __asan_report_load1_noabort+0x20/0x30 [ 21.611120] mempool_uaf_helper+0x314/0x340 [ 21.611260] mempool_kmalloc_large_uaf+0xc4/0x120 [ 21.611371] kunit_try_run_case+0x170/0x3f0 [ 21.611554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.611738] kthread+0x328/0x630 [ 21.611843] ret_from_fork+0x10/0x20 [ 21.612012] [ 21.612129] The buggy address belongs to the physical page: [ 21.612197] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10797c [ 21.612817] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.613375] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.613936] page_type: f8(unknown) [ 21.614650] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.614819] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.614940] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.615051] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.615159] head: 0bfffe0000000002 ffffc1ffc31e5f01 00000000ffffffff 00000000ffffffff [ 21.615274] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.615383] page dumped because: kasan: bad access detected [ 21.615461] [ 21.615504] Memory state around the buggy address: [ 21.615578] fff00000c797bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.615680] fff00000c797bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.616944] >fff00000c797c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.617486] ^ [ 21.617594] fff00000c797c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.617690] fff00000c797c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.618146] ================================================================== [ 21.680444] ================================================================== [ 21.680579] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.680704] Read of size 1 at addr fff00000c797c000 by task kunit_try_catch/234 [ 21.680822] [ 21.680892] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.681086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.681798] Hardware name: linux,dummy-virt (DT) [ 21.682922] Call trace: [ 21.683044] show_stack+0x20/0x38 (C) [ 21.683244] dump_stack_lvl+0x8c/0xd0 [ 21.683388] print_report+0x118/0x608 [ 21.683500] kasan_report+0xdc/0x128 [ 21.683609] __asan_report_load1_noabort+0x20/0x30 [ 21.684405] mempool_uaf_helper+0x314/0x340 [ 21.684552] mempool_page_alloc_uaf+0xc0/0x118 [ 21.684701] kunit_try_run_case+0x170/0x3f0 [ 21.684811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.685456] kthread+0x328/0x630 [ 21.686026] ret_from_fork+0x10/0x20 [ 21.686248] [ 21.686300] The buggy address belongs to the physical page: [ 21.686379] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10797c [ 21.686899] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.687208] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.687555] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.687863] page dumped because: kasan: bad access detected [ 21.688084] [ 21.688304] Memory state around the buggy address: [ 21.688561] fff00000c797bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.688741] fff00000c797bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.688919] >fff00000c797c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.689029] ^ [ 21.689098] fff00000c797c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.689449] fff00000c797c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.690021] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 21.587256] ================================================================== [ 21.587404] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.587557] Read of size 1 at addr fff00000c7938600 by task kunit_try_catch/228 [ 21.587707] [ 21.587804] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.588058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.588141] Hardware name: linux,dummy-virt (DT) [ 21.588241] Call trace: [ 21.588316] show_stack+0x20/0x38 (C) [ 21.588468] dump_stack_lvl+0x8c/0xd0 [ 21.588574] print_report+0x118/0x608 [ 21.588728] kasan_report+0xdc/0x128 [ 21.588864] __asan_report_load1_noabort+0x20/0x30 [ 21.589021] mempool_uaf_helper+0x314/0x340 [ 21.589166] mempool_kmalloc_uaf+0xc4/0x120 [ 21.589313] kunit_try_run_case+0x170/0x3f0 [ 21.589420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.589530] kthread+0x328/0x630 [ 21.589631] ret_from_fork+0x10/0x20 [ 21.589748] [ 21.589791] Allocated by task 228: [ 21.589853] kasan_save_stack+0x3c/0x68 [ 21.589974] kasan_save_track+0x20/0x40 [ 21.590106] kasan_save_alloc_info+0x40/0x58 [ 21.590193] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.590278] remove_element+0x130/0x1f8 [ 21.590350] mempool_alloc_preallocated+0x58/0xc0 [ 21.590460] mempool_uaf_helper+0xa4/0x340 [ 21.590545] mempool_kmalloc_uaf+0xc4/0x120 [ 21.590647] kunit_try_run_case+0x170/0x3f0 [ 21.590732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.590838] kthread+0x328/0x630 [ 21.590911] ret_from_fork+0x10/0x20 [ 21.590986] [ 21.591044] Freed by task 228: [ 21.591131] kasan_save_stack+0x3c/0x68 [ 21.591235] kasan_save_track+0x20/0x40 [ 21.591345] kasan_save_free_info+0x4c/0x78 [ 21.591451] __kasan_mempool_poison_object+0xc0/0x150 [ 21.591548] mempool_free+0x28c/0x328 [ 21.591628] mempool_uaf_helper+0x104/0x340 [ 21.591715] mempool_kmalloc_uaf+0xc4/0x120 [ 21.591805] kunit_try_run_case+0x170/0x3f0 [ 21.591894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.591999] kthread+0x328/0x630 [ 21.592072] ret_from_fork+0x10/0x20 [ 21.592146] [ 21.592196] The buggy address belongs to the object at fff00000c7938600 [ 21.592196] which belongs to the cache kmalloc-128 of size 128 [ 21.592342] The buggy address is located 0 bytes inside of [ 21.592342] freed 128-byte region [fff00000c7938600, fff00000c7938680) [ 21.592500] [ 21.592581] The buggy address belongs to the physical page: [ 21.592655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107938 [ 21.592775] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.592886] page_type: f5(slab) [ 21.592963] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.593075] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.593171] page dumped because: kasan: bad access detected [ 21.593267] [ 21.593327] Memory state around the buggy address: [ 21.593412] fff00000c7938500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.593539] fff00000c7938580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.593685] >fff00000c7938600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.593841] ^ [ 21.593935] fff00000c7938680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.594086] fff00000c7938700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.594187] ================================================================== [ 21.637234] ================================================================== [ 21.637374] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.637756] Read of size 1 at addr fff00000c79ca240 by task kunit_try_catch/232 [ 21.637879] [ 21.637987] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.638210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.638269] Hardware name: linux,dummy-virt (DT) [ 21.638369] Call trace: [ 21.638426] show_stack+0x20/0x38 (C) [ 21.638540] dump_stack_lvl+0x8c/0xd0 [ 21.638657] print_report+0x118/0x608 [ 21.638798] kasan_report+0xdc/0x128 [ 21.638892] __asan_report_load1_noabort+0x20/0x30 [ 21.638988] mempool_uaf_helper+0x314/0x340 [ 21.639238] mempool_slab_uaf+0xc0/0x118 [ 21.639350] kunit_try_run_case+0x170/0x3f0 [ 21.639466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.639763] kthread+0x328/0x630 [ 21.639912] ret_from_fork+0x10/0x20 [ 21.640024] [ 21.640081] Allocated by task 232: [ 21.640143] kasan_save_stack+0x3c/0x68 [ 21.640237] kasan_save_track+0x20/0x40 [ 21.640371] kasan_save_alloc_info+0x40/0x58 [ 21.640478] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.640645] remove_element+0x16c/0x1f8 [ 21.640757] mempool_alloc_preallocated+0x58/0xc0 [ 21.640833] mempool_uaf_helper+0xa4/0x340 [ 21.640909] mempool_slab_uaf+0xc0/0x118 [ 21.641177] kunit_try_run_case+0x170/0x3f0 [ 21.641319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.641438] kthread+0x328/0x630 [ 21.641542] ret_from_fork+0x10/0x20 [ 21.641614] [ 21.641655] Freed by task 232: [ 21.641724] kasan_save_stack+0x3c/0x68 [ 21.641838] kasan_save_track+0x20/0x40 [ 21.641935] kasan_save_free_info+0x4c/0x78 [ 21.642025] __kasan_mempool_poison_object+0xc0/0x150 [ 21.642104] mempool_free+0x28c/0x328 [ 21.642173] mempool_uaf_helper+0x104/0x340 [ 21.642462] mempool_slab_uaf+0xc0/0x118 [ 21.642538] kunit_try_run_case+0x170/0x3f0 [ 21.642625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.642717] kthread+0x328/0x630 [ 21.642789] ret_from_fork+0x10/0x20 [ 21.642865] [ 21.642906] The buggy address belongs to the object at fff00000c79ca240 [ 21.642906] which belongs to the cache test_cache of size 123 [ 21.643042] The buggy address is located 0 bytes inside of [ 21.643042] freed 123-byte region [fff00000c79ca240, fff00000c79ca2bb) [ 21.643203] [ 21.643247] The buggy address belongs to the physical page: [ 21.643317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079ca [ 21.643446] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.643561] page_type: f5(slab) [ 21.643673] raw: 0bfffe0000000000 fff00000c7936280 dead000000000122 0000000000000000 [ 21.643810] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.643905] page dumped because: kasan: bad access detected [ 21.644009] [ 21.644068] Memory state around the buggy address: [ 21.644142] fff00000c79ca100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.644240] fff00000c79ca180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.644336] >fff00000c79ca200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.644793] ^ [ 21.644926] fff00000c79ca280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.645066] fff00000c79ca300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.645142] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 21.538758] ================================================================== [ 21.538925] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.539372] Read of size 1 at addr fff00000c79462bb by task kunit_try_catch/226 [ 21.539516] [ 21.539587] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.539767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.539866] Hardware name: linux,dummy-virt (DT) [ 21.539923] Call trace: [ 21.540206] show_stack+0x20/0x38 (C) [ 21.540711] dump_stack_lvl+0x8c/0xd0 [ 21.540898] print_report+0x118/0x608 [ 21.540997] kasan_report+0xdc/0x128 [ 21.541102] __asan_report_load1_noabort+0x20/0x30 [ 21.541216] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.541321] mempool_slab_oob_right+0xc0/0x118 [ 21.541446] kunit_try_run_case+0x170/0x3f0 [ 21.541546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.541663] kthread+0x328/0x630 [ 21.541758] ret_from_fork+0x10/0x20 [ 21.542371] [ 21.542456] Allocated by task 226: [ 21.543194] kasan_save_stack+0x3c/0x68 [ 21.543304] kasan_save_track+0x20/0x40 [ 21.543400] kasan_save_alloc_info+0x40/0x58 [ 21.543482] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.543580] remove_element+0x16c/0x1f8 [ 21.543690] mempool_alloc_preallocated+0x58/0xc0 [ 21.543799] mempool_oob_right_helper+0x98/0x2f0 [ 21.543965] mempool_slab_oob_right+0xc0/0x118 [ 21.544121] kunit_try_run_case+0x170/0x3f0 [ 21.544215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.544391] kthread+0x328/0x630 [ 21.544471] ret_from_fork+0x10/0x20 [ 21.544551] [ 21.544596] The buggy address belongs to the object at fff00000c7946240 [ 21.544596] which belongs to the cache test_cache of size 123 [ 21.545201] The buggy address is located 0 bytes to the right of [ 21.545201] allocated 123-byte region [fff00000c7946240, fff00000c79462bb) [ 21.545375] [ 21.545424] The buggy address belongs to the physical page: [ 21.545501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107946 [ 21.545612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.546346] page_type: f5(slab) [ 21.546467] raw: 0bfffe0000000000 fff00000c7936140 dead000000000122 0000000000000000 [ 21.546578] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.546665] page dumped because: kasan: bad access detected [ 21.546728] [ 21.546766] Memory state around the buggy address: [ 21.546832] fff00000c7946180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.547488] fff00000c7946200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 21.547692] >fff00000c7946280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 21.547992] ^ [ 21.548082] fff00000c7946300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.548184] fff00000c7946380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.548274] ================================================================== [ 21.510823] ================================================================== [ 21.511000] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.511251] Read of size 1 at addr fff00000c797a001 by task kunit_try_catch/224 [ 21.511443] [ 21.511527] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.511901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.512158] Hardware name: linux,dummy-virt (DT) [ 21.512244] Call trace: [ 21.512297] show_stack+0x20/0x38 (C) [ 21.512426] dump_stack_lvl+0x8c/0xd0 [ 21.513061] print_report+0x118/0x608 [ 21.513203] kasan_report+0xdc/0x128 [ 21.513528] __asan_report_load1_noabort+0x20/0x30 [ 21.513712] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.513828] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 21.514156] kunit_try_run_case+0x170/0x3f0 [ 21.514493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.515045] kthread+0x328/0x630 [ 21.515175] ret_from_fork+0x10/0x20 [ 21.515284] [ 21.515328] The buggy address belongs to the physical page: [ 21.515416] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107978 [ 21.515529] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.515618] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.515967] page_type: f8(unknown) [ 21.516124] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.516251] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.516853] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.516966] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.517554] head: 0bfffe0000000002 ffffc1ffc31e5e01 00000000ffffffff 00000000ffffffff [ 21.517847] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.517989] page dumped because: kasan: bad access detected [ 21.518083] [ 21.518485] Memory state around the buggy address: [ 21.518568] fff00000c7979f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.518664] fff00000c7979f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.518755] >fff00000c797a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.518830] ^ [ 21.518891] fff00000c797a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.519267] fff00000c797a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.519854] ================================================================== [ 21.495952] ================================================================== [ 21.496048] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.496134] Read of size 1 at addr fff00000c7938273 by task kunit_try_catch/222 [ 21.496187] [ 21.496232] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.496320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.496349] Hardware name: linux,dummy-virt (DT) [ 21.496410] Call trace: [ 21.496437] show_stack+0x20/0x38 (C) [ 21.496491] dump_stack_lvl+0x8c/0xd0 [ 21.496543] print_report+0x118/0x608 [ 21.496591] kasan_report+0xdc/0x128 [ 21.496637] __asan_report_load1_noabort+0x20/0x30 [ 21.496688] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.496736] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.496785] kunit_try_run_case+0x170/0x3f0 [ 21.496833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.496885] kthread+0x328/0x630 [ 21.496929] ret_from_fork+0x10/0x20 [ 21.496980] [ 21.497001] Allocated by task 222: [ 21.497033] kasan_save_stack+0x3c/0x68 [ 21.497079] kasan_save_track+0x20/0x40 [ 21.497119] kasan_save_alloc_info+0x40/0x58 [ 21.497160] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.497204] remove_element+0x130/0x1f8 [ 21.497244] mempool_alloc_preallocated+0x58/0xc0 [ 21.497283] mempool_oob_right_helper+0x98/0x2f0 [ 21.497323] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.497378] kunit_try_run_case+0x170/0x3f0 [ 21.497421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.497465] kthread+0x328/0x630 [ 21.497501] ret_from_fork+0x10/0x20 [ 21.497538] [ 21.497560] The buggy address belongs to the object at fff00000c7938200 [ 21.497560] which belongs to the cache kmalloc-128 of size 128 [ 21.497619] The buggy address is located 0 bytes to the right of [ 21.497619] allocated 115-byte region [fff00000c7938200, fff00000c7938273) [ 21.497681] [ 21.497706] The buggy address belongs to the physical page: [ 21.497741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107938 [ 21.497797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.497853] page_type: f5(slab) [ 21.497897] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.497947] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.497986] page dumped because: kasan: bad access detected [ 21.498069] [ 21.498104] Memory state around the buggy address: [ 21.498168] fff00000c7938100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.498258] fff00000c7938180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.498338] >fff00000c7938200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.498432] ^ [ 21.498524] fff00000c7938280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.498625] fff00000c7938300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.498711] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 20.916620] ================================================================== [ 20.916722] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 20.916801] Read of size 1 at addr fff00000c1afadc0 by task kunit_try_catch/216 [ 20.916862] [ 20.916909] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.917011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.917041] Hardware name: linux,dummy-virt (DT) [ 20.917081] Call trace: [ 20.917109] show_stack+0x20/0x38 (C) [ 20.917168] dump_stack_lvl+0x8c/0xd0 [ 20.917224] print_report+0x118/0x608 [ 20.917280] kasan_report+0xdc/0x128 [ 20.917333] __kasan_check_byte+0x54/0x70 [ 20.917401] kmem_cache_destroy+0x34/0x218 [ 20.917450] kmem_cache_double_destroy+0x174/0x300 [ 20.917498] kunit_try_run_case+0x170/0x3f0 [ 20.917544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.917596] kthread+0x328/0x630 [ 20.917639] ret_from_fork+0x10/0x20 [ 20.917687] [ 20.917708] Allocated by task 216: [ 20.917738] kasan_save_stack+0x3c/0x68 [ 20.917780] kasan_save_track+0x20/0x40 [ 20.917819] kasan_save_alloc_info+0x40/0x58 [ 20.917859] __kasan_slab_alloc+0xa8/0xb0 [ 20.917897] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.917937] __kmem_cache_create_args+0x178/0x280 [ 20.917976] kmem_cache_double_destroy+0xc0/0x300 [ 20.918053] kunit_try_run_case+0x170/0x3f0 [ 20.918122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.918201] kthread+0x328/0x630 [ 20.918259] ret_from_fork+0x10/0x20 [ 20.918299] [ 20.918322] Freed by task 216: [ 20.918364] kasan_save_stack+0x3c/0x68 [ 20.918411] kasan_save_track+0x20/0x40 [ 20.918464] kasan_save_free_info+0x4c/0x78 [ 20.918509] __kasan_slab_free+0x6c/0x98 [ 20.918550] kmem_cache_free+0x260/0x468 [ 20.918588] slab_kmem_cache_release+0x38/0x50 [ 20.918626] kmem_cache_release+0x1c/0x30 [ 20.918664] kobject_put+0x17c/0x420 [ 20.918702] sysfs_slab_release+0x1c/0x30 [ 20.918741] kmem_cache_destroy+0x118/0x218 [ 20.918779] kmem_cache_double_destroy+0x128/0x300 [ 20.918820] kunit_try_run_case+0x170/0x3f0 [ 20.918859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.918902] kthread+0x328/0x630 [ 20.918937] ret_from_fork+0x10/0x20 [ 20.918974] [ 20.918995] The buggy address belongs to the object at fff00000c1afadc0 [ 20.918995] which belongs to the cache kmem_cache of size 208 [ 20.919054] The buggy address is located 0 bytes inside of [ 20.919054] freed 208-byte region [fff00000c1afadc0, fff00000c1afae90) [ 20.919114] [ 20.919136] The buggy address belongs to the physical page: [ 20.919170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101afa [ 20.919226] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.919280] page_type: f5(slab) [ 20.919325] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 20.919389] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 20.919432] page dumped because: kasan: bad access detected [ 20.919466] [ 20.919485] Memory state around the buggy address: [ 20.919521] fff00000c1afac80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.919564] fff00000c1afad00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 20.919608] >fff00000c1afad80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.919645] ^ [ 20.919680] fff00000c1afae00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.919722] fff00000c1afae80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.919759] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 20.061784] ================================================================== [ 20.061957] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 20.062120] Free of addr fff00000c7931001 by task kunit_try_catch/212 [ 20.062249] [ 20.062416] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.062658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.062721] Hardware name: linux,dummy-virt (DT) [ 20.062821] Call trace: [ 20.062873] show_stack+0x20/0x38 (C) [ 20.062984] dump_stack_lvl+0x8c/0xd0 [ 20.063088] print_report+0x118/0x608 [ 20.063177] kasan_report_invalid_free+0xc0/0xe8 [ 20.063282] check_slab_allocation+0xfc/0x108 [ 20.063397] __kasan_slab_pre_free+0x2c/0x48 [ 20.063548] kmem_cache_free+0xf0/0x468 [ 20.063657] kmem_cache_invalid_free+0x184/0x3c8 [ 20.063755] kunit_try_run_case+0x170/0x3f0 [ 20.063843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.063945] kthread+0x328/0x630 [ 20.064027] ret_from_fork+0x10/0x20 [ 20.064126] [ 20.064162] Allocated by task 212: [ 20.064239] kasan_save_stack+0x3c/0x68 [ 20.064347] kasan_save_track+0x20/0x40 [ 20.064446] kasan_save_alloc_info+0x40/0x58 [ 20.064544] __kasan_slab_alloc+0xa8/0xb0 [ 20.064652] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.064741] kmem_cache_invalid_free+0x12c/0x3c8 [ 20.064853] kunit_try_run_case+0x170/0x3f0 [ 20.064986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.065109] kthread+0x328/0x630 [ 20.065197] ret_from_fork+0x10/0x20 [ 20.065269] [ 20.065310] The buggy address belongs to the object at fff00000c7931000 [ 20.065310] which belongs to the cache test_cache of size 200 [ 20.065433] The buggy address is located 1 bytes inside of [ 20.065433] 200-byte region [fff00000c7931000, fff00000c79310c8) [ 20.065584] [ 20.065648] The buggy address belongs to the physical page: [ 20.065716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107931 [ 20.065830] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.065933] page_type: f5(slab) [ 20.066009] raw: 0bfffe0000000000 fff00000c1afab40 dead000000000122 0000000000000000 [ 20.066109] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.066192] page dumped because: kasan: bad access detected [ 20.066288] [ 20.066341] Memory state around the buggy address: [ 20.066425] fff00000c7930f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.066553] fff00000c7930f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.066693] >fff00000c7931000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.066818] ^ [ 20.066902] fff00000c7931080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.067040] fff00000c7931100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.067159] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 19.969036] ================================================================== [ 19.969180] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 19.969324] Free of addr fff00000c792f000 by task kunit_try_catch/210 [ 19.969434] [ 19.969513] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.969918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.969979] Hardware name: linux,dummy-virt (DT) [ 19.970064] Call trace: [ 19.970117] show_stack+0x20/0x38 (C) [ 19.970657] dump_stack_lvl+0x8c/0xd0 [ 19.970808] print_report+0x118/0x608 [ 19.970930] kasan_report_invalid_free+0xc0/0xe8 [ 19.971070] check_slab_allocation+0xd4/0x108 [ 19.971208] __kasan_slab_pre_free+0x2c/0x48 [ 19.971308] kmem_cache_free+0xf0/0x468 [ 19.971431] kmem_cache_double_free+0x190/0x3c8 [ 19.971538] kunit_try_run_case+0x170/0x3f0 [ 19.971630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.971752] kthread+0x328/0x630 [ 19.971845] ret_from_fork+0x10/0x20 [ 19.971967] [ 19.972005] Allocated by task 210: [ 19.972069] kasan_save_stack+0x3c/0x68 [ 19.972402] kasan_save_track+0x20/0x40 [ 19.972502] kasan_save_alloc_info+0x40/0x58 [ 19.972685] __kasan_slab_alloc+0xa8/0xb0 [ 19.972775] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.972935] kmem_cache_double_free+0x12c/0x3c8 [ 19.973028] kunit_try_run_case+0x170/0x3f0 [ 19.973349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.973483] kthread+0x328/0x630 [ 19.973557] ret_from_fork+0x10/0x20 [ 19.973646] [ 19.973947] Freed by task 210: [ 19.974198] kasan_save_stack+0x3c/0x68 [ 19.974279] kasan_save_track+0x20/0x40 [ 19.974675] kasan_save_free_info+0x4c/0x78 [ 19.975027] __kasan_slab_free+0x6c/0x98 [ 19.975194] kmem_cache_free+0x260/0x468 [ 19.975318] kmem_cache_double_free+0x140/0x3c8 [ 19.975426] kunit_try_run_case+0x170/0x3f0 [ 19.975507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.975607] kthread+0x328/0x630 [ 19.975679] ret_from_fork+0x10/0x20 [ 19.975756] [ 19.975802] The buggy address belongs to the object at fff00000c792f000 [ 19.975802] which belongs to the cache test_cache of size 200 [ 19.975935] The buggy address is located 0 bytes inside of [ 19.975935] 200-byte region [fff00000c792f000, fff00000c792f0c8) [ 19.976068] [ 19.976115] The buggy address belongs to the physical page: [ 19.976186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10792f [ 19.976312] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.976446] page_type: f5(slab) [ 19.976535] raw: 0bfffe0000000000 fff00000c1afaa00 dead000000000122 0000000000000000 [ 19.977186] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.977446] page dumped because: kasan: bad access detected [ 19.977668] [ 19.977738] Memory state around the buggy address: [ 19.977941] fff00000c792ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.978289] fff00000c792ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.978512] >fff00000c792f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.978731] ^ [ 19.978818] fff00000c792f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.979085] fff00000c792f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.979308] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 19.695642] ================================================================== [ 19.696206] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 19.696329] Read of size 1 at addr fff00000c792e0c8 by task kunit_try_catch/208 [ 19.696561] [ 19.696646] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.697321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.697410] Hardware name: linux,dummy-virt (DT) [ 19.697499] Call trace: [ 19.697619] show_stack+0x20/0x38 (C) [ 19.697734] dump_stack_lvl+0x8c/0xd0 [ 19.698274] print_report+0x118/0x608 [ 19.698830] kasan_report+0xdc/0x128 [ 19.698998] __asan_report_load1_noabort+0x20/0x30 [ 19.699207] kmem_cache_oob+0x344/0x430 [ 19.699322] kunit_try_run_case+0x170/0x3f0 [ 19.699456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.699574] kthread+0x328/0x630 [ 19.699742] ret_from_fork+0x10/0x20 [ 19.699858] [ 19.699906] Allocated by task 208: [ 19.699968] kasan_save_stack+0x3c/0x68 [ 19.700061] kasan_save_track+0x20/0x40 [ 19.700144] kasan_save_alloc_info+0x40/0x58 [ 19.700242] __kasan_slab_alloc+0xa8/0xb0 [ 19.700324] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.701003] kmem_cache_oob+0x12c/0x430 [ 19.701205] kunit_try_run_case+0x170/0x3f0 [ 19.701299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.701414] kthread+0x328/0x630 [ 19.701701] ret_from_fork+0x10/0x20 [ 19.701795] [ 19.701968] The buggy address belongs to the object at fff00000c792e000 [ 19.701968] which belongs to the cache test_cache of size 200 [ 19.702325] The buggy address is located 0 bytes to the right of [ 19.702325] allocated 200-byte region [fff00000c792e000, fff00000c792e0c8) [ 19.702509] [ 19.702553] The buggy address belongs to the physical page: [ 19.702608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10792e [ 19.702722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.702837] page_type: f5(slab) [ 19.702929] raw: 0bfffe0000000000 fff00000c1afa8c0 dead000000000122 0000000000000000 [ 19.703047] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.703678] page dumped because: kasan: bad access detected [ 19.703767] [ 19.704084] Memory state around the buggy address: [ 19.704478] fff00000c792df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.704704] fff00000c792e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.704821] >fff00000c792e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.704913] ^ [ 19.704994] fff00000c792e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.705500] fff00000c792e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.705783] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 19.617381] ================================================================== [ 19.617580] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 19.617737] Read of size 8 at addr fff00000c78abf40 by task kunit_try_catch/201 [ 19.617862] [ 19.617941] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.618146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.618206] Hardware name: linux,dummy-virt (DT) [ 19.618278] Call trace: [ 19.618334] show_stack+0x20/0x38 (C) [ 19.618518] dump_stack_lvl+0x8c/0xd0 [ 19.618622] print_report+0x118/0x608 [ 19.618733] kasan_report+0xdc/0x128 [ 19.618838] __asan_report_load8_noabort+0x20/0x30 [ 19.618909] workqueue_uaf+0x480/0x4a8 [ 19.619040] kunit_try_run_case+0x170/0x3f0 [ 19.619203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.619313] kthread+0x328/0x630 [ 19.619411] ret_from_fork+0x10/0x20 [ 19.619823] [ 19.619878] Allocated by task 201: [ 19.619936] kasan_save_stack+0x3c/0x68 [ 19.620136] kasan_save_track+0x20/0x40 [ 19.620378] kasan_save_alloc_info+0x40/0x58 [ 19.620637] __kasan_kmalloc+0xd4/0xd8 [ 19.620726] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.620823] workqueue_uaf+0x13c/0x4a8 [ 19.621162] kunit_try_run_case+0x170/0x3f0 [ 19.621326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.621437] kthread+0x328/0x630 [ 19.621705] ret_from_fork+0x10/0x20 [ 19.621885] [ 19.621938] Freed by task 9: [ 19.622003] kasan_save_stack+0x3c/0x68 [ 19.622076] kasan_save_track+0x20/0x40 [ 19.622155] kasan_save_free_info+0x4c/0x78 [ 19.622241] __kasan_slab_free+0x6c/0x98 [ 19.622333] kfree+0x214/0x3c8 [ 19.622430] workqueue_uaf_work+0x18/0x30 [ 19.622775] process_one_work+0x530/0xf98 [ 19.622880] worker_thread+0x618/0xf38 [ 19.623051] kthread+0x328/0x630 [ 19.623242] ret_from_fork+0x10/0x20 [ 19.623542] [ 19.623590] Last potentially related work creation: [ 19.623697] kasan_save_stack+0x3c/0x68 [ 19.623785] kasan_record_aux_stack+0xb4/0xc8 [ 19.623929] __queue_work+0x65c/0x1008 [ 19.624053] queue_work_on+0xbc/0xf8 [ 19.624234] workqueue_uaf+0x210/0x4a8 [ 19.624320] kunit_try_run_case+0x170/0x3f0 [ 19.624428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.624525] kthread+0x328/0x630 [ 19.624606] ret_from_fork+0x10/0x20 [ 19.625122] [ 19.625178] The buggy address belongs to the object at fff00000c78abf40 [ 19.625178] which belongs to the cache kmalloc-32 of size 32 [ 19.625318] The buggy address is located 0 bytes inside of [ 19.625318] freed 32-byte region [fff00000c78abf40, fff00000c78abf60) [ 19.625486] [ 19.625537] The buggy address belongs to the physical page: [ 19.625605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ab [ 19.626161] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.626340] page_type: f5(slab) [ 19.626562] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.626809] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.626932] page dumped because: kasan: bad access detected [ 19.626991] [ 19.627027] Memory state around the buggy address: [ 19.627314] fff00000c78abe00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.627586] fff00000c78abe80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.627699] >fff00000c78abf00: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 19.627786] ^ [ 19.628404] fff00000c78abf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.628547] fff00000c78ac000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.628643] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 19.578525] ================================================================== [ 19.578753] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 19.578892] Read of size 4 at addr fff00000c78abd00 by task swapper/0/0 [ 19.579004] [ 19.579081] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.579270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.579333] Hardware name: linux,dummy-virt (DT) [ 19.579427] Call trace: [ 19.579482] show_stack+0x20/0x38 (C) [ 19.579594] dump_stack_lvl+0x8c/0xd0 [ 19.579701] print_report+0x118/0x608 [ 19.579810] kasan_report+0xdc/0x128 [ 19.579916] __asan_report_load4_noabort+0x20/0x30 [ 19.580037] rcu_uaf_reclaim+0x64/0x70 [ 19.580133] rcu_core+0x9f4/0x1e20 [ 19.580234] rcu_core_si+0x18/0x30 [ 19.580335] handle_softirqs+0x374/0xb28 [ 19.580435] __do_softirq+0x1c/0x28 [ 19.580521] ____do_softirq+0x18/0x30 [ 19.580659] call_on_irq_stack+0x24/0x30 [ 19.580779] do_softirq_own_stack+0x24/0x38 [ 19.580878] __irq_exit_rcu+0x1fc/0x318 [ 19.580968] irq_exit_rcu+0x1c/0x80 [ 19.581063] el1_interrupt+0x38/0x58 [ 19.581175] el1h_64_irq_handler+0x18/0x28 [ 19.581291] el1h_64_irq+0x6c/0x70 [ 19.581490] arch_local_irq_enable+0x4/0x8 (P) [ 19.581607] do_idle+0x384/0x4e8 [ 19.581720] cpu_startup_entry+0x64/0x80 [ 19.581815] rest_init+0x160/0x188 [ 19.581900] start_kernel+0x30c/0x3d0 [ 19.582000] __primary_switched+0x8c/0xa0 [ 19.583093] [ 19.583149] Allocated by task 199: [ 19.583217] kasan_save_stack+0x3c/0x68 [ 19.583318] kasan_save_track+0x20/0x40 [ 19.583385] kasan_save_alloc_info+0x40/0x58 [ 19.583433] __kasan_kmalloc+0xd4/0xd8 [ 19.583478] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.583529] rcu_uaf+0xb0/0x2d8 [ 19.583564] kunit_try_run_case+0x170/0x3f0 [ 19.583621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.583708] kthread+0x328/0x630 [ 19.583822] ret_from_fork+0x10/0x20 [ 19.583920] [ 19.583974] Freed by task 0: [ 19.584033] kasan_save_stack+0x3c/0x68 [ 19.584581] kasan_save_track+0x20/0x40 [ 19.584837] kasan_save_free_info+0x4c/0x78 [ 19.585548] __kasan_slab_free+0x6c/0x98 [ 19.585873] kfree+0x214/0x3c8 [ 19.586053] rcu_uaf_reclaim+0x28/0x70 [ 19.586146] rcu_core+0x9f4/0x1e20 [ 19.586232] rcu_core_si+0x18/0x30 [ 19.586314] handle_softirqs+0x374/0xb28 [ 19.586416] __do_softirq+0x1c/0x28 [ 19.586582] [ 19.586650] Last potentially related work creation: [ 19.586724] kasan_save_stack+0x3c/0x68 [ 19.587103] kasan_record_aux_stack+0xb4/0xc8 [ 19.587200] __call_rcu_common.constprop.0+0x74/0x8c8 [ 19.587281] call_rcu+0x18/0x30 [ 19.587341] rcu_uaf+0x14c/0x2d8 [ 19.587456] kunit_try_run_case+0x170/0x3f0 [ 19.587569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.587719] kthread+0x328/0x630 [ 19.587825] ret_from_fork+0x10/0x20 [ 19.587964] [ 19.588014] The buggy address belongs to the object at fff00000c78abd00 [ 19.588014] which belongs to the cache kmalloc-32 of size 32 [ 19.588136] The buggy address is located 0 bytes inside of [ 19.588136] freed 32-byte region [fff00000c78abd00, fff00000c78abd20) [ 19.588595] [ 19.588669] The buggy address belongs to the physical page: [ 19.588753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ab [ 19.588902] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.589007] page_type: f5(slab) [ 19.589085] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.589272] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.589514] page dumped because: kasan: bad access detected [ 19.589686] [ 19.589731] Memory state around the buggy address: [ 19.589811] fff00000c78abc00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.589912] fff00000c78abc80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.590047] >fff00000c78abd00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.590156] ^ [ 19.590214] fff00000c78abd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.590303] fff00000c78abe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.590554] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 19.331912] ================================================================== [ 19.332024] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 19.332132] Read of size 1 at addr fff00000c56f1e00 by task kunit_try_catch/197 [ 19.332243] [ 19.332310] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.332511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.332572] Hardware name: linux,dummy-virt (DT) [ 19.332640] Call trace: [ 19.332687] show_stack+0x20/0x38 (C) [ 19.332788] dump_stack_lvl+0x8c/0xd0 [ 19.332887] print_report+0x118/0x608 [ 19.332995] kasan_report+0xdc/0x128 [ 19.333095] __asan_report_load1_noabort+0x20/0x30 [ 19.333206] ksize_uaf+0x598/0x5f8 [ 19.333302] kunit_try_run_case+0x170/0x3f0 [ 19.334257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.334403] kthread+0x328/0x630 [ 19.334554] ret_from_fork+0x10/0x20 [ 19.334683] [ 19.334734] Allocated by task 197: [ 19.334799] kasan_save_stack+0x3c/0x68 [ 19.334895] kasan_save_track+0x20/0x40 [ 19.334982] kasan_save_alloc_info+0x40/0x58 [ 19.335066] __kasan_kmalloc+0xd4/0xd8 [ 19.335133] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.335199] ksize_uaf+0xb8/0x5f8 [ 19.335269] kunit_try_run_case+0x170/0x3f0 [ 19.335344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.335456] kthread+0x328/0x630 [ 19.335539] ret_from_fork+0x10/0x20 [ 19.335615] [ 19.335661] Freed by task 197: [ 19.335722] kasan_save_stack+0x3c/0x68 [ 19.335805] kasan_save_track+0x20/0x40 [ 19.335888] kasan_save_free_info+0x4c/0x78 [ 19.335975] __kasan_slab_free+0x6c/0x98 [ 19.336060] kfree+0x214/0x3c8 [ 19.336136] ksize_uaf+0x11c/0x5f8 [ 19.336230] kunit_try_run_case+0x170/0x3f0 [ 19.336314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.336455] kthread+0x328/0x630 [ 19.336524] ret_from_fork+0x10/0x20 [ 19.336605] [ 19.336654] The buggy address belongs to the object at fff00000c56f1e00 [ 19.336654] which belongs to the cache kmalloc-128 of size 128 [ 19.336815] The buggy address is located 0 bytes inside of [ 19.336815] freed 128-byte region [fff00000c56f1e00, fff00000c56f1e80) [ 19.336957] [ 19.337006] The buggy address belongs to the physical page: [ 19.337083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.337191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.337334] page_type: f5(slab) [ 19.337470] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.337633] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.337759] page dumped because: kasan: bad access detected [ 19.337857] [ 19.337915] Memory state around the buggy address: [ 19.338012] fff00000c56f1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.338152] fff00000c56f1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.338239] >fff00000c56f1e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.338318] ^ [ 19.338400] fff00000c56f1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.338549] fff00000c56f1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.338643] ================================================================== [ 19.319599] ================================================================== [ 19.319728] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 19.319885] Read of size 1 at addr fff00000c56f1e00 by task kunit_try_catch/197 [ 19.320012] [ 19.320081] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.320256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.320321] Hardware name: linux,dummy-virt (DT) [ 19.320406] Call trace: [ 19.321346] show_stack+0x20/0x38 (C) [ 19.321639] dump_stack_lvl+0x8c/0xd0 [ 19.322170] print_report+0x118/0x608 [ 19.322271] kasan_report+0xdc/0x128 [ 19.322633] __kasan_check_byte+0x54/0x70 [ 19.322769] ksize+0x30/0x88 [ 19.322861] ksize_uaf+0x168/0x5f8 [ 19.322954] kunit_try_run_case+0x170/0x3f0 [ 19.323227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.323373] kthread+0x328/0x630 [ 19.323481] ret_from_fork+0x10/0x20 [ 19.323596] [ 19.323642] Allocated by task 197: [ 19.323708] kasan_save_stack+0x3c/0x68 [ 19.323818] kasan_save_track+0x20/0x40 [ 19.323915] kasan_save_alloc_info+0x40/0x58 [ 19.324305] __kasan_kmalloc+0xd4/0xd8 [ 19.324605] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.324720] ksize_uaf+0xb8/0x5f8 [ 19.324810] kunit_try_run_case+0x170/0x3f0 [ 19.324911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.325164] kthread+0x328/0x630 [ 19.325286] ret_from_fork+0x10/0x20 [ 19.325720] [ 19.325776] Freed by task 197: [ 19.325842] kasan_save_stack+0x3c/0x68 [ 19.326126] kasan_save_track+0x20/0x40 [ 19.326210] kasan_save_free_info+0x4c/0x78 [ 19.326445] __kasan_slab_free+0x6c/0x98 [ 19.326660] kfree+0x214/0x3c8 [ 19.326778] ksize_uaf+0x11c/0x5f8 [ 19.326964] kunit_try_run_case+0x170/0x3f0 [ 19.327280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.327449] kthread+0x328/0x630 [ 19.327545] ret_from_fork+0x10/0x20 [ 19.327617] [ 19.327663] The buggy address belongs to the object at fff00000c56f1e00 [ 19.327663] which belongs to the cache kmalloc-128 of size 128 [ 19.327873] The buggy address is located 0 bytes inside of [ 19.327873] freed 128-byte region [fff00000c56f1e00, fff00000c56f1e80) [ 19.328127] [ 19.328197] The buggy address belongs to the physical page: [ 19.328265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.328704] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.328821] page_type: f5(slab) [ 19.329025] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.329139] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.329411] page dumped because: kasan: bad access detected [ 19.329485] [ 19.329609] Memory state around the buggy address: [ 19.329791] fff00000c56f1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.329890] fff00000c56f1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.329986] >fff00000c56f1e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.330064] ^ [ 19.330126] fff00000c56f1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.330220] fff00000c56f1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.330603] ================================================================== [ 19.340454] ================================================================== [ 19.340585] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 19.340687] Read of size 1 at addr fff00000c56f1e78 by task kunit_try_catch/197 [ 19.340789] [ 19.340875] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.341095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.341177] Hardware name: linux,dummy-virt (DT) [ 19.341253] Call trace: [ 19.341303] show_stack+0x20/0x38 (C) [ 19.341416] dump_stack_lvl+0x8c/0xd0 [ 19.341521] print_report+0x118/0x608 [ 19.341624] kasan_report+0xdc/0x128 [ 19.341724] __asan_report_load1_noabort+0x20/0x30 [ 19.341829] ksize_uaf+0x544/0x5f8 [ 19.341928] kunit_try_run_case+0x170/0x3f0 [ 19.342034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.342143] kthread+0x328/0x630 [ 19.342283] ret_from_fork+0x10/0x20 [ 19.342399] [ 19.342448] Allocated by task 197: [ 19.342524] kasan_save_stack+0x3c/0x68 [ 19.342660] kasan_save_track+0x20/0x40 [ 19.342751] kasan_save_alloc_info+0x40/0x58 [ 19.342854] __kasan_kmalloc+0xd4/0xd8 [ 19.342925] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.343004] ksize_uaf+0xb8/0x5f8 [ 19.343110] kunit_try_run_case+0x170/0x3f0 [ 19.343206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.343295] kthread+0x328/0x630 [ 19.343372] ret_from_fork+0x10/0x20 [ 19.343465] [ 19.343514] Freed by task 197: [ 19.343610] kasan_save_stack+0x3c/0x68 [ 19.343715] kasan_save_track+0x20/0x40 [ 19.343867] kasan_save_free_info+0x4c/0x78 [ 19.343913] __kasan_slab_free+0x6c/0x98 [ 19.343953] kfree+0x214/0x3c8 [ 19.344009] ksize_uaf+0x11c/0x5f8 [ 19.344097] kunit_try_run_case+0x170/0x3f0 [ 19.344181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.344278] kthread+0x328/0x630 [ 19.344349] ret_from_fork+0x10/0x20 [ 19.344460] [ 19.344522] The buggy address belongs to the object at fff00000c56f1e00 [ 19.344522] which belongs to the cache kmalloc-128 of size 128 [ 19.344676] The buggy address is located 120 bytes inside of [ 19.344676] freed 128-byte region [fff00000c56f1e00, fff00000c56f1e80) [ 19.344798] [ 19.344862] The buggy address belongs to the physical page: [ 19.344963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.345119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.345254] page_type: f5(slab) [ 19.345369] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.345484] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.345575] page dumped because: kasan: bad access detected [ 19.345657] [ 19.345699] Memory state around the buggy address: [ 19.345762] fff00000c56f1d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.345870] fff00000c56f1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.345998] >fff00000c56f1e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.346072] ^ [ 19.346159] fff00000c56f1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.346292] fff00000c56f1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.346392] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 19.293970] ================================================================== [ 19.294153] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 19.294303] Read of size 1 at addr fff00000c56f1d78 by task kunit_try_catch/195 [ 19.294426] [ 19.294499] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.294728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.294793] Hardware name: linux,dummy-virt (DT) [ 19.294858] Call trace: [ 19.294902] show_stack+0x20/0x38 (C) [ 19.295007] dump_stack_lvl+0x8c/0xd0 [ 19.295120] print_report+0x118/0x608 [ 19.295220] kasan_report+0xdc/0x128 [ 19.295314] __asan_report_load1_noabort+0x20/0x30 [ 19.295478] ksize_unpoisons_memory+0x618/0x740 [ 19.295641] kunit_try_run_case+0x170/0x3f0 [ 19.295755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.295876] kthread+0x328/0x630 [ 19.296012] ret_from_fork+0x10/0x20 [ 19.296161] [ 19.296208] Allocated by task 195: [ 19.296268] kasan_save_stack+0x3c/0x68 [ 19.296370] kasan_save_track+0x20/0x40 [ 19.296456] kasan_save_alloc_info+0x40/0x58 [ 19.296546] __kasan_kmalloc+0xd4/0xd8 [ 19.296670] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.296758] ksize_unpoisons_memory+0xc0/0x740 [ 19.296846] kunit_try_run_case+0x170/0x3f0 [ 19.296931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.297029] kthread+0x328/0x630 [ 19.297122] ret_from_fork+0x10/0x20 [ 19.297208] [ 19.297260] The buggy address belongs to the object at fff00000c56f1d00 [ 19.297260] which belongs to the cache kmalloc-128 of size 128 [ 19.297921] The buggy address is located 5 bytes to the right of [ 19.297921] allocated 115-byte region [fff00000c56f1d00, fff00000c56f1d73) [ 19.298389] [ 19.298469] The buggy address belongs to the physical page: [ 19.298533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.298635] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.298735] page_type: f5(slab) [ 19.299439] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.299515] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.299558] page dumped because: kasan: bad access detected [ 19.299595] [ 19.299631] Memory state around the buggy address: [ 19.299685] fff00000c56f1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.299728] fff00000c56f1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.299770] >fff00000c56f1d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.299807] ^ [ 19.299848] fff00000c56f1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.299890] fff00000c56f1e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.299927] ================================================================== [ 19.300831] ================================================================== [ 19.301239] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 19.301398] Read of size 1 at addr fff00000c56f1d7f by task kunit_try_catch/195 [ 19.301513] [ 19.301579] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.301756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.301814] Hardware name: linux,dummy-virt (DT) [ 19.301889] Call trace: [ 19.301937] show_stack+0x20/0x38 (C) [ 19.302046] dump_stack_lvl+0x8c/0xd0 [ 19.302155] print_report+0x118/0x608 [ 19.302261] kasan_report+0xdc/0x128 [ 19.303441] __asan_report_load1_noabort+0x20/0x30 [ 19.303705] ksize_unpoisons_memory+0x690/0x740 [ 19.303854] kunit_try_run_case+0x170/0x3f0 [ 19.303979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.304111] kthread+0x328/0x630 [ 19.304218] ret_from_fork+0x10/0x20 [ 19.304387] [ 19.304450] Allocated by task 195: [ 19.304525] kasan_save_stack+0x3c/0x68 [ 19.304616] kasan_save_track+0x20/0x40 [ 19.304693] kasan_save_alloc_info+0x40/0x58 [ 19.304782] __kasan_kmalloc+0xd4/0xd8 [ 19.304875] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.305001] ksize_unpoisons_memory+0xc0/0x740 [ 19.305095] kunit_try_run_case+0x170/0x3f0 [ 19.305172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.305257] kthread+0x328/0x630 [ 19.305327] ret_from_fork+0x10/0x20 [ 19.305639] [ 19.305711] The buggy address belongs to the object at fff00000c56f1d00 [ 19.305711] which belongs to the cache kmalloc-128 of size 128 [ 19.305835] The buggy address is located 12 bytes to the right of [ 19.305835] allocated 115-byte region [fff00000c56f1d00, fff00000c56f1d73) [ 19.306057] [ 19.306100] The buggy address belongs to the physical page: [ 19.306165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.306552] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.306694] page_type: f5(slab) [ 19.306783] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.306900] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.307003] page dumped because: kasan: bad access detected [ 19.307104] [ 19.307144] Memory state around the buggy address: [ 19.307222] fff00000c56f1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.307318] fff00000c56f1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.307412] >fff00000c56f1d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.307509] ^ [ 19.307597] fff00000c56f1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.307899] fff00000c56f1e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.307991] ================================================================== [ 19.287408] ================================================================== [ 19.287556] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 19.287672] Read of size 1 at addr fff00000c56f1d73 by task kunit_try_catch/195 [ 19.287806] [ 19.287877] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.288041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.288099] Hardware name: linux,dummy-virt (DT) [ 19.288166] Call trace: [ 19.288221] show_stack+0x20/0x38 (C) [ 19.288390] dump_stack_lvl+0x8c/0xd0 [ 19.288528] print_report+0x118/0x608 [ 19.288645] kasan_report+0xdc/0x128 [ 19.288783] __asan_report_load1_noabort+0x20/0x30 [ 19.288915] ksize_unpoisons_memory+0x628/0x740 [ 19.289043] kunit_try_run_case+0x170/0x3f0 [ 19.289195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.289323] kthread+0x328/0x630 [ 19.289456] ret_from_fork+0x10/0x20 [ 19.289607] [ 19.289648] Allocated by task 195: [ 19.289720] kasan_save_stack+0x3c/0x68 [ 19.289846] kasan_save_track+0x20/0x40 [ 19.289967] kasan_save_alloc_info+0x40/0x58 [ 19.290101] __kasan_kmalloc+0xd4/0xd8 [ 19.290181] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.290272] ksize_unpoisons_memory+0xc0/0x740 [ 19.290415] kunit_try_run_case+0x170/0x3f0 [ 19.290566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.290710] kthread+0x328/0x630 [ 19.290789] ret_from_fork+0x10/0x20 [ 19.290857] [ 19.290892] The buggy address belongs to the object at fff00000c56f1d00 [ 19.290892] which belongs to the cache kmalloc-128 of size 128 [ 19.291036] The buggy address is located 0 bytes to the right of [ 19.291036] allocated 115-byte region [fff00000c56f1d00, fff00000c56f1d73) [ 19.291196] [ 19.291243] The buggy address belongs to the physical page: [ 19.291315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.291461] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.291577] page_type: f5(slab) [ 19.291658] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.291762] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.291906] page dumped because: kasan: bad access detected [ 19.292025] [ 19.292070] Memory state around the buggy address: [ 19.292141] fff00000c56f1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.292237] fff00000c56f1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.292346] >fff00000c56f1d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.292492] ^ [ 19.292626] fff00000c56f1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.292800] fff00000c56f1e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.292897] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 19.245729] ================================================================== [ 19.245879] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 19.245992] Free of addr fff00000c56728e0 by task kunit_try_catch/193 [ 19.247188] [ 19.247413] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.247604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.247670] Hardware name: linux,dummy-virt (DT) [ 19.247739] Call trace: [ 19.248623] show_stack+0x20/0x38 (C) [ 19.249202] dump_stack_lvl+0x8c/0xd0 [ 19.250037] print_report+0x118/0x608 [ 19.250560] kasan_report_invalid_free+0xc0/0xe8 [ 19.250723] check_slab_allocation+0xd4/0x108 [ 19.250814] __kasan_slab_pre_free+0x2c/0x48 [ 19.250911] kfree+0xe8/0x3c8 [ 19.252220] kfree_sensitive+0x3c/0xb0 [ 19.252486] kmalloc_double_kzfree+0x168/0x308 [ 19.253015] kunit_try_run_case+0x170/0x3f0 [ 19.253520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.254155] kthread+0x328/0x630 [ 19.254319] ret_from_fork+0x10/0x20 [ 19.255165] [ 19.255266] Allocated by task 193: [ 19.255401] kasan_save_stack+0x3c/0x68 [ 19.256035] kasan_save_track+0x20/0x40 [ 19.256245] kasan_save_alloc_info+0x40/0x58 [ 19.256341] __kasan_kmalloc+0xd4/0xd8 [ 19.256443] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.256534] kmalloc_double_kzfree+0xb8/0x308 [ 19.256617] kunit_try_run_case+0x170/0x3f0 [ 19.256705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.256803] kthread+0x328/0x630 [ 19.256878] ret_from_fork+0x10/0x20 [ 19.256961] [ 19.257003] Freed by task 193: [ 19.257062] kasan_save_stack+0x3c/0x68 [ 19.257874] kasan_save_track+0x20/0x40 [ 19.258634] kasan_save_free_info+0x4c/0x78 [ 19.258744] __kasan_slab_free+0x6c/0x98 [ 19.259429] kfree+0x214/0x3c8 [ 19.259603] kfree_sensitive+0x80/0xb0 [ 19.260494] kmalloc_double_kzfree+0x11c/0x308 [ 19.260666] kunit_try_run_case+0x170/0x3f0 [ 19.260757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.260850] kthread+0x328/0x630 [ 19.260929] ret_from_fork+0x10/0x20 [ 19.261015] [ 19.261060] The buggy address belongs to the object at fff00000c56728e0 [ 19.261060] which belongs to the cache kmalloc-16 of size 16 [ 19.261193] The buggy address is located 0 bytes inside of [ 19.261193] 16-byte region [fff00000c56728e0, fff00000c56728f0) [ 19.261331] [ 19.261397] The buggy address belongs to the physical page: [ 19.261473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105672 [ 19.261589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.261698] page_type: f5(slab) [ 19.261783] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.261896] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.261993] page dumped because: kasan: bad access detected [ 19.262068] [ 19.262110] Memory state around the buggy address: [ 19.262182] fff00000c5672780: 00 03 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.262280] fff00000c5672800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.264236] >fff00000c5672880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.264374] ^ [ 19.264962] fff00000c5672900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.265048] fff00000c5672980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.265102] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 19.228577] ================================================================== [ 19.229225] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 19.229759] Read of size 1 at addr fff00000c56728e0 by task kunit_try_catch/193 [ 19.229892] [ 19.229981] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.230237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.230722] Hardware name: linux,dummy-virt (DT) [ 19.230804] Call trace: [ 19.230970] show_stack+0x20/0x38 (C) [ 19.231174] dump_stack_lvl+0x8c/0xd0 [ 19.231287] print_report+0x118/0x608 [ 19.231422] kasan_report+0xdc/0x128 [ 19.231937] __kasan_check_byte+0x54/0x70 [ 19.232121] kfree_sensitive+0x30/0xb0 [ 19.232657] kmalloc_double_kzfree+0x168/0x308 [ 19.232864] kunit_try_run_case+0x170/0x3f0 [ 19.233056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.233267] kthread+0x328/0x630 [ 19.233380] ret_from_fork+0x10/0x20 [ 19.233859] [ 19.233921] Allocated by task 193: [ 19.233999] kasan_save_stack+0x3c/0x68 [ 19.234142] kasan_save_track+0x20/0x40 [ 19.234232] kasan_save_alloc_info+0x40/0x58 [ 19.234413] __kasan_kmalloc+0xd4/0xd8 [ 19.234748] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.234860] kmalloc_double_kzfree+0xb8/0x308 [ 19.234950] kunit_try_run_case+0x170/0x3f0 [ 19.235380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.235581] kthread+0x328/0x630 [ 19.235664] ret_from_fork+0x10/0x20 [ 19.235834] [ 19.235903] Freed by task 193: [ 19.235971] kasan_save_stack+0x3c/0x68 [ 19.236469] kasan_save_track+0x20/0x40 [ 19.236585] kasan_save_free_info+0x4c/0x78 [ 19.236682] __kasan_slab_free+0x6c/0x98 [ 19.236814] kfree+0x214/0x3c8 [ 19.236894] kfree_sensitive+0x80/0xb0 [ 19.237405] kmalloc_double_kzfree+0x11c/0x308 [ 19.237528] kunit_try_run_case+0x170/0x3f0 [ 19.237703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.237819] kthread+0x328/0x630 [ 19.237961] ret_from_fork+0x10/0x20 [ 19.238044] [ 19.238276] The buggy address belongs to the object at fff00000c56728e0 [ 19.238276] which belongs to the cache kmalloc-16 of size 16 [ 19.238422] The buggy address is located 0 bytes inside of [ 19.238422] freed 16-byte region [fff00000c56728e0, fff00000c56728f0) [ 19.238563] [ 19.238612] The buggy address belongs to the physical page: [ 19.239067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105672 [ 19.239217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.239726] page_type: f5(slab) [ 19.240134] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.240316] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.240426] page dumped because: kasan: bad access detected [ 19.240500] [ 19.240942] Memory state around the buggy address: [ 19.241044] fff00000c5672780: 00 03 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.241233] fff00000c5672800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.241365] >fff00000c5672880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.241455] ^ [ 19.241542] fff00000c5672900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.242078] fff00000c5672980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.242297] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 19.176317] ================================================================== [ 19.177032] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 19.177171] Read of size 1 at addr fff00000c78aa8a8 by task kunit_try_catch/189 [ 19.177298] [ 19.177379] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.177561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.177687] Hardware name: linux,dummy-virt (DT) [ 19.177758] Call trace: [ 19.177801] show_stack+0x20/0x38 (C) [ 19.178305] dump_stack_lvl+0x8c/0xd0 [ 19.178455] print_report+0x118/0x608 [ 19.178552] kasan_report+0xdc/0x128 [ 19.179002] __asan_report_load1_noabort+0x20/0x30 [ 19.179122] kmalloc_uaf2+0x3f4/0x468 [ 19.179172] kunit_try_run_case+0x170/0x3f0 [ 19.179221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.179276] kthread+0x328/0x630 [ 19.179322] ret_from_fork+0x10/0x20 [ 19.179417] [ 19.179464] Allocated by task 189: [ 19.179526] kasan_save_stack+0x3c/0x68 [ 19.179628] kasan_save_track+0x20/0x40 [ 19.179749] kasan_save_alloc_info+0x40/0x58 [ 19.179872] __kasan_kmalloc+0xd4/0xd8 [ 19.179985] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.180082] kmalloc_uaf2+0xc4/0x468 [ 19.180173] kunit_try_run_case+0x170/0x3f0 [ 19.180251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.180394] kthread+0x328/0x630 [ 19.180503] ret_from_fork+0x10/0x20 [ 19.180617] [ 19.180680] Freed by task 189: [ 19.180739] kasan_save_stack+0x3c/0x68 [ 19.180826] kasan_save_track+0x20/0x40 [ 19.180933] kasan_save_free_info+0x4c/0x78 [ 19.181062] __kasan_slab_free+0x6c/0x98 [ 19.181179] kfree+0x214/0x3c8 [ 19.181256] kmalloc_uaf2+0x134/0x468 [ 19.181655] kunit_try_run_case+0x170/0x3f0 [ 19.181936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.182165] kthread+0x328/0x630 [ 19.182347] ret_from_fork+0x10/0x20 [ 19.182487] [ 19.182551] The buggy address belongs to the object at fff00000c78aa880 [ 19.182551] which belongs to the cache kmalloc-64 of size 64 [ 19.182711] The buggy address is located 40 bytes inside of [ 19.182711] freed 64-byte region [fff00000c78aa880, fff00000c78aa8c0) [ 19.182865] [ 19.182917] The buggy address belongs to the physical page: [ 19.182990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078aa [ 19.183099] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.183199] page_type: f5(slab) [ 19.183265] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.184988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.185133] page dumped because: kasan: bad access detected [ 19.185217] [ 19.185520] Memory state around the buggy address: [ 19.185768] fff00000c78aa780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.185885] fff00000c78aa800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.185989] >fff00000c78aa880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.186077] ^ [ 19.186176] fff00000c78aa900: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 19.186283] fff00000c78aa980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.186500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 19.152155] ================================================================== [ 19.152338] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 19.152574] Write of size 33 at addr fff00000c78aa700 by task kunit_try_catch/187 [ 19.152692] [ 19.152764] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.152927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.153133] Hardware name: linux,dummy-virt (DT) [ 19.153200] Call trace: [ 19.153248] show_stack+0x20/0x38 (C) [ 19.153370] dump_stack_lvl+0x8c/0xd0 [ 19.153482] print_report+0x118/0x608 [ 19.153581] kasan_report+0xdc/0x128 [ 19.153682] kasan_check_range+0x100/0x1a8 [ 19.153782] __asan_memset+0x34/0x78 [ 19.153875] kmalloc_uaf_memset+0x170/0x310 [ 19.153980] kunit_try_run_case+0x170/0x3f0 [ 19.154072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.154268] kthread+0x328/0x630 [ 19.154384] ret_from_fork+0x10/0x20 [ 19.154519] [ 19.154560] Allocated by task 187: [ 19.154672] kasan_save_stack+0x3c/0x68 [ 19.155382] kasan_save_track+0x20/0x40 [ 19.155537] kasan_save_alloc_info+0x40/0x58 [ 19.155638] __kasan_kmalloc+0xd4/0xd8 [ 19.155720] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.155810] kmalloc_uaf_memset+0xb8/0x310 [ 19.155893] kunit_try_run_case+0x170/0x3f0 [ 19.155981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.156078] kthread+0x328/0x630 [ 19.156150] ret_from_fork+0x10/0x20 [ 19.156231] [ 19.156272] Freed by task 187: [ 19.156335] kasan_save_stack+0x3c/0x68 [ 19.156439] kasan_save_track+0x20/0x40 [ 19.156526] kasan_save_free_info+0x4c/0x78 [ 19.156616] __kasan_slab_free+0x6c/0x98 [ 19.156697] kfree+0x214/0x3c8 [ 19.156776] kmalloc_uaf_memset+0x11c/0x310 [ 19.156860] kunit_try_run_case+0x170/0x3f0 [ 19.156947] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.157044] kthread+0x328/0x630 [ 19.157116] ret_from_fork+0x10/0x20 [ 19.157201] [ 19.158193] The buggy address belongs to the object at fff00000c78aa700 [ 19.158193] which belongs to the cache kmalloc-64 of size 64 [ 19.159045] The buggy address is located 0 bytes inside of [ 19.159045] freed 64-byte region [fff00000c78aa700, fff00000c78aa740) [ 19.159187] [ 19.159234] The buggy address belongs to the physical page: [ 19.159306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078aa [ 19.159421] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.159512] page_type: f5(slab) [ 19.159581] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.159681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.159840] page dumped because: kasan: bad access detected [ 19.159913] [ 19.159956] Memory state around the buggy address: [ 19.160050] fff00000c78aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.160143] fff00000c78aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.160234] >fff00000c78aa700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.160315] ^ [ 19.160606] fff00000c78aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.160700] fff00000c78aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.160809] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 19.124574] ================================================================== [ 19.124740] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 19.124846] Read of size 1 at addr fff00000c56728c8 by task kunit_try_catch/185 [ 19.124963] [ 19.125027] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.125213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.125272] Hardware name: linux,dummy-virt (DT) [ 19.125341] Call trace: [ 19.126004] show_stack+0x20/0x38 (C) [ 19.126243] dump_stack_lvl+0x8c/0xd0 [ 19.126429] print_report+0x118/0x608 [ 19.126714] kasan_report+0xdc/0x128 [ 19.127214] __asan_report_load1_noabort+0x20/0x30 [ 19.127485] kmalloc_uaf+0x300/0x338 [ 19.127611] kunit_try_run_case+0x170/0x3f0 [ 19.128134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.128493] kthread+0x328/0x630 [ 19.128695] ret_from_fork+0x10/0x20 [ 19.128807] [ 19.128881] Allocated by task 185: [ 19.128957] kasan_save_stack+0x3c/0x68 [ 19.129190] kasan_save_track+0x20/0x40 [ 19.129422] kasan_save_alloc_info+0x40/0x58 [ 19.129921] __kasan_kmalloc+0xd4/0xd8 [ 19.130171] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.130398] kmalloc_uaf+0xb8/0x338 [ 19.130638] kunit_try_run_case+0x170/0x3f0 [ 19.130955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.131065] kthread+0x328/0x630 [ 19.131129] ret_from_fork+0x10/0x20 [ 19.131301] [ 19.131399] Freed by task 185: [ 19.131503] kasan_save_stack+0x3c/0x68 [ 19.131745] kasan_save_track+0x20/0x40 [ 19.131831] kasan_save_free_info+0x4c/0x78 [ 19.131921] __kasan_slab_free+0x6c/0x98 [ 19.132003] kfree+0x214/0x3c8 [ 19.132079] kmalloc_uaf+0x11c/0x338 [ 19.132150] kunit_try_run_case+0x170/0x3f0 [ 19.132484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.132703] kthread+0x328/0x630 [ 19.132822] ret_from_fork+0x10/0x20 [ 19.133067] [ 19.133246] The buggy address belongs to the object at fff00000c56728c0 [ 19.133246] which belongs to the cache kmalloc-16 of size 16 [ 19.133688] The buggy address is located 8 bytes inside of [ 19.133688] freed 16-byte region [fff00000c56728c0, fff00000c56728d0) [ 19.133923] [ 19.134063] The buggy address belongs to the physical page: [ 19.134153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105672 [ 19.134421] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.134795] page_type: f5(slab) [ 19.134916] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.135075] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.135219] page dumped because: kasan: bad access detected [ 19.135449] [ 19.135562] Memory state around the buggy address: [ 19.135644] fff00000c5672780: 00 03 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.135758] fff00000c5672800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.135860] >fff00000c5672880: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 19.135942] ^ [ 19.136024] fff00000c5672900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.136128] fff00000c5672980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.136215] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 19.096959] ================================================================== [ 19.097063] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.097175] Read of size 64 at addr fff00000c78aa404 by task kunit_try_catch/183 [ 19.097274] [ 19.097801] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.098087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.098164] Hardware name: linux,dummy-virt (DT) [ 19.098245] Call trace: [ 19.098507] show_stack+0x20/0x38 (C) [ 19.098646] dump_stack_lvl+0x8c/0xd0 [ 19.098743] print_report+0x118/0x608 [ 19.098830] kasan_report+0xdc/0x128 [ 19.098923] kasan_check_range+0x100/0x1a8 [ 19.099283] __asan_memmove+0x3c/0x98 [ 19.099401] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.099906] kunit_try_run_case+0x170/0x3f0 [ 19.100235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.100877] kthread+0x328/0x630 [ 19.101013] ret_from_fork+0x10/0x20 [ 19.101130] [ 19.101389] Allocated by task 183: [ 19.101681] kasan_save_stack+0x3c/0x68 [ 19.101821] kasan_save_track+0x20/0x40 [ 19.101899] kasan_save_alloc_info+0x40/0x58 [ 19.101982] __kasan_kmalloc+0xd4/0xd8 [ 19.102053] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.102122] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 19.102195] kunit_try_run_case+0x170/0x3f0 [ 19.102269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.102684] kthread+0x328/0x630 [ 19.102792] ret_from_fork+0x10/0x20 [ 19.102890] [ 19.102936] The buggy address belongs to the object at fff00000c78aa400 [ 19.102936] which belongs to the cache kmalloc-64 of size 64 [ 19.103104] The buggy address is located 4 bytes inside of [ 19.103104] allocated 64-byte region [fff00000c78aa400, fff00000c78aa440) [ 19.103249] [ 19.103299] The buggy address belongs to the physical page: [ 19.103381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078aa [ 19.103503] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.103614] page_type: f5(slab) [ 19.103707] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.103826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.103922] page dumped because: kasan: bad access detected [ 19.103994] [ 19.104036] Memory state around the buggy address: [ 19.104110] fff00000c78aa300: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.104212] fff00000c78aa380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.104309] >fff00000c78aa400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.104702] ^ [ 19.105132] fff00000c78aa480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.105411] fff00000c78aa500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.105563] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 19.073967] ================================================================== [ 19.074123] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.074235] Read of size 18446744073709551614 at addr fff00000c78aa204 by task kunit_try_catch/181 [ 19.074748] [ 19.075011] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.075289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.075397] Hardware name: linux,dummy-virt (DT) [ 19.075472] Call trace: [ 19.075519] show_stack+0x20/0x38 (C) [ 19.075636] dump_stack_lvl+0x8c/0xd0 [ 19.075743] print_report+0x118/0x608 [ 19.075832] kasan_report+0xdc/0x128 [ 19.075914] kasan_check_range+0x100/0x1a8 [ 19.076008] __asan_memmove+0x3c/0x98 [ 19.076090] kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.076187] kunit_try_run_case+0x170/0x3f0 [ 19.076281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.076415] kthread+0x328/0x630 [ 19.076514] ret_from_fork+0x10/0x20 [ 19.076656] [ 19.076694] Allocated by task 181: [ 19.076753] kasan_save_stack+0x3c/0x68 [ 19.076868] kasan_save_track+0x20/0x40 [ 19.076949] kasan_save_alloc_info+0x40/0x58 [ 19.077045] __kasan_kmalloc+0xd4/0xd8 [ 19.077220] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.077334] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 19.077493] kunit_try_run_case+0x170/0x3f0 [ 19.077580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.077666] kthread+0x328/0x630 [ 19.077742] ret_from_fork+0x10/0x20 [ 19.077823] [ 19.077867] The buggy address belongs to the object at fff00000c78aa200 [ 19.077867] which belongs to the cache kmalloc-64 of size 64 [ 19.077991] The buggy address is located 4 bytes inside of [ 19.077991] 64-byte region [fff00000c78aa200, fff00000c78aa240) [ 19.078118] [ 19.078177] The buggy address belongs to the physical page: [ 19.078269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078aa [ 19.078394] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.078507] page_type: f5(slab) [ 19.078594] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.078708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.079278] page dumped because: kasan: bad access detected [ 19.079365] [ 19.079409] Memory state around the buggy address: [ 19.079470] fff00000c78aa100: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 19.079569] fff00000c78aa180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.080474] >fff00000c78aa200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.080656] ^ [ 19.080931] fff00000c78aa280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.081064] fff00000c78aa300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.081242] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 19.057285] ================================================================== [ 19.057481] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 19.057634] Write of size 16 at addr fff00000c56f1c69 by task kunit_try_catch/179 [ 19.057784] [ 19.057875] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.058063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.058115] Hardware name: linux,dummy-virt (DT) [ 19.058176] Call trace: [ 19.058244] show_stack+0x20/0x38 (C) [ 19.058333] dump_stack_lvl+0x8c/0xd0 [ 19.058448] print_report+0x118/0x608 [ 19.058558] kasan_report+0xdc/0x128 [ 19.058667] kasan_check_range+0x100/0x1a8 [ 19.058759] __asan_memset+0x34/0x78 [ 19.058844] kmalloc_oob_memset_16+0x150/0x2f8 [ 19.058962] kunit_try_run_case+0x170/0x3f0 [ 19.059059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.059168] kthread+0x328/0x630 [ 19.059247] ret_from_fork+0x10/0x20 [ 19.059341] [ 19.059400] Allocated by task 179: [ 19.059454] kasan_save_stack+0x3c/0x68 [ 19.059534] kasan_save_track+0x20/0x40 [ 19.059611] kasan_save_alloc_info+0x40/0x58 [ 19.059701] __kasan_kmalloc+0xd4/0xd8 [ 19.059820] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.059905] kmalloc_oob_memset_16+0xb0/0x2f8 [ 19.060014] kunit_try_run_case+0x170/0x3f0 [ 19.060103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.060226] kthread+0x328/0x630 [ 19.060304] ret_from_fork+0x10/0x20 [ 19.060425] [ 19.060526] The buggy address belongs to the object at fff00000c56f1c00 [ 19.060526] which belongs to the cache kmalloc-128 of size 128 [ 19.060658] The buggy address is located 105 bytes inside of [ 19.060658] allocated 120-byte region [fff00000c56f1c00, fff00000c56f1c78) [ 19.060812] [ 19.060869] The buggy address belongs to the physical page: [ 19.060933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.061078] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.061165] page_type: f5(slab) [ 19.061239] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.061377] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.061453] page dumped because: kasan: bad access detected [ 19.061520] [ 19.061556] Memory state around the buggy address: [ 19.061626] fff00000c56f1b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.061762] fff00000c56f1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.061887] >fff00000c56f1c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.062021] ^ [ 19.062097] fff00000c56f1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.062193] fff00000c56f1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.062270] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 19.039865] ================================================================== [ 19.039990] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 19.040096] Write of size 8 at addr fff00000c56f1b71 by task kunit_try_catch/177 [ 19.040204] [ 19.040270] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.040450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.040505] Hardware name: linux,dummy-virt (DT) [ 19.040569] Call trace: [ 19.040615] show_stack+0x20/0x38 (C) [ 19.040724] dump_stack_lvl+0x8c/0xd0 [ 19.041151] print_report+0x118/0x608 [ 19.041268] kasan_report+0xdc/0x128 [ 19.041376] kasan_check_range+0x100/0x1a8 [ 19.041477] __asan_memset+0x34/0x78 [ 19.041562] kmalloc_oob_memset_8+0x150/0x2f8 [ 19.041660] kunit_try_run_case+0x170/0x3f0 [ 19.041899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.042042] kthread+0x328/0x630 [ 19.042136] ret_from_fork+0x10/0x20 [ 19.042254] [ 19.042294] Allocated by task 177: [ 19.042367] kasan_save_stack+0x3c/0x68 [ 19.042455] kasan_save_track+0x20/0x40 [ 19.042534] kasan_save_alloc_info+0x40/0x58 [ 19.042618] __kasan_kmalloc+0xd4/0xd8 [ 19.042842] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.042924] kmalloc_oob_memset_8+0xb0/0x2f8 [ 19.042998] kunit_try_run_case+0x170/0x3f0 [ 19.043074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.043222] kthread+0x328/0x630 [ 19.043302] ret_from_fork+0x10/0x20 [ 19.043399] [ 19.043455] The buggy address belongs to the object at fff00000c56f1b00 [ 19.043455] which belongs to the cache kmalloc-128 of size 128 [ 19.043582] The buggy address is located 113 bytes inside of [ 19.043582] allocated 120-byte region [fff00000c56f1b00, fff00000c56f1b78) [ 19.043712] [ 19.043755] The buggy address belongs to the physical page: [ 19.043816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.044106] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.044220] page_type: f5(slab) [ 19.044311] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.044442] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.044534] page dumped because: kasan: bad access detected [ 19.044656] [ 19.044708] Memory state around the buggy address: [ 19.044848] fff00000c56f1a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.044958] fff00000c56f1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.045075] >fff00000c56f1b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.045351] ^ [ 19.045462] fff00000c56f1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.045572] fff00000c56f1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.045658] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 19.023720] ================================================================== [ 19.023896] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 19.024051] Write of size 4 at addr fff00000c56f1a75 by task kunit_try_catch/175 [ 19.024204] [ 19.024264] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.024436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.024492] Hardware name: linux,dummy-virt (DT) [ 19.024551] Call trace: [ 19.024639] show_stack+0x20/0x38 (C) [ 19.024793] dump_stack_lvl+0x8c/0xd0 [ 19.025078] print_report+0x118/0x608 [ 19.025188] kasan_report+0xdc/0x128 [ 19.025327] kasan_check_range+0x100/0x1a8 [ 19.025488] __asan_memset+0x34/0x78 [ 19.025618] kmalloc_oob_memset_4+0x150/0x300 [ 19.025708] kunit_try_run_case+0x170/0x3f0 [ 19.025825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.025983] kthread+0x328/0x630 [ 19.026099] ret_from_fork+0x10/0x20 [ 19.026236] [ 19.026292] Allocated by task 175: [ 19.026386] kasan_save_stack+0x3c/0x68 [ 19.026499] kasan_save_track+0x20/0x40 [ 19.026594] kasan_save_alloc_info+0x40/0x58 [ 19.026722] __kasan_kmalloc+0xd4/0xd8 [ 19.026805] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.026892] kmalloc_oob_memset_4+0xb0/0x300 [ 19.026974] kunit_try_run_case+0x170/0x3f0 [ 19.027056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.027155] kthread+0x328/0x630 [ 19.027230] ret_from_fork+0x10/0x20 [ 19.027309] [ 19.027735] The buggy address belongs to the object at fff00000c56f1a00 [ 19.027735] which belongs to the cache kmalloc-128 of size 128 [ 19.027872] The buggy address is located 117 bytes inside of [ 19.027872] allocated 120-byte region [fff00000c56f1a00, fff00000c56f1a78) [ 19.028009] [ 19.028058] The buggy address belongs to the physical page: [ 19.028127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.028310] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.028436] page_type: f5(slab) [ 19.028518] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.028623] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.028724] page dumped because: kasan: bad access detected [ 19.028829] [ 19.028871] Memory state around the buggy address: [ 19.028936] fff00000c56f1900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.029032] fff00000c56f1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.029120] >fff00000c56f1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.029227] ^ [ 19.029316] fff00000c56f1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.029412] fff00000c56f1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.029486] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 18.683601] ================================================================== [ 18.683726] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 18.683838] Read of size 1 at addr fff00000c78e0000 by task kunit_try_catch/155 [ 18.683949] [ 18.684014] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.684192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.684251] Hardware name: linux,dummy-virt (DT) [ 18.684317] Call trace: [ 18.684384] show_stack+0x20/0x38 (C) [ 18.684473] dump_stack_lvl+0x8c/0xd0 [ 18.684569] print_report+0x118/0x608 [ 18.685099] kasan_report+0xdc/0x128 [ 18.685446] __asan_report_load1_noabort+0x20/0x30 [ 18.685689] page_alloc_uaf+0x328/0x350 [ 18.685811] kunit_try_run_case+0x170/0x3f0 [ 18.685912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.686025] kthread+0x328/0x630 [ 18.686115] ret_from_fork+0x10/0x20 [ 18.686461] [ 18.686546] The buggy address belongs to the physical page: [ 18.686633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e0 [ 18.686783] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.686922] page_type: f0(buddy) [ 18.687001] raw: 0bfffe0000000000 fff00000ff616108 fff00000ff616108 0000000000000000 [ 18.687115] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 18.687206] page dumped because: kasan: bad access detected [ 18.687275] [ 18.687315] Memory state around the buggy address: [ 18.687395] fff00000c78dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.687477] fff00000c78dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.687911] >fff00000c78e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.688005] ^ [ 18.688065] fff00000c78e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.688150] fff00000c78e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.688236] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 19.002976] ================================================================== [ 19.003108] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 19.003219] Write of size 2 at addr fff00000c56f1977 by task kunit_try_catch/173 [ 19.003322] [ 19.003406] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.003591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.003649] Hardware name: linux,dummy-virt (DT) [ 19.003716] Call trace: [ 19.003763] show_stack+0x20/0x38 (C) [ 19.003860] dump_stack_lvl+0x8c/0xd0 [ 19.003967] print_report+0x118/0x608 [ 19.004069] kasan_report+0xdc/0x128 [ 19.004165] kasan_check_range+0x100/0x1a8 [ 19.004266] __asan_memset+0x34/0x78 [ 19.004379] kmalloc_oob_memset_2+0x150/0x2f8 [ 19.004473] kunit_try_run_case+0x170/0x3f0 [ 19.004590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.004689] kthread+0x328/0x630 [ 19.004780] ret_from_fork+0x10/0x20 [ 19.004879] [ 19.004942] Allocated by task 173: [ 19.005025] kasan_save_stack+0x3c/0x68 [ 19.005124] kasan_save_track+0x20/0x40 [ 19.005230] kasan_save_alloc_info+0x40/0x58 [ 19.005321] __kasan_kmalloc+0xd4/0xd8 [ 19.005410] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.005506] kmalloc_oob_memset_2+0xb0/0x2f8 [ 19.005621] kunit_try_run_case+0x170/0x3f0 [ 19.005740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.005834] kthread+0x328/0x630 [ 19.005904] ret_from_fork+0x10/0x20 [ 19.005981] [ 19.006036] The buggy address belongs to the object at fff00000c56f1900 [ 19.006036] which belongs to the cache kmalloc-128 of size 128 [ 19.006161] The buggy address is located 119 bytes inside of [ 19.006161] allocated 120-byte region [fff00000c56f1900, fff00000c56f1978) [ 19.006329] [ 19.006385] The buggy address belongs to the physical page: [ 19.006452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 19.006583] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.006687] page_type: f5(slab) [ 19.006764] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.006871] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.006962] page dumped because: kasan: bad access detected [ 19.007037] [ 19.007102] Memory state around the buggy address: [ 19.007198] fff00000c56f1800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.007303] fff00000c56f1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.007756] >fff00000c56f1900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.007804] ^ [ 19.007849] fff00000c56f1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.007889] fff00000c56f1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.007956] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.978057] ================================================================== [ 18.978294] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 18.978651] Write of size 128 at addr fff00000c56f1800 by task kunit_try_catch/171 [ 18.978809] [ 18.978928] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.979256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.979320] Hardware name: linux,dummy-virt (DT) [ 18.979407] Call trace: [ 18.979455] show_stack+0x20/0x38 (C) [ 18.979567] dump_stack_lvl+0x8c/0xd0 [ 18.979684] print_report+0x118/0x608 [ 18.979792] kasan_report+0xdc/0x128 [ 18.979893] kasan_check_range+0x100/0x1a8 [ 18.979996] __asan_memset+0x34/0x78 [ 18.980654] kmalloc_oob_in_memset+0x144/0x2d0 [ 18.980806] kunit_try_run_case+0x170/0x3f0 [ 18.980913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.981164] kthread+0x328/0x630 [ 18.981421] ret_from_fork+0x10/0x20 [ 18.981533] [ 18.981729] Allocated by task 171: [ 18.982016] kasan_save_stack+0x3c/0x68 [ 18.982145] kasan_save_track+0x20/0x40 [ 18.982619] kasan_save_alloc_info+0x40/0x58 [ 18.982679] __kasan_kmalloc+0xd4/0xd8 [ 18.982718] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.982758] kmalloc_oob_in_memset+0xb0/0x2d0 [ 18.982795] kunit_try_run_case+0x170/0x3f0 [ 18.982833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.982877] kthread+0x328/0x630 [ 18.982910] ret_from_fork+0x10/0x20 [ 18.982947] [ 18.982969] The buggy address belongs to the object at fff00000c56f1800 [ 18.982969] which belongs to the cache kmalloc-128 of size 128 [ 18.983026] The buggy address is located 0 bytes inside of [ 18.983026] allocated 120-byte region [fff00000c56f1800, fff00000c56f1878) [ 18.983084] [ 18.983104] The buggy address belongs to the physical page: [ 18.983135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 18.983185] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.983232] page_type: f5(slab) [ 18.983270] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.983319] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.983380] page dumped because: kasan: bad access detected [ 18.983445] [ 18.983482] Memory state around the buggy address: [ 18.983541] fff00000c56f1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.983628] fff00000c56f1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.983724] >fff00000c56f1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.983811] ^ [ 18.983896] fff00000c56f1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.984026] fff00000c56f1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.984114] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.954396] ================================================================== [ 18.954535] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 18.954670] Read of size 16 at addr fff00000c56728a0 by task kunit_try_catch/169 [ 18.954785] [ 18.954851] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.955025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.955083] Hardware name: linux,dummy-virt (DT) [ 18.955149] Call trace: [ 18.955195] show_stack+0x20/0x38 (C) [ 18.955301] dump_stack_lvl+0x8c/0xd0 [ 18.955438] print_report+0x118/0x608 [ 18.955537] kasan_report+0xdc/0x128 [ 18.955637] __asan_report_load16_noabort+0x20/0x30 [ 18.955830] kmalloc_uaf_16+0x3bc/0x438 [ 18.955936] kunit_try_run_case+0x170/0x3f0 [ 18.956037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.956142] kthread+0x328/0x630 [ 18.956289] ret_from_fork+0x10/0x20 [ 18.956423] [ 18.956461] Allocated by task 169: [ 18.956513] kasan_save_stack+0x3c/0x68 [ 18.956583] kasan_save_track+0x20/0x40 [ 18.956653] kasan_save_alloc_info+0x40/0x58 [ 18.956731] __kasan_kmalloc+0xd4/0xd8 [ 18.956833] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.956919] kmalloc_uaf_16+0x140/0x438 [ 18.957008] kunit_try_run_case+0x170/0x3f0 [ 18.957122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.957250] kthread+0x328/0x630 [ 18.957344] ret_from_fork+0x10/0x20 [ 18.957474] [ 18.957532] Freed by task 169: [ 18.957612] kasan_save_stack+0x3c/0x68 [ 18.957720] kasan_save_track+0x20/0x40 [ 18.957813] kasan_save_free_info+0x4c/0x78 [ 18.957895] __kasan_slab_free+0x6c/0x98 [ 18.958003] kfree+0x214/0x3c8 [ 18.958059] kmalloc_uaf_16+0x190/0x438 [ 18.958132] kunit_try_run_case+0x170/0x3f0 [ 18.958291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.958390] kthread+0x328/0x630 [ 18.958502] ret_from_fork+0x10/0x20 [ 18.958584] [ 18.958620] The buggy address belongs to the object at fff00000c56728a0 [ 18.958620] which belongs to the cache kmalloc-16 of size 16 [ 18.958758] The buggy address is located 0 bytes inside of [ 18.958758] freed 16-byte region [fff00000c56728a0, fff00000c56728b0) [ 18.958926] [ 18.958974] The buggy address belongs to the physical page: [ 18.959066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105672 [ 18.959196] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.959326] page_type: f5(slab) [ 18.959435] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.959565] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.959689] page dumped because: kasan: bad access detected [ 18.959763] [ 18.959803] Memory state around the buggy address: [ 18.959880] fff00000c5672780: 00 03 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.959959] fff00000c5672800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.960040] >fff00000c5672880: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.960177] ^ [ 18.960261] fff00000c5672900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.960346] fff00000c5672980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.960494] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.930921] ================================================================== [ 18.931066] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 18.931149] Write of size 16 at addr fff00000c5672840 by task kunit_try_catch/167 [ 18.931201] [ 18.931234] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.931390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.931444] Hardware name: linux,dummy-virt (DT) [ 18.931504] Call trace: [ 18.931546] show_stack+0x20/0x38 (C) [ 18.931653] dump_stack_lvl+0x8c/0xd0 [ 18.931762] print_report+0x118/0x608 [ 18.931860] kasan_report+0xdc/0x128 [ 18.931955] __asan_report_store16_noabort+0x20/0x30 [ 18.932062] kmalloc_oob_16+0x3a0/0x3f8 [ 18.932170] kunit_try_run_case+0x170/0x3f0 [ 18.932257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.932311] kthread+0x328/0x630 [ 18.932421] ret_from_fork+0x10/0x20 [ 18.932526] [ 18.932559] Allocated by task 167: [ 18.932614] kasan_save_stack+0x3c/0x68 [ 18.932692] kasan_save_track+0x20/0x40 [ 18.932786] kasan_save_alloc_info+0x40/0x58 [ 18.932889] __kasan_kmalloc+0xd4/0xd8 [ 18.932981] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.933096] kmalloc_oob_16+0xb4/0x3f8 [ 18.933229] kunit_try_run_case+0x170/0x3f0 [ 18.933388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.933574] kthread+0x328/0x630 [ 18.933643] ret_from_fork+0x10/0x20 [ 18.933853] [ 18.934319] The buggy address belongs to the object at fff00000c5672840 [ 18.934319] which belongs to the cache kmalloc-16 of size 16 [ 18.935119] The buggy address is located 0 bytes inside of [ 18.935119] allocated 13-byte region [fff00000c5672840, fff00000c567284d) [ 18.935339] [ 18.935392] The buggy address belongs to the physical page: [ 18.935446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105672 [ 18.935547] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.936088] page_type: f5(slab) [ 18.936192] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.937613] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.939119] page dumped because: kasan: bad access detected [ 18.940301] [ 18.940463] Memory state around the buggy address: [ 18.940535] fff00000c5672700: 00 05 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 18.940643] fff00000c5672780: 00 03 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.940740] >fff00000c5672800: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 18.940826] ^ [ 18.940903] fff00000c5672880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.942274] fff00000c5672900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.942390] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 18.908959] ================================================================== [ 18.909067] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 18.909171] Read of size 1 at addr fff00000c091fa00 by task kunit_try_catch/165 [ 18.909277] [ 18.909339] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.909522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.909640] Hardware name: linux,dummy-virt (DT) [ 18.910011] Call trace: [ 18.910090] show_stack+0x20/0x38 (C) [ 18.910463] dump_stack_lvl+0x8c/0xd0 [ 18.910802] print_report+0x118/0x608 [ 18.911106] kasan_report+0xdc/0x128 [ 18.911247] __asan_report_load1_noabort+0x20/0x30 [ 18.911432] krealloc_uaf+0x4c8/0x520 [ 18.911525] kunit_try_run_case+0x170/0x3f0 [ 18.911767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.912119] kthread+0x328/0x630 [ 18.912259] ret_from_fork+0x10/0x20 [ 18.912390] [ 18.912424] Allocated by task 165: [ 18.912473] kasan_save_stack+0x3c/0x68 [ 18.912548] kasan_save_track+0x20/0x40 [ 18.912617] kasan_save_alloc_info+0x40/0x58 [ 18.912693] __kasan_kmalloc+0xd4/0xd8 [ 18.912790] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.912884] krealloc_uaf+0xc8/0x520 [ 18.912990] kunit_try_run_case+0x170/0x3f0 [ 18.913098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.913223] kthread+0x328/0x630 [ 18.913316] ret_from_fork+0x10/0x20 [ 18.913410] [ 18.913443] Freed by task 165: [ 18.913496] kasan_save_stack+0x3c/0x68 [ 18.913825] kasan_save_track+0x20/0x40 [ 18.914013] kasan_save_free_info+0x4c/0x78 [ 18.914110] __kasan_slab_free+0x6c/0x98 [ 18.914182] kfree+0x214/0x3c8 [ 18.914239] krealloc_uaf+0x12c/0x520 [ 18.914298] kunit_try_run_case+0x170/0x3f0 [ 18.914389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.914484] kthread+0x328/0x630 [ 18.914561] ret_from_fork+0x10/0x20 [ 18.914636] [ 18.914675] The buggy address belongs to the object at fff00000c091fa00 [ 18.914675] which belongs to the cache kmalloc-256 of size 256 [ 18.914801] The buggy address is located 0 bytes inside of [ 18.914801] freed 256-byte region [fff00000c091fa00, fff00000c091fb00) [ 18.914945] [ 18.914982] The buggy address belongs to the physical page: [ 18.915043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10091e [ 18.915409] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.915616] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.915716] page_type: f5(slab) [ 18.915790] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.915887] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.916412] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.916587] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.916695] head: 0bfffe0000000001 ffffc1ffc3024781 00000000ffffffff 00000000ffffffff [ 18.916788] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.916867] page dumped because: kasan: bad access detected [ 18.916941] [ 18.916976] Memory state around the buggy address: [ 18.917039] fff00000c091f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.917433] fff00000c091f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.917533] >fff00000c091fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.917644] ^ [ 18.917714] fff00000c091fa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.917838] fff00000c091fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.917936] ================================================================== [ 18.896255] ================================================================== [ 18.896423] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 18.896528] Read of size 1 at addr fff00000c091fa00 by task kunit_try_catch/165 [ 18.897250] [ 18.897368] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.897590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.897671] Hardware name: linux,dummy-virt (DT) [ 18.897746] Call trace: [ 18.897790] show_stack+0x20/0x38 (C) [ 18.897888] dump_stack_lvl+0x8c/0xd0 [ 18.897984] print_report+0x118/0x608 [ 18.898383] kasan_report+0xdc/0x128 [ 18.898507] __kasan_check_byte+0x54/0x70 [ 18.898611] krealloc_noprof+0x44/0x360 [ 18.898696] krealloc_uaf+0x180/0x520 [ 18.899144] kunit_try_run_case+0x170/0x3f0 [ 18.899288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.899433] kthread+0x328/0x630 [ 18.899578] ret_from_fork+0x10/0x20 [ 18.899704] [ 18.899754] Allocated by task 165: [ 18.899807] kasan_save_stack+0x3c/0x68 [ 18.899889] kasan_save_track+0x20/0x40 [ 18.899962] kasan_save_alloc_info+0x40/0x58 [ 18.900340] __kasan_kmalloc+0xd4/0xd8 [ 18.900442] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.900522] krealloc_uaf+0xc8/0x520 [ 18.900600] kunit_try_run_case+0x170/0x3f0 [ 18.900690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.900779] kthread+0x328/0x630 [ 18.901071] ret_from_fork+0x10/0x20 [ 18.901146] [ 18.901187] Freed by task 165: [ 18.901635] kasan_save_stack+0x3c/0x68 [ 18.901892] kasan_save_track+0x20/0x40 [ 18.901969] kasan_save_free_info+0x4c/0x78 [ 18.902047] __kasan_slab_free+0x6c/0x98 [ 18.902124] kfree+0x214/0x3c8 [ 18.902316] krealloc_uaf+0x12c/0x520 [ 18.902630] kunit_try_run_case+0x170/0x3f0 [ 18.902771] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.902850] kthread+0x328/0x630 [ 18.902908] ret_from_fork+0x10/0x20 [ 18.902975] [ 18.903016] The buggy address belongs to the object at fff00000c091fa00 [ 18.903016] which belongs to the cache kmalloc-256 of size 256 [ 18.903270] The buggy address is located 0 bytes inside of [ 18.903270] freed 256-byte region [fff00000c091fa00, fff00000c091fb00) [ 18.903425] [ 18.903466] The buggy address belongs to the physical page: [ 18.903529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10091e [ 18.903957] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.904055] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.904273] page_type: f5(slab) [ 18.904480] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.904587] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.904688] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.904791] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.904887] head: 0bfffe0000000001 ffffc1ffc3024781 00000000ffffffff 00000000ffffffff [ 18.904995] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.905178] page dumped because: kasan: bad access detected [ 18.905562] [ 18.905605] Memory state around the buggy address: [ 18.905673] fff00000c091f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.905804] fff00000c091f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.905934] >fff00000c091fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.906054] ^ [ 18.906111] fff00000c091fa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.906541] fff00000c091fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.906803] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 18.863585] ================================================================== [ 18.863688] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.863869] Write of size 1 at addr fff00000c78520da by task kunit_try_catch/163 [ 18.863988] [ 18.864065] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.864231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.864291] Hardware name: linux,dummy-virt (DT) [ 18.864374] Call trace: [ 18.864423] show_stack+0x20/0x38 (C) [ 18.864527] dump_stack_lvl+0x8c/0xd0 [ 18.864630] print_report+0x118/0x608 [ 18.864726] kasan_report+0xdc/0x128 [ 18.864826] __asan_report_store1_noabort+0x20/0x30 [ 18.864932] krealloc_less_oob_helper+0xa80/0xc50 [ 18.865037] krealloc_large_less_oob+0x20/0x38 [ 18.865135] kunit_try_run_case+0x170/0x3f0 [ 18.865238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.865351] kthread+0x328/0x630 [ 18.865459] ret_from_fork+0x10/0x20 [ 18.865559] [ 18.865601] The buggy address belongs to the physical page: [ 18.865666] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 18.865776] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.865873] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.865978] page_type: f8(unknown) [ 18.867815] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.868058] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.868253] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.868435] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.868949] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 18.869386] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.869533] page dumped because: kasan: bad access detected [ 18.869606] [ 18.869656] Memory state around the buggy address: [ 18.869790] fff00000c7851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.869942] fff00000c7852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.870036] >fff00000c7852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.870115] ^ [ 18.870180] fff00000c7852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.870262] fff00000c7852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.870337] ================================================================== [ 18.877659] ================================================================== [ 18.877788] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.877909] Write of size 1 at addr fff00000c78520eb by task kunit_try_catch/163 [ 18.878056] [ 18.878116] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.878259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.878309] Hardware name: linux,dummy-virt (DT) [ 18.878388] Call trace: [ 18.878431] show_stack+0x20/0x38 (C) [ 18.878775] dump_stack_lvl+0x8c/0xd0 [ 18.878903] print_report+0x118/0x608 [ 18.879000] kasan_report+0xdc/0x128 [ 18.879112] __asan_report_store1_noabort+0x20/0x30 [ 18.879281] krealloc_less_oob_helper+0xa58/0xc50 [ 18.879411] krealloc_large_less_oob+0x20/0x38 [ 18.879511] kunit_try_run_case+0x170/0x3f0 [ 18.879619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.879784] kthread+0x328/0x630 [ 18.879875] ret_from_fork+0x10/0x20 [ 18.879968] [ 18.880009] The buggy address belongs to the physical page: [ 18.880480] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 18.880648] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.880789] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.880943] page_type: f8(unknown) [ 18.881056] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.881166] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.881307] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.881426] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.881524] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 18.882088] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.882265] page dumped because: kasan: bad access detected [ 18.882380] [ 18.882504] Memory state around the buggy address: [ 18.882610] fff00000c7851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.882707] fff00000c7852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.882827] >fff00000c7852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.882898] ^ [ 18.882978] fff00000c7852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.883292] fff00000c7852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.883389] ================================================================== [ 18.764366] ================================================================== [ 18.766037] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.766191] Write of size 1 at addr fff00000c091f8da by task kunit_try_catch/159 [ 18.766286] [ 18.766343] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.766528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.766586] Hardware name: linux,dummy-virt (DT) [ 18.766651] Call trace: [ 18.766992] show_stack+0x20/0x38 (C) [ 18.767339] dump_stack_lvl+0x8c/0xd0 [ 18.767471] print_report+0x118/0x608 [ 18.767573] kasan_report+0xdc/0x128 [ 18.767669] __asan_report_store1_noabort+0x20/0x30 [ 18.767782] krealloc_less_oob_helper+0xa80/0xc50 [ 18.768534] krealloc_less_oob+0x20/0x38 [ 18.768980] kunit_try_run_case+0x170/0x3f0 [ 18.769525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.769661] kthread+0x328/0x630 [ 18.769765] ret_from_fork+0x10/0x20 [ 18.769869] [ 18.769909] Allocated by task 159: [ 18.769965] kasan_save_stack+0x3c/0x68 [ 18.770047] kasan_save_track+0x20/0x40 [ 18.770584] kasan_save_alloc_info+0x40/0x58 [ 18.771060] __kasan_krealloc+0x118/0x178 [ 18.771205] krealloc_noprof+0x128/0x360 [ 18.771331] krealloc_less_oob_helper+0x168/0xc50 [ 18.771443] krealloc_less_oob+0x20/0x38 [ 18.771585] kunit_try_run_case+0x170/0x3f0 [ 18.771710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.771989] kthread+0x328/0x630 [ 18.772282] ret_from_fork+0x10/0x20 [ 18.772398] [ 18.772489] The buggy address belongs to the object at fff00000c091f800 [ 18.772489] which belongs to the cache kmalloc-256 of size 256 [ 18.772807] The buggy address is located 17 bytes to the right of [ 18.772807] allocated 201-byte region [fff00000c091f800, fff00000c091f8c9) [ 18.773347] [ 18.773432] The buggy address belongs to the physical page: [ 18.773506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10091e [ 18.773624] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.773720] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.774477] page_type: f5(slab) [ 18.774659] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.774820] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.774972] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.775086] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.775411] head: 0bfffe0000000001 ffffc1ffc3024781 00000000ffffffff 00000000ffffffff [ 18.775504] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.775586] page dumped because: kasan: bad access detected [ 18.775649] [ 18.775686] Memory state around the buggy address: [ 18.776311] fff00000c091f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.776489] fff00000c091f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.776580] >fff00000c091f880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.776673] ^ [ 18.777133] fff00000c091f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.777241] fff00000c091f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.777322] ================================================================== [ 18.795253] ================================================================== [ 18.795386] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.795513] Write of size 1 at addr fff00000c091f8eb by task kunit_try_catch/159 [ 18.795625] [ 18.795693] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.795879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.795941] Hardware name: linux,dummy-virt (DT) [ 18.796009] Call trace: [ 18.796064] show_stack+0x20/0x38 (C) [ 18.796168] dump_stack_lvl+0x8c/0xd0 [ 18.796264] print_report+0x118/0x608 [ 18.796702] kasan_report+0xdc/0x128 [ 18.796852] __asan_report_store1_noabort+0x20/0x30 [ 18.796962] krealloc_less_oob_helper+0xa58/0xc50 [ 18.797074] krealloc_less_oob+0x20/0x38 [ 18.797166] kunit_try_run_case+0x170/0x3f0 [ 18.797435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.797579] kthread+0x328/0x630 [ 18.797635] ret_from_fork+0x10/0x20 [ 18.797685] [ 18.797705] Allocated by task 159: [ 18.797734] kasan_save_stack+0x3c/0x68 [ 18.797779] kasan_save_track+0x20/0x40 [ 18.797816] kasan_save_alloc_info+0x40/0x58 [ 18.797854] __kasan_krealloc+0x118/0x178 [ 18.797891] krealloc_noprof+0x128/0x360 [ 18.797927] krealloc_less_oob_helper+0x168/0xc50 [ 18.797965] krealloc_less_oob+0x20/0x38 [ 18.798092] kunit_try_run_case+0x170/0x3f0 [ 18.798219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.798476] kthread+0x328/0x630 [ 18.798593] ret_from_fork+0x10/0x20 [ 18.798960] [ 18.799003] The buggy address belongs to the object at fff00000c091f800 [ 18.799003] which belongs to the cache kmalloc-256 of size 256 [ 18.799119] The buggy address is located 34 bytes to the right of [ 18.799119] allocated 201-byte region [fff00000c091f800, fff00000c091f8c9) [ 18.799335] [ 18.799475] The buggy address belongs to the physical page: [ 18.799843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10091e [ 18.800121] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.800335] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.800457] page_type: f5(slab) [ 18.800978] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.801086] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.801939] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.802293] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.802404] head: 0bfffe0000000001 ffffc1ffc3024781 00000000ffffffff 00000000ffffffff [ 18.802510] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.803590] page dumped because: kasan: bad access detected [ 18.803931] [ 18.804020] Memory state around the buggy address: [ 18.804089] fff00000c091f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.804536] fff00000c091f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.805125] >fff00000c091f880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.805545] ^ [ 18.805656] fff00000c091f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.805861] fff00000c091f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.806458] ================================================================== [ 18.858401] ================================================================== [ 18.858529] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.858640] Write of size 1 at addr fff00000c78520d0 by task kunit_try_catch/163 [ 18.858741] [ 18.858807] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.859007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.859057] Hardware name: linux,dummy-virt (DT) [ 18.859124] Call trace: [ 18.859167] show_stack+0x20/0x38 (C) [ 18.859270] dump_stack_lvl+0x8c/0xd0 [ 18.859390] print_report+0x118/0x608 [ 18.859496] kasan_report+0xdc/0x128 [ 18.859596] __asan_report_store1_noabort+0x20/0x30 [ 18.859700] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.859808] krealloc_large_less_oob+0x20/0x38 [ 18.859925] kunit_try_run_case+0x170/0x3f0 [ 18.860031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.860146] kthread+0x328/0x630 [ 18.860240] ret_from_fork+0x10/0x20 [ 18.860347] [ 18.860407] The buggy address belongs to the physical page: [ 18.860476] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 18.860590] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.860690] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.860798] page_type: f8(unknown) [ 18.860880] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.860987] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.861093] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.861195] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.861300] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 18.861413] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.861497] page dumped because: kasan: bad access detected [ 18.861561] [ 18.861602] Memory state around the buggy address: [ 18.861660] fff00000c7851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.861738] fff00000c7852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.861827] >fff00000c7852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.861912] ^ [ 18.861982] fff00000c7852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.862131] fff00000c7852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.862207] ================================================================== [ 18.852508] ================================================================== [ 18.852633] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.852736] Write of size 1 at addr fff00000c78520c9 by task kunit_try_catch/163 [ 18.852840] [ 18.852905] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.853075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.853132] Hardware name: linux,dummy-virt (DT) [ 18.853199] Call trace: [ 18.853247] show_stack+0x20/0x38 (C) [ 18.853367] dump_stack_lvl+0x8c/0xd0 [ 18.853478] print_report+0x118/0x608 [ 18.853581] kasan_report+0xdc/0x128 [ 18.853681] __asan_report_store1_noabort+0x20/0x30 [ 18.853799] krealloc_less_oob_helper+0xa48/0xc50 [ 18.853958] krealloc_large_less_oob+0x20/0x38 [ 18.854106] kunit_try_run_case+0x170/0x3f0 [ 18.854209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.854329] kthread+0x328/0x630 [ 18.854568] ret_from_fork+0x10/0x20 [ 18.854708] [ 18.854754] The buggy address belongs to the physical page: [ 18.854819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 18.854912] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.855000] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.855131] page_type: f8(unknown) [ 18.855220] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.855337] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.855520] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.855643] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.855825] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 18.855972] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.856105] page dumped because: kasan: bad access detected [ 18.856178] [ 18.856217] Memory state around the buggy address: [ 18.856307] fff00000c7851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.856458] fff00000c7852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.856590] >fff00000c7852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.856708] ^ [ 18.856797] fff00000c7852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.856909] fff00000c7852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.857028] ================================================================== [ 18.781300] ================================================================== [ 18.781435] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.782169] Write of size 1 at addr fff00000c091f8ea by task kunit_try_catch/159 [ 18.782305] [ 18.782386] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.782986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.783059] Hardware name: linux,dummy-virt (DT) [ 18.783167] Call trace: [ 18.783215] show_stack+0x20/0x38 (C) [ 18.783753] dump_stack_lvl+0x8c/0xd0 [ 18.783958] print_report+0x118/0x608 [ 18.784062] kasan_report+0xdc/0x128 [ 18.784178] __asan_report_store1_noabort+0x20/0x30 [ 18.784287] krealloc_less_oob_helper+0xae4/0xc50 [ 18.784411] krealloc_less_oob+0x20/0x38 [ 18.784547] kunit_try_run_case+0x170/0x3f0 [ 18.784691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.784809] kthread+0x328/0x630 [ 18.784911] ret_from_fork+0x10/0x20 [ 18.785025] [ 18.785069] Allocated by task 159: [ 18.785134] kasan_save_stack+0x3c/0x68 [ 18.785227] kasan_save_track+0x20/0x40 [ 18.785311] kasan_save_alloc_info+0x40/0x58 [ 18.785423] __kasan_krealloc+0x118/0x178 [ 18.785508] krealloc_noprof+0x128/0x360 [ 18.785588] krealloc_less_oob_helper+0x168/0xc50 [ 18.785672] krealloc_less_oob+0x20/0x38 [ 18.785750] kunit_try_run_case+0x170/0x3f0 [ 18.785830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.785922] kthread+0x328/0x630 [ 18.785992] ret_from_fork+0x10/0x20 [ 18.787101] [ 18.787159] The buggy address belongs to the object at fff00000c091f800 [ 18.787159] which belongs to the cache kmalloc-256 of size 256 [ 18.787582] The buggy address is located 33 bytes to the right of [ 18.787582] allocated 201-byte region [fff00000c091f800, fff00000c091f8c9) [ 18.787744] [ 18.787791] The buggy address belongs to the physical page: [ 18.787862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10091e [ 18.787979] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.788588] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.788896] page_type: f5(slab) [ 18.789184] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.789647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.790394] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.790553] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.790670] head: 0bfffe0000000001 ffffc1ffc3024781 00000000ffffffff 00000000ffffffff [ 18.790778] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.791021] page dumped because: kasan: bad access detected [ 18.791085] [ 18.791118] Memory state around the buggy address: [ 18.791509] fff00000c091f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.791626] fff00000c091f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.791723] >fff00000c091f880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.791833] ^ [ 18.792002] fff00000c091f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.792118] fff00000c091f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.792558] ================================================================== [ 18.753870] ================================================================== [ 18.753977] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.754339] Write of size 1 at addr fff00000c091f8d0 by task kunit_try_catch/159 [ 18.754588] [ 18.754859] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.755056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.755107] Hardware name: linux,dummy-virt (DT) [ 18.755168] Call trace: [ 18.755210] show_stack+0x20/0x38 (C) [ 18.755469] dump_stack_lvl+0x8c/0xd0 [ 18.755697] print_report+0x118/0x608 [ 18.755878] kasan_report+0xdc/0x128 [ 18.756001] __asan_report_store1_noabort+0x20/0x30 [ 18.756108] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.756208] krealloc_less_oob+0x20/0x38 [ 18.756310] kunit_try_run_case+0x170/0x3f0 [ 18.756430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.756546] kthread+0x328/0x630 [ 18.756640] ret_from_fork+0x10/0x20 [ 18.756742] [ 18.756782] Allocated by task 159: [ 18.756842] kasan_save_stack+0x3c/0x68 [ 18.756927] kasan_save_track+0x20/0x40 [ 18.757006] kasan_save_alloc_info+0x40/0x58 [ 18.757095] __kasan_krealloc+0x118/0x178 [ 18.757612] krealloc_noprof+0x128/0x360 [ 18.757888] krealloc_less_oob_helper+0x168/0xc50 [ 18.758145] krealloc_less_oob+0x20/0x38 [ 18.758253] kunit_try_run_case+0x170/0x3f0 [ 18.758451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.758585] kthread+0x328/0x630 [ 18.758663] ret_from_fork+0x10/0x20 [ 18.758887] [ 18.758951] The buggy address belongs to the object at fff00000c091f800 [ 18.758951] which belongs to the cache kmalloc-256 of size 256 [ 18.759338] The buggy address is located 7 bytes to the right of [ 18.759338] allocated 201-byte region [fff00000c091f800, fff00000c091f8c9) [ 18.759862] [ 18.759897] The buggy address belongs to the physical page: [ 18.759932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10091e [ 18.759989] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.760033] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.760085] page_type: f5(slab) [ 18.760124] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.760173] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.760219] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.760265] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.760311] head: 0bfffe0000000001 ffffc1ffc3024781 00000000ffffffff 00000000ffffffff [ 18.760378] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.760453] page dumped because: kasan: bad access detected [ 18.760509] [ 18.760539] Memory state around the buggy address: [ 18.760597] fff00000c091f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.760676] fff00000c091f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.760763] >fff00000c091f880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.760890] ^ [ 18.760982] fff00000c091f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.761092] fff00000c091f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.761179] ================================================================== [ 18.741654] ================================================================== [ 18.742034] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.742241] Write of size 1 at addr fff00000c091f8c9 by task kunit_try_catch/159 [ 18.742517] [ 18.742649] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.743048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.743231] Hardware name: linux,dummy-virt (DT) [ 18.743489] Call trace: [ 18.743536] show_stack+0x20/0x38 (C) [ 18.743825] dump_stack_lvl+0x8c/0xd0 [ 18.744047] print_report+0x118/0x608 [ 18.744317] kasan_report+0xdc/0x128 [ 18.744448] __asan_report_store1_noabort+0x20/0x30 [ 18.744572] krealloc_less_oob_helper+0xa48/0xc50 [ 18.744664] krealloc_less_oob+0x20/0x38 [ 18.744895] kunit_try_run_case+0x170/0x3f0 [ 18.745243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.745402] kthread+0x328/0x630 [ 18.745500] ret_from_fork+0x10/0x20 [ 18.745814] [ 18.745860] Allocated by task 159: [ 18.745928] kasan_save_stack+0x3c/0x68 [ 18.746184] kasan_save_track+0x20/0x40 [ 18.746263] kasan_save_alloc_info+0x40/0x58 [ 18.746427] __kasan_krealloc+0x118/0x178 [ 18.746654] krealloc_noprof+0x128/0x360 [ 18.746757] krealloc_less_oob_helper+0x168/0xc50 [ 18.746981] krealloc_less_oob+0x20/0x38 [ 18.747188] kunit_try_run_case+0x170/0x3f0 [ 18.747331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.747605] kthread+0x328/0x630 [ 18.747688] ret_from_fork+0x10/0x20 [ 18.747819] [ 18.747866] The buggy address belongs to the object at fff00000c091f800 [ 18.747866] which belongs to the cache kmalloc-256 of size 256 [ 18.748029] The buggy address is located 0 bytes to the right of [ 18.748029] allocated 201-byte region [fff00000c091f800, fff00000c091f8c9) [ 18.748314] [ 18.748430] The buggy address belongs to the physical page: [ 18.748551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10091e [ 18.748698] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.748793] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.748907] page_type: f5(slab) [ 18.748989] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.749099] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.749519] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.749844] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.750054] head: 0bfffe0000000001 ffffc1ffc3024781 00000000ffffffff 00000000ffffffff [ 18.750175] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.750495] page dumped because: kasan: bad access detected [ 18.750621] [ 18.750674] Memory state around the buggy address: [ 18.750925] fff00000c091f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.751022] fff00000c091f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.751128] >fff00000c091f880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.751205] ^ [ 18.751448] fff00000c091f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.751676] fff00000c091f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.751815] ================================================================== [ 18.871503] ================================================================== [ 18.871608] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.871714] Write of size 1 at addr fff00000c78520ea by task kunit_try_catch/163 [ 18.871810] [ 18.871867] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.872260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.872342] Hardware name: linux,dummy-virt (DT) [ 18.872428] Call trace: [ 18.872484] show_stack+0x20/0x38 (C) [ 18.872592] dump_stack_lvl+0x8c/0xd0 [ 18.872694] print_report+0x118/0x608 [ 18.872792] kasan_report+0xdc/0x128 [ 18.872921] __asan_report_store1_noabort+0x20/0x30 [ 18.873029] krealloc_less_oob_helper+0xae4/0xc50 [ 18.873158] krealloc_large_less_oob+0x20/0x38 [ 18.873261] kunit_try_run_case+0x170/0x3f0 [ 18.873365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.873768] kthread+0x328/0x630 [ 18.873887] ret_from_fork+0x10/0x20 [ 18.874048] [ 18.874118] The buggy address belongs to the physical page: [ 18.874194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 18.874311] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.874422] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.874555] page_type: f8(unknown) [ 18.874650] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.874767] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.874925] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.875016] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.875099] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 18.875559] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.875654] page dumped because: kasan: bad access detected [ 18.875723] [ 18.875763] Memory state around the buggy address: [ 18.875832] fff00000c7851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.875927] fff00000c7852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.876019] >fff00000c7852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.876101] ^ [ 18.876224] fff00000c7852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.876347] fff00000c7852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.876452] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 18.823589] ================================================================== [ 18.823800] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 18.824029] Write of size 1 at addr fff00000c78520eb by task kunit_try_catch/161 [ 18.824185] [ 18.824247] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.824697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.824845] Hardware name: linux,dummy-virt (DT) [ 18.825000] Call trace: [ 18.825068] show_stack+0x20/0x38 (C) [ 18.825309] dump_stack_lvl+0x8c/0xd0 [ 18.825428] print_report+0x118/0x608 [ 18.825521] kasan_report+0xdc/0x128 [ 18.825624] __asan_report_store1_noabort+0x20/0x30 [ 18.825729] krealloc_more_oob_helper+0x60c/0x678 [ 18.825835] krealloc_large_more_oob+0x20/0x38 [ 18.825938] kunit_try_run_case+0x170/0x3f0 [ 18.826431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.826616] kthread+0x328/0x630 [ 18.826704] ret_from_fork+0x10/0x20 [ 18.826966] [ 18.827019] The buggy address belongs to the physical page: [ 18.827092] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 18.827269] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.827387] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.827506] page_type: f8(unknown) [ 18.827592] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.827705] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.827816] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.827933] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.828042] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 18.828145] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.828241] page dumped because: kasan: bad access detected [ 18.828312] [ 18.828351] Memory state around the buggy address: [ 18.828434] fff00000c7851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.828540] fff00000c7852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.828639] >fff00000c7852080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.828724] ^ [ 18.828814] fff00000c7852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.828923] fff00000c7852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.829006] ================================================================== [ 18.831248] ================================================================== [ 18.831435] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 18.831548] Write of size 1 at addr fff00000c78520f0 by task kunit_try_catch/161 [ 18.831659] [ 18.831726] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.831884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.832115] Hardware name: linux,dummy-virt (DT) [ 18.832205] Call trace: [ 18.832252] show_stack+0x20/0x38 (C) [ 18.832460] dump_stack_lvl+0x8c/0xd0 [ 18.832647] print_report+0x118/0x608 [ 18.832818] kasan_report+0xdc/0x128 [ 18.832996] __asan_report_store1_noabort+0x20/0x30 [ 18.833095] krealloc_more_oob_helper+0x5c0/0x678 [ 18.833512] krealloc_large_more_oob+0x20/0x38 [ 18.833632] kunit_try_run_case+0x170/0x3f0 [ 18.833834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.833957] kthread+0x328/0x630 [ 18.834138] ret_from_fork+0x10/0x20 [ 18.834322] [ 18.834388] The buggy address belongs to the physical page: [ 18.834467] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 18.834559] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.834648] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.834748] page_type: f8(unknown) [ 18.834833] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.834945] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.835056] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.835439] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.835699] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 18.835817] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.836107] page dumped because: kasan: bad access detected [ 18.836226] [ 18.836516] Memory state around the buggy address: [ 18.836641] fff00000c7851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.836756] fff00000c7852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.836846] >fff00000c7852080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.836933] ^ [ 18.837024] fff00000c7852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.837390] fff00000c7852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.837634] ================================================================== [ 18.713855] ================================================================== [ 18.714163] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 18.714292] Write of size 1 at addr fff00000c091f6f0 by task kunit_try_catch/157 [ 18.714424] [ 18.714507] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.714675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.714727] Hardware name: linux,dummy-virt (DT) [ 18.714781] Call trace: [ 18.714817] show_stack+0x20/0x38 (C) [ 18.714910] dump_stack_lvl+0x8c/0xd0 [ 18.715009] print_report+0x118/0x608 [ 18.715114] kasan_report+0xdc/0x128 [ 18.715216] __asan_report_store1_noabort+0x20/0x30 [ 18.715821] krealloc_more_oob_helper+0x5c0/0x678 [ 18.716023] krealloc_more_oob+0x20/0x38 [ 18.716217] kunit_try_run_case+0x170/0x3f0 [ 18.716435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.716654] kthread+0x328/0x630 [ 18.716846] ret_from_fork+0x10/0x20 [ 18.717185] [ 18.717234] Allocated by task 157: [ 18.717397] kasan_save_stack+0x3c/0x68 [ 18.717585] kasan_save_track+0x20/0x40 [ 18.717661] kasan_save_alloc_info+0x40/0x58 [ 18.717980] __kasan_krealloc+0x118/0x178 [ 18.718133] krealloc_noprof+0x128/0x360 [ 18.718298] krealloc_more_oob_helper+0x168/0x678 [ 18.718489] krealloc_more_oob+0x20/0x38 [ 18.718787] kunit_try_run_case+0x170/0x3f0 [ 18.718913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.719020] kthread+0x328/0x630 [ 18.719172] ret_from_fork+0x10/0x20 [ 18.719294] [ 18.719343] The buggy address belongs to the object at fff00000c091f600 [ 18.719343] which belongs to the cache kmalloc-256 of size 256 [ 18.719465] The buggy address is located 5 bytes to the right of [ 18.719465] allocated 235-byte region [fff00000c091f600, fff00000c091f6eb) [ 18.719596] [ 18.719639] The buggy address belongs to the physical page: [ 18.719970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10091e [ 18.720154] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.720489] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.720608] page_type: f5(slab) [ 18.720770] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.720972] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.721168] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.721269] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.721591] head: 0bfffe0000000001 ffffc1ffc3024781 00000000ffffffff 00000000ffffffff [ 18.721694] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.721870] page dumped because: kasan: bad access detected [ 18.722170] [ 18.722215] Memory state around the buggy address: [ 18.722298] fff00000c091f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.722542] fff00000c091f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.722748] >fff00000c091f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.722871] ^ [ 18.722956] fff00000c091f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.723053] fff00000c091f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.723140] ================================================================== [ 18.700922] ================================================================== [ 18.701219] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 18.701334] Write of size 1 at addr fff00000c091f6eb by task kunit_try_catch/157 [ 18.701454] [ 18.701525] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.701640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.701668] Hardware name: linux,dummy-virt (DT) [ 18.701700] Call trace: [ 18.701723] show_stack+0x20/0x38 (C) [ 18.701774] dump_stack_lvl+0x8c/0xd0 [ 18.701822] print_report+0x118/0x608 [ 18.701867] kasan_report+0xdc/0x128 [ 18.701912] __asan_report_store1_noabort+0x20/0x30 [ 18.701959] krealloc_more_oob_helper+0x60c/0x678 [ 18.702037] krealloc_more_oob+0x20/0x38 [ 18.702134] kunit_try_run_case+0x170/0x3f0 [ 18.702365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.702516] kthread+0x328/0x630 [ 18.702620] ret_from_fork+0x10/0x20 [ 18.702843] [ 18.702888] Allocated by task 157: [ 18.703172] kasan_save_stack+0x3c/0x68 [ 18.703321] kasan_save_track+0x20/0x40 [ 18.703511] kasan_save_alloc_info+0x40/0x58 [ 18.703670] __kasan_krealloc+0x118/0x178 [ 18.703907] krealloc_noprof+0x128/0x360 [ 18.704025] krealloc_more_oob_helper+0x168/0x678 [ 18.704153] krealloc_more_oob+0x20/0x38 [ 18.704499] kunit_try_run_case+0x170/0x3f0 [ 18.704906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.705401] kthread+0x328/0x630 [ 18.705691] ret_from_fork+0x10/0x20 [ 18.705803] [ 18.705845] The buggy address belongs to the object at fff00000c091f600 [ 18.705845] which belongs to the cache kmalloc-256 of size 256 [ 18.706281] The buggy address is located 0 bytes to the right of [ 18.706281] allocated 235-byte region [fff00000c091f600, fff00000c091f6eb) [ 18.706965] [ 18.707009] The buggy address belongs to the physical page: [ 18.707069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10091e [ 18.707173] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.707689] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.707817] page_type: f5(slab) [ 18.707897] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.708013] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.708163] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.708290] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.708417] head: 0bfffe0000000001 ffffc1ffc3024781 00000000ffffffff 00000000ffffffff [ 18.708517] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.708606] page dumped because: kasan: bad access detected [ 18.708676] [ 18.708715] Memory state around the buggy address: [ 18.708782] fff00000c091f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.708878] fff00000c091f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.708970] >fff00000c091f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.709052] ^ [ 18.710470] fff00000c091f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.711040] fff00000c091f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.711239] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 18.641911] ================================================================== [ 18.643053] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 18.643421] Free of addr fff00000c784c001 by task kunit_try_catch/151 [ 18.643542] [ 18.643694] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.644458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.644536] Hardware name: linux,dummy-virt (DT) [ 18.644693] Call trace: [ 18.644743] show_stack+0x20/0x38 (C) [ 18.644870] dump_stack_lvl+0x8c/0xd0 [ 18.645399] print_report+0x118/0x608 [ 18.645581] kasan_report_invalid_free+0xc0/0xe8 [ 18.646085] __kasan_kfree_large+0x5c/0xa8 [ 18.646229] free_large_kmalloc+0x64/0x190 [ 18.646396] kfree+0x270/0x3c8 [ 18.646504] kmalloc_large_invalid_free+0x108/0x270 [ 18.646603] kunit_try_run_case+0x170/0x3f0 [ 18.646688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.646787] kthread+0x328/0x630 [ 18.646871] ret_from_fork+0x10/0x20 [ 18.646975] [ 18.647599] The buggy address belongs to the physical page: [ 18.647711] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 18.648075] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.648416] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.648630] page_type: f8(unknown) [ 18.648723] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.648835] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.649305] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.649503] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.649716] head: 0bfffe0000000002 ffffc1ffc31e1301 00000000ffffffff 00000000ffffffff [ 18.649843] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.649925] page dumped because: kasan: bad access detected [ 18.649995] [ 18.650448] Memory state around the buggy address: [ 18.650702] fff00000c784bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.650815] fff00000c784bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.650907] >fff00000c784c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.650994] ^ [ 18.651058] fff00000c784c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.651602] fff00000c784c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.651827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 18.616648] ================================================================== [ 18.616779] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 18.616887] Read of size 1 at addr fff00000c784c000 by task kunit_try_catch/149 [ 18.616994] [ 18.617059] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.617240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.617301] Hardware name: linux,dummy-virt (DT) [ 18.617691] Call trace: [ 18.617763] show_stack+0x20/0x38 (C) [ 18.617864] dump_stack_lvl+0x8c/0xd0 [ 18.617969] print_report+0x118/0x608 [ 18.618075] kasan_report+0xdc/0x128 [ 18.618172] __asan_report_load1_noabort+0x20/0x30 [ 18.618290] kmalloc_large_uaf+0x2cc/0x2f8 [ 18.618996] kunit_try_run_case+0x170/0x3f0 [ 18.619142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.619268] kthread+0x328/0x630 [ 18.619421] ret_from_fork+0x10/0x20 [ 18.619559] [ 18.619675] The buggy address belongs to the physical page: [ 18.619750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 18.619944] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.620269] raw: 0bfffe0000000000 ffffc1ffc31e1408 fff00000da456c40 0000000000000000 [ 18.620403] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.620494] page dumped because: kasan: bad access detected [ 18.620562] [ 18.620600] Memory state around the buggy address: [ 18.620666] fff00000c784bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.620761] fff00000c784bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.621710] >fff00000c784c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.621810] ^ [ 18.621872] fff00000c784c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.621966] fff00000c784c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.622062] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 18.599106] ================================================================== [ 18.599255] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 18.599384] Write of size 1 at addr fff00000c784e00a by task kunit_try_catch/147 [ 18.599483] [ 18.599549] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.599717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.599772] Hardware name: linux,dummy-virt (DT) [ 18.599841] Call trace: [ 18.599893] show_stack+0x20/0x38 (C) [ 18.600062] dump_stack_lvl+0x8c/0xd0 [ 18.600188] print_report+0x118/0x608 [ 18.600296] kasan_report+0xdc/0x128 [ 18.600415] __asan_report_store1_noabort+0x20/0x30 [ 18.600530] kmalloc_large_oob_right+0x278/0x2b8 [ 18.601300] kunit_try_run_case+0x170/0x3f0 [ 18.601452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.601577] kthread+0x328/0x630 [ 18.601679] ret_from_fork+0x10/0x20 [ 18.601789] [ 18.601929] The buggy address belongs to the physical page: [ 18.602072] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 18.602233] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.602383] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.602518] page_type: f8(unknown) [ 18.602610] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.602724] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.602813] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.602912] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.603302] head: 0bfffe0000000002 ffffc1ffc31e1301 00000000ffffffff 00000000ffffffff [ 18.603477] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.603570] page dumped because: kasan: bad access detected [ 18.603644] [ 18.603687] Memory state around the buggy address: [ 18.603761] fff00000c784df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.603877] fff00000c784df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.603993] >fff00000c784e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.604095] ^ [ 18.604193] fff00000c784e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.604288] fff00000c784e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.604595] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 18.565183] ================================================================== [ 18.565328] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 18.565449] Write of size 1 at addr fff00000c78b9f00 by task kunit_try_catch/145 [ 18.565556] [ 18.565626] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.565804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.566147] Hardware name: linux,dummy-virt (DT) [ 18.566227] Call trace: [ 18.566277] show_stack+0x20/0x38 (C) [ 18.566627] dump_stack_lvl+0x8c/0xd0 [ 18.566778] print_report+0x118/0x608 [ 18.566898] kasan_report+0xdc/0x128 [ 18.567077] __asan_report_store1_noabort+0x20/0x30 [ 18.567242] kmalloc_big_oob_right+0x2a4/0x2f0 [ 18.567418] kunit_try_run_case+0x170/0x3f0 [ 18.567526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.568029] kthread+0x328/0x630 [ 18.568477] ret_from_fork+0x10/0x20 [ 18.568779] [ 18.568988] Allocated by task 145: [ 18.569059] kasan_save_stack+0x3c/0x68 [ 18.569652] kasan_save_track+0x20/0x40 [ 18.569812] kasan_save_alloc_info+0x40/0x58 [ 18.569907] __kasan_kmalloc+0xd4/0xd8 [ 18.569994] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.570989] kmalloc_big_oob_right+0xb8/0x2f0 [ 18.571177] kunit_try_run_case+0x170/0x3f0 [ 18.571271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.571390] kthread+0x328/0x630 [ 18.571708] ret_from_fork+0x10/0x20 [ 18.571977] [ 18.572196] The buggy address belongs to the object at fff00000c78b8000 [ 18.572196] which belongs to the cache kmalloc-8k of size 8192 [ 18.572475] The buggy address is located 0 bytes to the right of [ 18.572475] allocated 7936-byte region [fff00000c78b8000, fff00000c78b9f00) [ 18.572624] [ 18.572673] The buggy address belongs to the physical page: [ 18.573247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b8 [ 18.574216] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.574413] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.574612] page_type: f5(slab) [ 18.575311] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 18.575951] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 18.576324] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 18.576496] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 18.576889] head: 0bfffe0000000003 ffffc1ffc31e2e01 00000000ffffffff 00000000ffffffff [ 18.577081] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.577386] page dumped because: kasan: bad access detected [ 18.577574] [ 18.577631] Memory state around the buggy address: [ 18.577893] fff00000c78b9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.577993] fff00000c78b9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.578511] >fff00000c78b9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.578651] ^ [ 18.578732] fff00000c78b9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.579107] fff00000c78ba000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.579202] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 18.530971] ================================================================== [ 18.531093] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.531197] Write of size 1 at addr fff00000c56f1678 by task kunit_try_catch/143 [ 18.531294] [ 18.531352] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.531522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.531575] Hardware name: linux,dummy-virt (DT) [ 18.531634] Call trace: [ 18.531677] show_stack+0x20/0x38 (C) [ 18.531776] dump_stack_lvl+0x8c/0xd0 [ 18.531891] print_report+0x118/0x608 [ 18.531995] kasan_report+0xdc/0x128 [ 18.532095] __asan_report_store1_noabort+0x20/0x30 [ 18.532202] kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.532587] kunit_try_run_case+0x170/0x3f0 [ 18.532727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.533121] kthread+0x328/0x630 [ 18.534066] ret_from_fork+0x10/0x20 [ 18.534156] [ 18.534194] Allocated by task 143: [ 18.534256] kasan_save_stack+0x3c/0x68 [ 18.534678] kasan_save_track+0x20/0x40 [ 18.534762] kasan_save_alloc_info+0x40/0x58 [ 18.534846] __kasan_kmalloc+0xd4/0xd8 [ 18.534925] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.535040] kmalloc_track_caller_oob_right+0xa8/0x488 [ 18.535131] kunit_try_run_case+0x170/0x3f0 [ 18.535222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.535315] kthread+0x328/0x630 [ 18.535405] ret_from_fork+0x10/0x20 [ 18.535470] [ 18.535503] The buggy address belongs to the object at fff00000c56f1600 [ 18.535503] which belongs to the cache kmalloc-128 of size 128 [ 18.535606] The buggy address is located 0 bytes to the right of [ 18.535606] allocated 120-byte region [fff00000c56f1600, fff00000c56f1678) [ 18.535736] [ 18.535788] The buggy address belongs to the physical page: [ 18.535860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 18.535973] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.536076] page_type: f5(slab) [ 18.536157] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.536266] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.536377] page dumped because: kasan: bad access detected [ 18.536437] [ 18.536472] Memory state around the buggy address: [ 18.536533] fff00000c56f1500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.536679] fff00000c56f1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.536921] >fff00000c56f1600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.537006] ^ [ 18.537111] fff00000c56f1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.537200] fff00000c56f1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.537479] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 18.509543] ================================================================== [ 18.510081] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 18.510206] Read of size 1 at addr fff00000c7889000 by task kunit_try_catch/141 [ 18.510300] [ 18.510371] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.510561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.510618] Hardware name: linux,dummy-virt (DT) [ 18.510686] Call trace: [ 18.510735] show_stack+0x20/0x38 (C) [ 18.510844] dump_stack_lvl+0x8c/0xd0 [ 18.510949] print_report+0x118/0x608 [ 18.511048] kasan_report+0xdc/0x128 [ 18.511162] __asan_report_load1_noabort+0x20/0x30 [ 18.511319] kmalloc_node_oob_right+0x2f4/0x330 [ 18.511446] kunit_try_run_case+0x170/0x3f0 [ 18.511551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.511666] kthread+0x328/0x630 [ 18.511776] ret_from_fork+0x10/0x20 [ 18.511921] [ 18.511979] Allocated by task 141: [ 18.512062] kasan_save_stack+0x3c/0x68 [ 18.512180] kasan_save_track+0x20/0x40 [ 18.512283] kasan_save_alloc_info+0x40/0x58 [ 18.512375] __kasan_kmalloc+0xd4/0xd8 [ 18.512445] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 18.512933] kmalloc_node_oob_right+0xbc/0x330 [ 18.513194] kunit_try_run_case+0x170/0x3f0 [ 18.513488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.513587] kthread+0x328/0x630 [ 18.513654] ret_from_fork+0x10/0x20 [ 18.513728] [ 18.513767] The buggy address belongs to the object at fff00000c7888000 [ 18.513767] which belongs to the cache kmalloc-4k of size 4096 [ 18.514255] The buggy address is located 0 bytes to the right of [ 18.514255] allocated 4096-byte region [fff00000c7888000, fff00000c7889000) [ 18.514474] [ 18.514519] The buggy address belongs to the physical page: [ 18.514652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107888 [ 18.515225] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.515374] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.515600] page_type: f5(slab) [ 18.515715] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.515828] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.515948] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.516073] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.516195] head: 0bfffe0000000003 ffffc1ffc31e2201 00000000ffffffff 00000000ffffffff [ 18.516290] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.516629] page dumped because: kasan: bad access detected [ 18.516811] [ 18.516877] Memory state around the buggy address: [ 18.516953] fff00000c7888f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.517062] fff00000c7888f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.517145] >fff00000c7889000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.517223] ^ [ 18.517515] fff00000c7889080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.517739] fff00000c7889100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.517837] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 18.484548] ================================================================== [ 18.484718] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 18.485186] Read of size 1 at addr fff00000c567281f by task kunit_try_catch/139 [ 18.485321] [ 18.485441] CPU: 0 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.485642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.485806] Hardware name: linux,dummy-virt (DT) [ 18.485903] Call trace: [ 18.485946] show_stack+0x20/0x38 (C) [ 18.486113] dump_stack_lvl+0x8c/0xd0 [ 18.486493] print_report+0x118/0x608 [ 18.486702] kasan_report+0xdc/0x128 [ 18.486822] __asan_report_load1_noabort+0x20/0x30 [ 18.486947] kmalloc_oob_left+0x2ec/0x320 [ 18.487032] kunit_try_run_case+0x170/0x3f0 [ 18.487350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.487574] kthread+0x328/0x630 [ 18.487760] ret_from_fork+0x10/0x20 [ 18.487878] [ 18.488052] Allocated by task 26: [ 18.488271] kasan_save_stack+0x3c/0x68 [ 18.488488] kasan_save_track+0x20/0x40 [ 18.488616] kasan_save_alloc_info+0x40/0x58 [ 18.488873] __kasan_kmalloc+0xd4/0xd8 [ 18.489101] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.489322] kstrdup+0x54/0xc8 [ 18.489506] devtmpfs_work_loop+0x6f8/0xa58 [ 18.489817] devtmpfsd+0x50/0x58 [ 18.489957] kthread+0x328/0x630 [ 18.490079] ret_from_fork+0x10/0x20 [ 18.490156] [ 18.490226] Freed by task 26: [ 18.490313] kasan_save_stack+0x3c/0x68 [ 18.490423] kasan_save_track+0x20/0x40 [ 18.490680] kasan_save_free_info+0x4c/0x78 [ 18.490904] __kasan_slab_free+0x6c/0x98 [ 18.491078] kfree+0x214/0x3c8 [ 18.491148] devtmpfs_work_loop+0x804/0xa58 [ 18.491622] devtmpfsd+0x50/0x58 [ 18.491764] kthread+0x328/0x630 [ 18.491846] ret_from_fork+0x10/0x20 [ 18.491949] [ 18.491996] The buggy address belongs to the object at fff00000c5672800 [ 18.491996] which belongs to the cache kmalloc-16 of size 16 [ 18.492126] The buggy address is located 15 bytes to the right of [ 18.492126] allocated 16-byte region [fff00000c5672800, fff00000c5672810) [ 18.492316] [ 18.492395] The buggy address belongs to the physical page: [ 18.492477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105672 [ 18.492583] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.492721] page_type: f5(slab) [ 18.492832] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.492977] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.493066] page dumped because: kasan: bad access detected [ 18.493134] [ 18.493180] Memory state around the buggy address: [ 18.493270] fff00000c5672700: 00 05 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 18.493396] fff00000c5672780: 00 03 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.493472] >fff00000c5672800: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 18.493549] ^ [ 18.493857] fff00000c5672880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.494256] fff00000c5672900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.494365] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 18.441108] ================================================================== [ 18.441528] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 18.442755] Write of size 1 at addr fff00000c56f1573 by task kunit_try_catch/137 [ 18.442967] [ 18.443938] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 18.444104] Tainted: [N]=TEST [ 18.444143] Hardware name: linux,dummy-virt (DT) [ 18.444420] Call trace: [ 18.444618] show_stack+0x20/0x38 (C) [ 18.444787] dump_stack_lvl+0x8c/0xd0 [ 18.444857] print_report+0x118/0x608 [ 18.444910] kasan_report+0xdc/0x128 [ 18.444956] __asan_report_store1_noabort+0x20/0x30 [ 18.445005] kmalloc_oob_right+0x5a4/0x660 [ 18.445051] kunit_try_run_case+0x170/0x3f0 [ 18.445102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.445155] kthread+0x328/0x630 [ 18.445199] ret_from_fork+0x10/0x20 [ 18.445383] [ 18.445429] Allocated by task 137: [ 18.445553] kasan_save_stack+0x3c/0x68 [ 18.445625] kasan_save_track+0x20/0x40 [ 18.445666] kasan_save_alloc_info+0x40/0x58 [ 18.445707] __kasan_kmalloc+0xd4/0xd8 [ 18.445743] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.445784] kmalloc_oob_right+0xb0/0x660 [ 18.445820] kunit_try_run_case+0x170/0x3f0 [ 18.445856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.445898] kthread+0x328/0x630 [ 18.445930] ret_from_fork+0x10/0x20 [ 18.445984] [ 18.446231] The buggy address belongs to the object at fff00000c56f1500 [ 18.446231] which belongs to the cache kmalloc-128 of size 128 [ 18.446436] The buggy address is located 0 bytes to the right of [ 18.446436] allocated 115-byte region [fff00000c56f1500, fff00000c56f1573) [ 18.446520] [ 18.446619] The buggy address belongs to the physical page: [ 18.446862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 18.447166] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.447510] page_type: f5(slab) [ 18.447848] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.447913] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.448030] page dumped because: kasan: bad access detected [ 18.448074] [ 18.448102] Memory state around the buggy address: [ 18.448339] fff00000c56f1400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.448432] fff00000c56f1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.448489] >fff00000c56f1500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.448542] ^ [ 18.448629] fff00000c56f1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.448671] fff00000c56f1600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.448735] ================================================================== [ 18.455236] ================================================================== [ 18.455338] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 18.455461] Read of size 1 at addr fff00000c56f1580 by task kunit_try_catch/137 [ 18.455570] [ 18.455641] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.455802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.455852] Hardware name: linux,dummy-virt (DT) [ 18.455913] Call trace: [ 18.455957] show_stack+0x20/0x38 (C) [ 18.456047] dump_stack_lvl+0x8c/0xd0 [ 18.456132] print_report+0x118/0x608 [ 18.456211] kasan_report+0xdc/0x128 [ 18.456336] __asan_report_load1_noabort+0x20/0x30 [ 18.456475] kmalloc_oob_right+0x5d0/0x660 [ 18.456560] kunit_try_run_case+0x170/0x3f0 [ 18.456657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.456764] kthread+0x328/0x630 [ 18.456910] ret_from_fork+0x10/0x20 [ 18.457082] [ 18.457133] Allocated by task 137: [ 18.457404] kasan_save_stack+0x3c/0x68 [ 18.457507] kasan_save_track+0x20/0x40 [ 18.457603] kasan_save_alloc_info+0x40/0x58 [ 18.457691] __kasan_kmalloc+0xd4/0xd8 [ 18.457772] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.457857] kmalloc_oob_right+0xb0/0x660 [ 18.457934] kunit_try_run_case+0x170/0x3f0 [ 18.458030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.458323] kthread+0x328/0x630 [ 18.458420] ret_from_fork+0x10/0x20 [ 18.458507] [ 18.458550] The buggy address belongs to the object at fff00000c56f1500 [ 18.458550] which belongs to the cache kmalloc-128 of size 128 [ 18.458661] The buggy address is located 13 bytes to the right of [ 18.458661] allocated 115-byte region [fff00000c56f1500, fff00000c56f1573) [ 18.458779] [ 18.459147] The buggy address belongs to the physical page: [ 18.459218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 18.459369] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.459481] page_type: f5(slab) [ 18.459565] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.459678] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.459765] page dumped because: kasan: bad access detected [ 18.459837] [ 18.459881] Memory state around the buggy address: [ 18.459975] fff00000c56f1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.460103] fff00000c56f1500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.460202] >fff00000c56f1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.460286] ^ [ 18.460349] fff00000c56f1600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.460439] fff00000c56f1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.460514] ================================================================== [ 18.449641] ================================================================== [ 18.449728] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 18.449890] Write of size 1 at addr fff00000c56f1578 by task kunit_try_catch/137 [ 18.450003] [ 18.450069] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.450232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.450290] Hardware name: linux,dummy-virt (DT) [ 18.450371] Call trace: [ 18.450422] show_stack+0x20/0x38 (C) [ 18.450540] dump_stack_lvl+0x8c/0xd0 [ 18.450644] print_report+0x118/0x608 [ 18.450745] kasan_report+0xdc/0x128 [ 18.450845] __asan_report_store1_noabort+0x20/0x30 [ 18.450951] kmalloc_oob_right+0x538/0x660 [ 18.451052] kunit_try_run_case+0x170/0x3f0 [ 18.451158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.451278] kthread+0x328/0x630 [ 18.451427] ret_from_fork+0x10/0x20 [ 18.451568] [ 18.451624] Allocated by task 137: [ 18.451705] kasan_save_stack+0x3c/0x68 [ 18.451819] kasan_save_track+0x20/0x40 [ 18.451923] kasan_save_alloc_info+0x40/0x58 [ 18.452008] __kasan_kmalloc+0xd4/0xd8 [ 18.452119] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.452236] kmalloc_oob_right+0xb0/0x660 [ 18.452315] kunit_try_run_case+0x170/0x3f0 [ 18.452434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.452514] kthread+0x328/0x630 [ 18.452578] ret_from_fork+0x10/0x20 [ 18.452646] [ 18.452681] The buggy address belongs to the object at fff00000c56f1500 [ 18.452681] which belongs to the cache kmalloc-128 of size 128 [ 18.452786] The buggy address is located 5 bytes to the right of [ 18.452786] allocated 115-byte region [fff00000c56f1500, fff00000c56f1573) [ 18.452912] [ 18.452956] The buggy address belongs to the physical page: [ 18.453017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 18.453127] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.453224] page_type: f5(slab) [ 18.453306] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.453436] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.453516] page dumped because: kasan: bad access detected [ 18.453582] [ 18.453624] Memory state around the buggy address: [ 18.454025] fff00000c56f1400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.454132] fff00000c56f1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.454214] >fff00000c56f1500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.454283] ^ [ 18.454378] fff00000c56f1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.454470] fff00000c56f1600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.454552] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 97.946260] WARNING: CPU: 0 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 97.947148] Modules linked in: [ 97.947499] CPU: 0 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 97.947988] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 97.948501] Hardware name: linux,dummy-virt (DT) [ 97.949618] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.950407] pc : intlog10+0x38/0x48 [ 97.950757] lr : intlog10_test+0xe4/0x200 [ 97.951200] sp : ffff8000823d7c10 [ 97.951587] x29: ffff8000823d7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.952224] x26: 1ffe0000188a11e1 x25: 0000000000000000 x24: ffff8000823d7ce0 [ 97.952799] x23: ffff8000823d7d00 x22: 0000000000000000 x21: 1ffff0001047af82 [ 97.953422] x20: ffff95d574489ec0 x19: ffff800080087990 x18: 00000000c2db3d27 [ 97.954254] x17: 00000000083b68a2 x16: fff00000c097583c x15: fff00000ff616b08 [ 97.954814] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff72baaf063381 [ 97.955460] x11: 1ffff2baaf063380 x10: ffff72baaf063380 x9 : ffff95d571a36bdc [ 97.956090] x8 : ffff95d578319c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.956757] x5 : ffff70001047af82 x4 : 1ffff00010010f3a x3 : 1ffff2baae8913d8 [ 97.957346] x2 : 1ffff2baae8913d8 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.957934] Call trace: [ 97.958407] intlog10+0x38/0x48 (P) [ 97.958939] kunit_try_run_case+0x170/0x3f0 [ 97.959349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.959894] kthread+0x328/0x630 [ 97.960300] ret_from_fork+0x10/0x20 [ 97.960656] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 97.872501] WARNING: CPU: 0 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 97.873604] Modules linked in: [ 97.874201] CPU: 0 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 97.875386] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 97.875880] Hardware name: linux,dummy-virt (DT) [ 97.876408] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.877110] pc : intlog2+0xd8/0xf8 [ 97.877430] lr : intlog2_test+0xe4/0x200 [ 97.877725] sp : ffff800082337c10 [ 97.877975] x29: ffff800082337c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.879130] x26: 1ffe0000188ee1e1 x25: 0000000000000000 x24: ffff800082337ce0 [ 97.879867] x23: ffff800082337d00 x22: 0000000000000000 x21: 1ffff00010466f82 [ 97.881016] x20: ffff95d574489dc0 x19: ffff800080087990 x18: 0000000033dc0f91 [ 97.881992] x17: 0000000073f3e16a x16: fff00000c097583c x15: fff00000ff616b08 [ 97.882949] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff72baaf063381 [ 97.883866] x11: 1ffff2baaf063380 x10: ffff72baaf063380 x9 : ffff95d571a36ddc [ 97.884310] x8 : ffff95d578319c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.885194] x5 : ffff700010466f82 x4 : 1ffff00010010f3a x3 : 1ffff2baae8913b8 [ 97.885816] x2 : 1ffff2baae8913b8 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.886856] Call trace: [ 97.887139] intlog2+0xd8/0xf8 (P) [ 97.887596] kunit_try_run_case+0x170/0x3f0 [ 97.887961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.888293] kthread+0x328/0x630 [ 97.888832] ret_from_fork+0x10/0x20 [ 97.889415] ---[ end trace 0000000000000000 ]---