Date
July 5, 2025, 11:11 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.493185] ================================================================== [ 18.493590] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 18.493662] Read of size 4 at addr fff00000c65c4ac0 by task swapper/0/0 [ 18.494032] [ 18.494074] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.494316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.494425] Hardware name: linux,dummy-virt (DT) [ 18.494617] Call trace: [ 18.494662] show_stack+0x20/0x38 (C) [ 18.494932] dump_stack_lvl+0x8c/0xd0 [ 18.494987] print_report+0x118/0x608 [ 18.495031] kasan_report+0xdc/0x128 [ 18.495082] __asan_report_load4_noabort+0x20/0x30 [ 18.495326] rcu_uaf_reclaim+0x64/0x70 [ 18.495398] rcu_core+0x9f4/0x1e20 [ 18.495599] rcu_core_si+0x18/0x30 [ 18.495778] handle_softirqs+0x374/0xb28 [ 18.495833] __do_softirq+0x1c/0x28 [ 18.495958] ____do_softirq+0x18/0x30 [ 18.496004] call_on_irq_stack+0x24/0x30 [ 18.496049] do_softirq_own_stack+0x24/0x38 [ 18.496095] __irq_exit_rcu+0x1fc/0x318 [ 18.496147] irq_exit_rcu+0x1c/0x80 [ 18.496463] el1_interrupt+0x38/0x58 [ 18.496514] el1h_64_irq_handler+0x18/0x28 [ 18.496578] el1h_64_irq+0x6c/0x70 [ 18.496679] arch_local_irq_enable+0x4/0x8 (P) [ 18.496731] do_idle+0x384/0x4e8 [ 18.496845] cpu_startup_entry+0x64/0x80 [ 18.497004] rest_init+0x160/0x188 [ 18.497160] start_kernel+0x30c/0x3d0 [ 18.497339] __primary_switched+0x8c/0xa0 [ 18.497396] [ 18.497417] Allocated by task 198: [ 18.497628] kasan_save_stack+0x3c/0x68 [ 18.497765] kasan_save_track+0x20/0x40 [ 18.497875] kasan_save_alloc_info+0x40/0x58 [ 18.497946] __kasan_kmalloc+0xd4/0xd8 [ 18.497995] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.498038] rcu_uaf+0xb0/0x2d8 [ 18.498082] kunit_try_run_case+0x170/0x3f0 [ 18.498122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.498395] kthread+0x328/0x630 [ 18.498470] ret_from_fork+0x10/0x20 [ 18.498545] [ 18.498565] Freed by task 0: [ 18.498592] kasan_save_stack+0x3c/0x68 [ 18.498650] kasan_save_track+0x20/0x40 [ 18.498782] kasan_save_free_info+0x4c/0x78 [ 18.498830] __kasan_slab_free+0x6c/0x98 [ 18.498977] kfree+0x214/0x3c8 [ 18.499040] rcu_uaf_reclaim+0x28/0x70 [ 18.499077] rcu_core+0x9f4/0x1e20 [ 18.499110] rcu_core_si+0x18/0x30 [ 18.499171] handle_softirqs+0x374/0xb28 [ 18.499208] __do_softirq+0x1c/0x28 [ 18.499243] [ 18.499274] Last potentially related work creation: [ 18.499311] kasan_save_stack+0x3c/0x68 [ 18.499350] kasan_record_aux_stack+0xb4/0xc8 [ 18.499698] __call_rcu_common.constprop.0+0x74/0x8c8 [ 18.500161] call_rcu+0x18/0x30 [ 18.500248] rcu_uaf+0x14c/0x2d8 [ 18.500332] kunit_try_run_case+0x170/0x3f0 [ 18.500372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.500454] kthread+0x328/0x630 [ 18.500519] ret_from_fork+0x10/0x20 [ 18.500574] [ 18.500688] The buggy address belongs to the object at fff00000c65c4ac0 [ 18.500688] which belongs to the cache kmalloc-32 of size 32 [ 18.500748] The buggy address is located 0 bytes inside of [ 18.500748] freed 32-byte region [fff00000c65c4ac0, fff00000c65c4ae0) [ 18.500823] [ 18.500889] The buggy address belongs to the physical page: [ 18.500926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c4 [ 18.501037] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.501311] page_type: f5(slab) [ 18.501424] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.501475] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.501565] page dumped because: kasan: bad access detected [ 18.501596] [ 18.501615] Memory state around the buggy address: [ 18.501715] fff00000c65c4980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.501906] fff00000c65c4a00: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 18.502021] >fff00000c65c4a80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.502067] ^ [ 18.502426] fff00000c65c4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.502701] fff00000c65c4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.502742] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.286368] ================================================================== [ 18.286427] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 18.286473] Read of size 1 at addr fff00000c3ec0778 by task kunit_try_catch/196 [ 18.286556] [ 18.286759] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.286867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.286955] Hardware name: linux,dummy-virt (DT) [ 18.286993] Call trace: [ 18.287063] show_stack+0x20/0x38 (C) [ 18.287270] dump_stack_lvl+0x8c/0xd0 [ 18.287458] print_report+0x118/0x608 [ 18.287519] kasan_report+0xdc/0x128 [ 18.287565] __asan_report_load1_noabort+0x20/0x30 [ 18.287624] ksize_uaf+0x544/0x5f8 [ 18.287669] kunit_try_run_case+0x170/0x3f0 [ 18.287714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.287766] kthread+0x328/0x630 [ 18.288069] ret_from_fork+0x10/0x20 [ 18.288283] [ 18.288398] Allocated by task 196: [ 18.288495] kasan_save_stack+0x3c/0x68 [ 18.288629] kasan_save_track+0x20/0x40 [ 18.288667] kasan_save_alloc_info+0x40/0x58 [ 18.288707] __kasan_kmalloc+0xd4/0xd8 [ 18.288750] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.289130] ksize_uaf+0xb8/0x5f8 [ 18.289330] kunit_try_run_case+0x170/0x3f0 [ 18.289377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.289644] kthread+0x328/0x630 [ 18.289747] ret_from_fork+0x10/0x20 [ 18.289882] [ 18.290105] Freed by task 196: [ 18.290279] kasan_save_stack+0x3c/0x68 [ 18.290400] kasan_save_track+0x20/0x40 [ 18.290717] kasan_save_free_info+0x4c/0x78 [ 18.290846] __kasan_slab_free+0x6c/0x98 [ 18.290924] kfree+0x214/0x3c8 [ 18.291102] ksize_uaf+0x11c/0x5f8 [ 18.291334] kunit_try_run_case+0x170/0x3f0 [ 18.291457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.291505] kthread+0x328/0x630 [ 18.291857] ret_from_fork+0x10/0x20 [ 18.291928] [ 18.291991] The buggy address belongs to the object at fff00000c3ec0700 [ 18.291991] which belongs to the cache kmalloc-128 of size 128 [ 18.292053] The buggy address is located 120 bytes inside of [ 18.292053] freed 128-byte region [fff00000c3ec0700, fff00000c3ec0780) [ 18.292125] [ 18.292162] The buggy address belongs to the physical page: [ 18.292461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.292572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.292668] page_type: f5(slab) [ 18.292707] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.292901] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.293094] page dumped because: kasan: bad access detected [ 18.293205] [ 18.293298] Memory state around the buggy address: [ 18.293660] fff00000c3ec0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.293742] fff00000c3ec0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.293799] >fff00000c3ec0700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.293947] ^ [ 18.294021] fff00000c3ec0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.294228] fff00000c3ec0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.294384] ================================================================== [ 18.267887] ================================================================== [ 18.268288] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 18.268636] Read of size 1 at addr fff00000c3ec0700 by task kunit_try_catch/196 [ 18.268738] [ 18.268847] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.269058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.269289] Hardware name: linux,dummy-virt (DT) [ 18.269430] Call trace: [ 18.269536] show_stack+0x20/0x38 (C) [ 18.269889] dump_stack_lvl+0x8c/0xd0 [ 18.270141] print_report+0x118/0x608 [ 18.270264] kasan_report+0xdc/0x128 [ 18.270426] __kasan_check_byte+0x54/0x70 [ 18.270517] ksize+0x30/0x88 [ 18.270873] ksize_uaf+0x168/0x5f8 [ 18.270938] kunit_try_run_case+0x170/0x3f0 [ 18.271026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.271252] kthread+0x328/0x630 [ 18.271417] ret_from_fork+0x10/0x20 [ 18.271611] [ 18.271773] Allocated by task 196: [ 18.271902] kasan_save_stack+0x3c/0x68 [ 18.271952] kasan_save_track+0x20/0x40 [ 18.272333] kasan_save_alloc_info+0x40/0x58 [ 18.272527] __kasan_kmalloc+0xd4/0xd8 [ 18.272691] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.272799] ksize_uaf+0xb8/0x5f8 [ 18.272928] kunit_try_run_case+0x170/0x3f0 [ 18.273016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.273389] kthread+0x328/0x630 [ 18.273454] ret_from_fork+0x10/0x20 [ 18.273600] [ 18.273680] Freed by task 196: [ 18.273844] kasan_save_stack+0x3c/0x68 [ 18.273920] kasan_save_track+0x20/0x40 [ 18.274048] kasan_save_free_info+0x4c/0x78 [ 18.274090] __kasan_slab_free+0x6c/0x98 [ 18.274183] kfree+0x214/0x3c8 [ 18.274612] ksize_uaf+0x11c/0x5f8 [ 18.274744] kunit_try_run_case+0x170/0x3f0 [ 18.274912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.275163] kthread+0x328/0x630 [ 18.275368] ret_from_fork+0x10/0x20 [ 18.275495] [ 18.275627] The buggy address belongs to the object at fff00000c3ec0700 [ 18.275627] which belongs to the cache kmalloc-128 of size 128 [ 18.275784] The buggy address is located 0 bytes inside of [ 18.275784] freed 128-byte region [fff00000c3ec0700, fff00000c3ec0780) [ 18.275879] [ 18.275915] The buggy address belongs to the physical page: [ 18.276107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.276175] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.276229] page_type: f5(slab) [ 18.276501] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.276599] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.276661] page dumped because: kasan: bad access detected [ 18.276786] [ 18.276917] Memory state around the buggy address: [ 18.277034] fff00000c3ec0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.277078] fff00000c3ec0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.277120] >fff00000c3ec0700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.277169] ^ [ 18.277198] fff00000c3ec0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.277256] fff00000c3ec0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.277293] ================================================================== [ 18.279177] ================================================================== [ 18.279230] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 18.279349] Read of size 1 at addr fff00000c3ec0700 by task kunit_try_catch/196 [ 18.279403] [ 18.279459] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.279826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.279887] Hardware name: linux,dummy-virt (DT) [ 18.279985] Call trace: [ 18.280276] show_stack+0x20/0x38 (C) [ 18.280414] dump_stack_lvl+0x8c/0xd0 [ 18.280461] print_report+0x118/0x608 [ 18.280692] kasan_report+0xdc/0x128 [ 18.280855] __asan_report_load1_noabort+0x20/0x30 [ 18.280990] ksize_uaf+0x598/0x5f8 [ 18.281037] kunit_try_run_case+0x170/0x3f0 [ 18.281113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.281186] kthread+0x328/0x630 [ 18.281233] ret_from_fork+0x10/0x20 [ 18.281286] [ 18.281305] Allocated by task 196: [ 18.281332] kasan_save_stack+0x3c/0x68 [ 18.281382] kasan_save_track+0x20/0x40 [ 18.281430] kasan_save_alloc_info+0x40/0x58 [ 18.281478] __kasan_kmalloc+0xd4/0xd8 [ 18.281526] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.281582] ksize_uaf+0xb8/0x5f8 [ 18.281615] kunit_try_run_case+0x170/0x3f0 [ 18.281661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.281709] kthread+0x328/0x630 [ 18.281757] ret_from_fork+0x10/0x20 [ 18.281793] [ 18.281813] Freed by task 196: [ 18.281854] kasan_save_stack+0x3c/0x68 [ 18.281891] kasan_save_track+0x20/0x40 [ 18.281928] kasan_save_free_info+0x4c/0x78 [ 18.281965] __kasan_slab_free+0x6c/0x98 [ 18.282002] kfree+0x214/0x3c8 [ 18.282035] ksize_uaf+0x11c/0x5f8 [ 18.282068] kunit_try_run_case+0x170/0x3f0 [ 18.282114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.282165] kthread+0x328/0x630 [ 18.282447] ret_from_fork+0x10/0x20 [ 18.282720] [ 18.282771] The buggy address belongs to the object at fff00000c3ec0700 [ 18.282771] which belongs to the cache kmalloc-128 of size 128 [ 18.282850] The buggy address is located 0 bytes inside of [ 18.282850] freed 128-byte region [fff00000c3ec0700, fff00000c3ec0780) [ 18.283041] [ 18.283088] The buggy address belongs to the physical page: [ 18.283119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.283512] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.283618] page_type: f5(slab) [ 18.283807] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.283891] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.284028] page dumped because: kasan: bad access detected [ 18.284091] [ 18.284111] Memory state around the buggy address: [ 18.284143] fff00000c3ec0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.284203] fff00000c3ec0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.284568] >fff00000c3ec0700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.284632] ^ [ 18.284675] fff00000c3ec0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.284737] fff00000c3ec0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.284908] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.234577] ================================================================== [ 18.234638] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 18.234689] Read of size 1 at addr fff00000c3ec0673 by task kunit_try_catch/194 [ 18.234738] [ 18.234772] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.234852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.234879] Hardware name: linux,dummy-virt (DT) [ 18.234911] Call trace: [ 18.234933] show_stack+0x20/0x38 (C) [ 18.234986] dump_stack_lvl+0x8c/0xd0 [ 18.235033] print_report+0x118/0x608 [ 18.235079] kasan_report+0xdc/0x128 [ 18.235189] __asan_report_load1_noabort+0x20/0x30 [ 18.235248] ksize_unpoisons_memory+0x628/0x740 [ 18.235306] kunit_try_run_case+0x170/0x3f0 [ 18.235362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.235415] kthread+0x328/0x630 [ 18.235456] ret_from_fork+0x10/0x20 [ 18.235503] [ 18.235521] Allocated by task 194: [ 18.235562] kasan_save_stack+0x3c/0x68 [ 18.235604] kasan_save_track+0x20/0x40 [ 18.235641] kasan_save_alloc_info+0x40/0x58 [ 18.235680] __kasan_kmalloc+0xd4/0xd8 [ 18.235718] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.235767] ksize_unpoisons_memory+0xc0/0x740 [ 18.235805] kunit_try_run_case+0x170/0x3f0 [ 18.235842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.236706] kthread+0x328/0x630 [ 18.237267] ret_from_fork+0x10/0x20 [ 18.237527] [ 18.237593] The buggy address belongs to the object at fff00000c3ec0600 [ 18.237593] which belongs to the cache kmalloc-128 of size 128 [ 18.237800] The buggy address is located 0 bytes to the right of [ 18.237800] allocated 115-byte region [fff00000c3ec0600, fff00000c3ec0673) [ 18.237986] [ 18.238083] The buggy address belongs to the physical page: [ 18.238137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.238208] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.238280] page_type: f5(slab) [ 18.238346] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.238615] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.238714] page dumped because: kasan: bad access detected [ 18.238936] [ 18.239060] Memory state around the buggy address: [ 18.239146] fff00000c3ec0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.239287] fff00000c3ec0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.239411] >fff00000c3ec0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.239722] ^ [ 18.239830] fff00000c3ec0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.239885] fff00000c3ec0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.239963] ================================================================== [ 18.242578] ================================================================== [ 18.242629] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 18.242697] Read of size 1 at addr fff00000c3ec0678 by task kunit_try_catch/194 [ 18.243030] [ 18.243077] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.243204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.243272] Hardware name: linux,dummy-virt (DT) [ 18.243350] Call trace: [ 18.243476] show_stack+0x20/0x38 (C) [ 18.243530] dump_stack_lvl+0x8c/0xd0 [ 18.243576] print_report+0x118/0x608 [ 18.243864] kasan_report+0xdc/0x128 [ 18.243950] __asan_report_load1_noabort+0x20/0x30 [ 18.244189] ksize_unpoisons_memory+0x618/0x740 [ 18.244366] kunit_try_run_case+0x170/0x3f0 [ 18.244679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.245080] kthread+0x328/0x630 [ 18.245317] ret_from_fork+0x10/0x20 [ 18.245723] [ 18.245878] Allocated by task 194: [ 18.246029] kasan_save_stack+0x3c/0x68 [ 18.246431] kasan_save_track+0x20/0x40 [ 18.246504] kasan_save_alloc_info+0x40/0x58 [ 18.246763] __kasan_kmalloc+0xd4/0xd8 [ 18.246989] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.247262] ksize_unpoisons_memory+0xc0/0x740 [ 18.247344] kunit_try_run_case+0x170/0x3f0 [ 18.247610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.248219] kthread+0x328/0x630 [ 18.248289] ret_from_fork+0x10/0x20 [ 18.248470] [ 18.248663] The buggy address belongs to the object at fff00000c3ec0600 [ 18.248663] which belongs to the cache kmalloc-128 of size 128 [ 18.248759] The buggy address is located 5 bytes to the right of [ 18.248759] allocated 115-byte region [fff00000c3ec0600, fff00000c3ec0673) [ 18.248906] [ 18.248925] The buggy address belongs to the physical page: [ 18.248963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.249018] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.249455] page_type: f5(slab) [ 18.249517] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.249621] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.249664] page dumped because: kasan: bad access detected [ 18.250025] [ 18.250072] Memory state around the buggy address: [ 18.250193] fff00000c3ec0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.250287] fff00000c3ec0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.250346] >fff00000c3ec0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.250531] ^ [ 18.250603] fff00000c3ec0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.250771] fff00000c3ec0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.250941] ================================================================== [ 18.252492] ================================================================== [ 18.252903] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 18.252968] Read of size 1 at addr fff00000c3ec067f by task kunit_try_catch/194 [ 18.253179] [ 18.253335] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.253450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.253489] Hardware name: linux,dummy-virt (DT) [ 18.253635] Call trace: [ 18.253682] show_stack+0x20/0x38 (C) [ 18.253876] dump_stack_lvl+0x8c/0xd0 [ 18.253937] print_report+0x118/0x608 [ 18.254093] kasan_report+0xdc/0x128 [ 18.254146] __asan_report_load1_noabort+0x20/0x30 [ 18.254209] ksize_unpoisons_memory+0x690/0x740 [ 18.254409] kunit_try_run_case+0x170/0x3f0 [ 18.254579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.254642] kthread+0x328/0x630 [ 18.254684] ret_from_fork+0x10/0x20 [ 18.254733] [ 18.254751] Allocated by task 194: [ 18.254999] kasan_save_stack+0x3c/0x68 [ 18.255107] kasan_save_track+0x20/0x40 [ 18.255272] kasan_save_alloc_info+0x40/0x58 [ 18.255318] __kasan_kmalloc+0xd4/0xd8 [ 18.255365] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.255406] ksize_unpoisons_memory+0xc0/0x740 [ 18.255445] kunit_try_run_case+0x170/0x3f0 [ 18.255491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.255534] kthread+0x328/0x630 [ 18.255567] ret_from_fork+0x10/0x20 [ 18.255613] [ 18.255643] The buggy address belongs to the object at fff00000c3ec0600 [ 18.255643] which belongs to the cache kmalloc-128 of size 128 [ 18.255701] The buggy address is located 12 bytes to the right of [ 18.255701] allocated 115-byte region [fff00000c3ec0600, fff00000c3ec0673) [ 18.255768] [ 18.255793] The buggy address belongs to the physical page: [ 18.255823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.255873] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.256142] page_type: f5(slab) [ 18.256449] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.256530] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.256717] page dumped because: kasan: bad access detected [ 18.256874] [ 18.256897] Memory state around the buggy address: [ 18.256942] fff00000c3ec0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.257340] fff00000c3ec0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.257391] >fff00000c3ec0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.257455] ^ [ 18.257660] fff00000c3ec0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.257866] fff00000c3ec0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.257911] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.756559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 20.705404] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 20.673693] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.622376] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 95.296444] Internal error: Oops: 0000000096000005 [#1] SMP [ 95.304409] Modules linked in: [ 95.305627] CPU: 0 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 95.306749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 95.307380] Hardware name: linux,dummy-virt (DT) [ 95.308058] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.309001] pc : kunit_test_null_dereference+0x70/0x170 [ 95.309577] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.309835] sp : ffff800080e07d30 [ 95.310019] x29: ffff800080e07d90 x28: 0000000000000000 x27: 0000000000000000 [ 95.311060] x26: 1ffe000018cb7301 x25: 0000000000000000 x24: 0000000000000004 [ 95.311608] x23: fff00000c65b980c x22: ffff918d026241b8 x21: fff00000c43fce08 [ 95.312332] x20: 1ffff000101c0fa6 x19: ffff800080087990 x18: 000000003b93f6d0 [ 95.313034] x17: 0000000000000000 x16: fff00000da453d28 x15: 0000000020422432 [ 95.313623] x14: 00000000f1f1f1f1 x13: fff00000c5d3e548 x12: fffd800018ba7dc4 [ 95.314061] x11: 1ffe000018ba7dc3 x10: fffd800018ba7dc3 x9 : ffff918d0261b620 [ 95.314631] x8 : ffff800080e07c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 95.315115] x5 : ffff7000101c0fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 95.315602] x2 : dfff800000000000 x1 : fff00000c5d3e540 x0 : ffff800080087990 [ 95.316228] Call trace: [ 95.316607] kunit_test_null_dereference+0x70/0x170 (P) [ 95.316910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.317266] kthread+0x328/0x630 [ 95.317452] ret_from_fork+0x10/0x20 [ 95.317928] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 95.318571] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.873024] ================================================================== [ 51.873119] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 51.873119] [ 51.873231] Use-after-free read at 0x0000000026d4fdb3 (in kfence-#150): [ 51.873285] test_krealloc+0x51c/0x830 [ 51.873329] kunit_try_run_case+0x170/0x3f0 [ 51.873375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.873419] kthread+0x328/0x630 [ 51.873457] ret_from_fork+0x10/0x20 [ 51.873496] [ 51.873521] kfence-#150: 0x0000000026d4fdb3-0x000000000f86fc8d, size=32, cache=kmalloc-32 [ 51.873521] [ 51.873574] allocated by task 337 on cpu 0 at 51.872332s (0.001238s ago): [ 51.873641] test_alloc+0x29c/0x628 [ 51.873681] test_krealloc+0xc0/0x830 [ 51.873719] kunit_try_run_case+0x170/0x3f0 [ 51.873759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.873803] kthread+0x328/0x630 [ 51.873839] ret_from_fork+0x10/0x20 [ 51.873878] [ 51.873900] freed by task 337 on cpu 0 at 51.872614s (0.001282s ago): [ 51.873960] krealloc_noprof+0x148/0x360 [ 51.874000] test_krealloc+0x1dc/0x830 [ 51.874039] kunit_try_run_case+0x170/0x3f0 [ 51.874078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.874121] kthread+0x328/0x630 [ 51.874166] ret_from_fork+0x10/0x20 [ 51.874205] [ 51.874253] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 51.874331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.874360] Hardware name: linux,dummy-virt (DT) [ 51.874398] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.778622] ================================================================== [ 51.778730] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.778730] [ 51.778834] Use-after-free read at 0x000000003172af32 (in kfence-#149): [ 51.778890] test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.778942] kunit_try_run_case+0x170/0x3f0 [ 51.778995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.779039] kthread+0x328/0x630 [ 51.779079] ret_from_fork+0x10/0x20 [ 51.779121] [ 51.779146] kfence-#149: 0x000000003172af32-0x0000000064987742, size=32, cache=test [ 51.779146] [ 51.779215] allocated by task 335 on cpu 0 at 51.768816s (0.010395s ago): [ 51.779287] test_alloc+0x230/0x628 [ 51.779327] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 51.779370] kunit_try_run_case+0x170/0x3f0 [ 51.779408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.779451] kthread+0x328/0x630 [ 51.779488] ret_from_fork+0x10/0x20 [ 51.779525] [ 51.779548] freed by task 335 on cpu 0 at 51.768930s (0.010614s ago): [ 51.779604] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 51.779646] kunit_try_run_case+0x170/0x3f0 [ 51.779686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.779729] kthread+0x328/0x630 [ 51.779763] ret_from_fork+0x10/0x20 [ 51.779802] [ 51.779849] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 51.779937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.779967] Hardware name: linux,dummy-virt (DT) [ 51.780002] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 29.012870] ================================================================== [ 29.013037] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 29.013037] [ 29.013146] Invalid read at 0x000000001096779e: [ 29.013232] test_invalid_access+0xdc/0x1f0 [ 29.013288] kunit_try_run_case+0x170/0x3f0 [ 29.013340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.013557] kthread+0x328/0x630 [ 29.013613] ret_from_fork+0x10/0x20 [ 29.013667] [ 29.013719] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 29.013805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.013841] Hardware name: linux,dummy-virt (DT) [ 29.013882] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 28.780617] ================================================================== [ 28.780722] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.780722] [ 28.780785] Corrupted memory at 0x00000000bfc4f94d [ ! . . . . . . . . . . . . . . . ] (in kfence-#145): [ 28.781095] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.781146] kunit_try_run_case+0x170/0x3f0 [ 28.781204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.781248] kthread+0x328/0x630 [ 28.781285] ret_from_fork+0x10/0x20 [ 28.781324] [ 28.781349] kfence-#145: 0x000000002a86186f-0x00000000f2fffd01, size=73, cache=kmalloc-96 [ 28.781349] [ 28.781403] allocated by task 325 on cpu 1 at 28.780379s (0.001021s ago): [ 28.781465] test_alloc+0x29c/0x628 [ 28.781506] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 28.781548] kunit_try_run_case+0x170/0x3f0 [ 28.781588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.781631] kthread+0x328/0x630 [ 28.781666] ret_from_fork+0x10/0x20 [ 28.781705] [ 28.781729] freed by task 325 on cpu 1 at 28.780527s (0.001198s ago): [ 28.781791] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.781834] kunit_try_run_case+0x170/0x3f0 [ 28.781873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.781916] kthread+0x328/0x630 [ 28.781951] ret_from_fork+0x10/0x20 [ 28.781990] [ 28.782032] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.782108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.782137] Hardware name: linux,dummy-virt (DT) [ 28.782182] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 28.676579] ================================================================== [ 28.676669] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.676669] [ 28.676774] Out-of-bounds read at 0x0000000068459d1d (105B right of kfence-#144): [ 28.676834] test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.676883] kunit_try_run_case+0x170/0x3f0 [ 28.676928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.676973] kthread+0x328/0x630 [ 28.677010] ret_from_fork+0x10/0x20 [ 28.677051] [ 28.677076] kfence-#144: 0x000000007e09bd50-0x00000000ff526b45, size=73, cache=kmalloc-96 [ 28.677076] [ 28.677128] allocated by task 323 on cpu 1 at 28.676337s (0.000787s ago): [ 28.677214] test_alloc+0x29c/0x628 [ 28.677257] test_kmalloc_aligned_oob_read+0x100/0x468 [ 28.677300] kunit_try_run_case+0x170/0x3f0 [ 28.677340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.677383] kthread+0x328/0x630 [ 28.677418] ret_from_fork+0x10/0x20 [ 28.677458] [ 28.677504] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.677583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.677612] Hardware name: linux,dummy-virt (DT) [ 28.677649] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 24.308562] ================================================================== [ 24.308660] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 24.308660] [ 24.308834] Corrupted memory at 0x000000009255a7a3 [ ! ] (in kfence-#102): [ 24.308954] test_corruption+0x1d8/0x378 [ 24.309003] kunit_try_run_case+0x170/0x3f0 [ 24.309044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.309090] kthread+0x328/0x630 [ 24.309128] ret_from_fork+0x10/0x20 [ 24.309182] [ 24.309206] kfence-#102: 0x000000000823a8ad-0x00000000dd714a73, size=32, cache=test [ 24.309206] [ 24.309259] allocated by task 313 on cpu 1 at 24.308418s (0.000837s ago): [ 24.309319] test_alloc+0x230/0x628 [ 24.309360] test_corruption+0x198/0x378 [ 24.309400] kunit_try_run_case+0x170/0x3f0 [ 24.309438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.309482] kthread+0x328/0x630 [ 24.309517] ret_from_fork+0x10/0x20 [ 24.309557] [ 24.309579] freed by task 313 on cpu 1 at 24.308477s (0.001099s ago): [ 24.309639] test_corruption+0x1d8/0x378 [ 24.309679] kunit_try_run_case+0x170/0x3f0 [ 24.309719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.309763] kthread+0x328/0x630 [ 24.309797] ret_from_fork+0x10/0x20 [ 24.309836] [ 24.309877] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.309949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.309977] Hardware name: linux,dummy-virt (DT) [ 24.310011] ================================================================== [ 24.102593] ================================================================== [ 24.102691] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 24.102691] [ 24.102753] Corrupted memory at 0x00000000b7cbffa1 [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 24.103061] test_corruption+0x120/0x378 [ 24.103108] kunit_try_run_case+0x170/0x3f0 [ 24.103166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.103211] kthread+0x328/0x630 [ 24.103247] ret_from_fork+0x10/0x20 [ 24.103287] [ 24.103312] kfence-#100: 0x00000000fd8fa7bc-0x00000000dfadc28e, size=32, cache=test [ 24.103312] [ 24.103365] allocated by task 313 on cpu 1 at 24.102440s (0.000922s ago): [ 24.103426] test_alloc+0x230/0x628 [ 24.103467] test_corruption+0xdc/0x378 [ 24.103507] kunit_try_run_case+0x170/0x3f0 [ 24.103546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.103589] kthread+0x328/0x630 [ 24.103625] ret_from_fork+0x10/0x20 [ 24.103664] [ 24.103686] freed by task 313 on cpu 1 at 24.102508s (0.001174s ago): [ 24.103747] test_corruption+0x120/0x378 [ 24.103787] kunit_try_run_case+0x170/0x3f0 [ 24.103825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.103876] kthread+0x328/0x630 [ 24.103956] ret_from_fork+0x10/0x20 [ 24.104000] [ 24.104039] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.104114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.104142] Hardware name: linux,dummy-virt (DT) [ 24.104189] ================================================================== [ 23.996657] ================================================================== [ 23.996754] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 23.996754] [ 23.996821] Corrupted memory at 0x000000004e0bdfef [ ! ] (in kfence-#99): [ 23.996947] test_corruption+0x284/0x378 [ 23.996995] kunit_try_run_case+0x170/0x3f0 [ 23.997036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.997079] kthread+0x328/0x630 [ 23.997116] ret_from_fork+0x10/0x20 [ 23.997172] [ 23.997197] kfence-#99: 0x000000006aaf1548-0x00000000f5ef362f, size=32, cache=kmalloc-32 [ 23.997197] [ 23.997254] allocated by task 311 on cpu 1 at 23.996381s (0.000869s ago): [ 23.997316] test_alloc+0x29c/0x628 [ 23.997355] test_corruption+0x198/0x378 [ 23.997395] kunit_try_run_case+0x170/0x3f0 [ 23.997434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.997478] kthread+0x328/0x630 [ 23.997514] ret_from_fork+0x10/0x20 [ 23.997552] [ 23.997575] freed by task 311 on cpu 1 at 23.996486s (0.001085s ago): [ 23.997633] test_corruption+0x284/0x378 [ 23.997673] kunit_try_run_case+0x170/0x3f0 [ 23.997711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.997754] kthread+0x328/0x630 [ 23.997790] ret_from_fork+0x10/0x20 [ 23.997828] [ 23.997867] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.997941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.997969] Hardware name: linux,dummy-virt (DT) [ 23.998003] ================================================================== [ 23.580696] ================================================================== [ 23.580803] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 23.580803] [ 23.580873] Corrupted memory at 0x000000007472691d [ ! . . . . . . . . . . . . . . . ] (in kfence-#95): [ 23.581970] test_corruption+0x278/0x378 [ 23.582022] kunit_try_run_case+0x170/0x3f0 [ 23.582069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.582115] kthread+0x328/0x630 [ 23.582183] ret_from_fork+0x10/0x20 [ 23.582224] [ 23.582250] kfence-#95: 0x00000000c4b74de1-0x0000000020b159f5, size=32, cache=kmalloc-32 [ 23.582250] [ 23.582306] allocated by task 311 on cpu 1 at 23.580402s (0.001901s ago): [ 23.582369] test_alloc+0x29c/0x628 [ 23.582411] test_corruption+0xdc/0x378 [ 23.582453] kunit_try_run_case+0x170/0x3f0 [ 23.582494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.582539] kthread+0x328/0x630 [ 23.582573] ret_from_fork+0x10/0x20 [ 23.582612] [ 23.582637] freed by task 311 on cpu 1 at 23.580511s (0.002121s ago): [ 23.582696] test_corruption+0x278/0x378 [ 23.582735] kunit_try_run_case+0x170/0x3f0 [ 23.582775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.582818] kthread+0x328/0x630 [ 23.582854] ret_from_fork+0x10/0x20 [ 23.582893] [ 23.582943] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.583025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.583055] Hardware name: linux,dummy-virt (DT) [ 23.583090] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 23.372473] ================================================================== [ 23.372569] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.372569] [ 23.372630] Invalid free of 0x0000000024ab24ed (in kfence-#93): [ 23.372682] test_invalid_addr_free+0x1ac/0x238 [ 23.372732] kunit_try_run_case+0x170/0x3f0 [ 23.372774] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.372818] kthread+0x328/0x630 [ 23.372856] ret_from_fork+0x10/0x20 [ 23.372896] [ 23.372921] kfence-#93: 0x00000000c50e7e24-0x00000000f9105e04, size=32, cache=kmalloc-32 [ 23.372921] [ 23.372975] allocated by task 307 on cpu 0 at 23.372330s (0.000641s ago): [ 23.373037] test_alloc+0x29c/0x628 [ 23.373077] test_invalid_addr_free+0xd4/0x238 [ 23.373119] kunit_try_run_case+0x170/0x3f0 [ 23.373173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.373217] kthread+0x328/0x630 [ 23.373253] ret_from_fork+0x10/0x20 [ 23.373292] [ 23.373333] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.373410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.373440] Hardware name: linux,dummy-virt (DT) [ 23.373474] ================================================================== [ 23.476504] ================================================================== [ 23.476600] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 23.476600] [ 23.476659] Invalid free of 0x000000006400dac8 (in kfence-#94): [ 23.476712] test_invalid_addr_free+0xec/0x238 [ 23.476756] kunit_try_run_case+0x170/0x3f0 [ 23.476798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.476844] kthread+0x328/0x630 [ 23.476881] ret_from_fork+0x10/0x20 [ 23.476921] [ 23.476945] kfence-#94: 0x0000000090a4bd03-0x00000000331be944, size=32, cache=test [ 23.476945] [ 23.476997] allocated by task 309 on cpu 0 at 23.476383s (0.000610s ago): [ 23.477059] test_alloc+0x230/0x628 [ 23.477099] test_invalid_addr_free+0xd4/0x238 [ 23.477140] kunit_try_run_case+0x170/0x3f0 [ 23.477195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.477238] kthread+0x328/0x630 [ 23.477273] ret_from_fork+0x10/0x20 [ 23.477316] [ 23.477356] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.477432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.477460] Hardware name: linux,dummy-virt (DT) [ 23.477494] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 23.268880] ================================================================== [ 23.268979] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 23.268979] [ 23.269041] Invalid free of 0x000000006ffa8a85 (in kfence-#92): [ 23.269092] test_double_free+0x100/0x238 [ 23.269139] kunit_try_run_case+0x170/0x3f0 [ 23.269205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.269247] kthread+0x328/0x630 [ 23.269288] ret_from_fork+0x10/0x20 [ 23.269328] [ 23.269352] kfence-#92: 0x000000006ffa8a85-0x00000000462bf713, size=32, cache=test [ 23.269352] [ 23.269405] allocated by task 305 on cpu 0 at 23.268680s (0.000721s ago): [ 23.269467] test_alloc+0x230/0x628 [ 23.269506] test_double_free+0xd4/0x238 [ 23.269547] kunit_try_run_case+0x170/0x3f0 [ 23.269587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.269630] kthread+0x328/0x630 [ 23.269665] ret_from_fork+0x10/0x20 [ 23.269704] [ 23.269727] freed by task 305 on cpu 0 at 23.268740s (0.000983s ago): [ 23.269788] test_double_free+0xf0/0x238 [ 23.269827] kunit_try_run_case+0x170/0x3f0 [ 23.269868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.269912] kthread+0x328/0x630 [ 23.269948] ret_from_fork+0x10/0x20 [ 23.269987] [ 23.270027] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.270115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.270146] Hardware name: linux,dummy-virt (DT) [ 23.270192] ================================================================== [ 23.164643] ================================================================== [ 23.164770] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 23.164770] [ 23.164837] Invalid free of 0x000000007425c3e1 (in kfence-#91): [ 23.164901] test_double_free+0x1bc/0x238 [ 23.164946] kunit_try_run_case+0x170/0x3f0 [ 23.164990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.165032] kthread+0x328/0x630 [ 23.165071] ret_from_fork+0x10/0x20 [ 23.165110] [ 23.165135] kfence-#91: 0x000000007425c3e1-0x00000000e119e386, size=32, cache=kmalloc-32 [ 23.165135] [ 23.165204] allocated by task 303 on cpu 0 at 23.164352s (0.000848s ago): [ 23.165266] test_alloc+0x29c/0x628 [ 23.165306] test_double_free+0xd4/0x238 [ 23.165347] kunit_try_run_case+0x170/0x3f0 [ 23.165386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.165428] kthread+0x328/0x630 [ 23.165464] ret_from_fork+0x10/0x20 [ 23.165504] [ 23.165527] freed by task 303 on cpu 0 at 23.164429s (0.001093s ago): [ 23.165588] test_double_free+0x1ac/0x238 [ 23.165628] kunit_try_run_case+0x170/0x3f0 [ 23.165668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.165712] kthread+0x328/0x630 [ 23.165746] ret_from_fork+0x10/0x20 [ 23.165785] [ 23.165827] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.165905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.165932] Hardware name: linux,dummy-virt (DT) [ 23.165968] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 22.738341] ================================================================== [ 22.738628] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.738628] [ 22.738741] Use-after-free read at 0x00000000ee9fe3b2 (in kfence-#87): [ 22.738837] test_use_after_free_read+0x114/0x248 [ 22.738891] kunit_try_run_case+0x170/0x3f0 [ 22.738935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.739279] kthread+0x328/0x630 [ 22.739342] ret_from_fork+0x10/0x20 [ 22.739387] [ 22.739412] kfence-#87: 0x00000000ee9fe3b2-0x00000000b351db43, size=32, cache=kmalloc-32 [ 22.739412] [ 22.739634] allocated by task 295 on cpu 0 at 22.737830s (0.001772s ago): [ 22.740977] test_alloc+0x29c/0x628 [ 22.742385] test_use_after_free_read+0xd0/0x248 [ 22.743227] kunit_try_run_case+0x170/0x3f0 [ 22.743286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.743332] kthread+0x328/0x630 [ 22.743368] ret_from_fork+0x10/0x20 [ 22.743423] [ 22.743572] freed by task 295 on cpu 0 at 22.737951s (0.005525s ago): [ 22.743688] test_use_after_free_read+0x1c0/0x248 [ 22.743735] kunit_try_run_case+0x170/0x3f0 [ 22.743773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.743820] kthread+0x328/0x630 [ 22.743858] ret_from_fork+0x10/0x20 [ 22.743910] [ 22.745509] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.746255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.746290] Hardware name: linux,dummy-virt (DT) [ 22.746326] ================================================================== [ 22.844955] ================================================================== [ 22.845036] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.845036] [ 22.845187] Use-after-free read at 0x0000000083a7e1f4 (in kfence-#88): [ 22.845283] test_use_after_free_read+0x114/0x248 [ 22.845359] kunit_try_run_case+0x170/0x3f0 [ 22.845403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.845448] kthread+0x328/0x630 [ 22.845484] ret_from_fork+0x10/0x20 [ 22.845633] [ 22.845767] kfence-#88: 0x0000000083a7e1f4-0x000000008ef0e3f4, size=32, cache=test [ 22.845767] [ 22.845828] allocated by task 297 on cpu 0 at 22.844576s (0.001240s ago): [ 22.845899] test_alloc+0x230/0x628 [ 22.845981] test_use_after_free_read+0xd0/0x248 [ 22.846026] kunit_try_run_case+0x170/0x3f0 [ 22.846066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.846109] kthread+0x328/0x630 [ 22.846145] ret_from_fork+0x10/0x20 [ 22.846266] [ 22.846407] freed by task 297 on cpu 0 at 22.844732s (0.001669s ago): [ 22.846515] test_use_after_free_read+0xf0/0x248 [ 22.846579] kunit_try_run_case+0x170/0x3f0 [ 22.846628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.846671] kthread+0x328/0x630 [ 22.846708] ret_from_fork+0x10/0x20 [ 22.846849] [ 22.847004] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.847083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.847111] Hardware name: linux,dummy-virt (DT) [ 22.847245] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 22.529612] ================================================================== [ 22.529682] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.529682] [ 22.530058] Out-of-bounds write at 0x0000000042bf6dc4 (1B left of kfence-#85): [ 22.530173] test_out_of_bounds_write+0x100/0x240 [ 22.530271] kunit_try_run_case+0x170/0x3f0 [ 22.530421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.530476] kthread+0x328/0x630 [ 22.530544] ret_from_fork+0x10/0x20 [ 22.530799] [ 22.530869] kfence-#85: 0x00000000bd56f7f8-0x0000000087c0bc8a, size=32, cache=kmalloc-32 [ 22.530869] [ 22.530947] allocated by task 291 on cpu 0 at 22.529411s (0.001524s ago): [ 22.531022] test_alloc+0x29c/0x628 [ 22.531071] test_out_of_bounds_write+0xc8/0x240 [ 22.531114] kunit_try_run_case+0x170/0x3f0 [ 22.531167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.531209] kthread+0x328/0x630 [ 22.531286] ret_from_fork+0x10/0x20 [ 22.531327] [ 22.531407] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.531716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.531773] Hardware name: linux,dummy-virt (DT) [ 22.531990] ================================================================== [ 22.637447] ================================================================== [ 22.637529] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.637529] [ 22.637611] Out-of-bounds write at 0x0000000000b1cd3d (1B left of kfence-#86): [ 22.637666] test_out_of_bounds_write+0x100/0x240 [ 22.637713] kunit_try_run_case+0x170/0x3f0 [ 22.637755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.637798] kthread+0x328/0x630 [ 22.637845] ret_from_fork+0x10/0x20 [ 22.637894] [ 22.637920] kfence-#86: 0x00000000a387b0cf-0x000000005896e4fc, size=32, cache=test [ 22.637920] [ 22.637970] allocated by task 293 on cpu 0 at 22.637275s (0.000691s ago): [ 22.638037] test_alloc+0x230/0x628 [ 22.638077] test_out_of_bounds_write+0xc8/0x240 [ 22.638125] kunit_try_run_case+0x170/0x3f0 [ 22.638177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.638229] kthread+0x328/0x630 [ 22.638266] ret_from_fork+0x10/0x20 [ 22.638306] [ 22.638347] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.638423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.638451] Hardware name: linux,dummy-virt (DT) [ 22.638484] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.986035] ================================================================== [ 21.986126] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.986126] [ 21.986527] Out-of-bounds read at 0x00000000f1b44df5 (1B left of kfence-#80): [ 21.986644] test_out_of_bounds_read+0x114/0x3e0 [ 21.987003] kunit_try_run_case+0x170/0x3f0 [ 21.987072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.987142] kthread+0x328/0x630 [ 21.987198] ret_from_fork+0x10/0x20 [ 21.987238] [ 21.987264] kfence-#80: 0x00000000a983c07d-0x00000000a3ab1d74, size=32, cache=test [ 21.987264] [ 21.987317] allocated by task 289 on cpu 0 at 21.985047s (0.002266s ago): [ 21.987457] test_alloc+0x230/0x628 [ 21.987499] test_out_of_bounds_read+0xdc/0x3e0 [ 21.987541] kunit_try_run_case+0x170/0x3f0 [ 21.987596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.987650] kthread+0x328/0x630 [ 21.987686] ret_from_fork+0x10/0x20 [ 21.987723] [ 21.987772] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.987848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.987876] Hardware name: linux,dummy-virt (DT) [ 21.987908] ================================================================== [ 22.423065] ================================================================== [ 22.423518] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.423518] [ 22.424009] Out-of-bounds read at 0x00000000572fe036 (32B right of kfence-#84): [ 22.424090] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.424144] kunit_try_run_case+0x170/0x3f0 [ 22.424563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.424878] kthread+0x328/0x630 [ 22.424963] ret_from_fork+0x10/0x20 [ 22.425021] [ 22.425072] kfence-#84: 0x0000000015e2a667-0x000000002566c770, size=32, cache=test [ 22.425072] [ 22.425137] allocated by task 289 on cpu 0 at 22.422252s (0.002881s ago): [ 22.425654] test_alloc+0x230/0x628 [ 22.425917] test_out_of_bounds_read+0x198/0x3e0 [ 22.426176] kunit_try_run_case+0x170/0x3f0 [ 22.426412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.426468] kthread+0x328/0x630 [ 22.426729] ret_from_fork+0x10/0x20 [ 22.427102] [ 22.427330] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.427612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.427648] Hardware name: linux,dummy-virt (DT) [ 22.427963] ================================================================== [ 21.665539] ================================================================== [ 21.665763] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.665763] [ 21.666296] Out-of-bounds read at 0x000000006b3d9b2f (32B right of kfence-#77): [ 21.666411] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.666465] kunit_try_run_case+0x170/0x3f0 [ 21.666827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.666897] kthread+0x328/0x630 [ 21.667034] ret_from_fork+0x10/0x20 [ 21.667080] [ 21.667105] kfence-#77: 0x000000004935d902-0x00000000bc9d6741, size=32, cache=kmalloc-32 [ 21.667105] [ 21.667457] allocated by task 287 on cpu 0 at 21.665280s (0.002119s ago): [ 21.667538] test_alloc+0x29c/0x628 [ 21.667580] test_out_of_bounds_read+0x198/0x3e0 [ 21.667623] kunit_try_run_case+0x170/0x3f0 [ 21.667665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.667945] kthread+0x328/0x630 [ 21.668265] ret_from_fork+0x10/0x20 [ 21.668493] [ 21.668654] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.668921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.669047] Hardware name: linux,dummy-virt (DT) [ 21.669083] ================================================================== [ 21.449769] ================================================================== [ 21.449887] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.449887] [ 21.450014] Out-of-bounds read at 0x0000000008ff331f (1B left of kfence-#75): [ 21.450292] test_out_of_bounds_read+0x114/0x3e0 [ 21.450392] kunit_try_run_case+0x170/0x3f0 [ 21.450437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.450480] kthread+0x328/0x630 [ 21.450533] ret_from_fork+0x10/0x20 [ 21.450577] [ 21.450735] kfence-#75: 0x00000000f0c931d7-0x00000000b04eb47a, size=32, cache=kmalloc-32 [ 21.450735] [ 21.450893] allocated by task 287 on cpu 0 at 21.448723s (0.002117s ago): [ 21.451269] test_alloc+0x29c/0x628 [ 21.451336] test_out_of_bounds_read+0xdc/0x3e0 [ 21.451474] kunit_try_run_case+0x170/0x3f0 [ 21.451561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.451896] kthread+0x328/0x630 [ 21.451956] ret_from_fork+0x10/0x20 [ 21.452107] [ 21.452239] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.452323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.452352] Hardware name: linux,dummy-virt (DT) [ 21.452419] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 21.303856] ================================================================== [ 21.303921] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 21.304027] Write of size 121 at addr fff00000c78d3b00 by task kunit_try_catch/285 [ 21.304082] [ 21.304383] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.304513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.304555] Hardware name: linux,dummy-virt (DT) [ 21.304813] Call trace: [ 21.304904] show_stack+0x20/0x38 (C) [ 21.305026] dump_stack_lvl+0x8c/0xd0 [ 21.305146] print_report+0x118/0x608 [ 21.305534] kasan_report+0xdc/0x128 [ 21.305649] kasan_check_range+0x100/0x1a8 [ 21.305720] __kasan_check_write+0x20/0x30 [ 21.305769] strncpy_from_user+0x3c/0x2a0 [ 21.305832] copy_user_test_oob+0x5c0/0xec8 [ 21.305882] kunit_try_run_case+0x170/0x3f0 [ 21.305929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.305983] kthread+0x328/0x630 [ 21.306037] ret_from_fork+0x10/0x20 [ 21.306095] [ 21.306125] Allocated by task 285: [ 21.306180] kasan_save_stack+0x3c/0x68 [ 21.306223] kasan_save_track+0x20/0x40 [ 21.306279] kasan_save_alloc_info+0x40/0x58 [ 21.306330] __kasan_kmalloc+0xd4/0xd8 [ 21.306367] __kmalloc_noprof+0x198/0x4c8 [ 21.306415] kunit_kmalloc_array+0x34/0x88 [ 21.306453] copy_user_test_oob+0xac/0xec8 [ 21.306494] kunit_try_run_case+0x170/0x3f0 [ 21.306541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.306594] kthread+0x328/0x630 [ 21.306645] ret_from_fork+0x10/0x20 [ 21.306682] [ 21.306711] The buggy address belongs to the object at fff00000c78d3b00 [ 21.306711] which belongs to the cache kmalloc-128 of size 128 [ 21.306770] The buggy address is located 0 bytes inside of [ 21.306770] allocated 120-byte region [fff00000c78d3b00, fff00000c78d3b78) [ 21.306847] [ 21.306888] The buggy address belongs to the physical page: [ 21.306951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.307017] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.307067] page_type: f5(slab) [ 21.307107] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.307346] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.307580] page dumped because: kasan: bad access detected [ 21.307893] [ 21.308190] Memory state around the buggy address: [ 21.308235] fff00000c78d3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.308283] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.308653] >fff00000c78d3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.308768] ^ [ 21.308963] fff00000c78d3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.309124] fff00000c78d3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.309181] ================================================================== [ 21.310392] ================================================================== [ 21.310703] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 21.311048] Write of size 1 at addr fff00000c78d3b78 by task kunit_try_catch/285 [ 21.311105] [ 21.311146] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.311243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.311514] Hardware name: linux,dummy-virt (DT) [ 21.311683] Call trace: [ 21.311870] show_stack+0x20/0x38 (C) [ 21.312302] dump_stack_lvl+0x8c/0xd0 [ 21.312486] print_report+0x118/0x608 [ 21.312572] kasan_report+0xdc/0x128 [ 21.312768] __asan_report_store1_noabort+0x20/0x30 [ 21.312817] strncpy_from_user+0x270/0x2a0 [ 21.312867] copy_user_test_oob+0x5c0/0xec8 [ 21.312915] kunit_try_run_case+0x170/0x3f0 [ 21.313662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.313782] kthread+0x328/0x630 [ 21.313969] ret_from_fork+0x10/0x20 [ 21.314343] [ 21.314393] Allocated by task 285: [ 21.314550] kasan_save_stack+0x3c/0x68 [ 21.314749] kasan_save_track+0x20/0x40 [ 21.314852] kasan_save_alloc_info+0x40/0x58 [ 21.314949] __kasan_kmalloc+0xd4/0xd8 [ 21.315025] __kmalloc_noprof+0x198/0x4c8 [ 21.315220] kunit_kmalloc_array+0x34/0x88 [ 21.315472] copy_user_test_oob+0xac/0xec8 [ 21.315639] kunit_try_run_case+0x170/0x3f0 [ 21.315716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.316091] kthread+0x328/0x630 [ 21.316177] ret_from_fork+0x10/0x20 [ 21.316303] [ 21.316393] The buggy address belongs to the object at fff00000c78d3b00 [ 21.316393] which belongs to the cache kmalloc-128 of size 128 [ 21.316512] The buggy address is located 0 bytes to the right of [ 21.316512] allocated 120-byte region [fff00000c78d3b00, fff00000c78d3b78) [ 21.316577] [ 21.316599] The buggy address belongs to the physical page: [ 21.316726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.316921] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.317082] page_type: f5(slab) [ 21.317138] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.317241] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.317770] page dumped because: kasan: bad access detected [ 21.318835] [ 21.318940] Memory state around the buggy address: [ 21.319215] fff00000c78d3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.319374] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.319585] >fff00000c78d3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.319742] ^ [ 21.319813] fff00000c78d3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.319989] fff00000c78d3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.320179] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 21.290269] ================================================================== [ 21.290332] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 21.290386] Write of size 121 at addr fff00000c78d3b00 by task kunit_try_catch/285 [ 21.290776] [ 21.290828] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.291109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.291164] Hardware name: linux,dummy-virt (DT) [ 21.291231] Call trace: [ 21.291480] show_stack+0x20/0x38 (C) [ 21.291553] dump_stack_lvl+0x8c/0xd0 [ 21.291779] print_report+0x118/0x608 [ 21.291950] kasan_report+0xdc/0x128 [ 21.292077] kasan_check_range+0x100/0x1a8 [ 21.292181] __kasan_check_write+0x20/0x30 [ 21.292476] copy_user_test_oob+0x434/0xec8 [ 21.292618] kunit_try_run_case+0x170/0x3f0 [ 21.292765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.292823] kthread+0x328/0x630 [ 21.293082] ret_from_fork+0x10/0x20 [ 21.293484] [ 21.293512] Allocated by task 285: [ 21.293568] kasan_save_stack+0x3c/0x68 [ 21.293629] kasan_save_track+0x20/0x40 [ 21.293670] kasan_save_alloc_info+0x40/0x58 [ 21.293711] __kasan_kmalloc+0xd4/0xd8 [ 21.293750] __kmalloc_noprof+0x198/0x4c8 [ 21.293788] kunit_kmalloc_array+0x34/0x88 [ 21.293840] copy_user_test_oob+0xac/0xec8 [ 21.293878] kunit_try_run_case+0x170/0x3f0 [ 21.293920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.293965] kthread+0x328/0x630 [ 21.294011] ret_from_fork+0x10/0x20 [ 21.294049] [ 21.294086] The buggy address belongs to the object at fff00000c78d3b00 [ 21.294086] which belongs to the cache kmalloc-128 of size 128 [ 21.294143] The buggy address is located 0 bytes inside of [ 21.294143] allocated 120-byte region [fff00000c78d3b00, fff00000c78d3b78) [ 21.294232] [ 21.294267] The buggy address belongs to the physical page: [ 21.294321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.294384] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.294431] page_type: f5(slab) [ 21.294471] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.294522] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.294565] page dumped because: kasan: bad access detected [ 21.294631] [ 21.294660] Memory state around the buggy address: [ 21.294717] fff00000c78d3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.294764] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.294811] >fff00000c78d3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.294856] ^ [ 21.294900] fff00000c78d3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.294944] fff00000c78d3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.294997] ================================================================== [ 21.272452] ================================================================== [ 21.272557] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 21.272952] Write of size 121 at addr fff00000c78d3b00 by task kunit_try_catch/285 [ 21.273096] [ 21.273191] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.273334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.273362] Hardware name: linux,dummy-virt (DT) [ 21.273407] Call trace: [ 21.273436] show_stack+0x20/0x38 (C) [ 21.273504] dump_stack_lvl+0x8c/0xd0 [ 21.273639] print_report+0x118/0x608 [ 21.273724] kasan_report+0xdc/0x128 [ 21.274052] kasan_check_range+0x100/0x1a8 [ 21.274126] __kasan_check_write+0x20/0x30 [ 21.274240] copy_user_test_oob+0x35c/0xec8 [ 21.274327] kunit_try_run_case+0x170/0x3f0 [ 21.274457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.274517] kthread+0x328/0x630 [ 21.274783] ret_from_fork+0x10/0x20 [ 21.274889] [ 21.274913] Allocated by task 285: [ 21.274954] kasan_save_stack+0x3c/0x68 [ 21.275253] kasan_save_track+0x20/0x40 [ 21.275322] kasan_save_alloc_info+0x40/0x58 [ 21.275368] __kasan_kmalloc+0xd4/0xd8 [ 21.275407] __kmalloc_noprof+0x198/0x4c8 [ 21.275446] kunit_kmalloc_array+0x34/0x88 [ 21.275488] copy_user_test_oob+0xac/0xec8 [ 21.275530] kunit_try_run_case+0x170/0x3f0 [ 21.275815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.275889] kthread+0x328/0x630 [ 21.276176] ret_from_fork+0x10/0x20 [ 21.276243] [ 21.276482] The buggy address belongs to the object at fff00000c78d3b00 [ 21.276482] which belongs to the cache kmalloc-128 of size 128 [ 21.276639] The buggy address is located 0 bytes inside of [ 21.276639] allocated 120-byte region [fff00000c78d3b00, fff00000c78d3b78) [ 21.276876] [ 21.276997] The buggy address belongs to the physical page: [ 21.277125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.277293] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.277399] page_type: f5(slab) [ 21.277610] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.277783] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.277853] page dumped because: kasan: bad access detected [ 21.277952] [ 21.278063] Memory state around the buggy address: [ 21.278517] fff00000c78d3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.278626] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.279075] >fff00000c78d3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.279174] ^ [ 21.279297] fff00000c78d3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.279345] fff00000c78d3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.279444] ================================================================== [ 21.253929] ================================================================== [ 21.253989] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 21.254041] Read of size 121 at addr fff00000c78d3b00 by task kunit_try_catch/285 [ 21.254093] [ 21.254124] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.254495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.254530] Hardware name: linux,dummy-virt (DT) [ 21.254574] Call trace: [ 21.254599] show_stack+0x20/0x38 (C) [ 21.254652] dump_stack_lvl+0x8c/0xd0 [ 21.254699] print_report+0x118/0x608 [ 21.254807] kasan_report+0xdc/0x128 [ 21.254903] kasan_check_range+0x100/0x1a8 [ 21.255064] __kasan_check_read+0x20/0x30 [ 21.255215] copy_user_test_oob+0x728/0xec8 [ 21.255282] kunit_try_run_case+0x170/0x3f0 [ 21.255372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.255459] kthread+0x328/0x630 [ 21.255502] ret_from_fork+0x10/0x20 [ 21.255625] [ 21.255651] Allocated by task 285: [ 21.255697] kasan_save_stack+0x3c/0x68 [ 21.255741] kasan_save_track+0x20/0x40 [ 21.256107] kasan_save_alloc_info+0x40/0x58 [ 21.256314] __kasan_kmalloc+0xd4/0xd8 [ 21.256628] __kmalloc_noprof+0x198/0x4c8 [ 21.256769] kunit_kmalloc_array+0x34/0x88 [ 21.256866] copy_user_test_oob+0xac/0xec8 [ 21.257005] kunit_try_run_case+0x170/0x3f0 [ 21.257233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.257300] kthread+0x328/0x630 [ 21.257337] ret_from_fork+0x10/0x20 [ 21.257381] [ 21.257405] The buggy address belongs to the object at fff00000c78d3b00 [ 21.257405] which belongs to the cache kmalloc-128 of size 128 [ 21.257576] The buggy address is located 0 bytes inside of [ 21.257576] allocated 120-byte region [fff00000c78d3b00, fff00000c78d3b78) [ 21.257740] [ 21.257862] The buggy address belongs to the physical page: [ 21.259543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.259676] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.259731] page_type: f5(slab) [ 21.259771] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.259981] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.260067] page dumped because: kasan: bad access detected [ 21.260178] [ 21.260427] Memory state around the buggy address: [ 21.260634] fff00000c78d3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.260689] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.260933] >fff00000c78d3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.261065] ^ [ 21.261439] fff00000c78d3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.261608] fff00000c78d3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.261654] ================================================================== [ 21.242285] ================================================================== [ 21.242603] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 21.242925] Write of size 121 at addr fff00000c78d3b00 by task kunit_try_catch/285 [ 21.243024] [ 21.243088] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.243213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.243275] Hardware name: linux,dummy-virt (DT) [ 21.243342] Call trace: [ 21.243376] show_stack+0x20/0x38 (C) [ 21.243433] dump_stack_lvl+0x8c/0xd0 [ 21.243484] print_report+0x118/0x608 [ 21.243743] kasan_report+0xdc/0x128 [ 21.243896] kasan_check_range+0x100/0x1a8 [ 21.244006] __kasan_check_write+0x20/0x30 [ 21.244168] copy_user_test_oob+0x234/0xec8 [ 21.244293] kunit_try_run_case+0x170/0x3f0 [ 21.244413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.244601] kthread+0x328/0x630 [ 21.244658] ret_from_fork+0x10/0x20 [ 21.244707] [ 21.244769] Allocated by task 285: [ 21.244803] kasan_save_stack+0x3c/0x68 [ 21.244912] kasan_save_track+0x20/0x40 [ 21.245004] kasan_save_alloc_info+0x40/0x58 [ 21.245093] __kasan_kmalloc+0xd4/0xd8 [ 21.245370] __kmalloc_noprof+0x198/0x4c8 [ 21.245482] kunit_kmalloc_array+0x34/0x88 [ 21.245582] copy_user_test_oob+0xac/0xec8 [ 21.245740] kunit_try_run_case+0x170/0x3f0 [ 21.245894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.245999] kthread+0x328/0x630 [ 21.246117] ret_from_fork+0x10/0x20 [ 21.246196] [ 21.246219] The buggy address belongs to the object at fff00000c78d3b00 [ 21.246219] which belongs to the cache kmalloc-128 of size 128 [ 21.246307] The buggy address is located 0 bytes inside of [ 21.246307] allocated 120-byte region [fff00000c78d3b00, fff00000c78d3b78) [ 21.246371] [ 21.246398] The buggy address belongs to the physical page: [ 21.246432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.246511] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.246562] page_type: f5(slab) [ 21.246607] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.246656] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.246698] page dumped because: kasan: bad access detected [ 21.246750] [ 21.246782] Memory state around the buggy address: [ 21.246828] fff00000c78d3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.246873] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.246918] >fff00000c78d3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.246959] ^ [ 21.247016] fff00000c78d3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.247071] fff00000c78d3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.247112] ================================================================== [ 21.280576] ================================================================== [ 21.280631] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 21.280683] Read of size 121 at addr fff00000c78d3b00 by task kunit_try_catch/285 [ 21.280736] [ 21.281299] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.281405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.281442] Hardware name: linux,dummy-virt (DT) [ 21.281607] Call trace: [ 21.281751] show_stack+0x20/0x38 (C) [ 21.281838] dump_stack_lvl+0x8c/0xd0 [ 21.281889] print_report+0x118/0x608 [ 21.282166] kasan_report+0xdc/0x128 [ 21.282331] kasan_check_range+0x100/0x1a8 [ 21.282462] __kasan_check_read+0x20/0x30 [ 21.282513] copy_user_test_oob+0x3c8/0xec8 [ 21.282690] kunit_try_run_case+0x170/0x3f0 [ 21.282928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.283014] kthread+0x328/0x630 [ 21.283058] ret_from_fork+0x10/0x20 [ 21.283248] [ 21.283295] Allocated by task 285: [ 21.283342] kasan_save_stack+0x3c/0x68 [ 21.283397] kasan_save_track+0x20/0x40 [ 21.283435] kasan_save_alloc_info+0x40/0x58 [ 21.283748] __kasan_kmalloc+0xd4/0xd8 [ 21.283818] __kmalloc_noprof+0x198/0x4c8 [ 21.283860] kunit_kmalloc_array+0x34/0x88 [ 21.284183] copy_user_test_oob+0xac/0xec8 [ 21.284393] kunit_try_run_case+0x170/0x3f0 [ 21.284520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.284722] kthread+0x328/0x630 [ 21.284763] ret_from_fork+0x10/0x20 [ 21.285112] [ 21.285184] The buggy address belongs to the object at fff00000c78d3b00 [ 21.285184] which belongs to the cache kmalloc-128 of size 128 [ 21.285559] The buggy address is located 0 bytes inside of [ 21.285559] allocated 120-byte region [fff00000c78d3b00, fff00000c78d3b78) [ 21.285815] [ 21.286009] The buggy address belongs to the physical page: [ 21.286099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.286232] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.286654] page_type: f5(slab) [ 21.287162] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.287235] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.287491] page dumped because: kasan: bad access detected [ 21.287609] [ 21.288004] Memory state around the buggy address: [ 21.288077] fff00000c78d3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.288203] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.288249] >fff00000c78d3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.288295] ^ [ 21.288338] fff00000c78d3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.288384] fff00000c78d3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.288426] ================================================================== [ 21.295306] ================================================================== [ 21.296096] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 21.296190] Read of size 121 at addr fff00000c78d3b00 by task kunit_try_catch/285 [ 21.296272] [ 21.296323] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.296598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.296858] Hardware name: linux,dummy-virt (DT) [ 21.296912] Call trace: [ 21.296956] show_stack+0x20/0x38 (C) [ 21.297009] dump_stack_lvl+0x8c/0xd0 [ 21.297057] print_report+0x118/0x608 [ 21.297103] kasan_report+0xdc/0x128 [ 21.297159] kasan_check_range+0x100/0x1a8 [ 21.297208] __kasan_check_read+0x20/0x30 [ 21.297254] copy_user_test_oob+0x4a0/0xec8 [ 21.297301] kunit_try_run_case+0x170/0x3f0 [ 21.297347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.297405] kthread+0x328/0x630 [ 21.297452] ret_from_fork+0x10/0x20 [ 21.297499] [ 21.297520] Allocated by task 285: [ 21.297551] kasan_save_stack+0x3c/0x68 [ 21.297594] kasan_save_track+0x20/0x40 [ 21.297632] kasan_save_alloc_info+0x40/0x58 [ 21.297673] __kasan_kmalloc+0xd4/0xd8 [ 21.297710] __kmalloc_noprof+0x198/0x4c8 [ 21.297749] kunit_kmalloc_array+0x34/0x88 [ 21.297787] copy_user_test_oob+0xac/0xec8 [ 21.297826] kunit_try_run_case+0x170/0x3f0 [ 21.297865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.297908] kthread+0x328/0x630 [ 21.298085] ret_from_fork+0x10/0x20 [ 21.298177] [ 21.298643] The buggy address belongs to the object at fff00000c78d3b00 [ 21.298643] which belongs to the cache kmalloc-128 of size 128 [ 21.298781] The buggy address is located 0 bytes inside of [ 21.298781] allocated 120-byte region [fff00000c78d3b00, fff00000c78d3b78) [ 21.298944] [ 21.298997] The buggy address belongs to the physical page: [ 21.299176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.299256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.299408] page_type: f5(slab) [ 21.299450] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.300205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.300261] page dumped because: kasan: bad access detected [ 21.300303] [ 21.300640] Memory state around the buggy address: [ 21.300702] fff00000c78d3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.300784] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.300843] >fff00000c78d3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.300911] ^ [ 21.301175] fff00000c78d3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.301255] fff00000c78d3c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.301461] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.209079] ================================================================== [ 21.209215] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 21.209298] Write of size 8 at addr fff00000c78d3a78 by task kunit_try_catch/281 [ 21.209360] [ 21.209395] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.209539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.209579] Hardware name: linux,dummy-virt (DT) [ 21.209613] Call trace: [ 21.209637] show_stack+0x20/0x38 (C) [ 21.209691] dump_stack_lvl+0x8c/0xd0 [ 21.209748] print_report+0x118/0x608 [ 21.209795] kasan_report+0xdc/0x128 [ 21.209851] kasan_check_range+0x100/0x1a8 [ 21.209903] __kasan_check_write+0x20/0x30 [ 21.209948] copy_to_kernel_nofault+0x8c/0x250 [ 21.210001] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 21.210052] kunit_try_run_case+0x170/0x3f0 [ 21.210099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.210487] kthread+0x328/0x630 [ 21.210567] ret_from_fork+0x10/0x20 [ 21.210724] [ 21.210775] Allocated by task 281: [ 21.211021] kasan_save_stack+0x3c/0x68 [ 21.211086] kasan_save_track+0x20/0x40 [ 21.211132] kasan_save_alloc_info+0x40/0x58 [ 21.211234] __kasan_kmalloc+0xd4/0xd8 [ 21.211353] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.211428] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.211614] kunit_try_run_case+0x170/0x3f0 [ 21.211659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.211798] kthread+0x328/0x630 [ 21.211887] ret_from_fork+0x10/0x20 [ 21.211946] [ 21.211967] The buggy address belongs to the object at fff00000c78d3a00 [ 21.211967] which belongs to the cache kmalloc-128 of size 128 [ 21.212027] The buggy address is located 0 bytes to the right of [ 21.212027] allocated 120-byte region [fff00000c78d3a00, fff00000c78d3a78) [ 21.212091] [ 21.212321] The buggy address belongs to the physical page: [ 21.212474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.212580] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.212984] page_type: f5(slab) [ 21.213049] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.213125] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.213327] page dumped because: kasan: bad access detected [ 21.213459] [ 21.213531] Memory state around the buggy address: [ 21.213623] fff00000c78d3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.213670] fff00000c78d3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.214343] >fff00000c78d3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.214657] ^ [ 21.214873] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.215017] fff00000c78d3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.215106] ================================================================== [ 21.202330] ================================================================== [ 21.202437] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 21.202528] Read of size 8 at addr fff00000c78d3a78 by task kunit_try_catch/281 [ 21.202598] [ 21.202664] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.202750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.202817] Hardware name: linux,dummy-virt (DT) [ 21.202852] Call trace: [ 21.202878] show_stack+0x20/0x38 (C) [ 21.202945] dump_stack_lvl+0x8c/0xd0 [ 21.203003] print_report+0x118/0x608 [ 21.203071] kasan_report+0xdc/0x128 [ 21.203196] __asan_report_load8_noabort+0x20/0x30 [ 21.203318] copy_to_kernel_nofault+0x204/0x250 [ 21.203414] copy_to_kernel_nofault_oob+0x158/0x418 [ 21.203506] kunit_try_run_case+0x170/0x3f0 [ 21.203558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.203761] kthread+0x328/0x630 [ 21.203829] ret_from_fork+0x10/0x20 [ 21.203888] [ 21.203927] Allocated by task 281: [ 21.204054] kasan_save_stack+0x3c/0x68 [ 21.204205] kasan_save_track+0x20/0x40 [ 21.204313] kasan_save_alloc_info+0x40/0x58 [ 21.204406] __kasan_kmalloc+0xd4/0xd8 [ 21.204548] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.204724] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.204787] kunit_try_run_case+0x170/0x3f0 [ 21.204828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.204896] kthread+0x328/0x630 [ 21.204930] ret_from_fork+0x10/0x20 [ 21.205142] [ 21.205285] The buggy address belongs to the object at fff00000c78d3a00 [ 21.205285] which belongs to the cache kmalloc-128 of size 128 [ 21.205387] The buggy address is located 0 bytes to the right of [ 21.205387] allocated 120-byte region [fff00000c78d3a00, fff00000c78d3a78) [ 21.205594] [ 21.205691] The buggy address belongs to the physical page: [ 21.205769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 21.206050] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.206203] page_type: f5(slab) [ 21.206280] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.206452] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.206561] page dumped because: kasan: bad access detected [ 21.206646] [ 21.206760] Memory state around the buggy address: [ 21.206886] fff00000c78d3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.206950] fff00000c78d3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.207000] >fff00000c78d3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.207780] ^ [ 21.207828] fff00000c78d3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.207872] fff00000c78d3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.207912] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 21.172647] ================================================================== [ 21.172817] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 21.172869] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 21.172919] [ 21.172951] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.173379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.173410] Hardware name: linux,dummy-virt (DT) [ 21.173443] Call trace: [ 21.173467] show_stack+0x20/0x38 (C) [ 21.173517] dump_stack_lvl+0x8c/0xd0 [ 21.173565] print_report+0x310/0x608 [ 21.173614] kasan_report+0xdc/0x128 [ 21.173660] __asan_report_load1_noabort+0x20/0x30 [ 21.173713] vmalloc_oob+0x51c/0x5d0 [ 21.173758] kunit_try_run_case+0x170/0x3f0 [ 21.173806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.173859] kthread+0x328/0x630 [ 21.173903] ret_from_fork+0x10/0x20 [ 21.173950] [ 21.173976] The buggy address belongs to the virtual mapping at [ 21.173976] [ffff8000800fe000, ffff800080100000) created by: [ 21.173976] vmalloc_oob+0x98/0x5d0 [ 21.174050] [ 21.174072] The buggy address belongs to the physical page: [ 21.174105] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c5 [ 21.174168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.174331] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.174396] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.174438] page dumped because: kasan: bad access detected [ 21.174472] [ 21.174491] Memory state around the buggy address: [ 21.174525] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.174569] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.174615] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.174653] ^ [ 21.174696] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.174740] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.174780] ================================================================== [ 21.166582] ================================================================== [ 21.166654] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 21.166729] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 21.166845] [ 21.166887] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.167169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.167313] Hardware name: linux,dummy-virt (DT) [ 21.167350] Call trace: [ 21.167375] show_stack+0x20/0x38 (C) [ 21.167429] dump_stack_lvl+0x8c/0xd0 [ 21.167817] print_report+0x310/0x608 [ 21.168211] kasan_report+0xdc/0x128 [ 21.168286] __asan_report_load1_noabort+0x20/0x30 [ 21.168564] vmalloc_oob+0x578/0x5d0 [ 21.168618] kunit_try_run_case+0x170/0x3f0 [ 21.168769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.168824] kthread+0x328/0x630 [ 21.168903] ret_from_fork+0x10/0x20 [ 21.168952] [ 21.168982] The buggy address belongs to the virtual mapping at [ 21.168982] [ffff8000800fe000, ffff800080100000) created by: [ 21.168982] vmalloc_oob+0x98/0x5d0 [ 21.169056] [ 21.169079] The buggy address belongs to the physical page: [ 21.169161] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c5 [ 21.169217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.169382] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.169434] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.169476] page dumped because: kasan: bad access detected [ 21.169510] [ 21.169532] Memory state around the buggy address: [ 21.170526] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.170839] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.170887] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.170934] ^ [ 21.170983] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.171178] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.171456] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 21.098301] ================================================================== [ 21.098353] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 21.098404] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.098455] [ 21.098494] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.098915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.099042] Hardware name: linux,dummy-virt (DT) [ 21.099075] Call trace: [ 21.099099] show_stack+0x20/0x38 (C) [ 21.099211] dump_stack_lvl+0x8c/0xd0 [ 21.099292] print_report+0x118/0x608 [ 21.099339] kasan_report+0xdc/0x128 [ 21.099385] kasan_check_range+0x100/0x1a8 [ 21.099439] __kasan_check_write+0x20/0x30 [ 21.099484] kasan_atomics_helper+0x154c/0x4858 [ 21.099538] kasan_atomics+0x198/0x2e0 [ 21.099776] kunit_try_run_case+0x170/0x3f0 [ 21.099861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.099945] kthread+0x328/0x630 [ 21.100188] ret_from_fork+0x10/0x20 [ 21.100697] [ 21.100975] Allocated by task 265: [ 21.101050] kasan_save_stack+0x3c/0x68 [ 21.101171] kasan_save_track+0x20/0x40 [ 21.101212] kasan_save_alloc_info+0x40/0x58 [ 21.101254] __kasan_kmalloc+0xd4/0xd8 [ 21.101293] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.101332] kasan_atomics+0xb8/0x2e0 [ 21.101373] kunit_try_run_case+0x170/0x3f0 [ 21.101413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.101486] kthread+0x328/0x630 [ 21.101520] ret_from_fork+0x10/0x20 [ 21.101557] [ 21.101580] The buggy address belongs to the object at fff00000c78ca300 [ 21.101580] which belongs to the cache kmalloc-64 of size 64 [ 21.101960] The buggy address is located 0 bytes to the right of [ 21.101960] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.102060] [ 21.102094] The buggy address belongs to the physical page: [ 21.102128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.102427] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.102489] page_type: f5(slab) [ 21.102666] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.102746] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.102788] page dumped because: kasan: bad access detected [ 21.103055] [ 21.103244] Memory state around the buggy address: [ 21.103312] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.103412] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.103457] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.103498] ^ [ 21.103566] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.103838] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.103987] ================================================================== [ 21.129143] ================================================================== [ 21.129206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 21.129256] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.129305] [ 21.129337] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.129416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.129444] Hardware name: linux,dummy-virt (DT) [ 21.129477] Call trace: [ 21.129500] show_stack+0x20/0x38 (C) [ 21.129548] dump_stack_lvl+0x8c/0xd0 [ 21.129598] print_report+0x118/0x608 [ 21.129647] kasan_report+0xdc/0x128 [ 21.129759] kasan_check_range+0x100/0x1a8 [ 21.129817] __kasan_check_write+0x20/0x30 [ 21.130055] kasan_atomics_helper+0x16d0/0x4858 [ 21.130106] kasan_atomics+0x198/0x2e0 [ 21.130161] kunit_try_run_case+0x170/0x3f0 [ 21.130216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.130435] kthread+0x328/0x630 [ 21.130478] ret_from_fork+0x10/0x20 [ 21.130726] [ 21.130753] Allocated by task 265: [ 21.130840] kasan_save_stack+0x3c/0x68 [ 21.130882] kasan_save_track+0x20/0x40 [ 21.130922] kasan_save_alloc_info+0x40/0x58 [ 21.130962] __kasan_kmalloc+0xd4/0xd8 [ 21.131006] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.131051] kasan_atomics+0xb8/0x2e0 [ 21.131179] kunit_try_run_case+0x170/0x3f0 [ 21.131218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.131263] kthread+0x328/0x630 [ 21.131295] ret_from_fork+0x10/0x20 [ 21.131333] [ 21.131353] The buggy address belongs to the object at fff00000c78ca300 [ 21.131353] which belongs to the cache kmalloc-64 of size 64 [ 21.131684] The buggy address is located 0 bytes to the right of [ 21.131684] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.131752] [ 21.131774] The buggy address belongs to the physical page: [ 21.131806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.132226] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.132301] page_type: f5(slab) [ 21.132358] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.132412] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.132576] page dumped because: kasan: bad access detected [ 21.132611] [ 21.132631] Memory state around the buggy address: [ 21.132666] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.132711] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.132789] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.132829] ^ [ 21.132865] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.132907] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.133197] ================================================================== [ 21.141117] ================================================================== [ 21.141175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 21.141226] Read of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.141351] [ 21.141385] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.141465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.141494] Hardware name: linux,dummy-virt (DT) [ 21.141525] Call trace: [ 21.141630] show_stack+0x20/0x38 (C) [ 21.141750] dump_stack_lvl+0x8c/0xd0 [ 21.141802] print_report+0x118/0x608 [ 21.141866] kasan_report+0xdc/0x128 [ 21.141915] __asan_report_load8_noabort+0x20/0x30 [ 21.141974] kasan_atomics_helper+0x3e20/0x4858 [ 21.142025] kasan_atomics+0x198/0x2e0 [ 21.142071] kunit_try_run_case+0x170/0x3f0 [ 21.142119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.142183] kthread+0x328/0x630 [ 21.142234] ret_from_fork+0x10/0x20 [ 21.142483] [ 21.142601] Allocated by task 265: [ 21.142692] kasan_save_stack+0x3c/0x68 [ 21.142733] kasan_save_track+0x20/0x40 [ 21.142930] kasan_save_alloc_info+0x40/0x58 [ 21.143137] __kasan_kmalloc+0xd4/0xd8 [ 21.143470] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.143512] kasan_atomics+0xb8/0x2e0 [ 21.143549] kunit_try_run_case+0x170/0x3f0 [ 21.143588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.143631] kthread+0x328/0x630 [ 21.143665] ret_from_fork+0x10/0x20 [ 21.143702] [ 21.143722] The buggy address belongs to the object at fff00000c78ca300 [ 21.143722] which belongs to the cache kmalloc-64 of size 64 [ 21.143779] The buggy address is located 0 bytes to the right of [ 21.143779] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.143982] [ 21.144005] The buggy address belongs to the physical page: [ 21.144037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.144189] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.144293] page_type: f5(slab) [ 21.144446] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.144499] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.144561] page dumped because: kasan: bad access detected [ 21.144597] [ 21.144617] Memory state around the buggy address: [ 21.144649] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.144700] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.144745] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.144785] ^ [ 21.144819] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.144898] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.144972] ================================================================== [ 20.984596] ================================================================== [ 20.984646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 20.985178] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.985233] [ 20.985265] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.985345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.985373] Hardware name: linux,dummy-virt (DT) [ 20.986104] Call trace: [ 20.986142] show_stack+0x20/0x38 (C) [ 20.986212] dump_stack_lvl+0x8c/0xd0 [ 20.986300] print_report+0x118/0x608 [ 20.986348] kasan_report+0xdc/0x128 [ 20.986402] __asan_report_store8_noabort+0x20/0x30 [ 20.986512] kasan_atomics_helper+0x3e5c/0x4858 [ 20.986565] kasan_atomics+0x198/0x2e0 [ 20.986658] kunit_try_run_case+0x170/0x3f0 [ 20.986705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.986758] kthread+0x328/0x630 [ 20.987114] ret_from_fork+0x10/0x20 [ 20.987269] [ 20.987305] Allocated by task 265: [ 20.987449] kasan_save_stack+0x3c/0x68 [ 20.987553] kasan_save_track+0x20/0x40 [ 20.987942] kasan_save_alloc_info+0x40/0x58 [ 20.988137] __kasan_kmalloc+0xd4/0xd8 [ 20.988189] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.988231] kasan_atomics+0xb8/0x2e0 [ 20.988269] kunit_try_run_case+0x170/0x3f0 [ 20.988310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.988356] kthread+0x328/0x630 [ 20.988390] ret_from_fork+0x10/0x20 [ 20.988427] [ 20.989024] The buggy address belongs to the object at fff00000c78ca300 [ 20.989024] which belongs to the cache kmalloc-64 of size 64 [ 20.989138] The buggy address is located 0 bytes to the right of [ 20.989138] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.989214] [ 20.989247] The buggy address belongs to the physical page: [ 20.989280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.989802] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.989871] page_type: f5(slab) [ 20.989919] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.990159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.990207] page dumped because: kasan: bad access detected [ 20.990262] [ 20.990282] Memory state around the buggy address: [ 20.990317] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.990571] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.990989] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.991263] ^ [ 20.991398] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.991746] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.992135] ================================================================== [ 21.045172] ================================================================== [ 21.045534] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 21.045593] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.045650] [ 21.045805] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.046224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.046289] Hardware name: linux,dummy-virt (DT) [ 21.046321] Call trace: [ 21.046346] show_stack+0x20/0x38 (C) [ 21.046519] dump_stack_lvl+0x8c/0xd0 [ 21.046569] print_report+0x118/0x608 [ 21.046615] kasan_report+0xdc/0x128 [ 21.046662] kasan_check_range+0x100/0x1a8 [ 21.046710] __kasan_check_write+0x20/0x30 [ 21.046756] kasan_atomics_helper+0x11f8/0x4858 [ 21.046817] kasan_atomics+0x198/0x2e0 [ 21.046865] kunit_try_run_case+0x170/0x3f0 [ 21.047008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.047259] kthread+0x328/0x630 [ 21.047450] ret_from_fork+0x10/0x20 [ 21.047921] [ 21.047946] Allocated by task 265: [ 21.047976] kasan_save_stack+0x3c/0x68 [ 21.048416] kasan_save_track+0x20/0x40 [ 21.048507] kasan_save_alloc_info+0x40/0x58 [ 21.048550] __kasan_kmalloc+0xd4/0xd8 [ 21.048587] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.048742] kasan_atomics+0xb8/0x2e0 [ 21.048780] kunit_try_run_case+0x170/0x3f0 [ 21.048822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.048865] kthread+0x328/0x630 [ 21.048936] ret_from_fork+0x10/0x20 [ 21.048973] [ 21.048998] The buggy address belongs to the object at fff00000c78ca300 [ 21.048998] which belongs to the cache kmalloc-64 of size 64 [ 21.049074] The buggy address is located 0 bytes to the right of [ 21.049074] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.049140] [ 21.049187] The buggy address belongs to the physical page: [ 21.049368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.049441] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.049588] page_type: f5(slab) [ 21.049706] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.049777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.049820] page dumped because: kasan: bad access detected [ 21.049853] [ 21.049876] Memory state around the buggy address: [ 21.049977] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.050114] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.050168] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.050208] ^ [ 21.050243] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.050284] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.050323] ================================================================== [ 21.133530] ================================================================== [ 21.133579] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 21.133628] Read of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.133708] [ 21.133740] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.133836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.133865] Hardware name: linux,dummy-virt (DT) [ 21.133897] Call trace: [ 21.133920] show_stack+0x20/0x38 (C) [ 21.134007] dump_stack_lvl+0x8c/0xd0 [ 21.134134] print_report+0x118/0x608 [ 21.134195] kasan_report+0xdc/0x128 [ 21.134241] __asan_report_load8_noabort+0x20/0x30 [ 21.134290] kasan_atomics_helper+0x3e10/0x4858 [ 21.134338] kasan_atomics+0x198/0x2e0 [ 21.134385] kunit_try_run_case+0x170/0x3f0 [ 21.134440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.134712] kthread+0x328/0x630 [ 21.134929] ret_from_fork+0x10/0x20 [ 21.135099] [ 21.135119] Allocated by task 265: [ 21.135220] kasan_save_stack+0x3c/0x68 [ 21.135443] kasan_save_track+0x20/0x40 [ 21.135640] kasan_save_alloc_info+0x40/0x58 [ 21.135852] __kasan_kmalloc+0xd4/0xd8 [ 21.135945] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.135986] kasan_atomics+0xb8/0x2e0 [ 21.136022] kunit_try_run_case+0x170/0x3f0 [ 21.136062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.136107] kthread+0x328/0x630 [ 21.136140] ret_from_fork+0x10/0x20 [ 21.136184] [ 21.136204] The buggy address belongs to the object at fff00000c78ca300 [ 21.136204] which belongs to the cache kmalloc-64 of size 64 [ 21.136316] The buggy address is located 0 bytes to the right of [ 21.136316] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.136382] [ 21.136405] The buggy address belongs to the physical page: [ 21.136479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.136537] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.136586] page_type: f5(slab) [ 21.136623] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.136674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.136717] page dumped because: kasan: bad access detected [ 21.136751] [ 21.136770] Memory state around the buggy address: [ 21.136802] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.136847] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.136892] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.136931] ^ [ 21.136967] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.137011] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.137048] ================================================================== [ 21.076907] ================================================================== [ 21.077038] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 21.077092] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.077376] [ 21.077411] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.077491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.077519] Hardware name: linux,dummy-virt (DT) [ 21.077553] Call trace: [ 21.077577] show_stack+0x20/0x38 (C) [ 21.077628] dump_stack_lvl+0x8c/0xd0 [ 21.077688] print_report+0x118/0x608 [ 21.077736] kasan_report+0xdc/0x128 [ 21.078008] kasan_check_range+0x100/0x1a8 [ 21.078210] __kasan_check_write+0x20/0x30 [ 21.078596] kasan_atomics_helper+0x1414/0x4858 [ 21.078962] kasan_atomics+0x198/0x2e0 [ 21.079020] kunit_try_run_case+0x170/0x3f0 [ 21.079238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.079298] kthread+0x328/0x630 [ 21.080756] ret_from_fork+0x10/0x20 [ 21.080900] [ 21.080984] Allocated by task 265: [ 21.081079] kasan_save_stack+0x3c/0x68 [ 21.081231] kasan_save_track+0x20/0x40 [ 21.081272] kasan_save_alloc_info+0x40/0x58 [ 21.081336] __kasan_kmalloc+0xd4/0xd8 [ 21.081536] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.081601] kasan_atomics+0xb8/0x2e0 [ 21.081637] kunit_try_run_case+0x170/0x3f0 [ 21.081678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.081744] kthread+0x328/0x630 [ 21.081918] ret_from_fork+0x10/0x20 [ 21.082006] [ 21.082029] The buggy address belongs to the object at fff00000c78ca300 [ 21.082029] which belongs to the cache kmalloc-64 of size 64 [ 21.082268] The buggy address is located 0 bytes to the right of [ 21.082268] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.082333] [ 21.082360] The buggy address belongs to the physical page: [ 21.082512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.082577] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.082625] page_type: f5(slab) [ 21.082671] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.082859] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.082903] page dumped because: kasan: bad access detected [ 21.082936] [ 21.082957] Memory state around the buggy address: [ 21.082995] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.083040] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.083084] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.083623] ^ [ 21.084091] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.084581] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.084698] ================================================================== [ 20.961749] ================================================================== [ 20.961811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 20.962035] Read of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.962509] [ 20.962794] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.962884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.962912] Hardware name: linux,dummy-virt (DT) [ 20.962944] Call trace: [ 20.962968] show_stack+0x20/0x38 (C) [ 20.963035] dump_stack_lvl+0x8c/0xd0 [ 20.963082] print_report+0x118/0x608 [ 20.963498] kasan_report+0xdc/0x128 [ 20.963930] kasan_check_range+0x100/0x1a8 [ 20.964078] __kasan_check_read+0x20/0x30 [ 20.964133] kasan_atomics_helper+0xdd4/0x4858 [ 20.964418] kasan_atomics+0x198/0x2e0 [ 20.964646] kunit_try_run_case+0x170/0x3f0 [ 20.964700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.964837] kthread+0x328/0x630 [ 20.965137] ret_from_fork+0x10/0x20 [ 20.965707] [ 20.965746] Allocated by task 265: [ 20.965784] kasan_save_stack+0x3c/0x68 [ 20.965858] kasan_save_track+0x20/0x40 [ 20.965966] kasan_save_alloc_info+0x40/0x58 [ 20.966060] __kasan_kmalloc+0xd4/0xd8 [ 20.966138] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.966283] kasan_atomics+0xb8/0x2e0 [ 20.966353] kunit_try_run_case+0x170/0x3f0 [ 20.966393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.966480] kthread+0x328/0x630 [ 20.966604] ret_from_fork+0x10/0x20 [ 20.966687] [ 20.966737] The buggy address belongs to the object at fff00000c78ca300 [ 20.966737] which belongs to the cache kmalloc-64 of size 64 [ 20.966798] The buggy address is located 0 bytes to the right of [ 20.966798] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.966862] [ 20.966924] The buggy address belongs to the physical page: [ 20.966956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.967083] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.967571] page_type: f5(slab) [ 20.967619] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.968254] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.968300] page dumped because: kasan: bad access detected [ 20.968395] [ 20.968521] Memory state around the buggy address: [ 20.969009] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.969169] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.969266] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.969392] ^ [ 20.969428] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.969693] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.969791] ================================================================== [ 21.050981] ================================================================== [ 21.051033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 21.051082] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.051132] [ 21.051176] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.051263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.051290] Hardware name: linux,dummy-virt (DT) [ 21.051323] Call trace: [ 21.051362] show_stack+0x20/0x38 (C) [ 21.051412] dump_stack_lvl+0x8c/0xd0 [ 21.051486] print_report+0x118/0x608 [ 21.051532] kasan_report+0xdc/0x128 [ 21.051913] kasan_check_range+0x100/0x1a8 [ 21.052361] __kasan_check_write+0x20/0x30 [ 21.052435] kasan_atomics_helper+0x126c/0x4858 [ 21.052484] kasan_atomics+0x198/0x2e0 [ 21.052635] kunit_try_run_case+0x170/0x3f0 [ 21.052763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.052841] kthread+0x328/0x630 [ 21.052884] ret_from_fork+0x10/0x20 [ 21.052943] [ 21.052964] Allocated by task 265: [ 21.052993] kasan_save_stack+0x3c/0x68 [ 21.053200] kasan_save_track+0x20/0x40 [ 21.053589] kasan_save_alloc_info+0x40/0x58 [ 21.053658] __kasan_kmalloc+0xd4/0xd8 [ 21.053697] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.053739] kasan_atomics+0xb8/0x2e0 [ 21.053775] kunit_try_run_case+0x170/0x3f0 [ 21.053816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.053859] kthread+0x328/0x630 [ 21.053940] ret_from_fork+0x10/0x20 [ 21.053977] [ 21.054000] The buggy address belongs to the object at fff00000c78ca300 [ 21.054000] which belongs to the cache kmalloc-64 of size 64 [ 21.054060] The buggy address is located 0 bytes to the right of [ 21.054060] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.054407] [ 21.054431] The buggy address belongs to the physical page: [ 21.054463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.054590] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.054669] page_type: f5(slab) [ 21.054777] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.054838] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.054880] page dumped because: kasan: bad access detected [ 21.054933] [ 21.054971] Memory state around the buggy address: [ 21.055010] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.055138] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.055516] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.055841] ^ [ 21.055992] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.056274] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.056319] ================================================================== [ 20.946417] ================================================================== [ 20.946622] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 20.946674] Write of size 4 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.947195] [ 20.947326] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.947613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.947650] Hardware name: linux,dummy-virt (DT) [ 20.947707] Call trace: [ 20.947732] show_stack+0x20/0x38 (C) [ 20.947783] dump_stack_lvl+0x8c/0xd0 [ 20.948007] print_report+0x118/0x608 [ 20.948055] kasan_report+0xdc/0x128 [ 20.948233] kasan_check_range+0x100/0x1a8 [ 20.948320] __kasan_check_write+0x20/0x30 [ 20.948370] kasan_atomics_helper+0xd3c/0x4858 [ 20.948750] kasan_atomics+0x198/0x2e0 [ 20.948812] kunit_try_run_case+0x170/0x3f0 [ 20.948863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.948918] kthread+0x328/0x630 [ 20.949202] ret_from_fork+0x10/0x20 [ 20.949253] [ 20.949274] Allocated by task 265: [ 20.949468] kasan_save_stack+0x3c/0x68 [ 20.949644] kasan_save_track+0x20/0x40 [ 20.949702] kasan_save_alloc_info+0x40/0x58 [ 20.949746] __kasan_kmalloc+0xd4/0xd8 [ 20.949797] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.949838] kasan_atomics+0xb8/0x2e0 [ 20.950073] kunit_try_run_case+0x170/0x3f0 [ 20.950118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.950174] kthread+0x328/0x630 [ 20.950224] ret_from_fork+0x10/0x20 [ 20.950262] [ 20.950463] The buggy address belongs to the object at fff00000c78ca300 [ 20.950463] which belongs to the cache kmalloc-64 of size 64 [ 20.950984] The buggy address is located 0 bytes to the right of [ 20.950984] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.951095] [ 20.951118] The buggy address belongs to the physical page: [ 20.951161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.951217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.951903] page_type: f5(slab) [ 20.951976] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.952026] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.952067] page dumped because: kasan: bad access detected [ 20.952100] [ 20.952189] Memory state around the buggy address: [ 20.952227] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.952528] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.952606] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.952645] ^ [ 20.952681] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.952892] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.952932] ================================================================== [ 20.953921] ================================================================== [ 20.954055] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 20.954130] Read of size 4 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.954193] [ 20.954225] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.954776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.954807] Hardware name: linux,dummy-virt (DT) [ 20.955182] Call trace: [ 20.955247] show_stack+0x20/0x38 (C) [ 20.955572] dump_stack_lvl+0x8c/0xd0 [ 20.955902] print_report+0x118/0x608 [ 20.955984] kasan_report+0xdc/0x128 [ 20.956033] __asan_report_load4_noabort+0x20/0x30 [ 20.956107] kasan_atomics_helper+0x3e04/0x4858 [ 20.956223] kasan_atomics+0x198/0x2e0 [ 20.956425] kunit_try_run_case+0x170/0x3f0 [ 20.956474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.956528] kthread+0x328/0x630 [ 20.956570] ret_from_fork+0x10/0x20 [ 20.957473] [ 20.957597] Allocated by task 265: [ 20.957869] kasan_save_stack+0x3c/0x68 [ 20.957918] kasan_save_track+0x20/0x40 [ 20.958172] kasan_save_alloc_info+0x40/0x58 [ 20.958400] __kasan_kmalloc+0xd4/0xd8 [ 20.958498] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.958573] kasan_atomics+0xb8/0x2e0 [ 20.958611] kunit_try_run_case+0x170/0x3f0 [ 20.958650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.958696] kthread+0x328/0x630 [ 20.958767] ret_from_fork+0x10/0x20 [ 20.958823] [ 20.958899] The buggy address belongs to the object at fff00000c78ca300 [ 20.958899] which belongs to the cache kmalloc-64 of size 64 [ 20.958966] The buggy address is located 0 bytes to the right of [ 20.958966] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.959239] [ 20.959282] The buggy address belongs to the physical page: [ 20.959398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.959452] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.959501] page_type: f5(slab) [ 20.959547] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.959713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.959753] page dumped because: kasan: bad access detected [ 20.959918] [ 20.959939] Memory state around the buggy address: [ 20.959972] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.960018] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.960061] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.960102] ^ [ 20.960136] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.960359] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.961212] ================================================================== [ 20.888756] ================================================================== [ 20.888811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 20.889211] Write of size 4 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.889510] [ 20.889544] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.889638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.889667] Hardware name: linux,dummy-virt (DT) [ 20.891363] kunit_try_run_case+0x170/0x3f0 [ 20.892661] kasan_save_alloc_info+0x40/0x58 [ 20.892705] __kasan_kmalloc+0xd4/0xd8 [ 20.893028] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.893197] kasan_atomics+0xb8/0x2e0 [ 20.893236] kunit_try_run_case+0x170/0x3f0 [ 20.893601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.893777] kthread+0x328/0x630 [ 20.893811] ret_from_fork+0x10/0x20 [ 20.894060] [ 20.894290] The buggy address belongs to the object at fff00000c78ca300 [ 20.894290] which belongs to the cache kmalloc-64 of size 64 [ 20.895438] page dumped because: kasan: bad access detected [ 20.896165] ^ [ 20.898339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.900006] __kasan_check_write+0x20/0x30 [ 20.901052] kasan_save_track+0x20/0x40 [ 20.901405] __kasan_kmalloc+0xd4/0xd8 [ 20.901540] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.901621] kasan_atomics+0xb8/0x2e0 [ 20.901670] kunit_try_run_case+0x170/0x3f0 [ 20.901806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.901852] kthread+0x328/0x630 [ 20.901926] ret_from_fork+0x10/0x20 [ 20.902113] [ 20.902417] The buggy address belongs to the object at fff00000c78ca300 [ 20.902417] which belongs to the cache kmalloc-64 of size 64 [ 20.902485] The buggy address is located 0 bytes to the right of [ 20.902485] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.902549] [ 20.902865] The buggy address belongs to the physical page: [ 20.902985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.903043] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.903113] page_type: f5(slab) [ 20.903168] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.903249] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.903290] page dumped because: kasan: bad access detected [ 20.903323] [ 20.903342] Memory state around the buggy address: [ 20.904006] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.904771] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 20.906003] __asan_report_load4_noabort+0x20/0x30 [ 20.906415] kasan_save_stack+0x3c/0x68 [ 20.907189] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.908245] The buggy address is located 0 bytes to the right of [ 20.908245] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.909330] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.909839] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.911343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.913367] show_stack+0x20/0x38 (C) [ 20.914879] __kasan_kmalloc+0xd4/0xd8 [ 20.914960] kasan_atomics+0xb8/0x2e0 [ 20.915002] kunit_try_run_case+0x170/0x3f0 [ 20.915241] The buggy address belongs to the object at fff00000c78ca300 [ 20.915241] which belongs to the cache kmalloc-64 of size 64 [ 20.917115] page dumped because: kasan: bad access detected [ 20.917306] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.918075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.919595] kasan_save_alloc_info+0x40/0x58 [ 20.919973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.920865] ================================================================== [ 21.137308] ================================================================== [ 21.137375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 21.137431] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.137595] [ 21.137625] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.137707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.137735] Hardware name: linux,dummy-virt (DT) [ 21.137765] Call trace: [ 21.137788] show_stack+0x20/0x38 (C) [ 21.137837] dump_stack_lvl+0x8c/0xd0 [ 21.137884] print_report+0x118/0x608 [ 21.137942] kasan_report+0xdc/0x128 [ 21.137989] kasan_check_range+0x100/0x1a8 [ 21.138037] __kasan_check_write+0x20/0x30 [ 21.138113] kasan_atomics_helper+0x175c/0x4858 [ 21.138173] kasan_atomics+0x198/0x2e0 [ 21.138220] kunit_try_run_case+0x170/0x3f0 [ 21.138290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.138344] kthread+0x328/0x630 [ 21.138522] ret_from_fork+0x10/0x20 [ 21.138788] [ 21.138923] Allocated by task 265: [ 21.138951] kasan_save_stack+0x3c/0x68 [ 21.139000] kasan_save_track+0x20/0x40 [ 21.139160] kasan_save_alloc_info+0x40/0x58 [ 21.139203] __kasan_kmalloc+0xd4/0xd8 [ 21.139240] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.139302] kasan_atomics+0xb8/0x2e0 [ 21.139351] kunit_try_run_case+0x170/0x3f0 [ 21.139392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.139440] kthread+0x328/0x630 [ 21.139473] ret_from_fork+0x10/0x20 [ 21.139596] [ 21.139624] The buggy address belongs to the object at fff00000c78ca300 [ 21.139624] which belongs to the cache kmalloc-64 of size 64 [ 21.140010] The buggy address is located 0 bytes to the right of [ 21.140010] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.140107] [ 21.140130] The buggy address belongs to the physical page: [ 21.140171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.140223] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.140273] page_type: f5(slab) [ 21.140310] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.140361] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.140403] page dumped because: kasan: bad access detected [ 21.140437] [ 21.140457] Memory state around the buggy address: [ 21.140495] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.140540] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.140586] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.140661] ^ [ 21.140702] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.140748] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.140817] ================================================================== [ 21.038178] ================================================================== [ 21.038228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 21.038680] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.039056] [ 21.039231] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.039495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.039600] Hardware name: linux,dummy-virt (DT) [ 21.039633] Call trace: [ 21.039657] show_stack+0x20/0x38 (C) [ 21.039712] dump_stack_lvl+0x8c/0xd0 [ 21.039761] print_report+0x118/0x608 [ 21.039808] kasan_report+0xdc/0x128 [ 21.039853] kasan_check_range+0x100/0x1a8 [ 21.039963] __kasan_check_write+0x20/0x30 [ 21.040202] kasan_atomics_helper+0x1190/0x4858 [ 21.040263] kasan_atomics+0x198/0x2e0 [ 21.040309] kunit_try_run_case+0x170/0x3f0 [ 21.040470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.040627] kthread+0x328/0x630 [ 21.040792] ret_from_fork+0x10/0x20 [ 21.041045] [ 21.041168] Allocated by task 265: [ 21.041330] kasan_save_stack+0x3c/0x68 [ 21.041414] kasan_save_track+0x20/0x40 [ 21.041467] kasan_save_alloc_info+0x40/0x58 [ 21.041507] __kasan_kmalloc+0xd4/0xd8 [ 21.041548] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.041627] kasan_atomics+0xb8/0x2e0 [ 21.041780] kunit_try_run_case+0x170/0x3f0 [ 21.041827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.042013] kthread+0x328/0x630 [ 21.042046] ret_from_fork+0x10/0x20 [ 21.042118] [ 21.042370] The buggy address belongs to the object at fff00000c78ca300 [ 21.042370] which belongs to the cache kmalloc-64 of size 64 [ 21.042438] The buggy address is located 0 bytes to the right of [ 21.042438] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.042503] [ 21.042526] The buggy address belongs to the physical page: [ 21.042557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.042610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.043148] page_type: f5(slab) [ 21.043354] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.043408] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.044328] page dumped because: kasan: bad access detected [ 21.044386] [ 21.044408] Memory state around the buggy address: [ 21.044450] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.044520] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.044563] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.044621] ^ [ 21.044667] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.044844] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.044946] ================================================================== [ 21.026719] ================================================================== [ 21.026770] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 21.026821] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.027259] [ 21.027485] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.027613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.027643] Hardware name: linux,dummy-virt (DT) [ 21.027673] Call trace: [ 21.027697] show_stack+0x20/0x38 (C) [ 21.027747] dump_stack_lvl+0x8c/0xd0 [ 21.027795] print_report+0x118/0x608 [ 21.027842] kasan_report+0xdc/0x128 [ 21.027938] kasan_check_range+0x100/0x1a8 [ 21.027987] __kasan_check_write+0x20/0x30 [ 21.028034] kasan_atomics_helper+0x10c0/0x4858 [ 21.028084] kasan_atomics+0x198/0x2e0 [ 21.028372] kunit_try_run_case+0x170/0x3f0 [ 21.028428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.028528] kthread+0x328/0x630 [ 21.028571] ret_from_fork+0x10/0x20 [ 21.028620] [ 21.028641] Allocated by task 265: [ 21.028867] kasan_save_stack+0x3c/0x68 [ 21.029009] kasan_save_track+0x20/0x40 [ 21.029047] kasan_save_alloc_info+0x40/0x58 [ 21.029089] __kasan_kmalloc+0xd4/0xd8 [ 21.029126] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.029379] kasan_atomics+0xb8/0x2e0 [ 21.029494] kunit_try_run_case+0x170/0x3f0 [ 21.029534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.029580] kthread+0x328/0x630 [ 21.029615] ret_from_fork+0x10/0x20 [ 21.029653] [ 21.029928] The buggy address belongs to the object at fff00000c78ca300 [ 21.029928] which belongs to the cache kmalloc-64 of size 64 [ 21.030226] The buggy address is located 0 bytes to the right of [ 21.030226] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.030295] [ 21.030316] The buggy address belongs to the physical page: [ 21.030453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.030540] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.030697] page_type: f5(slab) [ 21.030742] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.030893] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.030935] page dumped because: kasan: bad access detected [ 21.031054] [ 21.031128] Memory state around the buggy address: [ 21.031171] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.031216] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.031269] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.031310] ^ [ 21.031344] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.031390] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.031550] ================================================================== [ 21.092329] ================================================================== [ 21.092375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 21.092422] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.092719] [ 21.092823] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.092907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.092936] Hardware name: linux,dummy-virt (DT) [ 21.092969] Call trace: [ 21.093000] show_stack+0x20/0x38 (C) [ 21.093051] dump_stack_lvl+0x8c/0xd0 [ 21.093097] print_report+0x118/0x608 [ 21.093144] kasan_report+0xdc/0x128 [ 21.093200] kasan_check_range+0x100/0x1a8 [ 21.093257] __kasan_check_write+0x20/0x30 [ 21.093479] kasan_atomics_helper+0x14e4/0x4858 [ 21.093724] kasan_atomics+0x198/0x2e0 [ 21.093949] kunit_try_run_case+0x170/0x3f0 [ 21.094026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.094665] kthread+0x328/0x630 [ 21.094730] ret_from_fork+0x10/0x20 [ 21.094996] [ 21.095027] Allocated by task 265: [ 21.095058] kasan_save_stack+0x3c/0x68 [ 21.095101] kasan_save_track+0x20/0x40 [ 21.095161] kasan_save_alloc_info+0x40/0x58 [ 21.095305] __kasan_kmalloc+0xd4/0xd8 [ 21.095345] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.095384] kasan_atomics+0xb8/0x2e0 [ 21.095577] kunit_try_run_case+0x170/0x3f0 [ 21.095729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.095812] kthread+0x328/0x630 [ 21.095955] ret_from_fork+0x10/0x20 [ 21.095995] [ 21.096018] The buggy address belongs to the object at fff00000c78ca300 [ 21.096018] which belongs to the cache kmalloc-64 of size 64 [ 21.096406] The buggy address is located 0 bytes to the right of [ 21.096406] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.096474] [ 21.096497] The buggy address belongs to the physical page: [ 21.096571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.096646] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.096694] page_type: f5(slab) [ 21.096734] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.096971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.097085] page dumped because: kasan: bad access detected [ 21.097137] [ 21.097169] Memory state around the buggy address: [ 21.097203] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.097248] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.097320] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.097361] ^ [ 21.097660] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.097768] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.097921] ================================================================== [ 21.063654] ================================================================== [ 21.063709] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 21.063759] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.063809] [ 21.063841] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.063976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.064339] Hardware name: linux,dummy-virt (DT) [ 21.064380] Call trace: [ 21.064429] show_stack+0x20/0x38 (C) [ 21.064484] dump_stack_lvl+0x8c/0xd0 [ 21.064650] print_report+0x118/0x608 [ 21.064736] kasan_report+0xdc/0x128 [ 21.064819] kasan_check_range+0x100/0x1a8 [ 21.064874] __kasan_check_write+0x20/0x30 [ 21.064952] kasan_atomics_helper+0x1384/0x4858 [ 21.065001] kasan_atomics+0x198/0x2e0 [ 21.065076] kunit_try_run_case+0x170/0x3f0 [ 21.065326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.065382] kthread+0x328/0x630 [ 21.065446] ret_from_fork+0x10/0x20 [ 21.065545] [ 21.065566] Allocated by task 265: [ 21.065693] kasan_save_stack+0x3c/0x68 [ 21.065869] kasan_save_track+0x20/0x40 [ 21.065928] kasan_save_alloc_info+0x40/0x58 [ 21.065970] __kasan_kmalloc+0xd4/0xd8 [ 21.066008] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.066049] kasan_atomics+0xb8/0x2e0 [ 21.066085] kunit_try_run_case+0x170/0x3f0 [ 21.066128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.066564] kthread+0x328/0x630 [ 21.066610] ret_from_fork+0x10/0x20 [ 21.066648] [ 21.066671] The buggy address belongs to the object at fff00000c78ca300 [ 21.066671] which belongs to the cache kmalloc-64 of size 64 [ 21.067027] The buggy address is located 0 bytes to the right of [ 21.067027] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.068121] [ 21.068391] The buggy address belongs to the physical page: [ 21.068431] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.068513] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.068565] page_type: f5(slab) [ 21.068605] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.068692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.068735] page dumped because: kasan: bad access detected [ 21.068955] [ 21.068988] Memory state around the buggy address: [ 21.069023] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.069133] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.069431] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.069548] ^ [ 21.069583] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.069710] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.069875] ================================================================== [ 21.011407] ================================================================== [ 21.011658] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 21.011827] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.011929] [ 21.011963] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.012044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.012072] Hardware name: linux,dummy-virt (DT) [ 21.012104] Call trace: [ 21.012127] show_stack+0x20/0x38 (C) [ 21.012829] dump_stack_lvl+0x8c/0xd0 [ 21.012893] print_report+0x118/0x608 [ 21.013007] kasan_report+0xdc/0x128 [ 21.013116] kasan_check_range+0x100/0x1a8 [ 21.013177] __kasan_check_write+0x20/0x30 [ 21.013318] kasan_atomics_helper+0xff0/0x4858 [ 21.013403] kasan_atomics+0x198/0x2e0 [ 21.013448] kunit_try_run_case+0x170/0x3f0 [ 21.013538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.013612] kthread+0x328/0x630 [ 21.013758] ret_from_fork+0x10/0x20 [ 21.014180] [ 21.014232] Allocated by task 265: [ 21.014340] kasan_save_stack+0x3c/0x68 [ 21.014388] kasan_save_track+0x20/0x40 [ 21.014447] kasan_save_alloc_info+0x40/0x58 [ 21.014554] __kasan_kmalloc+0xd4/0xd8 [ 21.014596] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.014851] kasan_atomics+0xb8/0x2e0 [ 21.014963] kunit_try_run_case+0x170/0x3f0 [ 21.015286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.015505] kthread+0x328/0x630 [ 21.015629] ret_from_fork+0x10/0x20 [ 21.015670] [ 21.015693] The buggy address belongs to the object at fff00000c78ca300 [ 21.015693] which belongs to the cache kmalloc-64 of size 64 [ 21.016078] The buggy address is located 0 bytes to the right of [ 21.016078] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.016164] [ 21.016187] The buggy address belongs to the physical page: [ 21.016232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.016286] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.017512] page_type: f5(slab) [ 21.017631] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.017807] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.017878] page dumped because: kasan: bad access detected [ 21.017911] [ 21.017932] Memory state around the buggy address: [ 21.017966] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.018362] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.018448] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.018622] ^ [ 21.018830] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.018902] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.018944] ================================================================== [ 21.111107] ================================================================== [ 21.111341] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 21.111683] Read of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.111762] [ 21.111792] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.112280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.112313] Hardware name: linux,dummy-virt (DT) [ 21.112348] Call trace: [ 21.112371] show_stack+0x20/0x38 (C) [ 21.112450] dump_stack_lvl+0x8c/0xd0 [ 21.112497] print_report+0x118/0x608 [ 21.112545] kasan_report+0xdc/0x128 [ 21.112630] __asan_report_load8_noabort+0x20/0x30 [ 21.112680] kasan_atomics_helper+0x3db0/0x4858 [ 21.112966] kasan_atomics+0x198/0x2e0 [ 21.113115] kunit_try_run_case+0x170/0x3f0 [ 21.113175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.113230] kthread+0x328/0x630 [ 21.113519] ret_from_fork+0x10/0x20 [ 21.113604] [ 21.113637] Allocated by task 265: [ 21.113666] kasan_save_stack+0x3c/0x68 [ 21.113806] kasan_save_track+0x20/0x40 [ 21.113864] kasan_save_alloc_info+0x40/0x58 [ 21.113929] __kasan_kmalloc+0xd4/0xd8 [ 21.113966] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.114068] kasan_atomics+0xb8/0x2e0 [ 21.114104] kunit_try_run_case+0x170/0x3f0 [ 21.114146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.114201] kthread+0x328/0x630 [ 21.114236] ret_from_fork+0x10/0x20 [ 21.114343] [ 21.114393] The buggy address belongs to the object at fff00000c78ca300 [ 21.114393] which belongs to the cache kmalloc-64 of size 64 [ 21.114501] The buggy address is located 0 bytes to the right of [ 21.114501] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.114614] [ 21.114690] The buggy address belongs to the physical page: [ 21.114721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.114831] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.114981] page_type: f5(slab) [ 21.115058] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.115195] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.115237] page dumped because: kasan: bad access detected [ 21.115269] [ 21.115433] Memory state around the buggy address: [ 21.115634] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.115686] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.115731] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.115772] ^ [ 21.115807] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.115849] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.115898] ================================================================== [ 21.020486] ================================================================== [ 21.021032] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 21.021085] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.021135] [ 21.021177] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.021265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.021294] Hardware name: linux,dummy-virt (DT) [ 21.021326] Call trace: [ 21.021350] show_stack+0x20/0x38 (C) [ 21.021498] dump_stack_lvl+0x8c/0xd0 [ 21.021726] print_report+0x118/0x608 [ 21.021976] kasan_report+0xdc/0x128 [ 21.022172] kasan_check_range+0x100/0x1a8 [ 21.022222] __kasan_check_write+0x20/0x30 [ 21.022267] kasan_atomics_helper+0x1058/0x4858 [ 21.022316] kasan_atomics+0x198/0x2e0 [ 21.022660] kunit_try_run_case+0x170/0x3f0 [ 21.022714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.022768] kthread+0x328/0x630 [ 21.022812] ret_from_fork+0x10/0x20 [ 21.022861] [ 21.022892] Allocated by task 265: [ 21.022922] kasan_save_stack+0x3c/0x68 [ 21.022964] kasan_save_track+0x20/0x40 [ 21.023346] kasan_save_alloc_info+0x40/0x58 [ 21.023405] __kasan_kmalloc+0xd4/0xd8 [ 21.023574] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.023682] kasan_atomics+0xb8/0x2e0 [ 21.023719] kunit_try_run_case+0x170/0x3f0 [ 21.023836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.023929] kthread+0x328/0x630 [ 21.023964] ret_from_fork+0x10/0x20 [ 21.024004] [ 21.024211] The buggy address belongs to the object at fff00000c78ca300 [ 21.024211] which belongs to the cache kmalloc-64 of size 64 [ 21.024409] The buggy address is located 0 bytes to the right of [ 21.024409] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.024480] [ 21.024515] The buggy address belongs to the physical page: [ 21.024649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.024870] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.024957] page_type: f5(slab) [ 21.024999] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.025126] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.025206] page dumped because: kasan: bad access detected [ 21.025352] [ 21.025408] Memory state around the buggy address: [ 21.025441] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.025487] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.025594] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.025647] ^ [ 21.025681] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.025838] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.026009] ================================================================== [ 20.858749] ================================================================== [ 20.858800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 20.858851] Read of size 4 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.858901] [ 20.858931] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.859019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.859048] Hardware name: linux,dummy-virt (DT) [ 20.859081] Call trace: [ 20.859103] show_stack+0x20/0x38 (C) [ 20.859165] dump_stack_lvl+0x8c/0xd0 [ 20.859211] print_report+0x118/0x608 [ 20.859655] kasan_report+0xdc/0x128 [ 20.860125] __asan_report_load4_noabort+0x20/0x30 [ 20.860191] kasan_atomics_helper+0x42d8/0x4858 [ 20.860313] kunit_try_run_case+0x170/0x3f0 [ 20.861436] __kasan_kmalloc+0xd4/0xd8 [ 20.862170] kthread+0x328/0x630 [ 20.864307] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.866356] kasan_report+0xdc/0x128 [ 20.867008] kasan_check_range+0x100/0x1a8 [ 20.867334] __kasan_check_write+0x20/0x30 [ 20.867550] kasan_atomics_helper+0x934/0x4858 [ 20.867751] kasan_atomics+0x198/0x2e0 [ 20.868018] kunit_try_run_case+0x170/0x3f0 [ 20.868096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.868214] kthread+0x328/0x630 [ 20.868382] ret_from_fork+0x10/0x20 [ 20.868501] [ 20.868550] Allocated by task 265: [ 20.868620] kasan_save_stack+0x3c/0x68 [ 20.868706] kasan_save_track+0x20/0x40 [ 20.868748] kasan_save_alloc_info+0x40/0x58 [ 20.868847] __kasan_kmalloc+0xd4/0xd8 [ 20.868885] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.868948] kasan_atomics+0xb8/0x2e0 [ 20.868987] kunit_try_run_case+0x170/0x3f0 [ 20.869024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.869068] kthread+0x328/0x630 [ 20.869370] ret_from_fork+0x10/0x20 [ 20.869489] [ 20.869546] The buggy address belongs to the object at fff00000c78ca300 [ 20.869546] which belongs to the cache kmalloc-64 of size 64 [ 20.869683] The buggy address is located 0 bytes to the right of [ 20.869683] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.869787] [ 20.869808] The buggy address belongs to the physical page: [ 20.869841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.869897] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.869948] page_type: f5(slab) [ 20.869998] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.870051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.870261] page dumped because: kasan: bad access detected [ 20.870990] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.873473] print_report+0x118/0x608 [ 20.874595] ret_from_fork+0x10/0x20 [ 20.875671] ret_from_fork+0x10/0x20 [ 20.875967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.877475] ================================================================== [ 20.992716] ================================================================== [ 20.992768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 20.992819] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.993224] [ 20.993316] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.993399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.993426] Hardware name: linux,dummy-virt (DT) [ 20.993467] Call trace: [ 20.993600] show_stack+0x20/0x38 (C) [ 20.993859] dump_stack_lvl+0x8c/0xd0 [ 20.993919] print_report+0x118/0x608 [ 20.994002] kasan_report+0xdc/0x128 [ 20.994120] kasan_check_range+0x100/0x1a8 [ 20.994185] __kasan_check_write+0x20/0x30 [ 20.994339] kasan_atomics_helper+0xeb8/0x4858 [ 20.994426] kasan_atomics+0x198/0x2e0 [ 20.994550] kunit_try_run_case+0x170/0x3f0 [ 20.994597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.994650] kthread+0x328/0x630 [ 20.994691] ret_from_fork+0x10/0x20 [ 20.994740] [ 20.994760] Allocated by task 265: [ 20.994788] kasan_save_stack+0x3c/0x68 [ 20.994832] kasan_save_track+0x20/0x40 [ 20.994870] kasan_save_alloc_info+0x40/0x58 [ 20.994910] __kasan_kmalloc+0xd4/0xd8 [ 20.994958] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.995071] kasan_atomics+0xb8/0x2e0 [ 20.995134] kunit_try_run_case+0x170/0x3f0 [ 20.995194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.995239] kthread+0x328/0x630 [ 20.995603] ret_from_fork+0x10/0x20 [ 20.995774] [ 20.996479] The buggy address belongs to the object at fff00000c78ca300 [ 20.996479] which belongs to the cache kmalloc-64 of size 64 [ 20.996881] The buggy address is located 0 bytes to the right of [ 20.996881] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.997533] [ 20.997625] The buggy address belongs to the physical page: [ 20.997883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.998047] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.998302] page_type: f5(slab) [ 20.998348] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.998990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.999054] page dumped because: kasan: bad access detected [ 20.999108] [ 20.999130] Memory state around the buggy address: [ 20.999175] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.999276] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.999574] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.999616] ^ [ 20.999654] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.000014] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.000056] ================================================================== [ 21.070205] ================================================================== [ 21.070256] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 21.070654] Read of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.070714] [ 21.070751] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.071028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.071058] Hardware name: linux,dummy-virt (DT) [ 21.071091] Call trace: [ 21.071113] show_stack+0x20/0x38 (C) [ 21.071181] dump_stack_lvl+0x8c/0xd0 [ 21.071407] print_report+0x118/0x608 [ 21.071457] kasan_report+0xdc/0x128 [ 21.071548] __asan_report_load8_noabort+0x20/0x30 [ 21.071659] kasan_atomics_helper+0x3f04/0x4858 [ 21.071707] kasan_atomics+0x198/0x2e0 [ 21.071760] kunit_try_run_case+0x170/0x3f0 [ 21.071969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.072025] kthread+0x328/0x630 [ 21.072137] ret_from_fork+0x10/0x20 [ 21.072200] [ 21.072755] Allocated by task 265: [ 21.072798] kasan_save_stack+0x3c/0x68 [ 21.072947] kasan_save_track+0x20/0x40 [ 21.072993] kasan_save_alloc_info+0x40/0x58 [ 21.073166] __kasan_kmalloc+0xd4/0xd8 [ 21.073205] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.073355] kasan_atomics+0xb8/0x2e0 [ 21.073398] kunit_try_run_case+0x170/0x3f0 [ 21.073438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.073663] kthread+0x328/0x630 [ 21.073743] ret_from_fork+0x10/0x20 [ 21.073831] [ 21.073854] The buggy address belongs to the object at fff00000c78ca300 [ 21.073854] which belongs to the cache kmalloc-64 of size 64 [ 21.073930] The buggy address is located 0 bytes to the right of [ 21.073930] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.073995] [ 21.074368] The buggy address belongs to the physical page: [ 21.074407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.074463] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.074511] page_type: f5(slab) [ 21.074551] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.074834] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.074952] page dumped because: kasan: bad access detected [ 21.075218] [ 21.075298] Memory state around the buggy address: [ 21.075335] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.075501] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.075547] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.075588] ^ [ 21.076070] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.076119] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.076169] ================================================================== [ 21.085571] ================================================================== [ 21.085921] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 21.085982] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.086064] [ 21.086207] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.086443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.086512] Hardware name: linux,dummy-virt (DT) [ 21.086544] Call trace: [ 21.086567] show_stack+0x20/0x38 (C) [ 21.086617] dump_stack_lvl+0x8c/0xd0 [ 21.086762] print_report+0x118/0x608 [ 21.087340] kasan_report+0xdc/0x128 [ 21.087480] kasan_check_range+0x100/0x1a8 [ 21.087534] __kasan_check_write+0x20/0x30 [ 21.087580] kasan_atomics_helper+0x147c/0x4858 [ 21.087649] kasan_atomics+0x198/0x2e0 [ 21.087756] kunit_try_run_case+0x170/0x3f0 [ 21.087802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.087856] kthread+0x328/0x630 [ 21.088441] ret_from_fork+0x10/0x20 [ 21.088763] [ 21.088793] Allocated by task 265: [ 21.088878] kasan_save_stack+0x3c/0x68 [ 21.089001] kasan_save_track+0x20/0x40 [ 21.089043] kasan_save_alloc_info+0x40/0x58 [ 21.089085] __kasan_kmalloc+0xd4/0xd8 [ 21.089123] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.089202] kasan_atomics+0xb8/0x2e0 [ 21.089242] kunit_try_run_case+0x170/0x3f0 [ 21.089303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.089348] kthread+0x328/0x630 [ 21.089381] ret_from_fork+0x10/0x20 [ 21.089418] [ 21.089441] The buggy address belongs to the object at fff00000c78ca300 [ 21.089441] which belongs to the cache kmalloc-64 of size 64 [ 21.089811] The buggy address is located 0 bytes to the right of [ 21.089811] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.090067] [ 21.090170] The buggy address belongs to the physical page: [ 21.090220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.090323] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.090390] page_type: f5(slab) [ 21.090430] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.090482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.090524] page dumped because: kasan: bad access detected [ 21.090750] [ 21.091101] Memory state around the buggy address: [ 21.091145] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.091211] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.091538] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.091647] ^ [ 21.092011] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.092081] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.092119] ================================================================== [ 21.116785] ================================================================== [ 21.116885] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 21.116945] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.117013] [ 21.117047] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.117127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.117332] Hardware name: linux,dummy-virt (DT) [ 21.117379] Call trace: [ 21.117538] show_stack+0x20/0x38 (C) [ 21.117592] dump_stack_lvl+0x8c/0xd0 [ 21.117640] print_report+0x118/0x608 [ 21.117832] kasan_report+0xdc/0x128 [ 21.117898] kasan_check_range+0x100/0x1a8 [ 21.117946] __kasan_check_write+0x20/0x30 [ 21.118201] kasan_atomics_helper+0x1644/0x4858 [ 21.118282] kasan_atomics+0x198/0x2e0 [ 21.118608] kunit_try_run_case+0x170/0x3f0 [ 21.118700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.118842] kthread+0x328/0x630 [ 21.118890] ret_from_fork+0x10/0x20 [ 21.118939] [ 21.119029] Allocated by task 265: [ 21.119246] kasan_save_stack+0x3c/0x68 [ 21.119334] kasan_save_track+0x20/0x40 [ 21.119446] kasan_save_alloc_info+0x40/0x58 [ 21.119488] __kasan_kmalloc+0xd4/0xd8 [ 21.119526] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.119568] kasan_atomics+0xb8/0x2e0 [ 21.119604] kunit_try_run_case+0x170/0x3f0 [ 21.119644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.119981] kthread+0x328/0x630 [ 21.120329] ret_from_fork+0x10/0x20 [ 21.120377] [ 21.120401] The buggy address belongs to the object at fff00000c78ca300 [ 21.120401] which belongs to the cache kmalloc-64 of size 64 [ 21.120461] The buggy address is located 0 bytes to the right of [ 21.120461] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.120555] [ 21.120581] The buggy address belongs to the physical page: [ 21.120619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.120671] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.120744] page_type: f5(slab) [ 21.120783] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.120836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.120885] page dumped because: kasan: bad access detected [ 21.120919] [ 21.120940] Memory state around the buggy address: [ 21.121232] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.121438] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.121485] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.121527] ^ [ 21.121563] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.121606] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.121646] ================================================================== [ 20.977198] ================================================================== [ 20.977333] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 20.977386] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.977437] [ 20.977478] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.977771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.977938] Hardware name: linux,dummy-virt (DT) [ 20.978172] Call trace: [ 20.978207] show_stack+0x20/0x38 (C) [ 20.978260] dump_stack_lvl+0x8c/0xd0 [ 20.978307] print_report+0x118/0x608 [ 20.978354] kasan_report+0xdc/0x128 [ 20.978399] kasan_check_range+0x100/0x1a8 [ 20.978628] __kasan_check_write+0x20/0x30 [ 20.978901] kasan_atomics_helper+0xe44/0x4858 [ 20.979184] kasan_atomics+0x198/0x2e0 [ 20.979437] kunit_try_run_case+0x170/0x3f0 [ 20.979547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.979599] kthread+0x328/0x630 [ 20.980648] ret_from_fork+0x10/0x20 [ 20.980721] [ 20.980743] Allocated by task 265: [ 20.981255] kasan_save_stack+0x3c/0x68 [ 20.981354] kasan_save_track+0x20/0x40 [ 20.981398] kasan_save_alloc_info+0x40/0x58 [ 20.981667] __kasan_kmalloc+0xd4/0xd8 [ 20.981809] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.981854] kasan_atomics+0xb8/0x2e0 [ 20.982340] kunit_try_run_case+0x170/0x3f0 [ 20.982408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.982454] kthread+0x328/0x630 [ 20.982487] ret_from_fork+0x10/0x20 [ 20.982525] [ 20.982547] The buggy address belongs to the object at fff00000c78ca300 [ 20.982547] which belongs to the cache kmalloc-64 of size 64 [ 20.982607] The buggy address is located 0 bytes to the right of [ 20.982607] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.982694] [ 20.982807] The buggy address belongs to the physical page: [ 20.982874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.983022] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.983099] page_type: f5(slab) [ 20.983140] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.983203] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.983249] page dumped because: kasan: bad access detected [ 20.983283] [ 20.983360] Memory state around the buggy address: [ 20.983541] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.983658] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.983704] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.983756] ^ [ 20.983791] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.983909] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.983953] ================================================================== [ 20.939931] ================================================================== [ 20.940614] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 20.940858] Read of size 4 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.940918] [ 20.940956] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.941105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.941133] Hardware name: linux,dummy-virt (DT) [ 20.941175] Call trace: [ 20.941197] show_stack+0x20/0x38 (C) [ 20.941374] dump_stack_lvl+0x8c/0xd0 [ 20.941720] print_report+0x118/0x608 [ 20.941775] kasan_report+0xdc/0x128 [ 20.941821] __asan_report_load4_noabort+0x20/0x30 [ 20.941882] kasan_atomics_helper+0x3dd8/0x4858 [ 20.941932] kasan_atomics+0x198/0x2e0 [ 20.942416] kunit_try_run_case+0x170/0x3f0 [ 20.942602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.942657] kthread+0x328/0x630 [ 20.942903] ret_from_fork+0x10/0x20 [ 20.943061] [ 20.943215] Allocated by task 265: [ 20.943248] kasan_save_stack+0x3c/0x68 [ 20.943432] kasan_save_track+0x20/0x40 [ 20.943478] kasan_save_alloc_info+0x40/0x58 [ 20.943527] __kasan_kmalloc+0xd4/0xd8 [ 20.943565] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.944043] kasan_atomics+0xb8/0x2e0 [ 20.944089] kunit_try_run_case+0x170/0x3f0 [ 20.944376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.944456] kthread+0x328/0x630 [ 20.944493] ret_from_fork+0x10/0x20 [ 20.944533] [ 20.944554] The buggy address belongs to the object at fff00000c78ca300 [ 20.944554] which belongs to the cache kmalloc-64 of size 64 [ 20.944614] The buggy address is located 0 bytes to the right of [ 20.944614] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.944681] [ 20.944702] The buggy address belongs to the physical page: [ 20.944735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.944846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.944993] page_type: f5(slab) [ 20.945067] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.945255] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.945296] page dumped because: kasan: bad access detected [ 20.945329] [ 20.945349] Memory state around the buggy address: [ 20.945381] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.945488] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.945682] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.945775] ^ [ 20.945809] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.945908] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.946055] ================================================================== [ 21.032620] ================================================================== [ 21.032672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 21.032724] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.032774] [ 21.032814] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.032995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.033047] Hardware name: linux,dummy-virt (DT) [ 21.033082] Call trace: [ 21.033105] show_stack+0x20/0x38 (C) [ 21.033262] dump_stack_lvl+0x8c/0xd0 [ 21.033322] print_report+0x118/0x608 [ 21.033877] kasan_report+0xdc/0x128 [ 21.034211] kasan_check_range+0x100/0x1a8 [ 21.034274] __kasan_check_write+0x20/0x30 [ 21.034416] kasan_atomics_helper+0x1128/0x4858 [ 21.034465] kasan_atomics+0x198/0x2e0 [ 21.034613] kunit_try_run_case+0x170/0x3f0 [ 21.034908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.035017] kthread+0x328/0x630 [ 21.035061] ret_from_fork+0x10/0x20 [ 21.035107] [ 21.035133] Allocated by task 265: [ 21.035186] kasan_save_stack+0x3c/0x68 [ 21.035229] kasan_save_track+0x20/0x40 [ 21.035358] kasan_save_alloc_info+0x40/0x58 [ 21.035522] __kasan_kmalloc+0xd4/0xd8 [ 21.035563] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.035604] kasan_atomics+0xb8/0x2e0 [ 21.035641] kunit_try_run_case+0x170/0x3f0 [ 21.035680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.036270] kthread+0x328/0x630 [ 21.036315] ret_from_fork+0x10/0x20 [ 21.036353] [ 21.036375] The buggy address belongs to the object at fff00000c78ca300 [ 21.036375] which belongs to the cache kmalloc-64 of size 64 [ 21.036434] The buggy address is located 0 bytes to the right of [ 21.036434] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.036527] [ 21.036712] The buggy address belongs to the physical page: [ 21.036753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.036931] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.036983] page_type: f5(slab) [ 21.037110] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.037259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.037344] page dumped because: kasan: bad access detected [ 21.037406] [ 21.037465] Memory state around the buggy address: [ 21.037500] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.037547] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.037615] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.037655] ^ [ 21.037735] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.037777] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.037864] ================================================================== [ 21.056864] ================================================================== [ 21.057104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 21.057167] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.057218] [ 21.057249] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.057347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.057446] Hardware name: linux,dummy-virt (DT) [ 21.057478] Call trace: [ 21.057503] show_stack+0x20/0x38 (C) [ 21.057716] dump_stack_lvl+0x8c/0xd0 [ 21.057895] print_report+0x118/0x608 [ 21.057988] kasan_report+0xdc/0x128 [ 21.058515] kasan_check_range+0x100/0x1a8 [ 21.058992] __kasan_check_write+0x20/0x30 [ 21.059058] kasan_atomics_helper+0x12d8/0x4858 [ 21.059108] kasan_atomics+0x198/0x2e0 [ 21.059166] kunit_try_run_case+0x170/0x3f0 [ 21.059223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.059277] kthread+0x328/0x630 [ 21.059450] ret_from_fork+0x10/0x20 [ 21.059547] [ 21.059638] Allocated by task 265: [ 21.059666] kasan_save_stack+0x3c/0x68 [ 21.059709] kasan_save_track+0x20/0x40 [ 21.060293] kasan_save_alloc_info+0x40/0x58 [ 21.060343] __kasan_kmalloc+0xd4/0xd8 [ 21.060381] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.060440] kasan_atomics+0xb8/0x2e0 [ 21.060476] kunit_try_run_case+0x170/0x3f0 [ 21.060517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.060796] kthread+0x328/0x630 [ 21.060891] ret_from_fork+0x10/0x20 [ 21.060946] [ 21.061052] The buggy address belongs to the object at fff00000c78ca300 [ 21.061052] which belongs to the cache kmalloc-64 of size 64 [ 21.061130] The buggy address is located 0 bytes to the right of [ 21.061130] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.061296] [ 21.061568] The buggy address belongs to the physical page: [ 21.061605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.061693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.061745] page_type: f5(slab) [ 21.061934] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.062021] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.062064] page dumped because: kasan: bad access detected [ 21.062163] [ 21.062185] Memory state around the buggy address: [ 21.062219] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.062455] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.062504] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.062546] ^ [ 21.062581] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.062622] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.062671] ================================================================== [ 21.104620] ================================================================== [ 21.104670] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 21.104764] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.104819] [ 21.104848] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.105275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.105308] Hardware name: linux,dummy-virt (DT) [ 21.105409] Call trace: [ 21.105438] show_stack+0x20/0x38 (C) [ 21.105490] dump_stack_lvl+0x8c/0xd0 [ 21.105538] print_report+0x118/0x608 [ 21.105627] kasan_report+0xdc/0x128 [ 21.105674] kasan_check_range+0x100/0x1a8 [ 21.106836] __kasan_check_write+0x20/0x30 [ 21.106901] kasan_atomics_helper+0x15b4/0x4858 [ 21.106954] kasan_atomics+0x198/0x2e0 [ 21.107009] kunit_try_run_case+0x170/0x3f0 [ 21.107056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.107110] kthread+0x328/0x630 [ 21.107167] ret_from_fork+0x10/0x20 [ 21.107575] [ 21.107717] Allocated by task 265: [ 21.107921] kasan_save_stack+0x3c/0x68 [ 21.107968] kasan_save_track+0x20/0x40 [ 21.108009] kasan_save_alloc_info+0x40/0x58 [ 21.108050] __kasan_kmalloc+0xd4/0xd8 [ 21.108089] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.108459] kasan_atomics+0xb8/0x2e0 [ 21.108504] kunit_try_run_case+0x170/0x3f0 [ 21.108672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.108723] kthread+0x328/0x630 [ 21.108756] ret_from_fork+0x10/0x20 [ 21.108794] [ 21.108881] The buggy address belongs to the object at fff00000c78ca300 [ 21.108881] which belongs to the cache kmalloc-64 of size 64 [ 21.108943] The buggy address is located 0 bytes to the right of [ 21.108943] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.109080] [ 21.109137] The buggy address belongs to the physical page: [ 21.109388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.109644] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.109699] page_type: f5(slab) [ 21.109739] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.109791] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.109842] page dumped because: kasan: bad access detected [ 21.109876] [ 21.109897] Memory state around the buggy address: [ 21.110196] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.110327] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.110374] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.110545] ^ [ 21.110581] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.110626] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.110918] ================================================================== [ 21.122075] ================================================================== [ 21.122122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 21.122311] Read of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.122569] [ 21.122762] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.122919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.122949] Hardware name: linux,dummy-virt (DT) [ 21.122993] Call trace: [ 21.123051] show_stack+0x20/0x38 (C) [ 21.123104] dump_stack_lvl+0x8c/0xd0 [ 21.123162] print_report+0x118/0x608 [ 21.123452] kasan_report+0xdc/0x128 [ 21.123531] __asan_report_load8_noabort+0x20/0x30 [ 21.123587] kasan_atomics_helper+0x3df4/0x4858 [ 21.123842] kasan_atomics+0x198/0x2e0 [ 21.123936] kunit_try_run_case+0x170/0x3f0 [ 21.123989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.124043] kthread+0x328/0x630 [ 21.124205] ret_from_fork+0x10/0x20 [ 21.124347] [ 21.124372] Allocated by task 265: [ 21.124403] kasan_save_stack+0x3c/0x68 [ 21.124446] kasan_save_track+0x20/0x40 [ 21.124485] kasan_save_alloc_info+0x40/0x58 [ 21.124525] __kasan_kmalloc+0xd4/0xd8 [ 21.124563] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.124602] kasan_atomics+0xb8/0x2e0 [ 21.124640] kunit_try_run_case+0x170/0x3f0 [ 21.124680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.124850] kthread+0x328/0x630 [ 21.124947] ret_from_fork+0x10/0x20 [ 21.125033] [ 21.125068] The buggy address belongs to the object at fff00000c78ca300 [ 21.125068] which belongs to the cache kmalloc-64 of size 64 [ 21.125127] The buggy address is located 0 bytes to the right of [ 21.125127] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.125204] [ 21.125630] The buggy address belongs to the physical page: [ 21.126914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.127284] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.127452] page_type: f5(slab) [ 21.127535] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.127777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.127832] page dumped because: kasan: bad access detected [ 21.127867] [ 21.127916] Memory state around the buggy address: [ 21.127951] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.127997] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.128398] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.128452] ^ [ 21.128496] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.128539] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.128819] ================================================================== [ 21.008551] ================================================================== [ 21.008603] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 21.008652] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.008703] [ 21.008732] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.008814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.008841] Hardware name: linux,dummy-virt (DT) [ 21.008873] Call trace: [ 21.008895] show_stack+0x20/0x38 (C) [ 21.008944] dump_stack_lvl+0x8c/0xd0 [ 21.008989] print_report+0x118/0x608 [ 21.009036] kasan_report+0xdc/0x128 [ 21.009081] kasan_check_range+0x100/0x1a8 [ 21.009131] __kasan_check_write+0x20/0x30 [ 21.009198] kasan_atomics_helper+0xf88/0x4858 [ 21.009248] kasan_atomics+0x198/0x2e0 [ 21.009295] kunit_try_run_case+0x170/0x3f0 [ 21.009342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.009395] kthread+0x328/0x630 [ 21.009438] ret_from_fork+0x10/0x20 [ 21.009487] [ 21.009509] Allocated by task 265: [ 21.009537] kasan_save_stack+0x3c/0x68 [ 21.009586] kasan_save_track+0x20/0x40 [ 21.009625] kasan_save_alloc_info+0x40/0x58 [ 21.009667] __kasan_kmalloc+0xd4/0xd8 [ 21.009704] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.009743] kasan_atomics+0xb8/0x2e0 [ 21.009781] kunit_try_run_case+0x170/0x3f0 [ 21.009820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.009867] kthread+0x328/0x630 [ 21.009901] ret_from_fork+0x10/0x20 [ 21.009939] [ 21.009959] The buggy address belongs to the object at fff00000c78ca300 [ 21.009959] which belongs to the cache kmalloc-64 of size 64 [ 21.010017] The buggy address is located 0 bytes to the right of [ 21.010017] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.010080] [ 21.010101] The buggy address belongs to the physical page: [ 21.010133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.010542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.010595] page_type: f5(slab) [ 21.010635] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.010688] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.010731] page dumped because: kasan: bad access detected [ 21.010792] [ 21.010913] Memory state around the buggy address: [ 21.011030] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.011075] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.011118] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.011168] ^ [ 21.011201] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.011246] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.011286] ================================================================== [ 21.000905] ================================================================== [ 21.000975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 21.001025] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.001077] [ 21.001111] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.001204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.001233] Hardware name: linux,dummy-virt (DT) [ 21.001265] Call trace: [ 21.001288] show_stack+0x20/0x38 (C) [ 21.001336] dump_stack_lvl+0x8c/0xd0 [ 21.001383] print_report+0x118/0x608 [ 21.001442] kasan_report+0xdc/0x128 [ 21.001495] kasan_check_range+0x100/0x1a8 [ 21.001704] __kasan_check_write+0x20/0x30 [ 21.001753] kasan_atomics_helper+0xf20/0x4858 [ 21.002229] kasan_atomics+0x198/0x2e0 [ 21.002546] kunit_try_run_case+0x170/0x3f0 [ 21.002949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.003263] kthread+0x328/0x630 [ 21.003310] ret_from_fork+0x10/0x20 [ 21.003358] [ 21.003381] Allocated by task 265: [ 21.003410] kasan_save_stack+0x3c/0x68 [ 21.003454] kasan_save_track+0x20/0x40 [ 21.003501] kasan_save_alloc_info+0x40/0x58 [ 21.003558] __kasan_kmalloc+0xd4/0xd8 [ 21.003748] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.003930] kasan_atomics+0xb8/0x2e0 [ 21.003972] kunit_try_run_case+0x170/0x3f0 [ 21.004012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.004553] kthread+0x328/0x630 [ 21.004837] ret_from_fork+0x10/0x20 [ 21.004879] [ 21.005050] The buggy address belongs to the object at fff00000c78ca300 [ 21.005050] which belongs to the cache kmalloc-64 of size 64 [ 21.005509] The buggy address is located 0 bytes to the right of [ 21.005509] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.005648] [ 21.005673] The buggy address belongs to the physical page: [ 21.005706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.005772] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.005821] page_type: f5(slab) [ 21.006246] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.006499] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.006542] page dumped because: kasan: bad access detected [ 21.006865] [ 21.007120] Memory state around the buggy address: [ 21.007197] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.007274] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.007422] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.007513] ^ [ 21.007694] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.007865] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.007997] ================================================================== [ 20.970113] ================================================================== [ 20.970172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 20.970223] Read of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 20.970426] [ 20.970717] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.970989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.971018] Hardware name: linux,dummy-virt (DT) [ 20.971051] Call trace: [ 20.971074] show_stack+0x20/0x38 (C) [ 20.971129] dump_stack_lvl+0x8c/0xd0 [ 20.971188] print_report+0x118/0x608 [ 20.971238] kasan_report+0xdc/0x128 [ 20.971285] __asan_report_load8_noabort+0x20/0x30 [ 20.971342] kasan_atomics_helper+0x3f58/0x4858 [ 20.971390] kasan_atomics+0x198/0x2e0 [ 20.971437] kunit_try_run_case+0x170/0x3f0 [ 20.971564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.972099] kthread+0x328/0x630 [ 20.972145] ret_from_fork+0x10/0x20 [ 20.972208] [ 20.972230] Allocated by task 265: [ 20.972284] kasan_save_stack+0x3c/0x68 [ 20.972328] kasan_save_track+0x20/0x40 [ 20.972493] kasan_save_alloc_info+0x40/0x58 [ 20.972699] __kasan_kmalloc+0xd4/0xd8 [ 20.972773] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.972814] kasan_atomics+0xb8/0x2e0 [ 20.972851] kunit_try_run_case+0x170/0x3f0 [ 20.972924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.973003] kthread+0x328/0x630 [ 20.973069] ret_from_fork+0x10/0x20 [ 20.973118] [ 20.973188] The buggy address belongs to the object at fff00000c78ca300 [ 20.973188] which belongs to the cache kmalloc-64 of size 64 [ 20.973343] The buggy address is located 0 bytes to the right of [ 20.973343] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 20.973412] [ 20.973443] The buggy address belongs to the physical page: [ 20.973584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 20.974278] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.974330] page_type: f5(slab) [ 20.974368] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.974420] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.974463] page dumped because: kasan: bad access detected [ 20.974494] [ 20.974513] Memory state around the buggy address: [ 20.975339] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.975388] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.975912] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.976370] ^ [ 20.976526] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.976631] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.976745] ================================================================== [ 21.145400] ================================================================== [ 21.145447] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 21.145497] Write of size 8 at addr fff00000c78ca330 by task kunit_try_catch/265 [ 21.145549] [ 21.145580] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.145662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.145689] Hardware name: linux,dummy-virt (DT) [ 21.145721] Call trace: [ 21.145744] show_stack+0x20/0x38 (C) [ 21.145791] dump_stack_lvl+0x8c/0xd0 [ 21.145860] print_report+0x118/0x608 [ 21.146121] kasan_report+0xdc/0x128 [ 21.146363] kasan_check_range+0x100/0x1a8 [ 21.146522] __kasan_check_write+0x20/0x30 [ 21.146626] kasan_atomics_helper+0x17ec/0x4858 [ 21.146871] kasan_atomics+0x198/0x2e0 [ 21.147095] kunit_try_run_case+0x170/0x3f0 [ 21.147200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.147254] kthread+0x328/0x630 [ 21.147299] ret_from_fork+0x10/0x20 [ 21.147346] [ 21.147367] Allocated by task 265: [ 21.147396] kasan_save_stack+0x3c/0x68 [ 21.147463] kasan_save_track+0x20/0x40 [ 21.147506] kasan_save_alloc_info+0x40/0x58 [ 21.147546] __kasan_kmalloc+0xd4/0xd8 [ 21.147585] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.147625] kasan_atomics+0xb8/0x2e0 [ 21.147662] kunit_try_run_case+0x170/0x3f0 [ 21.147702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.147745] kthread+0x328/0x630 [ 21.147780] ret_from_fork+0x10/0x20 [ 21.147851] [ 21.147948] The buggy address belongs to the object at fff00000c78ca300 [ 21.147948] which belongs to the cache kmalloc-64 of size 64 [ 21.148007] The buggy address is located 0 bytes to the right of [ 21.148007] allocated 48-byte region [fff00000c78ca300, fff00000c78ca330) [ 21.148073] [ 21.148106] The buggy address belongs to the physical page: [ 21.148187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 21.148241] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.148289] page_type: f5(slab) [ 21.148328] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.148379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.148469] page dumped because: kasan: bad access detected [ 21.148512] [ 21.148531] Memory state around the buggy address: [ 21.148565] fff00000c78ca200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.148609] fff00000c78ca280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.148702] >fff00000c78ca300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.148795] ^ [ 21.148900] fff00000c78ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.149044] fff00000c78ca400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.149173] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.551515] ================================================================== [ 20.551940] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.552528] Read of size 8 at addr fff00000c59fcc48 by task kunit_try_catch/261 [ 20.552797] [ 20.553319] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.553796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.554005] Hardware name: linux,dummy-virt (DT) [ 20.554629] Call trace: [ 20.571973] ================================================================== [ 20.490594] ================================================================== [ 20.491074] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.491136] Write of size 8 at addr fff00000c59fcc48 by task kunit_try_catch/261 [ 20.491199] [ 20.491234] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.491317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.491346] Hardware name: linux,dummy-virt (DT) [ 20.491377] Call trace: [ 20.491413] show_stack+0x20/0x38 (C) [ 20.491463] dump_stack_lvl+0x8c/0xd0 [ 20.491684] print_report+0x118/0x608 [ 20.492201] kasan_report+0xdc/0x128 [ 20.492284] kasan_check_range+0x100/0x1a8 [ 20.492335] __kasan_check_write+0x20/0x30 [ 20.492380] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.492432] kasan_bitops_generic+0x110/0x1c8 [ 20.492758] kunit_try_run_case+0x170/0x3f0 [ 20.492816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.493027] kthread+0x328/0x630 [ 20.493497] ret_from_fork+0x10/0x20 [ 20.493687] [ 20.493761] Allocated by task 261: [ 20.493799] kasan_save_stack+0x3c/0x68 [ 20.493861] kasan_save_track+0x20/0x40 [ 20.494033] kasan_save_alloc_info+0x40/0x58 [ 20.494081] __kasan_kmalloc+0xd4/0xd8 [ 20.494119] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.494303] kasan_bitops_generic+0xa0/0x1c8 [ 20.494375] kunit_try_run_case+0x170/0x3f0 [ 20.494469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.494560] kthread+0x328/0x630 [ 20.494637] ret_from_fork+0x10/0x20 [ 20.494674] [ 20.494740] The buggy address belongs to the object at fff00000c59fcc40 [ 20.494740] which belongs to the cache kmalloc-16 of size 16 [ 20.494859] The buggy address is located 8 bytes inside of [ 20.494859] allocated 9-byte region [fff00000c59fcc40, fff00000c59fcc49) [ 20.495001] [ 20.495028] The buggy address belongs to the physical page: [ 20.495172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059fc [ 20.495225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.495682] page_type: f5(slab) [ 20.495867] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.495991] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.496034] page dumped because: kasan: bad access detected [ 20.496069] [ 20.496401] Memory state around the buggy address: [ 20.496619] fff00000c59fcb00: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 20.496860] fff00000c59fcb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.496942] >fff00000c59fcc00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 20.497049] ^ [ 20.497134] fff00000c59fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.497199] fff00000c59fcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.497238] ================================================================== [ 20.525971] ================================================================== [ 20.527205] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.527462] Write of size 8 at addr fff00000c59fcc48 by task kunit_try_catch/261 [ 20.527519] [ 20.527553] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.527636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.527664] Hardware name: linux,dummy-virt (DT) [ 20.527697] Call trace: [ 20.527720] show_stack+0x20/0x38 (C) [ 20.527771] dump_stack_lvl+0x8c/0xd0 [ 20.527818] print_report+0x118/0x608 [ 20.527866] kasan_report+0xdc/0x128 [ 20.531177] kasan_check_range+0x100/0x1a8 [ 20.531702] __kasan_check_write+0x20/0x30 [ 20.532366] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.532512] kasan_bitops_generic+0x110/0x1c8 [ 20.532929] kunit_try_run_case+0x170/0x3f0 [ 20.534271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.534650] kthread+0x328/0x630 [ 20.534758] ret_from_fork+0x10/0x20 [ 20.535387] [ 20.535497] Allocated by task 261: [ 20.535604] kasan_save_stack+0x3c/0x68 [ 20.535658] kasan_save_track+0x20/0x40 [ 20.535698] kasan_save_alloc_info+0x40/0x58 [ 20.536569] __kasan_kmalloc+0xd4/0xd8 [ 20.537024] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.537505] kasan_bitops_generic+0xa0/0x1c8 [ 20.537560] kunit_try_run_case+0x170/0x3f0 [ 20.537602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.537646] kthread+0x328/0x630 [ 20.537683] ret_from_fork+0x10/0x20 [ 20.537721] [ 20.538918] The buggy address belongs to the object at fff00000c59fcc40 [ 20.538918] which belongs to the cache kmalloc-16 of size 16 [ 20.539567] The buggy address is located 8 bytes inside of [ 20.539567] allocated 9-byte region [fff00000c59fcc40, fff00000c59fcc49) [ 20.539697] [ 20.539721] The buggy address belongs to the physical page: [ 20.539756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059fc [ 20.541070] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.541506] page_type: f5(slab) [ 20.541814] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.541868] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.541911] page dumped because: kasan: bad access detected [ 20.542605] [ 20.542920] Memory state around the buggy address: [ 20.543346] fff00000c59fcb00: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 20.544229] fff00000c59fcb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.544307] >fff00000c59fcc00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 20.545174] ^ [ 20.545413] fff00000c59fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.546135] fff00000c59fcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.546287] ================================================================== [ 20.501135] ================================================================== [ 20.501549] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.502021] Read of size 8 at addr fff00000c59fcc48 by task kunit_try_catch/261 [ 20.502095] [ 20.502248] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.502610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.502650] Hardware name: linux,dummy-virt (DT) [ 20.502684] Call trace: [ 20.502708] show_stack+0x20/0x38 (C) [ 20.502770] dump_stack_lvl+0x8c/0xd0 [ 20.502820] print_report+0x118/0x608 [ 20.503251] kasan_report+0xdc/0x128 [ 20.503330] __asan_report_load8_noabort+0x20/0x30 [ 20.503380] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.503481] kasan_bitops_generic+0x110/0x1c8 [ 20.503904] kunit_try_run_case+0x170/0x3f0 [ 20.503959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.504470] kthread+0x328/0x630 [ 20.504916] ret_from_fork+0x10/0x20 [ 20.505408] [ 20.505713] Allocated by task 261: [ 20.506022] kasan_save_stack+0x3c/0x68 [ 20.507011] kasan_save_track+0x20/0x40 [ 20.507057] kasan_save_alloc_info+0x40/0x58 [ 20.507298] __kasan_kmalloc+0xd4/0xd8 [ 20.507344] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.507385] kasan_bitops_generic+0xa0/0x1c8 [ 20.507426] kunit_try_run_case+0x170/0x3f0 [ 20.507465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.508475] kthread+0x328/0x630 [ 20.508630] ret_from_fork+0x10/0x20 [ 20.508678] [ 20.508701] The buggy address belongs to the object at fff00000c59fcc40 [ 20.508701] which belongs to the cache kmalloc-16 of size 16 [ 20.510001] The buggy address is located 8 bytes inside of [ 20.510001] allocated 9-byte region [fff00000c59fcc40, fff00000c59fcc49) [ 20.510704] [ 20.510808] The buggy address belongs to the physical page: [ 20.511331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059fc [ 20.511702] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.512305] page_type: f5(slab) [ 20.512357] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.512961] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.513543] page dumped because: kasan: bad access detected [ 20.513646] [ 20.513668] Memory state around the buggy address: [ 20.514128] fff00000c59fcb00: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 20.514299] fff00000c59fcb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.515078] >fff00000c59fcc00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 20.515410] ^ [ 20.515786] fff00000c59fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.516456] fff00000c59fcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.516504] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 20.475633] ================================================================== [ 20.476076] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 20.476163] Read of size 1 at addr fff00000c78cc650 by task kunit_try_catch/259 [ 20.476216] [ 20.476247] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.476741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.476785] Hardware name: linux,dummy-virt (DT) [ 20.476817] Call trace: [ 20.476896] show_stack+0x20/0x38 (C) [ 20.477087] dump_stack_lvl+0x8c/0xd0 [ 20.477160] print_report+0x118/0x608 [ 20.477294] kasan_report+0xdc/0x128 [ 20.477392] __asan_report_load1_noabort+0x20/0x30 [ 20.477445] strnlen+0x80/0x88 [ 20.477489] kasan_strings+0x478/0xb00 [ 20.477554] kunit_try_run_case+0x170/0x3f0 [ 20.477630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.477703] kthread+0x328/0x630 [ 20.477847] ret_from_fork+0x10/0x20 [ 20.477944] [ 20.477998] Allocated by task 259: [ 20.478047] kasan_save_stack+0x3c/0x68 [ 20.478140] kasan_save_track+0x20/0x40 [ 20.478188] kasan_save_alloc_info+0x40/0x58 [ 20.478230] __kasan_kmalloc+0xd4/0xd8 [ 20.478312] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.478359] kasan_strings+0xc8/0xb00 [ 20.479197] kunit_try_run_case+0x170/0x3f0 [ 20.479406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.479573] kthread+0x328/0x630 [ 20.479673] ret_from_fork+0x10/0x20 [ 20.479834] [ 20.479860] Freed by task 259: [ 20.480181] kasan_save_stack+0x3c/0x68 [ 20.480310] kasan_save_track+0x20/0x40 [ 20.480376] kasan_save_free_info+0x4c/0x78 [ 20.480418] __kasan_slab_free+0x6c/0x98 [ 20.480458] kfree+0x214/0x3c8 [ 20.480493] kasan_strings+0x24c/0xb00 [ 20.480560] kunit_try_run_case+0x170/0x3f0 [ 20.480599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.480684] kthread+0x328/0x630 [ 20.480967] ret_from_fork+0x10/0x20 [ 20.481015] [ 20.481036] The buggy address belongs to the object at fff00000c78cc640 [ 20.481036] which belongs to the cache kmalloc-32 of size 32 [ 20.481258] The buggy address is located 16 bytes inside of [ 20.481258] freed 32-byte region [fff00000c78cc640, fff00000c78cc660) [ 20.481600] [ 20.481624] The buggy address belongs to the physical page: [ 20.481658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078cc [ 20.481712] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.482008] page_type: f5(slab) [ 20.482179] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.482238] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.482366] page dumped because: kasan: bad access detected [ 20.482462] [ 20.482517] Memory state around the buggy address: [ 20.482567] fff00000c78cc500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.482613] fff00000c78cc580: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.482657] >fff00000c78cc600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.482915] ^ [ 20.482964] fff00000c78cc680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.483049] fff00000c78cc700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.483116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.467595] ================================================================== [ 20.467838] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 20.467897] Read of size 1 at addr fff00000c78cc650 by task kunit_try_catch/259 [ 20.467950] [ 20.467982] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.468064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.468434] Hardware name: linux,dummy-virt (DT) [ 20.468496] Call trace: [ 20.468554] show_stack+0x20/0x38 (C) [ 20.468609] dump_stack_lvl+0x8c/0xd0 [ 20.469056] print_report+0x118/0x608 [ 20.469127] kasan_report+0xdc/0x128 [ 20.469263] __asan_report_load1_noabort+0x20/0x30 [ 20.469318] strlen+0xa8/0xb0 [ 20.469360] kasan_strings+0x418/0xb00 [ 20.469404] kunit_try_run_case+0x170/0x3f0 [ 20.469729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.469789] kthread+0x328/0x630 [ 20.469836] ret_from_fork+0x10/0x20 [ 20.470113] [ 20.470166] Allocated by task 259: [ 20.470222] kasan_save_stack+0x3c/0x68 [ 20.470267] kasan_save_track+0x20/0x40 [ 20.470312] kasan_save_alloc_info+0x40/0x58 [ 20.470492] __kasan_kmalloc+0xd4/0xd8 [ 20.470738] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.470815] kasan_strings+0xc8/0xb00 [ 20.470853] kunit_try_run_case+0x170/0x3f0 [ 20.470892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.470944] kthread+0x328/0x630 [ 20.471091] ret_from_fork+0x10/0x20 [ 20.471127] [ 20.471148] Freed by task 259: [ 20.471188] kasan_save_stack+0x3c/0x68 [ 20.471225] kasan_save_track+0x20/0x40 [ 20.471312] kasan_save_free_info+0x4c/0x78 [ 20.471477] __kasan_slab_free+0x6c/0x98 [ 20.471524] kfree+0x214/0x3c8 [ 20.471693] kasan_strings+0x24c/0xb00 [ 20.471838] kunit_try_run_case+0x170/0x3f0 [ 20.471918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.471964] kthread+0x328/0x630 [ 20.472025] ret_from_fork+0x10/0x20 [ 20.472063] [ 20.472083] The buggy address belongs to the object at fff00000c78cc640 [ 20.472083] which belongs to the cache kmalloc-32 of size 32 [ 20.472141] The buggy address is located 16 bytes inside of [ 20.472141] freed 32-byte region [fff00000c78cc640, fff00000c78cc660) [ 20.472411] [ 20.472446] The buggy address belongs to the physical page: [ 20.472480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078cc [ 20.472535] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.473303] page_type: f5(slab) [ 20.473369] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.473422] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.473475] page dumped because: kasan: bad access detected [ 20.473509] [ 20.473530] Memory state around the buggy address: [ 20.473578] fff00000c78cc500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.474027] fff00000c78cc580: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.474085] >fff00000c78cc600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.474127] ^ [ 20.474175] fff00000c78cc680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.474418] fff00000c78cc700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.474600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.458759] ================================================================== [ 20.458814] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 20.458863] Read of size 1 at addr fff00000c78cc650 by task kunit_try_catch/259 [ 20.459169] [ 20.459278] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.459634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.459704] Hardware name: linux,dummy-virt (DT) [ 20.459961] Call trace: [ 20.460079] show_stack+0x20/0x38 (C) [ 20.460135] dump_stack_lvl+0x8c/0xd0 [ 20.460193] print_report+0x118/0x608 [ 20.460241] kasan_report+0xdc/0x128 [ 20.460496] __asan_report_load1_noabort+0x20/0x30 [ 20.460585] kasan_strings+0x95c/0xb00 [ 20.460852] kunit_try_run_case+0x170/0x3f0 [ 20.461108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.461246] kthread+0x328/0x630 [ 20.461292] ret_from_fork+0x10/0x20 [ 20.461377] [ 20.461412] Allocated by task 259: [ 20.461524] kasan_save_stack+0x3c/0x68 [ 20.461568] kasan_save_track+0x20/0x40 [ 20.461607] kasan_save_alloc_info+0x40/0x58 [ 20.461771] __kasan_kmalloc+0xd4/0xd8 [ 20.461991] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.462086] kasan_strings+0xc8/0xb00 [ 20.462148] kunit_try_run_case+0x170/0x3f0 [ 20.462198] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.462377] kthread+0x328/0x630 [ 20.462597] ret_from_fork+0x10/0x20 [ 20.462721] [ 20.462757] Freed by task 259: [ 20.462785] kasan_save_stack+0x3c/0x68 [ 20.462827] kasan_save_track+0x20/0x40 [ 20.463142] kasan_save_free_info+0x4c/0x78 [ 20.463214] __kasan_slab_free+0x6c/0x98 [ 20.463415] kfree+0x214/0x3c8 [ 20.463619] kasan_strings+0x24c/0xb00 [ 20.463740] kunit_try_run_case+0x170/0x3f0 [ 20.463830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.463917] kthread+0x328/0x630 [ 20.463953] ret_from_fork+0x10/0x20 [ 20.464058] [ 20.464083] The buggy address belongs to the object at fff00000c78cc640 [ 20.464083] which belongs to the cache kmalloc-32 of size 32 [ 20.464286] The buggy address is located 16 bytes inside of [ 20.464286] freed 32-byte region [fff00000c78cc640, fff00000c78cc660) [ 20.464353] [ 20.464623] The buggy address belongs to the physical page: [ 20.464703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078cc [ 20.464758] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.464807] page_type: f5(slab) [ 20.464846] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.465229] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.465279] page dumped because: kasan: bad access detected [ 20.465484] [ 20.465560] Memory state around the buggy address: [ 20.465597] fff00000c78cc500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.465643] fff00000c78cc580: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.465757] >fff00000c78cc600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.465941] ^ [ 20.466061] fff00000c78cc680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.466105] fff00000c78cc700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.466170] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.449789] ================================================================== [ 20.449848] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 20.449901] Read of size 1 at addr fff00000c78cc650 by task kunit_try_catch/259 [ 20.449953] [ 20.450137] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.450283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.450312] Hardware name: linux,dummy-virt (DT) [ 20.450729] Call trace: [ 20.450848] show_stack+0x20/0x38 (C) [ 20.450904] dump_stack_lvl+0x8c/0xd0 [ 20.450950] print_report+0x118/0x608 [ 20.451561] kasan_report+0xdc/0x128 [ 20.451809] __asan_report_load1_noabort+0x20/0x30 [ 20.451940] strcmp+0xc0/0xc8 [ 20.451987] kasan_strings+0x340/0xb00 [ 20.452465] kunit_try_run_case+0x170/0x3f0 [ 20.452532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.452589] kthread+0x328/0x630 [ 20.452646] ret_from_fork+0x10/0x20 [ 20.452812] [ 20.452844] Allocated by task 259: [ 20.453190] kasan_save_stack+0x3c/0x68 [ 20.453296] kasan_save_track+0x20/0x40 [ 20.453337] kasan_save_alloc_info+0x40/0x58 [ 20.453378] __kasan_kmalloc+0xd4/0xd8 [ 20.453423] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.453464] kasan_strings+0xc8/0xb00 [ 20.453616] kunit_try_run_case+0x170/0x3f0 [ 20.453805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.453938] kthread+0x328/0x630 [ 20.454012] ret_from_fork+0x10/0x20 [ 20.454094] [ 20.454141] Freed by task 259: [ 20.454206] kasan_save_stack+0x3c/0x68 [ 20.454331] kasan_save_track+0x20/0x40 [ 20.454405] kasan_save_free_info+0x4c/0x78 [ 20.454452] __kasan_slab_free+0x6c/0x98 [ 20.454490] kfree+0x214/0x3c8 [ 20.454526] kasan_strings+0x24c/0xb00 [ 20.454565] kunit_try_run_case+0x170/0x3f0 [ 20.454644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.454871] kthread+0x328/0x630 [ 20.454908] ret_from_fork+0x10/0x20 [ 20.454947] [ 20.454969] The buggy address belongs to the object at fff00000c78cc640 [ 20.454969] which belongs to the cache kmalloc-32 of size 32 [ 20.455068] The buggy address is located 16 bytes inside of [ 20.455068] freed 32-byte region [fff00000c78cc640, fff00000c78cc660) [ 20.455165] [ 20.455188] The buggy address belongs to the physical page: [ 20.455220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078cc [ 20.455343] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.456130] page_type: f5(slab) [ 20.456308] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.456588] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.456664] page dumped because: kasan: bad access detected [ 20.456743] [ 20.456770] Memory state around the buggy address: [ 20.456814] fff00000c78cc500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.456881] fff00000c78cc580: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.456926] >fff00000c78cc600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.456966] ^ [ 20.457002] fff00000c78cc680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.457711] fff00000c78cc700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.457778] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.434624] ================================================================== [ 20.434684] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 20.434739] Read of size 1 at addr fff00000c78cc498 by task kunit_try_catch/257 [ 20.434791] [ 20.434823] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.434906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.434935] Hardware name: linux,dummy-virt (DT) [ 20.434968] Call trace: [ 20.434998] show_stack+0x20/0x38 (C) [ 20.435050] dump_stack_lvl+0x8c/0xd0 [ 20.435099] print_report+0x118/0x608 [ 20.435148] kasan_report+0xdc/0x128 [ 20.435208] __asan_report_load1_noabort+0x20/0x30 [ 20.435261] memcmp+0x198/0x1d8 [ 20.435305] kasan_memcmp+0x16c/0x300 [ 20.435349] kunit_try_run_case+0x170/0x3f0 [ 20.435414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.435472] kthread+0x328/0x630 [ 20.435563] ret_from_fork+0x10/0x20 [ 20.435615] [ 20.435637] Allocated by task 257: [ 20.435703] kasan_save_stack+0x3c/0x68 [ 20.435748] kasan_save_track+0x20/0x40 [ 20.435788] kasan_save_alloc_info+0x40/0x58 [ 20.435837] __kasan_kmalloc+0xd4/0xd8 [ 20.435952] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.436031] kasan_memcmp+0xbc/0x300 [ 20.436067] kunit_try_run_case+0x170/0x3f0 [ 20.436230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.436298] kthread+0x328/0x630 [ 20.436339] ret_from_fork+0x10/0x20 [ 20.436376] [ 20.436423] The buggy address belongs to the object at fff00000c78cc480 [ 20.436423] which belongs to the cache kmalloc-32 of size 32 [ 20.436483] The buggy address is located 0 bytes to the right of [ 20.436483] allocated 24-byte region [fff00000c78cc480, fff00000c78cc498) [ 20.436585] [ 20.436608] The buggy address belongs to the physical page: [ 20.436643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078cc [ 20.436698] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.436821] page_type: f5(slab) [ 20.436899] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.437009] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.437102] page dumped because: kasan: bad access detected [ 20.437271] [ 20.437336] Memory state around the buggy address: [ 20.437376] fff00000c78cc380: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 20.437556] fff00000c78cc400: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.437632] >fff00000c78cc480: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.437711] ^ [ 20.437744] fff00000c78cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.437885] fff00000c78cc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.437943] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.415826] ================================================================== [ 20.415930] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 20.415989] Read of size 1 at addr ffff800080a07b4a by task kunit_try_catch/253 [ 20.416042] [ 20.416300] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.416474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.416686] Hardware name: linux,dummy-virt (DT) [ 20.416895] Call trace: [ 20.417033] show_stack+0x20/0x38 (C) [ 20.417175] dump_stack_lvl+0x8c/0xd0 [ 20.417254] print_report+0x310/0x608 [ 20.417304] kasan_report+0xdc/0x128 [ 20.417351] __asan_report_load1_noabort+0x20/0x30 [ 20.417584] kasan_alloca_oob_right+0x2dc/0x340 [ 20.417673] kunit_try_run_case+0x170/0x3f0 [ 20.418073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.418163] kthread+0x328/0x630 [ 20.418207] ret_from_fork+0x10/0x20 [ 20.418259] [ 20.418314] The buggy address belongs to stack of task kunit_try_catch/253 [ 20.418486] [ 20.418572] The buggy address belongs to the virtual mapping at [ 20.418572] [ffff800080a00000, ffff800080a09000) created by: [ 20.418572] kernel_clone+0x150/0x7a8 [ 20.418652] [ 20.418740] The buggy address belongs to the physical page: [ 20.418811] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107922 [ 20.418993] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.419125] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.419452] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.419500] page dumped because: kasan: bad access detected [ 20.419535] [ 20.419555] Memory state around the buggy address: [ 20.419729] ffff800080a07a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.419783] ffff800080a07a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.419828] >ffff800080a07b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.419868] ^ [ 20.420287] ffff800080a07b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.420405] ffff800080a07c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.420447] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.400632] ================================================================== [ 20.400725] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 20.400966] Read of size 1 at addr ffff800080a07b5f by task kunit_try_catch/251 [ 20.401019] [ 20.401054] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.401135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.401178] Hardware name: linux,dummy-virt (DT) [ 20.401210] Call trace: [ 20.401235] show_stack+0x20/0x38 (C) [ 20.401285] dump_stack_lvl+0x8c/0xd0 [ 20.401336] print_report+0x310/0x608 [ 20.401392] kasan_report+0xdc/0x128 [ 20.401618] __asan_report_load1_noabort+0x20/0x30 [ 20.401878] kasan_alloca_oob_left+0x2b8/0x310 [ 20.401979] kunit_try_run_case+0x170/0x3f0 [ 20.402457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.402631] kthread+0x328/0x630 [ 20.403067] ret_from_fork+0x10/0x20 [ 20.403164] [ 20.403385] The buggy address belongs to stack of task kunit_try_catch/251 [ 20.403507] [ 20.403550] The buggy address belongs to the virtual mapping at [ 20.403550] [ffff800080a00000, ffff800080a09000) created by: [ 20.403550] kernel_clone+0x150/0x7a8 [ 20.403771] [ 20.403796] The buggy address belongs to the physical page: [ 20.403837] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107922 [ 20.403972] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.404037] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.404090] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.404175] page dumped because: kasan: bad access detected [ 20.404210] [ 20.404231] Memory state around the buggy address: [ 20.404266] ffff800080a07a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.404361] ffff800080a07a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.404406] >ffff800080a07b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 20.404446] ^ [ 20.404487] ffff800080a07b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.404532] ffff800080a07c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.404639] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.383829] ================================================================== [ 20.384065] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 20.384127] Read of size 1 at addr ffff800080977c2a by task kunit_try_catch/249 [ 20.384187] [ 20.384234] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.384771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.384803] Hardware name: linux,dummy-virt (DT) [ 20.384836] Call trace: [ 20.384860] show_stack+0x20/0x38 (C) [ 20.384912] dump_stack_lvl+0x8c/0xd0 [ 20.384962] print_report+0x310/0x608 [ 20.385271] kasan_report+0xdc/0x128 [ 20.385320] __asan_report_load1_noabort+0x20/0x30 [ 20.385967] kasan_stack_oob+0x238/0x270 [ 20.386021] kunit_try_run_case+0x170/0x3f0 [ 20.386096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.386171] kthread+0x328/0x630 [ 20.386219] ret_from_fork+0x10/0x20 [ 20.386941] [ 20.387288] The buggy address belongs to stack of task kunit_try_catch/249 [ 20.387662] and is located at offset 138 in frame: [ 20.387706] kasan_stack_oob+0x0/0x270 [ 20.387832] [ 20.387863] This frame has 4 objects: [ 20.388474] [48, 49) '__assertion' [ 20.388587] [64, 72) 'array' [ 20.388661] [96, 112) '__assertion' [ 20.388713] [128, 138) 'stack_array' [ 20.388812] [ 20.388848] The buggy address belongs to the virtual mapping at [ 20.388848] [ffff800080970000, ffff800080979000) created by: [ 20.388848] kernel_clone+0x150/0x7a8 [ 20.388957] [ 20.388981] The buggy address belongs to the physical page: [ 20.389016] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e93 [ 20.389071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.389138] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.389202] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.389244] page dumped because: kasan: bad access detected [ 20.389279] [ 20.389298] Memory state around the buggy address: [ 20.389331] ffff800080977b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.389375] ffff800080977b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 20.389419] >ffff800080977c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 20.389460] ^ [ 20.389493] ffff800080977c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 20.389535] ffff800080977d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.389575] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.356347] ================================================================== [ 20.356422] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 20.356511] Read of size 1 at addr ffff918d08f4f5cd by task kunit_try_catch/245 [ 20.356564] [ 20.357052] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.357480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.357786] Hardware name: linux,dummy-virt (DT) [ 20.357979] Call trace: [ 20.358002] show_stack+0x20/0x38 (C) [ 20.358053] dump_stack_lvl+0x8c/0xd0 [ 20.358323] print_report+0x310/0x608 [ 20.358620] kasan_report+0xdc/0x128 [ 20.358715] __asan_report_load1_noabort+0x20/0x30 [ 20.358900] kasan_global_oob_right+0x230/0x270 [ 20.358945] kunit_try_run_case+0x170/0x3f0 [ 20.358997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.359052] kthread+0x328/0x630 [ 20.359093] ret_from_fork+0x10/0x20 [ 20.359168] [ 20.359328] The buggy address belongs to the variable: [ 20.359359] global_array+0xd/0x40 [ 20.359635] [ 20.360213] The buggy address belongs to the virtual mapping at [ 20.360213] [ffff918d07100000, ffff918d09001000) created by: [ 20.360213] paging_init+0x66c/0x7d0 [ 20.360414] [ 20.360482] The buggy address belongs to the physical page: [ 20.360515] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 20.360801] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 20.361005] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 20.361257] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.361300] page dumped because: kasan: bad access detected [ 20.361338] [ 20.361355] Memory state around the buggy address: [ 20.361387] ffff918d08f4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.361720] ffff918d08f4f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.361767] >ffff918d08f4f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 20.361804] ^ [ 20.361897] ffff918d08f4f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.362336] ffff918d08f4f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.362379] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.313633] ================================================================== [ 20.313986] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.314102] Free of addr fff00000c78d3601 by task kunit_try_catch/241 [ 20.314144] [ 20.314192] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.314430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.314474] Hardware name: linux,dummy-virt (DT) [ 20.314505] Call trace: [ 20.314525] show_stack+0x20/0x38 (C) [ 20.314579] dump_stack_lvl+0x8c/0xd0 [ 20.314726] print_report+0x118/0x608 [ 20.314884] kasan_report_invalid_free+0xc0/0xe8 [ 20.314988] check_slab_allocation+0xfc/0x108 [ 20.315095] __kasan_mempool_poison_object+0x78/0x150 [ 20.315663] mempool_free+0x28c/0x328 [ 20.315767] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.315821] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.316401] kunit_try_run_case+0x170/0x3f0 [ 20.316479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.316531] kthread+0x328/0x630 [ 20.316574] ret_from_fork+0x10/0x20 [ 20.316650] [ 20.316721] Allocated by task 241: [ 20.316752] kasan_save_stack+0x3c/0x68 [ 20.317038] kasan_save_track+0x20/0x40 [ 20.317167] kasan_save_alloc_info+0x40/0x58 [ 20.317221] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.317263] remove_element+0x130/0x1f8 [ 20.317301] mempool_alloc_preallocated+0x58/0xc0 [ 20.317365] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 20.317680] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.317729] kunit_try_run_case+0x170/0x3f0 [ 20.317765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.317810] kthread+0x328/0x630 [ 20.317942] ret_from_fork+0x10/0x20 [ 20.318361] [ 20.318613] The buggy address belongs to the object at fff00000c78d3600 [ 20.318613] which belongs to the cache kmalloc-128 of size 128 [ 20.318711] The buggy address is located 1 bytes inside of [ 20.318711] 128-byte region [fff00000c78d3600, fff00000c78d3680) [ 20.318846] [ 20.318910] The buggy address belongs to the physical page: [ 20.318959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 20.319015] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.319420] page_type: f5(slab) [ 20.319562] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.319773] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.320017] page dumped because: kasan: bad access detected [ 20.320209] [ 20.320233] Memory state around the buggy address: [ 20.320266] fff00000c78d3500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.320322] fff00000c78d3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.320364] >fff00000c78d3600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.320797] ^ [ 20.320940] fff00000c78d3680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.320989] fff00000c78d3700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.321057] ================================================================== [ 20.329814] ================================================================== [ 20.329870] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.329924] Free of addr fff00000c790c001 by task kunit_try_catch/243 [ 20.329966] [ 20.330000] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.330078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.330105] Hardware name: linux,dummy-virt (DT) [ 20.330137] Call trace: [ 20.330488] show_stack+0x20/0x38 (C) [ 20.330725] dump_stack_lvl+0x8c/0xd0 [ 20.330832] print_report+0x118/0x608 [ 20.331180] kasan_report_invalid_free+0xc0/0xe8 [ 20.331732] __kasan_mempool_poison_object+0xfc/0x150 [ 20.331987] mempool_free+0x28c/0x328 [ 20.332033] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.332331] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 20.332563] kunit_try_run_case+0x170/0x3f0 [ 20.332612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.332664] kthread+0x328/0x630 [ 20.332709] ret_from_fork+0x10/0x20 [ 20.332756] [ 20.332777] The buggy address belongs to the physical page: [ 20.332809] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790c [ 20.333388] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.333445] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.333499] page_type: f8(unknown) [ 20.333978] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.334111] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.334259] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.334322] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.334425] head: 0bfffe0000000002 ffffc1ffc31e4301 00000000ffffffff 00000000ffffffff [ 20.334526] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.334623] page dumped because: kasan: bad access detected [ 20.334653] [ 20.334706] Memory state around the buggy address: [ 20.334878] fff00000c790bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.334923] fff00000c790bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.334967] >fff00000c790c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.335009] ^ [ 20.335082] fff00000c790c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.335461] fff00000c790c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.335503] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.276005] ================================================================== [ 20.276136] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.276199] Free of addr fff00000c7908000 by task kunit_try_catch/237 [ 20.276241] [ 20.276273] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.276755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.276791] Hardware name: linux,dummy-virt (DT) [ 20.277047] Call trace: [ 20.277241] show_stack+0x20/0x38 (C) [ 20.277297] dump_stack_lvl+0x8c/0xd0 [ 20.277703] print_report+0x118/0x608 [ 20.278013] kasan_report_invalid_free+0xc0/0xe8 [ 20.278102] __kasan_mempool_poison_object+0x14c/0x150 [ 20.278164] mempool_free+0x28c/0x328 [ 20.278208] mempool_double_free_helper+0x150/0x2e8 [ 20.278260] mempool_kmalloc_large_double_free+0xc0/0x118 [ 20.278313] kunit_try_run_case+0x170/0x3f0 [ 20.278373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.278527] kthread+0x328/0x630 [ 20.278778] ret_from_fork+0x10/0x20 [ 20.279061] [ 20.279087] The buggy address belongs to the physical page: [ 20.279387] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107908 [ 20.279676] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.279831] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.279950] page_type: f8(unknown) [ 20.280023] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.280075] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.280193] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.280447] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.280500] head: 0bfffe0000000002 ffffc1ffc31e4201 00000000ffffffff 00000000ffffffff [ 20.280615] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.280890] page dumped because: kasan: bad access detected [ 20.280922] [ 20.280939] Memory state around the buggy address: [ 20.280972] fff00000c7907f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.281015] fff00000c7907f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.281058] >fff00000c7908000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.281095] ^ [ 20.281160] fff00000c7908080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.281210] fff00000c7908100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.281261] ================================================================== [ 20.293145] ================================================================== [ 20.293219] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.293323] Free of addr fff00000c790c000 by task kunit_try_catch/239 [ 20.293369] [ 20.293721] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.294424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.294580] Hardware name: linux,dummy-virt (DT) [ 20.294754] Call trace: [ 20.294779] show_stack+0x20/0x38 (C) [ 20.294832] dump_stack_lvl+0x8c/0xd0 [ 20.294879] print_report+0x118/0x608 [ 20.294940] kasan_report_invalid_free+0xc0/0xe8 [ 20.295025] __kasan_mempool_poison_pages+0xe0/0xe8 [ 20.295189] mempool_free+0x24c/0x328 [ 20.295233] mempool_double_free_helper+0x150/0x2e8 [ 20.295280] mempool_page_alloc_double_free+0xbc/0x118 [ 20.295331] kunit_try_run_case+0x170/0x3f0 [ 20.295377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.295429] kthread+0x328/0x630 [ 20.295472] ret_from_fork+0x10/0x20 [ 20.295521] [ 20.295543] The buggy address belongs to the physical page: [ 20.295913] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790c [ 20.296456] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.296704] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.296800] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.297035] page dumped because: kasan: bad access detected [ 20.297380] [ 20.297435] Memory state around the buggy address: [ 20.297471] fff00000c790bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.297514] fff00000c790bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.297558] >fff00000c790c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.297607] ^ [ 20.297636] fff00000c790c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.297734] fff00000c790c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.297992] ================================================================== [ 20.257640] ================================================================== [ 20.258047] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.258252] Free of addr fff00000c78d3200 by task kunit_try_catch/235 [ 20.258382] [ 20.258442] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.258802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.258893] Hardware name: linux,dummy-virt (DT) [ 20.258998] Call trace: [ 20.259019] show_stack+0x20/0x38 (C) [ 20.259172] dump_stack_lvl+0x8c/0xd0 [ 20.259331] print_report+0x118/0x608 [ 20.259444] kasan_report_invalid_free+0xc0/0xe8 [ 20.259495] check_slab_allocation+0xd4/0x108 [ 20.259542] __kasan_mempool_poison_object+0x78/0x150 [ 20.259593] mempool_free+0x28c/0x328 [ 20.259640] mempool_double_free_helper+0x150/0x2e8 [ 20.259691] mempool_kmalloc_double_free+0xc0/0x118 [ 20.259741] kunit_try_run_case+0x170/0x3f0 [ 20.259788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.259847] kthread+0x328/0x630 [ 20.259947] ret_from_fork+0x10/0x20 [ 20.259994] [ 20.260013] Allocated by task 235: [ 20.260044] kasan_save_stack+0x3c/0x68 [ 20.260143] kasan_save_track+0x20/0x40 [ 20.260201] kasan_save_alloc_info+0x40/0x58 [ 20.260239] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.260282] remove_element+0x130/0x1f8 [ 20.260317] mempool_alloc_preallocated+0x58/0xc0 [ 20.260394] mempool_double_free_helper+0x94/0x2e8 [ 20.260462] mempool_kmalloc_double_free+0xc0/0x118 [ 20.260502] kunit_try_run_case+0x170/0x3f0 [ 20.260542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.260587] kthread+0x328/0x630 [ 20.260636] ret_from_fork+0x10/0x20 [ 20.260672] [ 20.260691] Freed by task 235: [ 20.260719] kasan_save_stack+0x3c/0x68 [ 20.260773] kasan_save_track+0x20/0x40 [ 20.260809] kasan_save_free_info+0x4c/0x78 [ 20.260847] __kasan_mempool_poison_object+0xc0/0x150 [ 20.260899] mempool_free+0x28c/0x328 [ 20.261004] mempool_double_free_helper+0x100/0x2e8 [ 20.261130] mempool_kmalloc_double_free+0xc0/0x118 [ 20.261180] kunit_try_run_case+0x170/0x3f0 [ 20.261218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.261263] kthread+0x328/0x630 [ 20.261295] ret_from_fork+0x10/0x20 [ 20.261331] [ 20.261359] The buggy address belongs to the object at fff00000c78d3200 [ 20.261359] which belongs to the cache kmalloc-128 of size 128 [ 20.261485] The buggy address is located 0 bytes inside of [ 20.261485] 128-byte region [fff00000c78d3200, fff00000c78d3280) [ 20.261545] [ 20.261564] The buggy address belongs to the physical page: [ 20.261595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d3 [ 20.261869] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.262227] page_type: f5(slab) [ 20.262269] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.262319] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.262359] page dumped because: kasan: bad access detected [ 20.262389] [ 20.262413] Memory state around the buggy address: [ 20.262583] fff00000c78d3100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.262711] fff00000c78d3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.262846] >fff00000c78d3200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.262973] ^ [ 20.263003] fff00000c78d3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.263045] fff00000c78d3300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.263083] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.550815] ================================================================== [ 18.550884] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 18.550939] Read of size 1 at addr fff00000c65cb0c8 by task kunit_try_catch/207 [ 18.551344] [ 18.551390] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.551538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.551757] Hardware name: linux,dummy-virt (DT) [ 18.551794] Call trace: [ 18.551818] show_stack+0x20/0x38 (C) [ 18.551870] dump_stack_lvl+0x8c/0xd0 [ 18.551952] print_report+0x118/0x608 [ 18.552302] kasan_report+0xdc/0x128 [ 18.552439] __asan_report_load1_noabort+0x20/0x30 [ 18.552489] kmem_cache_oob+0x344/0x430 [ 18.552534] kunit_try_run_case+0x170/0x3f0 [ 18.552634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.552866] kthread+0x328/0x630 [ 18.552920] ret_from_fork+0x10/0x20 [ 18.552969] [ 18.552998] Allocated by task 207: [ 18.553028] kasan_save_stack+0x3c/0x68 [ 18.553099] kasan_save_track+0x20/0x40 [ 18.553140] kasan_save_alloc_info+0x40/0x58 [ 18.553498] __kasan_slab_alloc+0xa8/0xb0 [ 18.553570] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.553610] kmem_cache_oob+0x12c/0x430 [ 18.553647] kunit_try_run_case+0x170/0x3f0 [ 18.553684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.553725] kthread+0x328/0x630 [ 18.553757] ret_from_fork+0x10/0x20 [ 18.553818] [ 18.553917] The buggy address belongs to the object at fff00000c65cb000 [ 18.553917] which belongs to the cache test_cache of size 200 [ 18.554212] The buggy address is located 0 bytes to the right of [ 18.554212] allocated 200-byte region [fff00000c65cb000, fff00000c65cb0c8) [ 18.554353] [ 18.554446] The buggy address belongs to the physical page: [ 18.554494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065cb [ 18.554604] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.554654] page_type: f5(slab) [ 18.554692] raw: 0bfffe0000000000 fff00000c595db40 dead000000000122 0000000000000000 [ 18.554826] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.554987] page dumped because: kasan: bad access detected [ 18.555019] [ 18.555036] Memory state around the buggy address: [ 18.555139] fff00000c65caf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.556077] fff00000c65cb000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.556227] >fff00000c65cb080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.556412] ^ [ 18.556451] fff00000c65cb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.556640] fff00000c65cb180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.556941] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.516896] ================================================================== [ 18.516986] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 18.517041] Read of size 8 at addr fff00000c65c4cc0 by task kunit_try_catch/200 [ 18.517089] [ 18.517120] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.517214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.517239] Hardware name: linux,dummy-virt (DT) [ 18.517854] Call trace: [ 18.517883] show_stack+0x20/0x38 (C) [ 18.517933] dump_stack_lvl+0x8c/0xd0 [ 18.518256] print_report+0x118/0x608 [ 18.518310] kasan_report+0xdc/0x128 [ 18.518362] __asan_report_load8_noabort+0x20/0x30 [ 18.518597] workqueue_uaf+0x480/0x4a8 [ 18.518920] kunit_try_run_case+0x170/0x3f0 [ 18.519016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.519067] kthread+0x328/0x630 [ 18.519108] ret_from_fork+0x10/0x20 [ 18.519264] [ 18.519289] Allocated by task 200: [ 18.519318] kasan_save_stack+0x3c/0x68 [ 18.519676] kasan_save_track+0x20/0x40 [ 18.519727] kasan_save_alloc_info+0x40/0x58 [ 18.519768] __kasan_kmalloc+0xd4/0xd8 [ 18.519804] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.519842] workqueue_uaf+0x13c/0x4a8 [ 18.521606] kunit_try_run_case+0x170/0x3f0 [ 18.521668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.521713] kthread+0x328/0x630 [ 18.521745] ret_from_fork+0x10/0x20 [ 18.521782] [ 18.521801] Freed by task 75: [ 18.521830] kasan_save_stack+0x3c/0x68 [ 18.521870] kasan_save_track+0x20/0x40 [ 18.521909] kasan_save_free_info+0x4c/0x78 [ 18.521947] __kasan_slab_free+0x6c/0x98 [ 18.522340] kfree+0x214/0x3c8 [ 18.522428] workqueue_uaf_work+0x18/0x30 [ 18.522470] process_one_work+0x530/0xf98 [ 18.522526] worker_thread+0x618/0xf38 [ 18.522560] kthread+0x328/0x630 [ 18.522593] ret_from_fork+0x10/0x20 [ 18.522628] [ 18.522649] Last potentially related work creation: [ 18.522677] kasan_save_stack+0x3c/0x68 [ 18.522958] kasan_record_aux_stack+0xb4/0xc8 [ 18.523021] __queue_work+0x65c/0x1008 [ 18.523058] queue_work_on+0xbc/0xf8 [ 18.523344] workqueue_uaf+0x210/0x4a8 [ 18.523440] kunit_try_run_case+0x170/0x3f0 [ 18.523479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.523522] kthread+0x328/0x630 [ 18.523553] ret_from_fork+0x10/0x20 [ 18.523589] [ 18.523620] The buggy address belongs to the object at fff00000c65c4cc0 [ 18.523620] which belongs to the cache kmalloc-32 of size 32 [ 18.523678] The buggy address is located 0 bytes inside of [ 18.523678] freed 32-byte region [fff00000c65c4cc0, fff00000c65c4ce0) [ 18.523752] [ 18.524003] The buggy address belongs to the physical page: [ 18.524092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c4 [ 18.524146] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.524384] page_type: f5(slab) [ 18.524477] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.524531] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.524690] page dumped because: kasan: bad access detected [ 18.524825] [ 18.524843] Memory state around the buggy address: [ 18.524874] fff00000c65c4b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.525120] fff00000c65c4c00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.525408] >fff00000c65c4c80: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 18.525454] ^ [ 18.525516] fff00000c65c4d00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.525558] fff00000c65c4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.525597] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.242570] ================================================================== [ 20.242634] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.242695] Read of size 1 at addr fff00000c7908000 by task kunit_try_catch/233 [ 20.242744] [ 20.242779] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.243636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.243863] Hardware name: linux,dummy-virt (DT) [ 20.243947] Call trace: [ 20.243972] show_stack+0x20/0x38 (C) [ 20.244029] dump_stack_lvl+0x8c/0xd0 [ 20.244240] print_report+0x118/0x608 [ 20.244475] kasan_report+0xdc/0x128 [ 20.244553] __asan_report_load1_noabort+0x20/0x30 [ 20.244731] mempool_uaf_helper+0x314/0x340 [ 20.245056] mempool_page_alloc_uaf+0xc0/0x118 [ 20.245194] kunit_try_run_case+0x170/0x3f0 [ 20.245281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.245374] kthread+0x328/0x630 [ 20.245513] ret_from_fork+0x10/0x20 [ 20.245574] [ 20.245656] The buggy address belongs to the physical page: [ 20.245689] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107908 [ 20.245788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.245852] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.245903] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.245945] page dumped because: kasan: bad access detected [ 20.245975] [ 20.245994] Memory state around the buggy address: [ 20.246067] fff00000c7907f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.246577] fff00000c7907f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.246981] >fff00000c7908000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.247087] ^ [ 20.247170] fff00000c7908080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.247227] fff00000c7908100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.247265] ================================================================== [ 20.186912] ================================================================== [ 20.187083] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.187442] Read of size 1 at addr fff00000c7904000 by task kunit_try_catch/229 [ 20.187699] [ 20.187735] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.188051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.188093] Hardware name: linux,dummy-virt (DT) [ 20.188231] Call trace: [ 20.188254] show_stack+0x20/0x38 (C) [ 20.188305] dump_stack_lvl+0x8c/0xd0 [ 20.188351] print_report+0x118/0x608 [ 20.188470] kasan_report+0xdc/0x128 [ 20.188700] __asan_report_load1_noabort+0x20/0x30 [ 20.188801] mempool_uaf_helper+0x314/0x340 [ 20.188908] mempool_kmalloc_large_uaf+0xc4/0x120 [ 20.188987] kunit_try_run_case+0x170/0x3f0 [ 20.189038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.189090] kthread+0x328/0x630 [ 20.189131] ret_from_fork+0x10/0x20 [ 20.189199] [ 20.189251] The buggy address belongs to the physical page: [ 20.189284] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107904 [ 20.189642] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.190005] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.190079] page_type: f8(unknown) [ 20.190119] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.190180] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.190227] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.190284] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.190331] head: 0bfffe0000000002 ffffc1ffc31e4101 00000000ffffffff 00000000ffffffff [ 20.190546] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.190897] page dumped because: kasan: bad access detected [ 20.190930] [ 20.191048] Memory state around the buggy address: [ 20.191087] fff00000c7903f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.191131] fff00000c7903f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.191229] >fff00000c7904000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.191500] ^ [ 20.191591] fff00000c7904080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.191658] fff00000c7904100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.191703] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.207465] ================================================================== [ 20.207913] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.208162] Read of size 1 at addr fff00000c78d5240 by task kunit_try_catch/231 [ 20.208214] [ 20.208293] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.208480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.208509] Hardware name: linux,dummy-virt (DT) [ 20.208545] Call trace: [ 20.208622] show_stack+0x20/0x38 (C) [ 20.208749] dump_stack_lvl+0x8c/0xd0 [ 20.208796] print_report+0x118/0x608 [ 20.208840] kasan_report+0xdc/0x128 [ 20.208884] __asan_report_load1_noabort+0x20/0x30 [ 20.208942] mempool_uaf_helper+0x314/0x340 [ 20.208988] mempool_slab_uaf+0xc0/0x118 [ 20.209308] kunit_try_run_case+0x170/0x3f0 [ 20.209400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.209772] kthread+0x328/0x630 [ 20.209900] ret_from_fork+0x10/0x20 [ 20.210095] [ 20.210257] Allocated by task 231: [ 20.210346] kasan_save_stack+0x3c/0x68 [ 20.210416] kasan_save_track+0x20/0x40 [ 20.210516] kasan_save_alloc_info+0x40/0x58 [ 20.210562] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.210756] remove_element+0x16c/0x1f8 [ 20.210792] mempool_alloc_preallocated+0x58/0xc0 [ 20.210830] mempool_uaf_helper+0xa4/0x340 [ 20.210867] mempool_slab_uaf+0xc0/0x118 [ 20.210903] kunit_try_run_case+0x170/0x3f0 [ 20.210940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.210994] kthread+0x328/0x630 [ 20.211027] ret_from_fork+0x10/0x20 [ 20.211182] [ 20.211239] Freed by task 231: [ 20.211310] kasan_save_stack+0x3c/0x68 [ 20.211354] kasan_save_track+0x20/0x40 [ 20.211391] kasan_save_free_info+0x4c/0x78 [ 20.211438] __kasan_mempool_poison_object+0xc0/0x150 [ 20.211598] mempool_free+0x28c/0x328 [ 20.211652] mempool_uaf_helper+0x104/0x340 [ 20.211761] mempool_slab_uaf+0xc0/0x118 [ 20.211797] kunit_try_run_case+0x170/0x3f0 [ 20.211921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.211967] kthread+0x328/0x630 [ 20.211999] ret_from_fork+0x10/0x20 [ 20.212033] [ 20.212056] The buggy address belongs to the object at fff00000c78d5240 [ 20.212056] which belongs to the cache test_cache of size 123 [ 20.212112] The buggy address is located 0 bytes inside of [ 20.212112] freed 123-byte region [fff00000c78d5240, fff00000c78d52bb) [ 20.212396] [ 20.212421] The buggy address belongs to the physical page: [ 20.212497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d5 [ 20.212553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.213246] page_type: f5(slab) [ 20.213530] raw: 0bfffe0000000000 fff00000c78c0280 dead000000000122 0000000000000000 [ 20.213585] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.213658] page dumped because: kasan: bad access detected [ 20.213690] [ 20.213709] Memory state around the buggy address: [ 20.213740] fff00000c78d5100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.214167] fff00000c78d5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.214333] >fff00000c78d5200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.214418] ^ [ 20.214489] fff00000c78d5280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.214531] fff00000c78d5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.214567] ================================================================== [ 20.169216] ================================================================== [ 20.169282] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.169341] Read of size 1 at addr fff00000c3ec0e00 by task kunit_try_catch/227 [ 20.169399] [ 20.169575] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.169819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.169947] Hardware name: linux,dummy-virt (DT) [ 20.169986] Call trace: [ 20.170059] show_stack+0x20/0x38 (C) [ 20.170111] dump_stack_lvl+0x8c/0xd0 [ 20.170170] print_report+0x118/0x608 [ 20.170216] kasan_report+0xdc/0x128 [ 20.170260] __asan_report_load1_noabort+0x20/0x30 [ 20.170311] mempool_uaf_helper+0x314/0x340 [ 20.170357] mempool_kmalloc_uaf+0xc4/0x120 [ 20.170402] kunit_try_run_case+0x170/0x3f0 [ 20.170450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.170503] kthread+0x328/0x630 [ 20.170544] ret_from_fork+0x10/0x20 [ 20.170592] [ 20.170620] Allocated by task 227: [ 20.170763] kasan_save_stack+0x3c/0x68 [ 20.170903] kasan_save_track+0x20/0x40 [ 20.170981] kasan_save_alloc_info+0x40/0x58 [ 20.171605] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.171738] remove_element+0x130/0x1f8 [ 20.171928] mempool_alloc_preallocated+0x58/0xc0 [ 20.172234] mempool_uaf_helper+0xa4/0x340 [ 20.172417] mempool_kmalloc_uaf+0xc4/0x120 [ 20.172480] kunit_try_run_case+0x170/0x3f0 [ 20.172520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.172735] kthread+0x328/0x630 [ 20.172786] ret_from_fork+0x10/0x20 [ 20.173080] [ 20.173272] Freed by task 227: [ 20.173456] kasan_save_stack+0x3c/0x68 [ 20.173502] kasan_save_track+0x20/0x40 [ 20.173707] kasan_save_free_info+0x4c/0x78 [ 20.173945] __kasan_mempool_poison_object+0xc0/0x150 [ 20.173995] mempool_free+0x28c/0x328 [ 20.174031] mempool_uaf_helper+0x104/0x340 [ 20.174068] mempool_kmalloc_uaf+0xc4/0x120 [ 20.174115] kunit_try_run_case+0x170/0x3f0 [ 20.174162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.174364] kthread+0x328/0x630 [ 20.174527] ret_from_fork+0x10/0x20 [ 20.174565] [ 20.174585] The buggy address belongs to the object at fff00000c3ec0e00 [ 20.174585] which belongs to the cache kmalloc-128 of size 128 [ 20.174647] The buggy address is located 0 bytes inside of [ 20.174647] freed 128-byte region [fff00000c3ec0e00, fff00000c3ec0e80) [ 20.175140] [ 20.175176] The buggy address belongs to the physical page: [ 20.175207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 20.175628] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.175931] page_type: f5(slab) [ 20.176012] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.176063] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.176104] page dumped because: kasan: bad access detected [ 20.176265] [ 20.176285] Memory state around the buggy address: [ 20.176447] fff00000c3ec0d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.176527] fff00000c3ec0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.176570] >fff00000c3ec0e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.176608] ^ [ 20.176651] fff00000c3ec0e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.176814] fff00000c3ec0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.176886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.117653] ================================================================== [ 20.117728] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.117799] Read of size 1 at addr fff00000c3ec0a73 by task kunit_try_catch/221 [ 20.117846] [ 20.117886] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.117969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.117997] Hardware name: linux,dummy-virt (DT) [ 20.118028] Call trace: [ 20.118053] show_stack+0x20/0x38 (C) [ 20.118105] dump_stack_lvl+0x8c/0xd0 [ 20.118168] print_report+0x118/0x608 [ 20.118214] kasan_report+0xdc/0x128 [ 20.118257] __asan_report_load1_noabort+0x20/0x30 [ 20.118308] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.118356] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.118404] kunit_try_run_case+0x170/0x3f0 [ 20.118453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.118503] kthread+0x328/0x630 [ 20.118546] ret_from_fork+0x10/0x20 [ 20.118593] [ 20.118612] Allocated by task 221: [ 20.118642] kasan_save_stack+0x3c/0x68 [ 20.118682] kasan_save_track+0x20/0x40 [ 20.118720] kasan_save_alloc_info+0x40/0x58 [ 20.118759] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.118804] remove_element+0x130/0x1f8 [ 20.118840] mempool_alloc_preallocated+0x58/0xc0 [ 20.118881] mempool_oob_right_helper+0x98/0x2f0 [ 20.118921] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.118959] kunit_try_run_case+0x170/0x3f0 [ 20.119004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.119047] kthread+0x328/0x630 [ 20.119079] ret_from_fork+0x10/0x20 [ 20.119115] [ 20.119135] The buggy address belongs to the object at fff00000c3ec0a00 [ 20.119135] which belongs to the cache kmalloc-128 of size 128 [ 20.119201] The buggy address is located 0 bytes to the right of [ 20.119201] allocated 115-byte region [fff00000c3ec0a00, fff00000c3ec0a73) [ 20.119264] [ 20.119285] The buggy address belongs to the physical page: [ 20.119317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 20.119370] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.119422] page_type: f5(slab) [ 20.119462] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.119512] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.119553] page dumped because: kasan: bad access detected [ 20.119583] [ 20.119600] Memory state around the buggy address: [ 20.119634] fff00000c3ec0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.119678] fff00000c3ec0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.119721] >fff00000c3ec0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.119759] ^ [ 20.119798] fff00000c3ec0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.119840] fff00000c3ec0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.119878] ================================================================== [ 20.130710] ================================================================== [ 20.130776] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.130833] Read of size 1 at addr fff00000c7902001 by task kunit_try_catch/223 [ 20.130882] [ 20.130916] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.131004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.131033] Hardware name: linux,dummy-virt (DT) [ 20.131065] Call trace: [ 20.131088] show_stack+0x20/0x38 (C) [ 20.131137] dump_stack_lvl+0x8c/0xd0 [ 20.131198] print_report+0x118/0x608 [ 20.131991] kasan_report+0xdc/0x128 [ 20.132089] __asan_report_load1_noabort+0x20/0x30 [ 20.132187] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.132239] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 20.132288] kunit_try_run_case+0x170/0x3f0 [ 20.132337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.132390] kthread+0x328/0x630 [ 20.132432] ret_from_fork+0x10/0x20 [ 20.132480] [ 20.132505] The buggy address belongs to the physical page: [ 20.132537] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 20.132591] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.132637] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.132691] page_type: f8(unknown) [ 20.132730] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.132779] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.132828] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.132875] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.132925] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff [ 20.132975] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.133031] page dumped because: kasan: bad access detected [ 20.133089] [ 20.133107] Memory state around the buggy address: [ 20.133221] fff00000c7901f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.133265] fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.133310] >fff00000c7902000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.133347] ^ [ 20.133375] fff00000c7902080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.133417] fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.133455] ================================================================== [ 20.143800] ================================================================== [ 20.143866] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.144295] Read of size 1 at addr fff00000c78db2bb by task kunit_try_catch/225 [ 20.144361] [ 20.144512] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.144621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.144682] Hardware name: linux,dummy-virt (DT) [ 20.144764] Call trace: [ 20.144805] show_stack+0x20/0x38 (C) [ 20.144856] dump_stack_lvl+0x8c/0xd0 [ 20.144903] print_report+0x118/0x608 [ 20.144947] kasan_report+0xdc/0x128 [ 20.145031] __asan_report_load1_noabort+0x20/0x30 [ 20.145304] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.145355] mempool_slab_oob_right+0xc0/0x118 [ 20.145401] kunit_try_run_case+0x170/0x3f0 [ 20.145448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.145500] kthread+0x328/0x630 [ 20.145563] ret_from_fork+0x10/0x20 [ 20.145689] [ 20.145718] Allocated by task 225: [ 20.145747] kasan_save_stack+0x3c/0x68 [ 20.145788] kasan_save_track+0x20/0x40 [ 20.145825] kasan_save_alloc_info+0x40/0x58 [ 20.145867] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.145929] remove_element+0x16c/0x1f8 [ 20.145965] mempool_alloc_preallocated+0x58/0xc0 [ 20.146118] mempool_oob_right_helper+0x98/0x2f0 [ 20.146165] mempool_slab_oob_right+0xc0/0x118 [ 20.146203] kunit_try_run_case+0x170/0x3f0 [ 20.146239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.146306] kthread+0x328/0x630 [ 20.146352] ret_from_fork+0x10/0x20 [ 20.146415] [ 20.146435] The buggy address belongs to the object at fff00000c78db240 [ 20.146435] which belongs to the cache test_cache of size 123 [ 20.146969] The buggy address is located 0 bytes to the right of [ 20.146969] allocated 123-byte region [fff00000c78db240, fff00000c78db2bb) [ 20.147042] [ 20.147346] The buggy address belongs to the physical page: [ 20.147381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078db [ 20.147470] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.147780] page_type: f5(slab) [ 20.147923] raw: 0bfffe0000000000 fff00000c78c0140 dead000000000122 0000000000000000 [ 20.147974] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.148013] page dumped because: kasan: bad access detected [ 20.148062] [ 20.148080] Memory state around the buggy address: [ 20.148112] fff00000c78db180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.148168] fff00000c78db200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.148211] >fff00000c78db280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.148249] ^ [ 20.148284] fff00000c78db300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.148334] fff00000c78db380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.148374] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.566750] ================================================================== [ 19.566834] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 19.566910] Read of size 1 at addr fff00000c19e6dc0 by task kunit_try_catch/215 [ 19.566961] [ 19.567007] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.567093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.567122] Hardware name: linux,dummy-virt (DT) [ 19.567171] Call trace: [ 19.567196] show_stack+0x20/0x38 (C) [ 19.567250] dump_stack_lvl+0x8c/0xd0 [ 19.567300] print_report+0x118/0x608 [ 19.567345] kasan_report+0xdc/0x128 [ 19.567390] __kasan_check_byte+0x54/0x70 [ 19.567435] kmem_cache_destroy+0x34/0x218 [ 19.567481] kmem_cache_double_destroy+0x174/0x300 [ 19.567530] kunit_try_run_case+0x170/0x3f0 [ 19.567579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.567631] kthread+0x328/0x630 [ 19.567675] ret_from_fork+0x10/0x20 [ 19.567722] [ 19.567742] Allocated by task 215: [ 19.567773] kasan_save_stack+0x3c/0x68 [ 19.567814] kasan_save_track+0x20/0x40 [ 19.567852] kasan_save_alloc_info+0x40/0x58 [ 19.567926] __kasan_slab_alloc+0xa8/0xb0 [ 19.567985] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.568029] __kmem_cache_create_args+0x178/0x280 [ 19.568067] kmem_cache_double_destroy+0xc0/0x300 [ 19.568106] kunit_try_run_case+0x170/0x3f0 [ 19.568143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.568195] kthread+0x328/0x630 [ 19.568227] ret_from_fork+0x10/0x20 [ 19.568263] [ 19.568282] Freed by task 215: [ 19.568308] kasan_save_stack+0x3c/0x68 [ 19.568345] kasan_save_track+0x20/0x40 [ 19.568381] kasan_save_free_info+0x4c/0x78 [ 19.568420] __kasan_slab_free+0x6c/0x98 [ 19.568458] kmem_cache_free+0x260/0x468 [ 19.568495] slab_kmem_cache_release+0x38/0x50 [ 19.568533] kmem_cache_release+0x1c/0x30 [ 19.568569] kobject_put+0x17c/0x420 [ 19.568605] sysfs_slab_release+0x1c/0x30 [ 19.568642] kmem_cache_destroy+0x118/0x218 [ 19.568679] kmem_cache_double_destroy+0x128/0x300 [ 19.568719] kunit_try_run_case+0x170/0x3f0 [ 19.568755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.568798] kthread+0x328/0x630 [ 19.568829] ret_from_fork+0x10/0x20 [ 19.568865] [ 19.568884] The buggy address belongs to the object at fff00000c19e6dc0 [ 19.568884] which belongs to the cache kmem_cache of size 208 [ 19.568941] The buggy address is located 0 bytes inside of [ 19.568941] freed 208-byte region [fff00000c19e6dc0, fff00000c19e6e90) [ 19.569001] [ 19.569023] The buggy address belongs to the physical page: [ 19.569057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1019e6 [ 19.569111] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.569172] page_type: f5(slab) [ 19.569214] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 19.569264] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.569305] page dumped because: kasan: bad access detected [ 19.569336] [ 19.569356] Memory state around the buggy address: [ 19.569389] fff00000c19e6c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.569431] fff00000c19e6d00: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 19.569474] >fff00000c19e6d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.569513] ^ [ 19.569549] fff00000c19e6e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.569591] fff00000c19e6e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.569629] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.295546] ================================================================== [ 19.295645] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 19.295724] Read of size 1 at addr fff00000c78c3000 by task kunit_try_catch/213 [ 19.295777] [ 19.295818] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.295912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.295940] Hardware name: linux,dummy-virt (DT) [ 19.295974] Call trace: [ 19.295996] show_stack+0x20/0x38 (C) [ 19.296342] dump_stack_lvl+0x8c/0xd0 [ 19.297057] print_report+0x118/0x608 [ 19.297721] kasan_report+0xdc/0x128 [ 19.298005] __asan_report_load1_noabort+0x20/0x30 [ 19.298923] kmem_cache_rcu_uaf+0x388/0x468 [ 19.299181] kunit_try_run_case+0x170/0x3f0 [ 19.299575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.299952] kthread+0x328/0x630 [ 19.300688] ret_from_fork+0x10/0x20 [ 19.301180] [ 19.301203] Allocated by task 213: [ 19.301527] kasan_save_stack+0x3c/0x68 [ 19.301648] kasan_save_track+0x20/0x40 [ 19.302299] kasan_save_alloc_info+0x40/0x58 [ 19.302467] __kasan_slab_alloc+0xa8/0xb0 [ 19.302528] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.303055] kmem_cache_rcu_uaf+0x12c/0x468 [ 19.303431] kunit_try_run_case+0x170/0x3f0 [ 19.303585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.304323] kthread+0x328/0x630 [ 19.305146] ret_from_fork+0x10/0x20 [ 19.305331] [ 19.305355] Freed by task 0: [ 19.305482] kasan_save_stack+0x3c/0x68 [ 19.305836] kasan_save_track+0x20/0x40 [ 19.306273] kasan_save_free_info+0x4c/0x78 [ 19.306451] __kasan_slab_free+0x6c/0x98 [ 19.306710] slab_free_after_rcu_debug+0xd4/0x2f8 [ 19.306755] rcu_core+0x9f4/0x1e20 [ 19.306792] rcu_core_si+0x18/0x30 [ 19.307609] handle_softirqs+0x374/0xb28 [ 19.308044] __do_softirq+0x1c/0x28 [ 19.308620] [ 19.308650] Last potentially related work creation: [ 19.308710] kasan_save_stack+0x3c/0x68 [ 19.308893] kasan_record_aux_stack+0xb4/0xc8 [ 19.309566] kmem_cache_free+0x120/0x468 [ 19.310141] kmem_cache_rcu_uaf+0x16c/0x468 [ 19.310393] kunit_try_run_case+0x170/0x3f0 [ 19.311006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.311265] kthread+0x328/0x630 [ 19.311310] ret_from_fork+0x10/0x20 [ 19.311347] [ 19.311367] The buggy address belongs to the object at fff00000c78c3000 [ 19.311367] which belongs to the cache test_cache of size 200 [ 19.312261] The buggy address is located 0 bytes inside of [ 19.312261] freed 200-byte region [fff00000c78c3000, fff00000c78c30c8) [ 19.312801] [ 19.312840] The buggy address belongs to the physical page: [ 19.313385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c3 [ 19.313904] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.314047] page_type: f5(slab) [ 19.314299] raw: 0bfffe0000000000 fff00000c78c0000 dead000000000122 0000000000000000 [ 19.314374] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.314416] page dumped because: kasan: bad access detected [ 19.314447] [ 19.315531] Memory state around the buggy address: [ 19.315826] fff00000c78c2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.316342] fff00000c78c2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.316405] >fff00000c78c3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.316589] ^ [ 19.316891] fff00000c78c3080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.317391] fff00000c78c3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.317560] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.867354] ================================================================== [ 18.867425] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 18.867499] Free of addr fff00000c7847001 by task kunit_try_catch/211 [ 18.867543] [ 18.867582] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.867664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.867728] Hardware name: linux,dummy-virt (DT) [ 18.868004] Call trace: [ 18.868074] show_stack+0x20/0x38 (C) [ 18.868266] dump_stack_lvl+0x8c/0xd0 [ 18.868339] print_report+0x118/0x608 [ 18.868437] kasan_report_invalid_free+0xc0/0xe8 [ 18.868529] check_slab_allocation+0xfc/0x108 [ 18.868576] __kasan_slab_pre_free+0x2c/0x48 [ 18.868623] kmem_cache_free+0xf0/0x468 [ 18.868670] kmem_cache_invalid_free+0x184/0x3c8 [ 18.868717] kunit_try_run_case+0x170/0x3f0 [ 18.868766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.868851] kthread+0x328/0x630 [ 18.868895] ret_from_fork+0x10/0x20 [ 18.868989] [ 18.869008] Allocated by task 211: [ 18.869094] kasan_save_stack+0x3c/0x68 [ 18.869207] kasan_save_track+0x20/0x40 [ 18.869304] kasan_save_alloc_info+0x40/0x58 [ 18.869407] __kasan_slab_alloc+0xa8/0xb0 [ 18.869482] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.869522] kmem_cache_invalid_free+0x12c/0x3c8 [ 18.869785] kunit_try_run_case+0x170/0x3f0 [ 18.869868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.869975] kthread+0x328/0x630 [ 18.870128] ret_from_fork+0x10/0x20 [ 18.870258] [ 18.870296] The buggy address belongs to the object at fff00000c7847000 [ 18.870296] which belongs to the cache test_cache of size 200 [ 18.870479] The buggy address is located 1 bytes inside of [ 18.870479] 200-byte region [fff00000c7847000, fff00000c78470c8) [ 18.870637] [ 18.870732] The buggy address belongs to the physical page: [ 18.870842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107847 [ 18.871059] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.871160] page_type: f5(slab) [ 18.871220] raw: 0bfffe0000000000 fff00000c595ddc0 dead000000000122 0000000000000000 [ 18.871591] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.871677] page dumped because: kasan: bad access detected [ 18.871815] [ 18.871942] Memory state around the buggy address: [ 18.872075] fff00000c7846f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.872120] fff00000c7846f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.872180] >fff00000c7847000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.872222] ^ [ 18.872249] fff00000c7847080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.872533] fff00000c7847100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.872649] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.816702] ================================================================== [ 18.816776] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 18.816846] Free of addr fff00000c7845000 by task kunit_try_catch/209 [ 18.819331] [ 18.819394] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.819545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.819573] Hardware name: linux,dummy-virt (DT) [ 18.819608] Call trace: [ 18.819632] show_stack+0x20/0x38 (C) [ 18.819691] dump_stack_lvl+0x8c/0xd0 [ 18.819837] print_report+0x118/0x608 [ 18.819917] kasan_report_invalid_free+0xc0/0xe8 [ 18.820382] check_slab_allocation+0xd4/0x108 [ 18.822172] __kasan_slab_pre_free+0x2c/0x48 [ 18.822245] kmem_cache_free+0xf0/0x468 [ 18.822296] kmem_cache_double_free+0x190/0x3c8 [ 18.822400] kunit_try_run_case+0x170/0x3f0 [ 18.822450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.822610] kthread+0x328/0x630 [ 18.822659] ret_from_fork+0x10/0x20 [ 18.822714] [ 18.822733] Allocated by task 209: [ 18.822762] kasan_save_stack+0x3c/0x68 [ 18.823361] kasan_save_track+0x20/0x40 [ 18.823659] kasan_save_alloc_info+0x40/0x58 [ 18.823787] __kasan_slab_alloc+0xa8/0xb0 [ 18.823829] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.824174] kmem_cache_double_free+0x12c/0x3c8 [ 18.824487] kunit_try_run_case+0x170/0x3f0 [ 18.824640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.824686] kthread+0x328/0x630 [ 18.824720] ret_from_fork+0x10/0x20 [ 18.824757] [ 18.824776] Freed by task 209: [ 18.824805] kasan_save_stack+0x3c/0x68 [ 18.825576] kasan_save_track+0x20/0x40 [ 18.826517] kasan_save_free_info+0x4c/0x78 [ 18.826614] __kasan_slab_free+0x6c/0x98 [ 18.826885] kmem_cache_free+0x260/0x468 [ 18.826928] kmem_cache_double_free+0x140/0x3c8 [ 18.827291] kunit_try_run_case+0x170/0x3f0 [ 18.827388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.827544] kthread+0x328/0x630 [ 18.827642] ret_from_fork+0x10/0x20 [ 18.828011] [ 18.828036] The buggy address belongs to the object at fff00000c7845000 [ 18.828036] which belongs to the cache test_cache of size 200 [ 18.828102] The buggy address is located 0 bytes inside of [ 18.828102] 200-byte region [fff00000c7845000, fff00000c78450c8) [ 18.828484] [ 18.829024] The buggy address belongs to the physical page: [ 18.829064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107845 [ 18.830140] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.830219] page_type: f5(slab) [ 18.830264] raw: 0bfffe0000000000 fff00000c595dc80 dead000000000122 0000000000000000 [ 18.830318] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.830359] page dumped because: kasan: bad access detected [ 18.830392] [ 18.830411] Memory state around the buggy address: [ 18.830447] fff00000c7844f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.830490] fff00000c7844f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.830534] >fff00000c7845000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.830572] ^ [ 18.830600] fff00000c7845080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.830642] fff00000c7845100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.830681] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.215615] ================================================================== [ 18.215695] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 18.216057] Free of addr fff00000c59fcc20 by task kunit_try_catch/192 [ 18.216168] [ 18.216221] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.216303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.216638] Hardware name: linux,dummy-virt (DT) [ 18.216790] Call trace: [ 18.216924] show_stack+0x20/0x38 (C) [ 18.217204] dump_stack_lvl+0x8c/0xd0 [ 18.217282] print_report+0x118/0x608 [ 18.217500] kasan_report_invalid_free+0xc0/0xe8 [ 18.217755] check_slab_allocation+0xd4/0x108 [ 18.217902] __kasan_slab_pre_free+0x2c/0x48 [ 18.218102] kfree+0xe8/0x3c8 [ 18.218576] kfree_sensitive+0x3c/0xb0 [ 18.218718] kmalloc_double_kzfree+0x168/0x308 [ 18.218901] kunit_try_run_case+0x170/0x3f0 [ 18.219092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.219162] kthread+0x328/0x630 [ 18.219363] ret_from_fork+0x10/0x20 [ 18.219563] [ 18.219611] Allocated by task 192: [ 18.219657] kasan_save_stack+0x3c/0x68 [ 18.220063] kasan_save_track+0x20/0x40 [ 18.220470] kasan_save_alloc_info+0x40/0x58 [ 18.220677] __kasan_kmalloc+0xd4/0xd8 [ 18.220778] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.220861] kmalloc_double_kzfree+0xb8/0x308 [ 18.220902] kunit_try_run_case+0x170/0x3f0 [ 18.221247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.221361] kthread+0x328/0x630 [ 18.221458] ret_from_fork+0x10/0x20 [ 18.221633] [ 18.221929] Freed by task 192: [ 18.221958] kasan_save_stack+0x3c/0x68 [ 18.222379] kasan_save_track+0x20/0x40 [ 18.222456] kasan_save_free_info+0x4c/0x78 [ 18.222612] __kasan_slab_free+0x6c/0x98 [ 18.222662] kfree+0x214/0x3c8 [ 18.222696] kfree_sensitive+0x80/0xb0 [ 18.222901] kmalloc_double_kzfree+0x11c/0x308 [ 18.222951] kunit_try_run_case+0x170/0x3f0 [ 18.222996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.223039] kthread+0x328/0x630 [ 18.223070] ret_from_fork+0x10/0x20 [ 18.223107] [ 18.223127] The buggy address belongs to the object at fff00000c59fcc20 [ 18.223127] which belongs to the cache kmalloc-16 of size 16 [ 18.223202] The buggy address is located 0 bytes inside of [ 18.223202] 16-byte region [fff00000c59fcc20, fff00000c59fcc30) [ 18.223599] [ 18.223885] The buggy address belongs to the physical page: [ 18.224043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059fc [ 18.224122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.224349] page_type: f5(slab) [ 18.224484] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.224579] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.224736] page dumped because: kasan: bad access detected [ 18.224788] [ 18.224807] Memory state around the buggy address: [ 18.225028] fff00000c59fcb00: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.225199] fff00000c59fcb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.225384] >fff00000c59fcc00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.225717] ^ [ 18.225780] fff00000c59fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.225902] fff00000c59fcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.226001] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.203896] ================================================================== [ 18.204058] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 18.204146] Read of size 1 at addr fff00000c59fcc20 by task kunit_try_catch/192 [ 18.204211] [ 18.204244] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.204326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.204698] Hardware name: linux,dummy-virt (DT) [ 18.204772] Call trace: [ 18.204796] show_stack+0x20/0x38 (C) [ 18.205000] dump_stack_lvl+0x8c/0xd0 [ 18.205186] print_report+0x118/0x608 [ 18.205342] kasan_report+0xdc/0x128 [ 18.205494] __kasan_check_byte+0x54/0x70 [ 18.205712] kfree_sensitive+0x30/0xb0 [ 18.205767] kmalloc_double_kzfree+0x168/0x308 [ 18.206141] kunit_try_run_case+0x170/0x3f0 [ 18.206323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.206537] kthread+0x328/0x630 [ 18.206690] ret_from_fork+0x10/0x20 [ 18.206772] [ 18.206792] Allocated by task 192: [ 18.206883] kasan_save_stack+0x3c/0x68 [ 18.207288] kasan_save_track+0x20/0x40 [ 18.207407] kasan_save_alloc_info+0x40/0x58 [ 18.207556] __kasan_kmalloc+0xd4/0xd8 [ 18.207754] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.207814] kmalloc_double_kzfree+0xb8/0x308 [ 18.208206] kunit_try_run_case+0x170/0x3f0 [ 18.208307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.208459] kthread+0x328/0x630 [ 18.208644] ret_from_fork+0x10/0x20 [ 18.208758] [ 18.208831] Freed by task 192: [ 18.208862] kasan_save_stack+0x3c/0x68 [ 18.208903] kasan_save_track+0x20/0x40 [ 18.208940] kasan_save_free_info+0x4c/0x78 [ 18.208980] __kasan_slab_free+0x6c/0x98 [ 18.209339] kfree+0x214/0x3c8 [ 18.209494] kfree_sensitive+0x80/0xb0 [ 18.209658] kmalloc_double_kzfree+0x11c/0x308 [ 18.209829] kunit_try_run_case+0x170/0x3f0 [ 18.209910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.209964] kthread+0x328/0x630 [ 18.209999] ret_from_fork+0x10/0x20 [ 18.210211] [ 18.210368] The buggy address belongs to the object at fff00000c59fcc20 [ 18.210368] which belongs to the cache kmalloc-16 of size 16 [ 18.210461] The buggy address is located 0 bytes inside of [ 18.210461] freed 16-byte region [fff00000c59fcc20, fff00000c59fcc30) [ 18.210611] [ 18.210701] The buggy address belongs to the physical page: [ 18.210841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059fc [ 18.211230] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.211309] page_type: f5(slab) [ 18.211510] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.211736] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.211777] page dumped because: kasan: bad access detected [ 18.212110] [ 18.212172] Memory state around the buggy address: [ 18.212209] fff00000c59fcb00: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.212551] fff00000c59fcb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.212642] >fff00000c59fcc00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.212849] ^ [ 18.212884] fff00000c59fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.213234] fff00000c59fcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.213296] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.181461] ================================================================== [ 18.181522] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 18.181576] Read of size 1 at addr fff00000c65c50a8 by task kunit_try_catch/188 [ 18.181625] [ 18.181655] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.181733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.181760] Hardware name: linux,dummy-virt (DT) [ 18.181792] Call trace: [ 18.181812] show_stack+0x20/0x38 (C) [ 18.181859] dump_stack_lvl+0x8c/0xd0 [ 18.182204] print_report+0x118/0x608 [ 18.182274] kasan_report+0xdc/0x128 [ 18.182322] __asan_report_load1_noabort+0x20/0x30 [ 18.182734] kmalloc_uaf2+0x3f4/0x468 [ 18.182792] kunit_try_run_case+0x170/0x3f0 [ 18.183232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.183299] kthread+0x328/0x630 [ 18.183542] ret_from_fork+0x10/0x20 [ 18.183612] [ 18.183740] Allocated by task 188: [ 18.183837] kasan_save_stack+0x3c/0x68 [ 18.183882] kasan_save_track+0x20/0x40 [ 18.183931] kasan_save_alloc_info+0x40/0x58 [ 18.184078] __kasan_kmalloc+0xd4/0xd8 [ 18.184286] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.184423] kmalloc_uaf2+0xc4/0x468 [ 18.184702] kunit_try_run_case+0x170/0x3f0 [ 18.184784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.184862] kthread+0x328/0x630 [ 18.184898] ret_from_fork+0x10/0x20 [ 18.184934] [ 18.184953] Freed by task 188: [ 18.184980] kasan_save_stack+0x3c/0x68 [ 18.185017] kasan_save_track+0x20/0x40 [ 18.185053] kasan_save_free_info+0x4c/0x78 [ 18.185102] __kasan_slab_free+0x6c/0x98 [ 18.185139] kfree+0x214/0x3c8 [ 18.185426] kmalloc_uaf2+0x134/0x468 [ 18.185492] kunit_try_run_case+0x170/0x3f0 [ 18.185569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.185625] kthread+0x328/0x630 [ 18.185893] ret_from_fork+0x10/0x20 [ 18.186028] [ 18.186240] The buggy address belongs to the object at fff00000c65c5080 [ 18.186240] which belongs to the cache kmalloc-64 of size 64 [ 18.186458] The buggy address is located 40 bytes inside of [ 18.186458] freed 64-byte region [fff00000c65c5080, fff00000c65c50c0) [ 18.186568] [ 18.186715] The buggy address belongs to the physical page: [ 18.186779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 18.186950] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.187344] page_type: f5(slab) [ 18.187411] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.187604] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.187707] page dumped because: kasan: bad access detected [ 18.187761] [ 18.187906] Memory state around the buggy address: [ 18.187989] fff00000c65c4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.188170] fff00000c65c5000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.188242] >fff00000c65c5080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.188405] ^ [ 18.188576] fff00000c65c5100: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.188744] fff00000c65c5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.188909] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 18.162707] ================================================================== [ 18.162902] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 18.162967] Write of size 33 at addr fff00000c65bef00 by task kunit_try_catch/186 [ 18.163025] [ 18.163261] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.163645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.163698] Hardware name: linux,dummy-virt (DT) [ 18.163741] Call trace: [ 18.163766] show_stack+0x20/0x38 (C) [ 18.163890] dump_stack_lvl+0x8c/0xd0 [ 18.164105] print_report+0x118/0x608 [ 18.164289] kasan_report+0xdc/0x128 [ 18.164336] kasan_check_range+0x100/0x1a8 [ 18.164385] __asan_memset+0x34/0x78 [ 18.164425] kmalloc_uaf_memset+0x170/0x310 [ 18.164471] kunit_try_run_case+0x170/0x3f0 [ 18.164845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.165044] kthread+0x328/0x630 [ 18.165230] ret_from_fork+0x10/0x20 [ 18.165402] [ 18.165422] Allocated by task 186: [ 18.165698] kasan_save_stack+0x3c/0x68 [ 18.165840] kasan_save_track+0x20/0x40 [ 18.166015] kasan_save_alloc_info+0x40/0x58 [ 18.166097] __kasan_kmalloc+0xd4/0xd8 [ 18.166210] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.166332] kmalloc_uaf_memset+0xb8/0x310 [ 18.166389] kunit_try_run_case+0x170/0x3f0 [ 18.166578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.166630] kthread+0x328/0x630 [ 18.166664] ret_from_fork+0x10/0x20 [ 18.166699] [ 18.166720] Freed by task 186: [ 18.166759] kasan_save_stack+0x3c/0x68 [ 18.166806] kasan_save_track+0x20/0x40 [ 18.166843] kasan_save_free_info+0x4c/0x78 [ 18.166891] __kasan_slab_free+0x6c/0x98 [ 18.166942] kfree+0x214/0x3c8 [ 18.166979] kmalloc_uaf_memset+0x11c/0x310 [ 18.167014] kunit_try_run_case+0x170/0x3f0 [ 18.167052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.167095] kthread+0x328/0x630 [ 18.167134] ret_from_fork+0x10/0x20 [ 18.167182] [ 18.167199] The buggy address belongs to the object at fff00000c65bef00 [ 18.167199] which belongs to the cache kmalloc-64 of size 64 [ 18.167255] The buggy address is located 0 bytes inside of [ 18.167255] freed 64-byte region [fff00000c65bef00, fff00000c65bef40) [ 18.167314] [ 18.167348] The buggy address belongs to the physical page: [ 18.167378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065be [ 18.167432] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.167478] page_type: f5(slab) [ 18.167536] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.167602] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.167645] page dumped because: kasan: bad access detected [ 18.167676] [ 18.167695] Memory state around the buggy address: [ 18.167734] fff00000c65bee00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.167777] fff00000c65bee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.167829] >fff00000c65bef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.167866] ^ [ 18.167974] fff00000c65bef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.168445] fff00000c65bf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.168529] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 18.142294] ================================================================== [ 18.142447] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 18.142549] Read of size 1 at addr fff00000c59fcc08 by task kunit_try_catch/184 [ 18.142599] [ 18.142631] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.142856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.142987] Hardware name: linux,dummy-virt (DT) [ 18.143050] Call trace: [ 18.143083] show_stack+0x20/0x38 (C) [ 18.143134] dump_stack_lvl+0x8c/0xd0 [ 18.143446] print_report+0x118/0x608 [ 18.143520] kasan_report+0xdc/0x128 [ 18.143565] __asan_report_load1_noabort+0x20/0x30 [ 18.143812] kmalloc_uaf+0x300/0x338 [ 18.144039] kunit_try_run_case+0x170/0x3f0 [ 18.144104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.144171] kthread+0x328/0x630 [ 18.144212] ret_from_fork+0x10/0x20 [ 18.144569] [ 18.144680] Allocated by task 184: [ 18.144751] kasan_save_stack+0x3c/0x68 [ 18.145233] kasan_save_track+0x20/0x40 [ 18.145293] kasan_save_alloc_info+0x40/0x58 [ 18.145696] __kasan_kmalloc+0xd4/0xd8 [ 18.145841] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.146047] kmalloc_uaf+0xb8/0x338 [ 18.146231] kunit_try_run_case+0x170/0x3f0 [ 18.146314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.146792] kthread+0x328/0x630 [ 18.146880] ret_from_fork+0x10/0x20 [ 18.146941] [ 18.147106] Freed by task 184: [ 18.147210] kasan_save_stack+0x3c/0x68 [ 18.147471] kasan_save_track+0x20/0x40 [ 18.147560] kasan_save_free_info+0x4c/0x78 [ 18.147739] __kasan_slab_free+0x6c/0x98 [ 18.147866] kfree+0x214/0x3c8 [ 18.147949] kmalloc_uaf+0x11c/0x338 [ 18.148008] kunit_try_run_case+0x170/0x3f0 [ 18.148230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.148461] kthread+0x328/0x630 [ 18.148554] ret_from_fork+0x10/0x20 [ 18.148592] [ 18.148812] The buggy address belongs to the object at fff00000c59fcc00 [ 18.148812] which belongs to the cache kmalloc-16 of size 16 [ 18.148972] The buggy address is located 8 bytes inside of [ 18.148972] freed 16-byte region [fff00000c59fcc00, fff00000c59fcc10) [ 18.149036] [ 18.149271] The buggy address belongs to the physical page: [ 18.149432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059fc [ 18.149498] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.149547] page_type: f5(slab) [ 18.149593] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.149642] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.149683] page dumped because: kasan: bad access detected [ 18.149714] [ 18.149732] Memory state around the buggy address: [ 18.150171] fff00000c59fcb00: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.150263] fff00000c59fcb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.150455] >fff00000c59fcc00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.150518] ^ [ 18.150623] fff00000c59fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.150725] fff00000c59fcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.151011] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 18.125739] ================================================================== [ 18.125936] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.126004] Read of size 64 at addr fff00000c65bec04 by task kunit_try_catch/182 [ 18.126074] [ 18.126482] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.126573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.126600] Hardware name: linux,dummy-virt (DT) [ 18.126680] Call trace: [ 18.126705] show_stack+0x20/0x38 (C) [ 18.126772] dump_stack_lvl+0x8c/0xd0 [ 18.126903] print_report+0x118/0x608 [ 18.126966] kasan_report+0xdc/0x128 [ 18.127016] kasan_check_range+0x100/0x1a8 [ 18.127369] __asan_memmove+0x3c/0x98 [ 18.127440] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.127511] kunit_try_run_case+0x170/0x3f0 [ 18.127633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.127738] kthread+0x328/0x630 [ 18.127790] ret_from_fork+0x10/0x20 [ 18.127838] [ 18.127993] Allocated by task 182: [ 18.128044] kasan_save_stack+0x3c/0x68 [ 18.128090] kasan_save_track+0x20/0x40 [ 18.128301] kasan_save_alloc_info+0x40/0x58 [ 18.128376] __kasan_kmalloc+0xd4/0xd8 [ 18.128547] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.128682] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 18.128770] kunit_try_run_case+0x170/0x3f0 [ 18.128903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.128948] kthread+0x328/0x630 [ 18.128987] ret_from_fork+0x10/0x20 [ 18.129023] [ 18.129043] The buggy address belongs to the object at fff00000c65bec00 [ 18.129043] which belongs to the cache kmalloc-64 of size 64 [ 18.129161] The buggy address is located 4 bytes inside of [ 18.129161] allocated 64-byte region [fff00000c65bec00, fff00000c65bec40) [ 18.129234] [ 18.129268] The buggy address belongs to the physical page: [ 18.129308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065be [ 18.129359] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.129408] page_type: f5(slab) [ 18.129454] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.129506] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.129545] page dumped because: kasan: bad access detected [ 18.129576] [ 18.129594] Memory state around the buggy address: [ 18.129635] fff00000c65beb00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 18.129686] fff00000c65beb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.129727] >fff00000c65bec00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.129765] ^ [ 18.129808] fff00000c65bec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.129851] fff00000c65bed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.129898] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.113848] ================================================================== [ 18.113916] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.113965] Read of size 18446744073709551614 at addr fff00000c65bea04 by task kunit_try_catch/180 [ 18.114041] [ 18.114072] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.114164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.114189] Hardware name: linux,dummy-virt (DT) [ 18.114219] Call trace: [ 18.114241] show_stack+0x20/0x38 (C) [ 18.114288] dump_stack_lvl+0x8c/0xd0 [ 18.114332] print_report+0x118/0x608 [ 18.114386] kasan_report+0xdc/0x128 [ 18.114431] kasan_check_range+0x100/0x1a8 [ 18.114486] __asan_memmove+0x3c/0x98 [ 18.114528] kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.114581] kunit_try_run_case+0x170/0x3f0 [ 18.114626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.114683] kthread+0x328/0x630 [ 18.114732] ret_from_fork+0x10/0x20 [ 18.114777] [ 18.114796] Allocated by task 180: [ 18.114822] kasan_save_stack+0x3c/0x68 [ 18.114860] kasan_save_track+0x20/0x40 [ 18.114896] kasan_save_alloc_info+0x40/0x58 [ 18.114934] __kasan_kmalloc+0xd4/0xd8 [ 18.114970] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.115211] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 18.115254] kunit_try_run_case+0x170/0x3f0 [ 18.115294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.115335] kthread+0x328/0x630 [ 18.115367] ret_from_fork+0x10/0x20 [ 18.115403] [ 18.115423] The buggy address belongs to the object at fff00000c65bea00 [ 18.115423] which belongs to the cache kmalloc-64 of size 64 [ 18.115862] The buggy address is located 4 bytes inside of [ 18.115862] 64-byte region [fff00000c65bea00, fff00000c65bea40) [ 18.116007] [ 18.116121] The buggy address belongs to the physical page: [ 18.116250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065be [ 18.116378] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.116456] page_type: f5(slab) [ 18.116493] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.116542] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.116678] page dumped because: kasan: bad access detected [ 18.116714] [ 18.116907] Memory state around the buggy address: [ 18.117079] fff00000c65be900: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 18.117258] fff00000c65be980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.117440] >fff00000c65bea00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.117525] ^ [ 18.117554] fff00000c65bea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.117595] fff00000c65beb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.117635] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.102791] ================================================================== [ 18.102859] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 18.102909] Write of size 16 at addr fff00000c3ec0569 by task kunit_try_catch/178 [ 18.102963] [ 18.103001] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.103078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.103104] Hardware name: linux,dummy-virt (DT) [ 18.103182] Call trace: [ 18.103348] show_stack+0x20/0x38 (C) [ 18.103449] dump_stack_lvl+0x8c/0xd0 [ 18.103496] print_report+0x118/0x608 [ 18.103541] kasan_report+0xdc/0x128 [ 18.103626] kasan_check_range+0x100/0x1a8 [ 18.103734] __asan_memset+0x34/0x78 [ 18.103777] kmalloc_oob_memset_16+0x150/0x2f8 [ 18.103899] kunit_try_run_case+0x170/0x3f0 [ 18.104007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.104068] kthread+0x328/0x630 [ 18.104109] ret_from_fork+0x10/0x20 [ 18.104487] [ 18.104509] Allocated by task 178: [ 18.104537] kasan_save_stack+0x3c/0x68 [ 18.104579] kasan_save_track+0x20/0x40 [ 18.104616] kasan_save_alloc_info+0x40/0x58 [ 18.104655] __kasan_kmalloc+0xd4/0xd8 [ 18.104690] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.104727] kmalloc_oob_memset_16+0xb0/0x2f8 [ 18.104763] kunit_try_run_case+0x170/0x3f0 [ 18.104799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.104839] kthread+0x328/0x630 [ 18.104871] ret_from_fork+0x10/0x20 [ 18.104905] [ 18.104924] The buggy address belongs to the object at fff00000c3ec0500 [ 18.104924] which belongs to the cache kmalloc-128 of size 128 [ 18.104977] The buggy address is located 105 bytes inside of [ 18.104977] allocated 120-byte region [fff00000c3ec0500, fff00000c3ec0578) [ 18.105035] [ 18.105054] The buggy address belongs to the physical page: [ 18.105082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.105132] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.105220] page_type: f5(slab) [ 18.105355] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.105471] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.105510] page dumped because: kasan: bad access detected [ 18.105572] [ 18.105822] Memory state around the buggy address: [ 18.105994] fff00000c3ec0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.106119] fff00000c3ec0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.106172] >fff00000c3ec0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.106208] ^ [ 18.106350] fff00000c3ec0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.106529] fff00000c3ec0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.106570] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.094436] ================================================================== [ 18.094497] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 18.094545] Write of size 8 at addr fff00000c3ec0471 by task kunit_try_catch/176 [ 18.094591] [ 18.094766] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.094853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.094948] Hardware name: linux,dummy-virt (DT) [ 18.095000] Call trace: [ 18.095048] show_stack+0x20/0x38 (C) [ 18.095097] dump_stack_lvl+0x8c/0xd0 [ 18.095167] print_report+0x118/0x608 [ 18.095243] kasan_report+0xdc/0x128 [ 18.095318] kasan_check_range+0x100/0x1a8 [ 18.095403] __asan_memset+0x34/0x78 [ 18.095446] kmalloc_oob_memset_8+0x150/0x2f8 [ 18.095505] kunit_try_run_case+0x170/0x3f0 [ 18.095570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.095622] kthread+0x328/0x630 [ 18.095661] ret_from_fork+0x10/0x20 [ 18.095888] [ 18.095923] Allocated by task 176: [ 18.096030] kasan_save_stack+0x3c/0x68 [ 18.096072] kasan_save_track+0x20/0x40 [ 18.096134] kasan_save_alloc_info+0x40/0x58 [ 18.096187] __kasan_kmalloc+0xd4/0xd8 [ 18.096223] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.096260] kmalloc_oob_memset_8+0xb0/0x2f8 [ 18.096296] kunit_try_run_case+0x170/0x3f0 [ 18.096332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.096373] kthread+0x328/0x630 [ 18.096578] ret_from_fork+0x10/0x20 [ 18.096663] [ 18.096742] The buggy address belongs to the object at fff00000c3ec0400 [ 18.096742] which belongs to the cache kmalloc-128 of size 128 [ 18.096861] The buggy address is located 113 bytes inside of [ 18.096861] allocated 120-byte region [fff00000c3ec0400, fff00000c3ec0478) [ 18.097019] [ 18.097054] The buggy address belongs to the physical page: [ 18.097084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.097145] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.097230] page_type: f5(slab) [ 18.097273] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.097340] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.097493] page dumped because: kasan: bad access detected [ 18.097629] [ 18.097696] Memory state around the buggy address: [ 18.097726] fff00000c3ec0300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.097766] fff00000c3ec0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.097805] >fff00000c3ec0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.097841] ^ [ 18.097882] fff00000c3ec0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.098075] fff00000c3ec0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.098134] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.082331] ================================================================== [ 18.082579] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 18.082673] Write of size 4 at addr fff00000c3ec0375 by task kunit_try_catch/174 [ 18.082748] [ 18.082830] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.082909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.082940] Hardware name: linux,dummy-virt (DT) [ 18.082995] Call trace: [ 18.083095] show_stack+0x20/0x38 (C) [ 18.083142] dump_stack_lvl+0x8c/0xd0 [ 18.083201] print_report+0x118/0x608 [ 18.083245] kasan_report+0xdc/0x128 [ 18.083289] kasan_check_range+0x100/0x1a8 [ 18.083335] __asan_memset+0x34/0x78 [ 18.083375] kmalloc_oob_memset_4+0x150/0x300 [ 18.083419] kunit_try_run_case+0x170/0x3f0 [ 18.083463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.083523] kthread+0x328/0x630 [ 18.083563] ret_from_fork+0x10/0x20 [ 18.083612] [ 18.083631] Allocated by task 174: [ 18.083657] kasan_save_stack+0x3c/0x68 [ 18.083696] kasan_save_track+0x20/0x40 [ 18.083732] kasan_save_alloc_info+0x40/0x58 [ 18.083770] __kasan_kmalloc+0xd4/0xd8 [ 18.083814] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.083852] kmalloc_oob_memset_4+0xb0/0x300 [ 18.083935] kunit_try_run_case+0x170/0x3f0 [ 18.083972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.084224] kthread+0x328/0x630 [ 18.084266] ret_from_fork+0x10/0x20 [ 18.084384] [ 18.084470] The buggy address belongs to the object at fff00000c3ec0300 [ 18.084470] which belongs to the cache kmalloc-128 of size 128 [ 18.084600] The buggy address is located 117 bytes inside of [ 18.084600] allocated 120-byte region [fff00000c3ec0300, fff00000c3ec0378) [ 18.084678] [ 18.084697] The buggy address belongs to the physical page: [ 18.084749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.084798] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.085087] page_type: f5(slab) [ 18.085233] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.085361] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.085504] page dumped because: kasan: bad access detected [ 18.085603] [ 18.085680] Memory state around the buggy address: [ 18.085804] fff00000c3ec0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.086054] fff00000c3ec0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.086095] >fff00000c3ec0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.086159] ^ [ 18.086521] fff00000c3ec0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.086674] fff00000c3ec0400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.086824] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.069723] ================================================================== [ 18.069782] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 18.069892] Write of size 2 at addr fff00000c3ec0277 by task kunit_try_catch/172 [ 18.069947] [ 18.069984] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.070096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.070122] Hardware name: linux,dummy-virt (DT) [ 18.070215] Call trace: [ 18.070248] show_stack+0x20/0x38 (C) [ 18.070521] dump_stack_lvl+0x8c/0xd0 [ 18.070609] print_report+0x118/0x608 [ 18.070674] kasan_report+0xdc/0x128 [ 18.070774] kasan_check_range+0x100/0x1a8 [ 18.070840] __asan_memset+0x34/0x78 [ 18.070907] kmalloc_oob_memset_2+0x150/0x2f8 [ 18.071046] kunit_try_run_case+0x170/0x3f0 [ 18.071092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.071141] kthread+0x328/0x630 [ 18.071204] ret_from_fork+0x10/0x20 [ 18.071505] [ 18.071543] Allocated by task 172: [ 18.071611] kasan_save_stack+0x3c/0x68 [ 18.071654] kasan_save_track+0x20/0x40 [ 18.071777] kasan_save_alloc_info+0x40/0x58 [ 18.071824] __kasan_kmalloc+0xd4/0xd8 [ 18.072033] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.072087] kmalloc_oob_memset_2+0xb0/0x2f8 [ 18.072574] kunit_try_run_case+0x170/0x3f0 [ 18.072694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.072858] kthread+0x328/0x630 [ 18.073006] ret_from_fork+0x10/0x20 [ 18.073129] [ 18.073254] The buggy address belongs to the object at fff00000c3ec0200 [ 18.073254] which belongs to the cache kmalloc-128 of size 128 [ 18.073330] The buggy address is located 119 bytes inside of [ 18.073330] allocated 120-byte region [fff00000c3ec0200, fff00000c3ec0278) [ 18.073391] [ 18.073410] The buggy address belongs to the physical page: [ 18.073440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.073490] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.073839] page_type: f5(slab) [ 18.073889] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.073957] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.073995] page dumped because: kasan: bad access detected [ 18.074322] [ 18.074416] Memory state around the buggy address: [ 18.074506] fff00000c3ec0100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.074630] fff00000c3ec0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.074699] >fff00000c3ec0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.074810] ^ [ 18.074925] fff00000c3ec0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.074966] fff00000c3ec0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.075326] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.058115] ================================================================== [ 18.058192] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 18.058268] Write of size 128 at addr fff00000c3ec0100 by task kunit_try_catch/170 [ 18.058338] [ 18.058371] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.058450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.058475] Hardware name: linux,dummy-virt (DT) [ 18.058505] Call trace: [ 18.058526] show_stack+0x20/0x38 (C) [ 18.058574] dump_stack_lvl+0x8c/0xd0 [ 18.058628] print_report+0x118/0x608 [ 18.058682] kasan_report+0xdc/0x128 [ 18.058726] kasan_check_range+0x100/0x1a8 [ 18.058771] __asan_memset+0x34/0x78 [ 18.058812] kmalloc_oob_in_memset+0x144/0x2d0 [ 18.058856] kunit_try_run_case+0x170/0x3f0 [ 18.058902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.058951] kthread+0x328/0x630 [ 18.059007] ret_from_fork+0x10/0x20 [ 18.059053] [ 18.059071] Allocated by task 170: [ 18.059106] kasan_save_stack+0x3c/0x68 [ 18.059145] kasan_save_track+0x20/0x40 [ 18.059203] kasan_save_alloc_info+0x40/0x58 [ 18.059241] __kasan_kmalloc+0xd4/0xd8 [ 18.059276] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.059313] kmalloc_oob_in_memset+0xb0/0x2d0 [ 18.059349] kunit_try_run_case+0x170/0x3f0 [ 18.059385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.059426] kthread+0x328/0x630 [ 18.059457] ret_from_fork+0x10/0x20 [ 18.059491] [ 18.059509] The buggy address belongs to the object at fff00000c3ec0100 [ 18.059509] which belongs to the cache kmalloc-128 of size 128 [ 18.059595] The buggy address is located 0 bytes inside of [ 18.059595] allocated 120-byte region [fff00000c3ec0100, fff00000c3ec0178) [ 18.060107] [ 18.060206] The buggy address belongs to the physical page: [ 18.060243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 18.060296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.060371] page_type: f5(slab) [ 18.060411] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.060460] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.060499] page dumped because: kasan: bad access detected [ 18.060528] [ 18.060547] Memory state around the buggy address: [ 18.060578] fff00000c3ec0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.060704] fff00000c3ec0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.060951] >fff00000c3ec0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.061191] ^ [ 18.061244] fff00000c3ec0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.061322] fff00000c3ec0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.061633] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.034912] ================================================================== [ 18.034969] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 18.035085] Read of size 16 at addr fff00000c59fcbe0 by task kunit_try_catch/168 [ 18.035133] [ 18.035176] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.035371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.035477] Hardware name: linux,dummy-virt (DT) [ 18.035527] Call trace: [ 18.035555] show_stack+0x20/0x38 (C) [ 18.035606] dump_stack_lvl+0x8c/0xd0 [ 18.035653] print_report+0x118/0x608 [ 18.035753] kasan_report+0xdc/0x128 [ 18.035919] __asan_report_load16_noabort+0x20/0x30 [ 18.036144] kmalloc_uaf_16+0x3bc/0x438 [ 18.036248] kunit_try_run_case+0x170/0x3f0 [ 18.036297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.036347] kthread+0x328/0x630 [ 18.036388] ret_from_fork+0x10/0x20 [ 18.036434] [ 18.036451] Allocated by task 168: [ 18.036751] kasan_save_stack+0x3c/0x68 [ 18.036916] kasan_save_track+0x20/0x40 [ 18.036955] kasan_save_alloc_info+0x40/0x58 [ 18.036993] __kasan_kmalloc+0xd4/0xd8 [ 18.037355] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.037453] kmalloc_uaf_16+0x140/0x438 [ 18.037503] kunit_try_run_case+0x170/0x3f0 [ 18.037715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.037819] kthread+0x328/0x630 [ 18.037851] ret_from_fork+0x10/0x20 [ 18.038023] [ 18.038146] Freed by task 168: [ 18.038264] kasan_save_stack+0x3c/0x68 [ 18.038436] kasan_save_track+0x20/0x40 [ 18.038553] kasan_save_free_info+0x4c/0x78 [ 18.038694] __kasan_slab_free+0x6c/0x98 [ 18.038862] kfree+0x214/0x3c8 [ 18.038950] kmalloc_uaf_16+0x190/0x438 [ 18.039029] kunit_try_run_case+0x170/0x3f0 [ 18.039084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.039125] kthread+0x328/0x630 [ 18.039477] ret_from_fork+0x10/0x20 [ 18.039674] [ 18.039800] The buggy address belongs to the object at fff00000c59fcbe0 [ 18.039800] which belongs to the cache kmalloc-16 of size 16 [ 18.039971] The buggy address is located 0 bytes inside of [ 18.039971] freed 16-byte region [fff00000c59fcbe0, fff00000c59fcbf0) [ 18.040134] [ 18.040249] The buggy address belongs to the physical page: [ 18.040383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059fc [ 18.040455] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.040502] page_type: f5(slab) [ 18.040553] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.040852] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.040954] page dumped because: kasan: bad access detected [ 18.041176] [ 18.041218] Memory state around the buggy address: [ 18.041401] fff00000c59fca80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.041540] fff00000c59fcb00: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.041720] >fff00000c59fcb80: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 18.041787] ^ [ 18.041824] fff00000c59fcc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.042164] fff00000c59fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.042330] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.022704] ================================================================== [ 18.022796] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 18.022847] Write of size 16 at addr fff00000c59fcb80 by task kunit_try_catch/166 [ 18.022895] [ 18.022927] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.023010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.023139] Hardware name: linux,dummy-virt (DT) [ 18.023189] Call trace: [ 18.023331] show_stack+0x20/0x38 (C) [ 18.023387] dump_stack_lvl+0x8c/0xd0 [ 18.023432] print_report+0x118/0x608 [ 18.023477] kasan_report+0xdc/0x128 [ 18.023542] __asan_report_store16_noabort+0x20/0x30 [ 18.023603] kmalloc_oob_16+0x3a0/0x3f8 [ 18.023648] kunit_try_run_case+0x170/0x3f0 [ 18.023711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.023978] kthread+0x328/0x630 [ 18.024035] ret_from_fork+0x10/0x20 [ 18.024332] [ 18.024354] Allocated by task 166: [ 18.024383] kasan_save_stack+0x3c/0x68 [ 18.024433] kasan_save_track+0x20/0x40 [ 18.024469] kasan_save_alloc_info+0x40/0x58 [ 18.024507] __kasan_kmalloc+0xd4/0xd8 [ 18.024827] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.024919] kmalloc_oob_16+0xb4/0x3f8 [ 18.024956] kunit_try_run_case+0x170/0x3f0 [ 18.025355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.025472] kthread+0x328/0x630 [ 18.025636] ret_from_fork+0x10/0x20 [ 18.025785] [ 18.025903] The buggy address belongs to the object at fff00000c59fcb80 [ 18.025903] which belongs to the cache kmalloc-16 of size 16 [ 18.026050] The buggy address is located 0 bytes inside of [ 18.026050] allocated 13-byte region [fff00000c59fcb80, fff00000c59fcb8d) [ 18.026362] [ 18.026542] The buggy address belongs to the physical page: [ 18.026702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059fc [ 18.026812] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.027033] page_type: f5(slab) [ 18.027070] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.027444] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.027651] page dumped because: kasan: bad access detected [ 18.027837] [ 18.028003] Memory state around the buggy address: [ 18.028052] fff00000c59fca80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.028118] fff00000c59fcb00: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.028242] >fff00000c59fcb80: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.028564] ^ [ 18.028690] fff00000c59fcc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.028846] fff00000c59fcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.029077] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 17.999925] ================================================================== [ 18.000018] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 18.000066] Read of size 1 at addr fff00000c44ecc00 by task kunit_try_catch/164 [ 18.000112] [ 18.000142] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.000799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.000897] Hardware name: linux,dummy-virt (DT) [ 18.001042] Call trace: [ 18.001169] show_stack+0x20/0x38 (C) [ 18.001358] dump_stack_lvl+0x8c/0xd0 [ 18.001435] print_report+0x118/0x608 [ 18.001507] kasan_report+0xdc/0x128 [ 18.001551] __kasan_check_byte+0x54/0x70 [ 18.001598] krealloc_noprof+0x44/0x360 [ 18.001642] krealloc_uaf+0x180/0x520 [ 18.001684] kunit_try_run_case+0x170/0x3f0 [ 18.001729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.001778] kthread+0x328/0x630 [ 18.001821] ret_from_fork+0x10/0x20 [ 18.002071] [ 18.002209] Allocated by task 164: [ 18.002294] kasan_save_stack+0x3c/0x68 [ 18.002608] kasan_save_track+0x20/0x40 [ 18.002678] kasan_save_alloc_info+0x40/0x58 [ 18.002882] __kasan_kmalloc+0xd4/0xd8 [ 18.003081] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.003262] krealloc_uaf+0xc8/0x520 [ 18.003351] kunit_try_run_case+0x170/0x3f0 [ 18.003390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.003691] kthread+0x328/0x630 [ 18.003853] ret_from_fork+0x10/0x20 [ 18.004095] [ 18.004348] Freed by task 164: [ 18.004512] kasan_save_stack+0x3c/0x68 [ 18.004732] kasan_save_track+0x20/0x40 [ 18.004857] kasan_save_free_info+0x4c/0x78 [ 18.004962] __kasan_slab_free+0x6c/0x98 [ 18.005001] kfree+0x214/0x3c8 [ 18.005033] krealloc_uaf+0x12c/0x520 [ 18.005067] kunit_try_run_case+0x170/0x3f0 [ 18.005103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.005364] kthread+0x328/0x630 [ 18.005477] ret_from_fork+0x10/0x20 [ 18.005628] [ 18.005653] The buggy address belongs to the object at fff00000c44ecc00 [ 18.005653] which belongs to the cache kmalloc-256 of size 256 [ 18.005954] The buggy address is located 0 bytes inside of [ 18.005954] freed 256-byte region [fff00000c44ecc00, fff00000c44ecd00) [ 18.006199] [ 18.006298] The buggy address belongs to the physical page: [ 18.006367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ec [ 18.006464] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.006582] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.006778] page_type: f5(slab) [ 18.006888] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.006990] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.007037] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.007381] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.007497] head: 0bfffe0000000001 ffffc1ffc3113b01 00000000ffffffff 00000000ffffffff [ 18.007620] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.007770] page dumped because: kasan: bad access detected [ 18.007800] [ 18.007818] Memory state around the buggy address: [ 18.008300] fff00000c44ecb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.008473] fff00000c44ecb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.008566] >fff00000c44ecc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.008603] ^ [ 18.008631] fff00000c44ecc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.008686] fff00000c44ecd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.008723] ================================================================== [ 18.009932] ================================================================== [ 18.009998] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 18.010297] Read of size 1 at addr fff00000c44ecc00 by task kunit_try_catch/164 [ 18.010359] [ 18.010406] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.010550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.010586] Hardware name: linux,dummy-virt (DT) [ 18.010615] Call trace: [ 18.010636] show_stack+0x20/0x38 (C) [ 18.010846] dump_stack_lvl+0x8c/0xd0 [ 18.010904] print_report+0x118/0x608 [ 18.010949] kasan_report+0xdc/0x128 [ 18.010998] __asan_report_load1_noabort+0x20/0x30 [ 18.011094] krealloc_uaf+0x4c8/0x520 [ 18.011138] kunit_try_run_case+0x170/0x3f0 [ 18.011224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.011276] kthread+0x328/0x630 [ 18.011431] ret_from_fork+0x10/0x20 [ 18.011552] [ 18.011604] Allocated by task 164: [ 18.011643] kasan_save_stack+0x3c/0x68 [ 18.011686] kasan_save_track+0x20/0x40 [ 18.011722] kasan_save_alloc_info+0x40/0x58 [ 18.011759] __kasan_kmalloc+0xd4/0xd8 [ 18.011794] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.011831] krealloc_uaf+0xc8/0x520 [ 18.011864] kunit_try_run_case+0x170/0x3f0 [ 18.011963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.012005] kthread+0x328/0x630 [ 18.012035] ret_from_fork+0x10/0x20 [ 18.012070] [ 18.012087] Freed by task 164: [ 18.012112] kasan_save_stack+0x3c/0x68 [ 18.012531] kasan_save_track+0x20/0x40 [ 18.012668] kasan_save_free_info+0x4c/0x78 [ 18.012775] __kasan_slab_free+0x6c/0x98 [ 18.012923] kfree+0x214/0x3c8 [ 18.012994] krealloc_uaf+0x12c/0x520 [ 18.013028] kunit_try_run_case+0x170/0x3f0 [ 18.013090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.013386] kthread+0x328/0x630 [ 18.013470] ret_from_fork+0x10/0x20 [ 18.013527] [ 18.013702] The buggy address belongs to the object at fff00000c44ecc00 [ 18.013702] which belongs to the cache kmalloc-256 of size 256 [ 18.013890] The buggy address is located 0 bytes inside of [ 18.013890] freed 256-byte region [fff00000c44ecc00, fff00000c44ecd00) [ 18.013976] [ 18.014286] The buggy address belongs to the physical page: [ 18.014431] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ec [ 18.014533] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.014642] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.014743] page_type: f5(slab) [ 18.014779] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.015028] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.015161] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.015245] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.015357] head: 0bfffe0000000001 ffffc1ffc3113b01 00000000ffffffff 00000000ffffffff [ 18.015403] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.015468] page dumped because: kasan: bad access detected [ 18.015497] [ 18.015514] Memory state around the buggy address: [ 18.015544] fff00000c44ecb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.015585] fff00000c44ecb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.015635] >fff00000c44ecc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.015671] ^ [ 18.015706] fff00000c44ecc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.015746] fff00000c44ecd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.015781] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.934406] ================================================================== [ 17.934462] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.934513] Write of size 1 at addr fff00000c44ecac9 by task kunit_try_catch/158 [ 17.934560] [ 17.934591] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.934671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.934718] Hardware name: linux,dummy-virt (DT) [ 17.934749] Call trace: [ 17.934771] show_stack+0x20/0x38 (C) [ 17.934818] dump_stack_lvl+0x8c/0xd0 [ 17.934862] print_report+0x118/0x608 [ 17.934906] kasan_report+0xdc/0x128 [ 17.934950] __asan_report_store1_noabort+0x20/0x30 [ 17.935008] krealloc_less_oob_helper+0xa48/0xc50 [ 17.935056] krealloc_less_oob+0x20/0x38 [ 17.935099] kunit_try_run_case+0x170/0x3f0 [ 17.935143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.935206] kthread+0x328/0x630 [ 17.935246] ret_from_fork+0x10/0x20 [ 17.935299] [ 17.935317] Allocated by task 158: [ 17.935348] kasan_save_stack+0x3c/0x68 [ 17.935388] kasan_save_track+0x20/0x40 [ 17.935433] kasan_save_alloc_info+0x40/0x58 [ 17.935472] __kasan_krealloc+0x118/0x178 [ 17.935507] krealloc_noprof+0x128/0x360 [ 17.935543] krealloc_less_oob_helper+0x168/0xc50 [ 17.935581] krealloc_less_oob+0x20/0x38 [ 17.935616] kunit_try_run_case+0x170/0x3f0 [ 17.935661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.935703] kthread+0x328/0x630 [ 17.935743] ret_from_fork+0x10/0x20 [ 17.935787] [ 17.935805] The buggy address belongs to the object at fff00000c44eca00 [ 17.935805] which belongs to the cache kmalloc-256 of size 256 [ 17.935868] The buggy address is located 0 bytes to the right of [ 17.935868] allocated 201-byte region [fff00000c44eca00, fff00000c44ecac9) [ 17.935969] [ 17.935987] The buggy address belongs to the physical page: [ 17.936042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ec [ 17.936124] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.936195] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.936244] page_type: f5(slab) [ 17.936280] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.936328] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.936375] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.936421] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.936467] head: 0bfffe0000000001 ffffc1ffc3113b01 00000000ffffffff 00000000ffffffff [ 17.936536] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.936600] page dumped because: kasan: bad access detected [ 17.936675] [ 17.936693] Memory state around the buggy address: [ 17.936724] fff00000c44ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.936765] fff00000c44eca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.936825] >fff00000c44eca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.936862] ^ [ 17.936895] fff00000c44ecb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.936942] fff00000c44ecb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.936978] ================================================================== [ 17.989652] ================================================================== [ 17.989811] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.989866] Write of size 1 at addr fff00000c78360ea by task kunit_try_catch/162 [ 17.989940] [ 17.989998] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.990105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.990131] Hardware name: linux,dummy-virt (DT) [ 17.990189] Call trace: [ 17.990238] show_stack+0x20/0x38 (C) [ 17.990322] dump_stack_lvl+0x8c/0xd0 [ 17.990394] print_report+0x118/0x608 [ 17.990448] kasan_report+0xdc/0x128 [ 17.990500] __asan_report_store1_noabort+0x20/0x30 [ 17.990546] krealloc_less_oob_helper+0xae4/0xc50 [ 17.990592] krealloc_large_less_oob+0x20/0x38 [ 17.990647] kunit_try_run_case+0x170/0x3f0 [ 17.990698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.990750] kthread+0x328/0x630 [ 17.990799] ret_from_fork+0x10/0x20 [ 17.990845] [ 17.990865] The buggy address belongs to the physical page: [ 17.990894] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 17.990943] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.991000] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.991048] page_type: f8(unknown) [ 17.991085] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.991132] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.991190] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.991236] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.991282] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 17.991328] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.991514] page dumped because: kasan: bad access detected [ 17.991591] [ 17.991609] Memory state around the buggy address: [ 17.991703] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.991761] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.991837] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.991883] ^ [ 17.991920] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.991980] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.992037] ================================================================== [ 17.953261] ================================================================== [ 17.953307] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.953354] Write of size 1 at addr fff00000c44ecaeb by task kunit_try_catch/158 [ 17.953400] [ 17.953427] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.953504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.953531] Hardware name: linux,dummy-virt (DT) [ 17.953560] Call trace: [ 17.953580] show_stack+0x20/0x38 (C) [ 17.953625] dump_stack_lvl+0x8c/0xd0 [ 17.953669] print_report+0x118/0x608 [ 17.953713] kasan_report+0xdc/0x128 [ 17.953757] __asan_report_store1_noabort+0x20/0x30 [ 17.953802] krealloc_less_oob_helper+0xa58/0xc50 [ 17.953849] krealloc_less_oob+0x20/0x38 [ 17.953892] kunit_try_run_case+0x170/0x3f0 [ 17.953937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.953987] kthread+0x328/0x630 [ 17.954027] ret_from_fork+0x10/0x20 [ 17.954071] [ 17.954089] Allocated by task 158: [ 17.954114] kasan_save_stack+0x3c/0x68 [ 17.954167] kasan_save_track+0x20/0x40 [ 17.954203] kasan_save_alloc_info+0x40/0x58 [ 17.954241] __kasan_krealloc+0x118/0x178 [ 17.954277] krealloc_noprof+0x128/0x360 [ 17.954312] krealloc_less_oob_helper+0x168/0xc50 [ 17.954350] krealloc_less_oob+0x20/0x38 [ 17.954384] kunit_try_run_case+0x170/0x3f0 [ 17.954419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.954460] kthread+0x328/0x630 [ 17.954490] ret_from_fork+0x10/0x20 [ 17.954525] [ 17.954543] The buggy address belongs to the object at fff00000c44eca00 [ 17.954543] which belongs to the cache kmalloc-256 of size 256 [ 17.954597] The buggy address is located 34 bytes to the right of [ 17.954597] allocated 201-byte region [fff00000c44eca00, fff00000c44ecac9) [ 17.954658] [ 17.954676] The buggy address belongs to the physical page: [ 17.954705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ec [ 17.954753] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.954796] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.954844] page_type: f5(slab) [ 17.954879] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.954926] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.954976] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.955022] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.955068] head: 0bfffe0000000001 ffffc1ffc3113b01 00000000ffffffff 00000000ffffffff [ 17.955114] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.955185] page dumped because: kasan: bad access detected [ 17.955266] [ 17.955284] Memory state around the buggy address: [ 17.955341] fff00000c44ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.955383] fff00000c44eca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.955423] >fff00000c44eca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.955458] ^ [ 17.955494] fff00000c44ecb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.955560] fff00000c44ecb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.955618] ================================================================== [ 17.943236] ================================================================== [ 17.943321] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.943370] Write of size 1 at addr fff00000c44ecada by task kunit_try_catch/158 [ 17.943418] [ 17.943445] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.943593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.943669] Hardware name: linux,dummy-virt (DT) [ 17.943742] Call trace: [ 17.943800] show_stack+0x20/0x38 (C) [ 17.943846] dump_stack_lvl+0x8c/0xd0 [ 17.943933] print_report+0x118/0x608 [ 17.944003] kasan_report+0xdc/0x128 [ 17.944050] __asan_report_store1_noabort+0x20/0x30 [ 17.944619] krealloc_less_oob_helper+0xa80/0xc50 [ 17.944681] krealloc_less_oob+0x20/0x38 [ 17.944727] kunit_try_run_case+0x170/0x3f0 [ 17.944772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.944822] kthread+0x328/0x630 [ 17.944862] ret_from_fork+0x10/0x20 [ 17.944907] [ 17.944926] Allocated by task 158: [ 17.944952] kasan_save_stack+0x3c/0x68 [ 17.944991] kasan_save_track+0x20/0x40 [ 17.945027] kasan_save_alloc_info+0x40/0x58 [ 17.945064] __kasan_krealloc+0x118/0x178 [ 17.945100] krealloc_noprof+0x128/0x360 [ 17.945135] krealloc_less_oob_helper+0x168/0xc50 [ 17.945324] krealloc_less_oob+0x20/0x38 [ 17.945483] kunit_try_run_case+0x170/0x3f0 [ 17.945560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.945601] kthread+0x328/0x630 [ 17.945632] ret_from_fork+0x10/0x20 [ 17.945667] [ 17.945687] The buggy address belongs to the object at fff00000c44eca00 [ 17.945687] which belongs to the cache kmalloc-256 of size 256 [ 17.945756] The buggy address is located 17 bytes to the right of [ 17.945756] allocated 201-byte region [fff00000c44eca00, fff00000c44ecac9) [ 17.945817] [ 17.945836] The buggy address belongs to the physical page: [ 17.945865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ec [ 17.945923] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.945968] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.946016] page_type: f5(slab) [ 17.946051] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.946109] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.946177] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.946224] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.946271] head: 0bfffe0000000001 ffffc1ffc3113b01 00000000ffffffff 00000000ffffffff [ 17.946325] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.946374] page dumped because: kasan: bad access detected [ 17.946432] [ 17.946463] Memory state around the buggy address: [ 17.946493] fff00000c44ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.946533] fff00000c44eca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.946576] >fff00000c44eca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.946621] ^ [ 17.946672] fff00000c44ecb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.946721] fff00000c44ecb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.946765] ================================================================== [ 17.983345] ================================================================== [ 17.983622] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.983700] Write of size 1 at addr fff00000c78360da by task kunit_try_catch/162 [ 17.983785] [ 17.983813] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.983946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.983972] Hardware name: linux,dummy-virt (DT) [ 17.984023] Call trace: [ 17.984045] show_stack+0x20/0x38 (C) [ 17.984092] dump_stack_lvl+0x8c/0xd0 [ 17.984136] print_report+0x118/0x608 [ 17.984219] kasan_report+0xdc/0x128 [ 17.984265] __asan_report_store1_noabort+0x20/0x30 [ 17.984312] krealloc_less_oob_helper+0xa80/0xc50 [ 17.984547] krealloc_large_less_oob+0x20/0x38 [ 17.984613] kunit_try_run_case+0x170/0x3f0 [ 17.984842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.984953] kthread+0x328/0x630 [ 17.985126] ret_from_fork+0x10/0x20 [ 17.985288] [ 17.985346] The buggy address belongs to the physical page: [ 17.985402] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 17.985451] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.985844] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.985954] page_type: f8(unknown) [ 17.986050] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.986270] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.986356] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.986513] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.986663] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 17.986753] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.987187] page dumped because: kasan: bad access detected [ 17.987313] [ 17.987468] Memory state around the buggy address: [ 17.987544] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.987637] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.987756] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.988051] ^ [ 17.988094] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.988134] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.988178] ================================================================== [ 17.947566] ================================================================== [ 17.947739] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.947834] Write of size 1 at addr fff00000c44ecaea by task kunit_try_catch/158 [ 17.947913] [ 17.947972] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.948097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.948122] Hardware name: linux,dummy-virt (DT) [ 17.948196] Call trace: [ 17.948268] show_stack+0x20/0x38 (C) [ 17.948366] dump_stack_lvl+0x8c/0xd0 [ 17.948468] print_report+0x118/0x608 [ 17.948522] kasan_report+0xdc/0x128 [ 17.948663] __asan_report_store1_noabort+0x20/0x30 [ 17.948727] krealloc_less_oob_helper+0xae4/0xc50 [ 17.948774] krealloc_less_oob+0x20/0x38 [ 17.948835] kunit_try_run_case+0x170/0x3f0 [ 17.948881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.948933] kthread+0x328/0x630 [ 17.948974] ret_from_fork+0x10/0x20 [ 17.949047] [ 17.949103] Allocated by task 158: [ 17.949129] kasan_save_stack+0x3c/0x68 [ 17.949180] kasan_save_track+0x20/0x40 [ 17.949216] kasan_save_alloc_info+0x40/0x58 [ 17.949253] __kasan_krealloc+0x118/0x178 [ 17.949289] krealloc_noprof+0x128/0x360 [ 17.949324] krealloc_less_oob_helper+0x168/0xc50 [ 17.949361] krealloc_less_oob+0x20/0x38 [ 17.949396] kunit_try_run_case+0x170/0x3f0 [ 17.949731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.949811] kthread+0x328/0x630 [ 17.949885] ret_from_fork+0x10/0x20 [ 17.949920] [ 17.949939] The buggy address belongs to the object at fff00000c44eca00 [ 17.949939] which belongs to the cache kmalloc-256 of size 256 [ 17.950014] The buggy address is located 33 bytes to the right of [ 17.950014] allocated 201-byte region [fff00000c44eca00, fff00000c44ecac9) [ 17.950277] [ 17.950375] The buggy address belongs to the physical page: [ 17.950451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ec [ 17.950584] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.950725] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.950809] page_type: f5(slab) [ 17.950851] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.951001] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.951096] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.951145] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.951202] head: 0bfffe0000000001 ffffc1ffc3113b01 00000000ffffffff 00000000ffffffff [ 17.951274] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.951442] page dumped because: kasan: bad access detected [ 17.951554] [ 17.951628] Memory state around the buggy address: [ 17.951778] fff00000c44ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.952355] fff00000c44eca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.952440] >fff00000c44eca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.952553] ^ [ 17.952591] fff00000c44ecb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.952632] fff00000c44ecb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.952667] ================================================================== [ 17.937960] ================================================================== [ 17.938008] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.938054] Write of size 1 at addr fff00000c44ecad0 by task kunit_try_catch/158 [ 17.938139] [ 17.938185] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.938316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.938342] Hardware name: linux,dummy-virt (DT) [ 17.938371] Call trace: [ 17.938391] show_stack+0x20/0x38 (C) [ 17.938438] dump_stack_lvl+0x8c/0xd0 [ 17.938514] print_report+0x118/0x608 [ 17.938559] kasan_report+0xdc/0x128 [ 17.938602] __asan_report_store1_noabort+0x20/0x30 [ 17.938648] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.938697] krealloc_less_oob+0x20/0x38 [ 17.938741] kunit_try_run_case+0x170/0x3f0 [ 17.938815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.938868] kthread+0x328/0x630 [ 17.938926] ret_from_fork+0x10/0x20 [ 17.938995] [ 17.939014] Allocated by task 158: [ 17.939041] kasan_save_stack+0x3c/0x68 [ 17.939119] kasan_save_track+0x20/0x40 [ 17.939175] kasan_save_alloc_info+0x40/0x58 [ 17.939252] __kasan_krealloc+0x118/0x178 [ 17.939305] krealloc_noprof+0x128/0x360 [ 17.939341] krealloc_less_oob_helper+0x168/0xc50 [ 17.939407] krealloc_less_oob+0x20/0x38 [ 17.939443] kunit_try_run_case+0x170/0x3f0 [ 17.939494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.939535] kthread+0x328/0x630 [ 17.939565] ret_from_fork+0x10/0x20 [ 17.939626] [ 17.939936] The buggy address belongs to the object at fff00000c44eca00 [ 17.939936] which belongs to the cache kmalloc-256 of size 256 [ 17.940012] The buggy address is located 7 bytes to the right of [ 17.940012] allocated 201-byte region [fff00000c44eca00, fff00000c44ecac9) [ 17.940139] [ 17.940178] The buggy address belongs to the physical page: [ 17.940207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ec [ 17.940276] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.940321] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.940368] page_type: f5(slab) [ 17.940403] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.940451] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.940769] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.940843] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.940958] head: 0bfffe0000000001 ffffc1ffc3113b01 00000000ffffffff 00000000ffffffff [ 17.941062] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.941140] page dumped because: kasan: bad access detected [ 17.941200] [ 17.941277] Memory state around the buggy address: [ 17.941308] fff00000c44ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.941349] fff00000c44eca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.941390] >fff00000c44eca80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.941425] ^ [ 17.941487] fff00000c44ecb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.941655] fff00000c44ecb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.941764] ================================================================== [ 17.981399] ================================================================== [ 17.981465] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.981512] Write of size 1 at addr fff00000c78360d0 by task kunit_try_catch/162 [ 17.981580] [ 17.981618] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.981694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.981719] Hardware name: linux,dummy-virt (DT) [ 17.981797] Call trace: [ 17.981853] show_stack+0x20/0x38 (C) [ 17.981922] dump_stack_lvl+0x8c/0xd0 [ 17.981967] print_report+0x118/0x608 [ 17.982011] kasan_report+0xdc/0x128 [ 17.982054] __asan_report_store1_noabort+0x20/0x30 [ 17.982162] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.982210] krealloc_large_less_oob+0x20/0x38 [ 17.982255] kunit_try_run_case+0x170/0x3f0 [ 17.982300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.982350] kthread+0x328/0x630 [ 17.982399] ret_from_fork+0x10/0x20 [ 17.982445] [ 17.982463] The buggy address belongs to the physical page: [ 17.982492] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 17.982548] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.982597] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.982650] page_type: f8(unknown) [ 17.982686] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.982733] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.982780] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.982826] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.982872] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 17.982926] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.982964] page dumped because: kasan: bad access detected [ 17.983006] [ 17.983024] Memory state around the buggy address: [ 17.983052] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.983100] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.983143] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.983187] ^ [ 17.983221] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.983260] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.983296] ================================================================== [ 17.992223] ================================================================== [ 17.992264] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.992394] Write of size 1 at addr fff00000c78360eb by task kunit_try_catch/162 [ 17.992449] [ 17.992476] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.992597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.992625] Hardware name: linux,dummy-virt (DT) [ 17.992653] Call trace: [ 17.992724] show_stack+0x20/0x38 (C) [ 17.992995] dump_stack_lvl+0x8c/0xd0 [ 17.993080] print_report+0x118/0x608 [ 17.993213] kasan_report+0xdc/0x128 [ 17.993258] __asan_report_store1_noabort+0x20/0x30 [ 17.993343] krealloc_less_oob_helper+0xa58/0xc50 [ 17.993416] krealloc_large_less_oob+0x20/0x38 [ 17.993497] kunit_try_run_case+0x170/0x3f0 [ 17.993543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.993616] kthread+0x328/0x630 [ 17.993910] ret_from_fork+0x10/0x20 [ 17.993967] [ 17.993986] The buggy address belongs to the physical page: [ 17.994066] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 17.994117] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.994197] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.994282] page_type: f8(unknown) [ 17.994354] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.994410] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.994481] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.994546] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.994611] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 17.994658] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.994698] page dumped because: kasan: bad access detected [ 17.994861] [ 17.994880] Memory state around the buggy address: [ 17.994989] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.995102] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.995194] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.995250] ^ [ 17.995322] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.995369] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.995421] ================================================================== [ 17.977329] ================================================================== [ 17.977385] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.977568] Write of size 1 at addr fff00000c78360c9 by task kunit_try_catch/162 [ 17.977694] [ 17.977767] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.977873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.977899] Hardware name: linux,dummy-virt (DT) [ 17.977954] Call trace: [ 17.978003] show_stack+0x20/0x38 (C) [ 17.978078] dump_stack_lvl+0x8c/0xd0 [ 17.978131] print_report+0x118/0x608 [ 17.978194] kasan_report+0xdc/0x128 [ 17.978237] __asan_report_store1_noabort+0x20/0x30 [ 17.978515] krealloc_less_oob_helper+0xa48/0xc50 [ 17.978578] krealloc_large_less_oob+0x20/0x38 [ 17.978624] kunit_try_run_case+0x170/0x3f0 [ 17.978670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.978721] kthread+0x328/0x630 [ 17.978797] ret_from_fork+0x10/0x20 [ 17.978863] [ 17.978921] The buggy address belongs to the physical page: [ 17.978989] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 17.979093] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.979195] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.979247] page_type: f8(unknown) [ 17.979284] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.979340] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.979502] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.979551] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.979704] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 17.979760] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.979799] page dumped because: kasan: bad access detected [ 17.979828] [ 17.979846] Memory state around the buggy address: [ 17.980050] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.980329] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.980450] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.980578] ^ [ 17.980698] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.980767] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.980834] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.962994] ================================================================== [ 17.963028] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.963068] Write of size 1 at addr fff00000c78320f0 by task kunit_try_catch/160 [ 17.963123] [ 17.963495] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.964014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.964057] Hardware name: linux,dummy-virt (DT) [ 17.964173] Call trace: [ 17.964287] show_stack+0x20/0x38 (C) [ 17.964421] dump_stack_lvl+0x8c/0xd0 [ 17.964466] print_report+0x118/0x608 [ 17.964533] kasan_report+0xdc/0x128 [ 17.964579] __asan_report_store1_noabort+0x20/0x30 [ 17.964812] krealloc_more_oob_helper+0x5c0/0x678 [ 17.964986] krealloc_large_more_oob+0x20/0x38 [ 17.965122] kunit_try_run_case+0x170/0x3f0 [ 17.965244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.965296] kthread+0x328/0x630 [ 17.965532] ret_from_fork+0x10/0x20 [ 17.965659] [ 17.965679] The buggy address belongs to the physical page: [ 17.965727] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107830 [ 17.965786] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.965830] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.966093] page_type: f8(unknown) [ 17.966174] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.966289] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.966356] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.966402] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.966630] head: 0bfffe0000000002 ffffc1ffc31e0c01 00000000ffffffff 00000000ffffffff [ 17.966716] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.966832] page dumped because: kasan: bad access detected [ 17.966958] [ 17.967047] Memory state around the buggy address: [ 17.967077] fff00000c7831f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.967368] fff00000c7832000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.967490] >fff00000c7832080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.967548] ^ [ 17.967665] fff00000c7832100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.967752] fff00000c7832180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.967788] ================================================================== [ 17.922359] ================================================================== [ 17.922417] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.922493] Write of size 1 at addr fff00000c44ec8f0 by task kunit_try_catch/156 [ 17.922541] [ 17.922585] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.922661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.922686] Hardware name: linux,dummy-virt (DT) [ 17.922760] Call trace: [ 17.922782] show_stack+0x20/0x38 (C) [ 17.922919] dump_stack_lvl+0x8c/0xd0 [ 17.923006] print_report+0x118/0x608 [ 17.923071] kasan_report+0xdc/0x128 [ 17.923116] __asan_report_store1_noabort+0x20/0x30 [ 17.923217] krealloc_more_oob_helper+0x5c0/0x678 [ 17.923283] krealloc_more_oob+0x20/0x38 [ 17.923336] kunit_try_run_case+0x170/0x3f0 [ 17.923382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.923520] kthread+0x328/0x630 [ 17.923590] ret_from_fork+0x10/0x20 [ 17.923639] [ 17.923657] Allocated by task 156: [ 17.923771] kasan_save_stack+0x3c/0x68 [ 17.923818] kasan_save_track+0x20/0x40 [ 17.923887] kasan_save_alloc_info+0x40/0x58 [ 17.924074] __kasan_krealloc+0x118/0x178 [ 17.924171] krealloc_noprof+0x128/0x360 [ 17.924207] krealloc_more_oob_helper+0x168/0x678 [ 17.924244] krealloc_more_oob+0x20/0x38 [ 17.924301] kunit_try_run_case+0x170/0x3f0 [ 17.924336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.924378] kthread+0x328/0x630 [ 17.924409] ret_from_fork+0x10/0x20 [ 17.924443] [ 17.924607] The buggy address belongs to the object at fff00000c44ec800 [ 17.924607] which belongs to the cache kmalloc-256 of size 256 [ 17.924762] The buggy address is located 5 bytes to the right of [ 17.924762] allocated 235-byte region [fff00000c44ec800, fff00000c44ec8eb) [ 17.924914] [ 17.925027] The buggy address belongs to the physical page: [ 17.925056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ec [ 17.925348] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.925474] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.925623] page_type: f5(slab) [ 17.925709] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.925784] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.925937] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.926056] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.926190] head: 0bfffe0000000001 ffffc1ffc3113b01 00000000ffffffff 00000000ffffffff [ 17.926330] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.926444] page dumped because: kasan: bad access detected [ 17.926474] [ 17.926491] Memory state around the buggy address: [ 17.926724] fff00000c44ec780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.926838] fff00000c44ec800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.927005] >fff00000c44ec880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.927146] ^ [ 17.927196] fff00000c44ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927451] fff00000c44ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927538] ================================================================== [ 17.915901] ================================================================== [ 17.916003] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.916055] Write of size 1 at addr fff00000c44ec8eb by task kunit_try_catch/156 [ 17.916123] [ 17.916165] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.916508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.916688] Hardware name: linux,dummy-virt (DT) [ 17.916720] Call trace: [ 17.916779] show_stack+0x20/0x38 (C) [ 17.916950] dump_stack_lvl+0x8c/0xd0 [ 17.917069] print_report+0x118/0x608 [ 17.917145] kasan_report+0xdc/0x128 [ 17.917203] __asan_report_store1_noabort+0x20/0x30 [ 17.917426] krealloc_more_oob_helper+0x60c/0x678 [ 17.917572] krealloc_more_oob+0x20/0x38 [ 17.917670] kunit_try_run_case+0x170/0x3f0 [ 17.917844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.917947] kthread+0x328/0x630 [ 17.917988] ret_from_fork+0x10/0x20 [ 17.918174] [ 17.918194] Allocated by task 156: [ 17.918264] kasan_save_stack+0x3c/0x68 [ 17.918421] kasan_save_track+0x20/0x40 [ 17.918520] kasan_save_alloc_info+0x40/0x58 [ 17.918668] __kasan_krealloc+0x118/0x178 [ 17.918724] krealloc_noprof+0x128/0x360 [ 17.918762] krealloc_more_oob_helper+0x168/0x678 [ 17.918800] krealloc_more_oob+0x20/0x38 [ 17.918834] kunit_try_run_case+0x170/0x3f0 [ 17.918870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.919132] kthread+0x328/0x630 [ 17.919272] ret_from_fork+0x10/0x20 [ 17.919350] [ 17.919426] The buggy address belongs to the object at fff00000c44ec800 [ 17.919426] which belongs to the cache kmalloc-256 of size 256 [ 17.919550] The buggy address is located 0 bytes to the right of [ 17.919550] allocated 235-byte region [fff00000c44ec800, fff00000c44ec8eb) [ 17.919641] [ 17.919693] The buggy address belongs to the physical page: [ 17.919725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ec [ 17.919799] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.919925] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.920090] page_type: f5(slab) [ 17.920280] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.920397] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.920445] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.920491] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.920537] head: 0bfffe0000000001 ffffc1ffc3113b01 00000000ffffffff 00000000ffffffff [ 17.920611] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.920650] page dumped because: kasan: bad access detected [ 17.920680] [ 17.920699] Memory state around the buggy address: [ 17.920728] fff00000c44ec780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.920769] fff00000c44ec800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.920938] >fff00000c44ec880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.921096] ^ [ 17.921185] fff00000c44ec900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.921313] fff00000c44ec980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.921402] ================================================================== [ 17.961177] ================================================================== [ 17.961234] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.961283] Write of size 1 at addr fff00000c78320eb by task kunit_try_catch/160 [ 17.961337] [ 17.961368] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.961459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.961485] Hardware name: linux,dummy-virt (DT) [ 17.961514] Call trace: [ 17.961535] show_stack+0x20/0x38 (C) [ 17.961581] dump_stack_lvl+0x8c/0xd0 [ 17.961627] print_report+0x118/0x608 [ 17.961673] kasan_report+0xdc/0x128 [ 17.961719] __asan_report_store1_noabort+0x20/0x30 [ 17.961765] krealloc_more_oob_helper+0x60c/0x678 [ 17.961812] krealloc_large_more_oob+0x20/0x38 [ 17.961867] kunit_try_run_case+0x170/0x3f0 [ 17.961912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.961963] kthread+0x328/0x630 [ 17.962003] ret_from_fork+0x10/0x20 [ 17.962064] [ 17.962094] The buggy address belongs to the physical page: [ 17.962130] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107830 [ 17.962191] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.962245] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.962294] page_type: f8(unknown) [ 17.962331] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.962387] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.962434] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.962480] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.962527] head: 0bfffe0000000002 ffffc1ffc31e0c01 00000000ffffffff 00000000ffffffff [ 17.962572] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.962611] page dumped because: kasan: bad access detected [ 17.962640] [ 17.962666] Memory state around the buggy address: [ 17.962696] fff00000c7831f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.962736] fff00000c7832000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.962785] >fff00000c7832080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.962822] ^ [ 17.962859] fff00000c7832100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.962901] fff00000c7832180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.962940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 17.909248] ================================================================== [ 17.909305] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 17.909380] Read of size 1 at addr fff00000c7860000 by task kunit_try_catch/154 [ 17.909429] [ 17.909483] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.909692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.909726] Hardware name: linux,dummy-virt (DT) [ 17.909801] Call trace: [ 17.909830] show_stack+0x20/0x38 (C) [ 17.909933] dump_stack_lvl+0x8c/0xd0 [ 17.909988] print_report+0x118/0x608 [ 17.910034] kasan_report+0xdc/0x128 [ 17.910077] __asan_report_load1_noabort+0x20/0x30 [ 17.910127] page_alloc_uaf+0x328/0x350 [ 17.910184] kunit_try_run_case+0x170/0x3f0 [ 17.910306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.910361] kthread+0x328/0x630 [ 17.910481] ret_from_fork+0x10/0x20 [ 17.910602] [ 17.910651] The buggy address belongs to the physical page: [ 17.910698] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107860 [ 17.910775] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.910832] page_type: f0(buddy) [ 17.910877] raw: 0bfffe0000000000 fff00000ff616108 fff00000ff616108 0000000000000000 [ 17.910925] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 17.910963] page dumped because: kasan: bad access detected [ 17.910998] [ 17.911015] Memory state around the buggy address: [ 17.911195] fff00000c785ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.911249] fff00000c785ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.911296] >fff00000c7860000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.911365] ^ [ 17.911413] fff00000c7860080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.911453] fff00000c7860100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.911507] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 17.893967] ================================================================== [ 17.894048] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 17.894105] Free of addr fff00000c782c001 by task kunit_try_catch/150 [ 17.894147] [ 17.894239] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.894341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.894376] Hardware name: linux,dummy-virt (DT) [ 17.894405] Call trace: [ 17.894427] show_stack+0x20/0x38 (C) [ 17.894495] dump_stack_lvl+0x8c/0xd0 [ 17.894539] print_report+0x118/0x608 [ 17.894759] kasan_report_invalid_free+0xc0/0xe8 [ 17.894838] __kasan_kfree_large+0x5c/0xa8 [ 17.894932] free_large_kmalloc+0x64/0x190 [ 17.894982] kfree+0x270/0x3c8 [ 17.895023] kmalloc_large_invalid_free+0x108/0x270 [ 17.895087] kunit_try_run_case+0x170/0x3f0 [ 17.895132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.895194] kthread+0x328/0x630 [ 17.895233] ret_from_fork+0x10/0x20 [ 17.895339] [ 17.895361] The buggy address belongs to the physical page: [ 17.895391] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10782c [ 17.895796] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.895858] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.896113] page_type: f8(unknown) [ 17.896245] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.896360] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.896536] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.896601] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.896667] head: 0bfffe0000000002 ffffc1ffc31e0b01 00000000ffffffff 00000000ffffffff [ 17.896745] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.896783] page dumped because: kasan: bad access detected [ 17.896813] [ 17.897083] Memory state around the buggy address: [ 17.897135] fff00000c782bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.897302] fff00000c782bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.897446] >fff00000c782c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.897576] ^ [ 17.897634] fff00000c782c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.897765] fff00000c782c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.897873] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 17.885508] ================================================================== [ 17.885570] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 17.885663] Read of size 1 at addr fff00000c7828000 by task kunit_try_catch/148 [ 17.885710] [ 17.885739] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.885983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.886019] Hardware name: linux,dummy-virt (DT) [ 17.886048] Call trace: [ 17.886087] show_stack+0x20/0x38 (C) [ 17.886365] dump_stack_lvl+0x8c/0xd0 [ 17.886430] print_report+0x118/0x608 [ 17.886475] kasan_report+0xdc/0x128 [ 17.886519] __asan_report_load1_noabort+0x20/0x30 [ 17.886568] kmalloc_large_uaf+0x2cc/0x2f8 [ 17.886611] kunit_try_run_case+0x170/0x3f0 [ 17.886655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.886709] kthread+0x328/0x630 [ 17.886831] ret_from_fork+0x10/0x20 [ 17.886915] [ 17.886937] The buggy address belongs to the physical page: [ 17.886966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107828 [ 17.887020] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.887078] raw: 0bfffe0000000000 ffffc1ffc31e0b08 fff00000da457c40 0000000000000000 [ 17.887327] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 17.889384] page dumped because: kasan: bad access detected [ 17.889430] [ 17.889449] Memory state around the buggy address: [ 17.889483] fff00000c7827f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.889525] fff00000c7827f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.889566] >fff00000c7828000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.889602] ^ [ 17.889629] fff00000c7828080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.889668] fff00000c7828100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.889703] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 17.877116] ================================================================== [ 17.877213] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 17.877491] Write of size 1 at addr fff00000c782a00a by task kunit_try_catch/146 [ 17.877554] [ 17.877607] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.877704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.877730] Hardware name: linux,dummy-virt (DT) [ 17.877779] Call trace: [ 17.877801] show_stack+0x20/0x38 (C) [ 17.877868] dump_stack_lvl+0x8c/0xd0 [ 17.877913] print_report+0x118/0x608 [ 17.877956] kasan_report+0xdc/0x128 [ 17.877999] __asan_report_store1_noabort+0x20/0x30 [ 17.878044] kmalloc_large_oob_right+0x278/0x2b8 [ 17.878090] kunit_try_run_case+0x170/0x3f0 [ 17.878137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.878367] kthread+0x328/0x630 [ 17.878480] ret_from_fork+0x10/0x20 [ 17.878536] [ 17.878578] The buggy address belongs to the physical page: [ 17.878634] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107828 [ 17.878878] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.878945] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.879011] page_type: f8(unknown) [ 17.879052] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.879101] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.879179] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.879227] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.879487] head: 0bfffe0000000002 ffffc1ffc31e0a01 00000000ffffffff 00000000ffffffff [ 17.879548] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.879635] page dumped because: kasan: bad access detected [ 17.879669] [ 17.879687] Memory state around the buggy address: [ 17.879749] fff00000c7829f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.879791] fff00000c7829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.879831] >fff00000c782a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.879867] ^ [ 17.879923] fff00000c782a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.880102] fff00000c782a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.880145] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 17.862929] ================================================================== [ 17.862993] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.863041] Write of size 1 at addr fff00000c7821f00 by task kunit_try_catch/144 [ 17.863087] [ 17.863136] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.863227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.863251] Hardware name: linux,dummy-virt (DT) [ 17.863281] Call trace: [ 17.863674] show_stack+0x20/0x38 (C) [ 17.863762] dump_stack_lvl+0x8c/0xd0 [ 17.863806] print_report+0x118/0x608 [ 17.863849] kasan_report+0xdc/0x128 [ 17.864148] __asan_report_store1_noabort+0x20/0x30 [ 17.864211] kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.864475] kunit_try_run_case+0x170/0x3f0 [ 17.864542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.864698] kthread+0x328/0x630 [ 17.864749] ret_from_fork+0x10/0x20 [ 17.864878] [ 17.864951] Allocated by task 144: [ 17.865030] kasan_save_stack+0x3c/0x68 [ 17.865166] kasan_save_track+0x20/0x40 [ 17.865243] kasan_save_alloc_info+0x40/0x58 [ 17.865334] __kasan_kmalloc+0xd4/0xd8 [ 17.865420] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.865469] kmalloc_big_oob_right+0xb8/0x2f0 [ 17.865547] kunit_try_run_case+0x170/0x3f0 [ 17.865583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.865627] kthread+0x328/0x630 [ 17.865659] ret_from_fork+0x10/0x20 [ 17.865948] [ 17.866013] The buggy address belongs to the object at fff00000c7820000 [ 17.866013] which belongs to the cache kmalloc-8k of size 8192 [ 17.866137] The buggy address is located 0 bytes to the right of [ 17.866137] allocated 7936-byte region [fff00000c7820000, fff00000c7821f00) [ 17.866278] [ 17.866316] The buggy address belongs to the physical page: [ 17.866349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107820 [ 17.866511] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.866635] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.866764] page_type: f5(slab) [ 17.866871] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.866982] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.867115] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.867281] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.867462] head: 0bfffe0000000003 ffffc1ffc31e0801 00000000ffffffff 00000000ffffffff [ 17.867576] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.867615] page dumped because: kasan: bad access detected [ 17.867645] [ 17.867663] Memory state around the buggy address: [ 17.867722] fff00000c7821e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.867939] fff00000c7821e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.868168] >fff00000c7821f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.868330] ^ [ 17.868364] fff00000c7821f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.868404] fff00000c7822000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.868460] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 17.843898] ================================================================== [ 17.844039] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.844093] Write of size 1 at addr fff00000c5a07f78 by task kunit_try_catch/142 [ 17.844361] [ 17.844437] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.844591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.844661] Hardware name: linux,dummy-virt (DT) [ 17.844722] Call trace: [ 17.844795] show_stack+0x20/0x38 (C) [ 17.844914] dump_stack_lvl+0x8c/0xd0 [ 17.845033] print_report+0x118/0x608 [ 17.845078] kasan_report+0xdc/0x128 [ 17.845143] __asan_report_store1_noabort+0x20/0x30 [ 17.845202] kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.845527] kunit_try_run_case+0x170/0x3f0 [ 17.845621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.845871] kthread+0x328/0x630 [ 17.846074] ret_from_fork+0x10/0x20 [ 17.846345] [ 17.846482] Allocated by task 142: [ 17.846594] kasan_save_stack+0x3c/0x68 [ 17.846635] kasan_save_track+0x20/0x40 [ 17.846726] kasan_save_alloc_info+0x40/0x58 [ 17.846999] __kasan_kmalloc+0xd4/0xd8 [ 17.847111] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.847189] kmalloc_track_caller_oob_right+0xa8/0x488 [ 17.847240] kunit_try_run_case+0x170/0x3f0 [ 17.847276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.847317] kthread+0x328/0x630 [ 17.847357] ret_from_fork+0x10/0x20 [ 17.847401] [ 17.847426] The buggy address belongs to the object at fff00000c5a07f00 [ 17.847426] which belongs to the cache kmalloc-128 of size 128 [ 17.847481] The buggy address is located 0 bytes to the right of [ 17.847481] allocated 120-byte region [fff00000c5a07f00, fff00000c5a07f78) [ 17.847541] [ 17.847560] The buggy address belongs to the physical page: [ 17.847588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a07 [ 17.847640] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.847685] page_type: f5(slab) [ 17.847730] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.847795] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.847833] page dumped because: kasan: bad access detected [ 17.847861] [ 17.847905] Memory state around the buggy address: [ 17.847936] fff00000c5a07e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.847977] fff00000c5a07e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.848017] >fff00000c5a07f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.848052] ^ [ 17.848347] fff00000c5a07f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.848417] fff00000c5a08000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.848543] ================================================================== [ 17.849759] ================================================================== [ 17.849807] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 17.849893] Write of size 1 at addr fff00000c3ec0078 by task kunit_try_catch/142 [ 17.849942] [ 17.849989] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.850066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.850378] Hardware name: linux,dummy-virt (DT) [ 17.850463] Call trace: [ 17.850501] show_stack+0x20/0x38 (C) [ 17.850582] dump_stack_lvl+0x8c/0xd0 [ 17.850666] print_report+0x118/0x608 [ 17.850721] kasan_report+0xdc/0x128 [ 17.850804] __asan_report_store1_noabort+0x20/0x30 [ 17.850889] kmalloc_track_caller_oob_right+0x418/0x488 [ 17.850939] kunit_try_run_case+0x170/0x3f0 [ 17.851015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.851066] kthread+0x328/0x630 [ 17.851205] ret_from_fork+0x10/0x20 [ 17.851289] [ 17.851308] Allocated by task 142: [ 17.851334] kasan_save_stack+0x3c/0x68 [ 17.851378] kasan_save_track+0x20/0x40 [ 17.851444] kasan_save_alloc_info+0x40/0x58 [ 17.851689] __kasan_kmalloc+0xd4/0xd8 [ 17.851749] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.851793] kmalloc_track_caller_oob_right+0x184/0x488 [ 17.851832] kunit_try_run_case+0x170/0x3f0 [ 17.851891] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.851934] kthread+0x328/0x630 [ 17.852122] ret_from_fork+0x10/0x20 [ 17.852222] [ 17.852275] The buggy address belongs to the object at fff00000c3ec0000 [ 17.852275] which belongs to the cache kmalloc-128 of size 128 [ 17.852332] The buggy address is located 0 bytes to the right of [ 17.852332] allocated 120-byte region [fff00000c3ec0000, fff00000c3ec0078) [ 17.852408] [ 17.852702] The buggy address belongs to the physical page: [ 17.852827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec0 [ 17.852881] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.853210] page_type: f5(slab) [ 17.853351] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.853473] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.853582] page dumped because: kasan: bad access detected [ 17.853692] [ 17.853755] Memory state around the buggy address: [ 17.853784] fff00000c3ebff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.853844] fff00000c3ebff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.854205] >fff00000c3ec0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.854349] ^ [ 17.854465] fff00000c3ec0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.854576] fff00000c3ec0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.854646] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 17.830065] ================================================================== [ 17.830220] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 17.830274] Read of size 1 at addr fff00000c7811000 by task kunit_try_catch/140 [ 17.830322] [ 17.830561] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.830650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.830676] Hardware name: linux,dummy-virt (DT) [ 17.830704] Call trace: [ 17.830726] show_stack+0x20/0x38 (C) [ 17.830774] dump_stack_lvl+0x8c/0xd0 [ 17.830818] print_report+0x118/0x608 [ 17.830862] kasan_report+0xdc/0x128 [ 17.830905] __asan_report_load1_noabort+0x20/0x30 [ 17.830954] kmalloc_node_oob_right+0x2f4/0x330 [ 17.831005] kunit_try_run_case+0x170/0x3f0 [ 17.831050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.831100] kthread+0x328/0x630 [ 17.831140] ret_from_fork+0x10/0x20 [ 17.831235] [ 17.831254] Allocated by task 140: [ 17.831280] kasan_save_stack+0x3c/0x68 [ 17.831318] kasan_save_track+0x20/0x40 [ 17.831354] kasan_save_alloc_info+0x40/0x58 [ 17.831643] __kasan_kmalloc+0xd4/0xd8 [ 17.831698] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 17.831749] kmalloc_node_oob_right+0xbc/0x330 [ 17.831808] kunit_try_run_case+0x170/0x3f0 [ 17.831844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.831981] kthread+0x328/0x630 [ 17.832014] ret_from_fork+0x10/0x20 [ 17.832048] [ 17.832087] The buggy address belongs to the object at fff00000c7810000 [ 17.832087] which belongs to the cache kmalloc-4k of size 4096 [ 17.832142] The buggy address is located 0 bytes to the right of [ 17.832142] allocated 4096-byte region [fff00000c7810000, fff00000c7811000) [ 17.832214] [ 17.832232] The buggy address belongs to the physical page: [ 17.832303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107810 [ 17.832888] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.832983] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.833445] page_type: f5(slab) [ 17.833494] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.833620] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.833723] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.834019] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.834095] head: 0bfffe0000000003 ffffc1ffc31e0401 00000000ffffffff 00000000ffffffff [ 17.834222] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.834468] page dumped because: kasan: bad access detected [ 17.834531] [ 17.834549] Memory state around the buggy address: [ 17.834581] fff00000c7810f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.834902] fff00000c7810f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.834986] >fff00000c7811000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.835101] ^ [ 17.835279] fff00000c7811080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.835322] fff00000c7811100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.835544] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.822089] ================================================================== [ 17.822183] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 17.822238] Read of size 1 at addr fff00000c59fcb5f by task kunit_try_catch/138 [ 17.822285] [ 17.822319] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.822404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.822430] Hardware name: linux,dummy-virt (DT) [ 17.822471] Call trace: [ 17.822493] show_stack+0x20/0x38 (C) [ 17.822540] dump_stack_lvl+0x8c/0xd0 [ 17.822584] print_report+0x118/0x608 [ 17.822630] kasan_report+0xdc/0x128 [ 17.822674] __asan_report_load1_noabort+0x20/0x30 [ 17.822728] kmalloc_oob_left+0x2ec/0x320 [ 17.822771] kunit_try_run_case+0x170/0x3f0 [ 17.822817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.822867] kthread+0x328/0x630 [ 17.822917] ret_from_fork+0x10/0x20 [ 17.822964] [ 17.822988] Allocated by task 11: [ 17.823015] kasan_save_stack+0x3c/0x68 [ 17.823054] kasan_save_track+0x20/0x40 [ 17.823097] kasan_save_alloc_info+0x40/0x58 [ 17.823136] __kasan_kmalloc+0xd4/0xd8 [ 17.823180] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.823455] kvasprintf+0xe0/0x180 [ 17.824259] __kthread_create_on_node+0x16c/0x350 [ 17.824326] kthread_create_on_node+0xe4/0x130 [ 17.824364] create_worker+0x380/0x6b8 [ 17.824400] worker_thread+0x808/0xf38 [ 17.824434] kthread+0x328/0x630 [ 17.824465] ret_from_fork+0x10/0x20 [ 17.824499] [ 17.824519] The buggy address belongs to the object at fff00000c59fcb40 [ 17.824519] which belongs to the cache kmalloc-16 of size 16 [ 17.824577] The buggy address is located 19 bytes to the right of [ 17.824577] allocated 12-byte region [fff00000c59fcb40, fff00000c59fcb4c) [ 17.824639] [ 17.824658] The buggy address belongs to the physical page: [ 17.824688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059fc [ 17.824738] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.824784] page_type: f5(slab) [ 17.824822] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.824870] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.824911] page dumped because: kasan: bad access detected [ 17.824941] [ 17.824958] Memory state around the buggy address: [ 17.824987] fff00000c59fca00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 17.825028] fff00000c59fca80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.825069] >fff00000c59fcb00: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 17.825105] ^ [ 17.825139] fff00000c59fcb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.825195] fff00000c59fcc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.825230] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 17.778058] ================================================================== [ 17.778425] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.779272] Write of size 1 at addr fff00000c5a07e73 by task kunit_try_catch/136 [ 17.779391] [ 17.780539] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 17.780684] Tainted: [N]=TEST [ 17.780716] Hardware name: linux,dummy-virt (DT) [ 17.780932] Call trace: [ 17.781098] show_stack+0x20/0x38 (C) [ 17.781245] dump_stack_lvl+0x8c/0xd0 [ 17.781306] print_report+0x118/0x608 [ 17.781354] kasan_report+0xdc/0x128 [ 17.781398] __asan_report_store1_noabort+0x20/0x30 [ 17.781672] kmalloc_oob_right+0x5a4/0x660 [ 17.781896] kunit_try_run_case+0x170/0x3f0 [ 17.781960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.782194] kthread+0x328/0x630 [ 17.782304] ret_from_fork+0x10/0x20 [ 17.783144] [ 17.783405] Allocated by task 136: [ 17.783998] kasan_save_stack+0x3c/0x68 [ 17.785018] kasan_save_track+0x20/0x40 [ 17.785099] kasan_save_alloc_info+0x40/0x58 [ 17.785146] __kasan_kmalloc+0xd4/0xd8 [ 17.785209] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.785271] kmalloc_oob_right+0xb0/0x660 [ 17.785337] kunit_try_run_case+0x170/0x3f0 [ 17.785398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.785605] kthread+0x328/0x630 [ 17.786172] ret_from_fork+0x10/0x20 [ 17.786264] [ 17.786332] The buggy address belongs to the object at fff00000c5a07e00 [ 17.786332] which belongs to the cache kmalloc-128 of size 128 [ 17.786430] The buggy address is located 0 bytes to the right of [ 17.786430] allocated 115-byte region [fff00000c5a07e00, fff00000c5a07e73) [ 17.786495] [ 17.786582] The buggy address belongs to the physical page: [ 17.786796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a07 [ 17.787091] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.788251] page_type: f5(slab) [ 17.788570] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.788630] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.789683] page dumped because: kasan: bad access detected [ 17.789859] [ 17.790003] Memory state around the buggy address: [ 17.790892] fff00000c5a07d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.790980] fff00000c5a07d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.791036] >fff00000c5a07e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.791091] ^ [ 17.791810] fff00000c5a07e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.791856] fff00000c5a07f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.791926] ================================================================== [ 17.792794] ================================================================== [ 17.792831] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.792877] Write of size 1 at addr fff00000c5a07e78 by task kunit_try_catch/136 [ 17.792923] [ 17.792952] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.793028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.793052] Hardware name: linux,dummy-virt (DT) [ 17.793081] Call trace: [ 17.793101] show_stack+0x20/0x38 (C) [ 17.793147] dump_stack_lvl+0x8c/0xd0 [ 17.793207] print_report+0x118/0x608 [ 17.793251] kasan_report+0xdc/0x128 [ 17.793295] __asan_report_store1_noabort+0x20/0x30 [ 17.793342] kmalloc_oob_right+0x538/0x660 [ 17.793386] kunit_try_run_case+0x170/0x3f0 [ 17.793431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.793481] kthread+0x328/0x630 [ 17.793520] ret_from_fork+0x10/0x20 [ 17.793565] [ 17.793583] Allocated by task 136: [ 17.793608] kasan_save_stack+0x3c/0x68 [ 17.793646] kasan_save_track+0x20/0x40 [ 17.793681] kasan_save_alloc_info+0x40/0x58 [ 17.793719] __kasan_kmalloc+0xd4/0xd8 [ 17.793753] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.793789] kmalloc_oob_right+0xb0/0x660 [ 17.793824] kunit_try_run_case+0x170/0x3f0 [ 17.793862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.793903] kthread+0x328/0x630 [ 17.793934] ret_from_fork+0x10/0x20 [ 17.793968] [ 17.793986] The buggy address belongs to the object at fff00000c5a07e00 [ 17.793986] which belongs to the cache kmalloc-128 of size 128 [ 17.794038] The buggy address is located 5 bytes to the right of [ 17.794038] allocated 115-byte region [fff00000c5a07e00, fff00000c5a07e73) [ 17.794098] [ 17.794116] The buggy address belongs to the physical page: [ 17.794144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a07 [ 17.795014] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.795064] page_type: f5(slab) [ 17.795109] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.795242] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.795297] page dumped because: kasan: bad access detected [ 17.795327] [ 17.795344] Memory state around the buggy address: [ 17.795374] fff00000c5a07d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.795415] fff00000c5a07d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.795464] >fff00000c5a07e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.795503] ^ [ 17.795543] fff00000c5a07e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.795586] fff00000c5a07f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.795632] ================================================================== [ 17.795790] ================================================================== [ 17.795839] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.796185] Read of size 1 at addr fff00000c5a07e80 by task kunit_try_catch/136 [ 17.796238] [ 17.796265] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.796850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.796887] Hardware name: linux,dummy-virt (DT) [ 17.797178] Call trace: [ 17.797323] show_stack+0x20/0x38 (C) [ 17.797506] dump_stack_lvl+0x8c/0xd0 [ 17.797597] print_report+0x118/0x608 [ 17.797786] kasan_report+0xdc/0x128 [ 17.798038] __asan_report_load1_noabort+0x20/0x30 [ 17.798091] kmalloc_oob_right+0x5d0/0x660 [ 17.798431] kunit_try_run_case+0x170/0x3f0 [ 17.798860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.799094] kthread+0x328/0x630 [ 17.799256] ret_from_fork+0x10/0x20 [ 17.799342] [ 17.799383] Allocated by task 136: [ 17.799410] kasan_save_stack+0x3c/0x68 [ 17.799451] kasan_save_track+0x20/0x40 [ 17.799495] kasan_save_alloc_info+0x40/0x58 [ 17.799534] __kasan_kmalloc+0xd4/0xd8 [ 17.799575] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.799622] kmalloc_oob_right+0xb0/0x660 [ 17.799672] kunit_try_run_case+0x170/0x3f0 [ 17.799709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.799751] kthread+0x328/0x630 [ 17.799797] ret_from_fork+0x10/0x20 [ 17.799831] [ 17.799857] The buggy address belongs to the object at fff00000c5a07e00 [ 17.799857] which belongs to the cache kmalloc-128 of size 128 [ 17.800128] The buggy address is located 13 bytes to the right of [ 17.800128] allocated 115-byte region [fff00000c5a07e00, fff00000c5a07e73) [ 17.800476] [ 17.800846] The buggy address belongs to the physical page: [ 17.801001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a07 [ 17.801215] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.801267] page_type: f5(slab) [ 17.801340] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.801412] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.801460] page dumped because: kasan: bad access detected [ 17.801499] [ 17.801517] Memory state around the buggy address: [ 17.801557] fff00000c5a07d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.801601] fff00000c5a07e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.801650] >fff00000c5a07e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.801689] ^ [ 17.801717] fff00000c5a07f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.801758] fff00000c5a07f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.801809] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 96.279466] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 96.280972] Modules linked in: [ 96.281647] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 96.282265] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 96.282508] Hardware name: linux,dummy-virt (DT) [ 96.282707] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.282990] pc : intlog10+0x38/0x48 [ 96.283453] lr : intlog10_test+0xe4/0x200 [ 96.284094] sp : ffff8000820c7c10 [ 96.284626] x29: ffff8000820c7c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.285591] x26: 1ffe00001927be21 x25: 0000000000000000 x24: ffff8000820c7ce0 [ 96.286567] x23: ffff8000820c7d00 x22: 0000000000000000 x21: 1ffff00010418f82 [ 96.287542] x20: ffff918d05089ec0 x19: ffff800080087990 x18: 00000000f2fff86b [ 96.288620] x17: 0000000019f2ea65 x16: fff00000c097583c x15: fff00000ff616b08 [ 96.289592] x14: 0000000000018fff x13: 1ffe00001b48a7cd x12: ffff7231a11e3381 [ 96.290531] x11: 1ffff231a11e3380 x10: ffff7231a11e3380 x9 : ffff918d02636bdc [ 96.291478] x8 : ffff918d08f19c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.292270] x5 : ffff700010418f82 x4 : 1ffff00010010f3a x3 : 1ffff231a0a113d8 [ 96.292639] x2 : 1ffff231a0a113d8 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.292984] Call trace: [ 96.293123] intlog10+0x38/0x48 (P) [ 96.293356] kunit_try_run_case+0x170/0x3f0 [ 96.293614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.293900] kthread+0x328/0x630 [ 96.294123] ret_from_fork+0x10/0x20 [ 96.294380] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 96.219704] WARNING: CPU: 1 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 96.221624] Modules linked in: [ 96.222716] CPU: 1 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 96.223964] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 96.224722] Hardware name: linux,dummy-virt (DT) [ 96.225336] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.226755] pc : intlog2+0xd8/0xf8 [ 96.227333] lr : intlog2_test+0xe4/0x200 [ 96.227896] sp : ffff800082027c10 [ 96.228424] x29: ffff800082027c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.229895] x26: 1ffe0000196c6481 x25: 0000000000000000 x24: ffff800082027ce0 [ 96.230542] x23: ffff800082027d00 x22: 0000000000000000 x21: 1ffff00010404f82 [ 96.230905] x20: ffff918d05089dc0 x19: ffff800080087990 x18: 00000000fd30cdfc [ 96.231761] x17: 000000001f6ac12e x16: fff00000c097583c x15: 00000000cf018f63 [ 96.232863] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a7cd x12: ffff7231a11e3381 [ 96.233992] x11: 1ffff231a11e3380 x10: ffff7231a11e3380 x9 : ffff918d02636ddc [ 96.234971] x8 : ffff918d08f19c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.235527] x5 : ffff700010404f82 x4 : 1ffff00010010f3a x3 : 1ffff231a0a113b8 [ 96.236805] x2 : 1ffff231a0a113b8 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.237821] Call trace: [ 96.238255] intlog2+0xd8/0xf8 (P) [ 96.238816] kunit_try_run_case+0x170/0x3f0 [ 96.239429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.239850] kthread+0x328/0x630 [ 96.240599] ret_from_fork+0x10/0x20 [ 96.241206] ---[ end trace 0000000000000000 ]---