Date
July 6, 2025, 11:09 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.540722] ================================================================== [ 20.540818] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.540873] Read of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.540970] [ 20.541005] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.541087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.541114] Hardware name: linux,dummy-virt (DT) [ 20.541259] Call trace: [ 20.541284] show_stack+0x20/0x38 (C) [ 20.541400] dump_stack_lvl+0x8c/0xd0 [ 20.541453] print_report+0x118/0x608 [ 20.541855] kasan_report+0xdc/0x128 [ 20.541994] __asan_report_load8_noabort+0x20/0x30 [ 20.542181] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.542549] kasan_bitops_generic+0x110/0x1c8 [ 20.542637] kunit_try_run_case+0x170/0x3f0 [ 20.542789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.543025] kthread+0x328/0x630 [ 20.543361] ret_from_fork+0x10/0x20 [ 20.543790] [ 20.543822] Allocated by task 261: [ 20.543883] kasan_save_stack+0x3c/0x68 [ 20.544233] kasan_save_track+0x20/0x40 [ 20.544333] kasan_save_alloc_info+0x40/0x58 [ 20.544685] __kasan_kmalloc+0xd4/0xd8 [ 20.544875] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.545047] kasan_bitops_generic+0xa0/0x1c8 [ 20.545239] kunit_try_run_case+0x170/0x3f0 [ 20.545368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.545762] kthread+0x328/0x630 [ 20.545995] ret_from_fork+0x10/0x20 [ 20.546085] [ 20.546178] The buggy address belongs to the object at fff00000c1cea980 [ 20.546178] which belongs to the cache kmalloc-16 of size 16 [ 20.546535] The buggy address is located 8 bytes inside of [ 20.546535] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.546630] [ 20.546674] The buggy address belongs to the physical page: [ 20.546708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 20.546766] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.546826] page_type: f5(slab) [ 20.546867] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.546936] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.546979] page dumped because: kasan: bad access detected [ 20.547016] [ 20.547046] Memory state around the buggy address: [ 20.547092] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.547139] fff00000c1cea900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.547220] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.547263] ^ [ 20.547293] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.547338] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.547380] ================================================================== [ 20.548651] ================================================================== [ 20.548704] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.549080] Write of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.549228] [ 20.549263] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.549544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.549578] Hardware name: linux,dummy-virt (DT) [ 20.549760] Call trace: [ 20.549797] show_stack+0x20/0x38 (C) [ 20.550245] dump_stack_lvl+0x8c/0xd0 [ 20.550468] print_report+0x118/0x608 [ 20.550909] kasan_report+0xdc/0x128 [ 20.551061] kasan_check_range+0x100/0x1a8 [ 20.551251] __kasan_check_write+0x20/0x30 [ 20.551364] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.551709] kasan_bitops_generic+0x110/0x1c8 [ 20.552344] kunit_try_run_case+0x170/0x3f0 [ 20.552449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.552566] kthread+0x328/0x630 [ 20.552784] ret_from_fork+0x10/0x20 [ 20.553089] [ 20.553289] Allocated by task 261: [ 20.553354] kasan_save_stack+0x3c/0x68 [ 20.553592] kasan_save_track+0x20/0x40 [ 20.553735] kasan_save_alloc_info+0x40/0x58 [ 20.554039] __kasan_kmalloc+0xd4/0xd8 [ 20.554143] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.554365] kasan_bitops_generic+0xa0/0x1c8 [ 20.554560] kunit_try_run_case+0x170/0x3f0 [ 20.554750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.554919] kthread+0x328/0x630 [ 20.554958] ret_from_fork+0x10/0x20 [ 20.555149] [ 20.555204] The buggy address belongs to the object at fff00000c1cea980 [ 20.555204] which belongs to the cache kmalloc-16 of size 16 [ 20.555386] The buggy address is located 8 bytes inside of [ 20.555386] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.555538] [ 20.555692] The buggy address belongs to the physical page: [ 20.555772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 20.555876] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.556171] page_type: f5(slab) [ 20.556247] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.556366] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.556465] page dumped because: kasan: bad access detected [ 20.556619] [ 20.556720] Memory state around the buggy address: [ 20.556793] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.557005] fff00000c1cea900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.557156] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.557334] ^ [ 20.557382] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.557435] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.557681] ================================================================== [ 20.528758] ================================================================== [ 20.528830] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.528905] Write of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.528957] [ 20.528990] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.529082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.529111] Hardware name: linux,dummy-virt (DT) [ 20.529143] Call trace: [ 20.529167] show_stack+0x20/0x38 (C) [ 20.529573] dump_stack_lvl+0x8c/0xd0 [ 20.530317] print_report+0x118/0x608 [ 20.530395] kasan_report+0xdc/0x128 [ 20.530568] kasan_check_range+0x100/0x1a8 [ 20.530770] __kasan_check_write+0x20/0x30 [ 20.530833] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.531217] kasan_bitops_generic+0x110/0x1c8 [ 20.531416] kunit_try_run_case+0x170/0x3f0 [ 20.531610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.531759] kthread+0x328/0x630 [ 20.532087] ret_from_fork+0x10/0x20 [ 20.532579] [ 20.532679] Allocated by task 261: [ 20.532718] kasan_save_stack+0x3c/0x68 [ 20.533092] kasan_save_track+0x20/0x40 [ 20.533313] kasan_save_alloc_info+0x40/0x58 [ 20.533505] __kasan_kmalloc+0xd4/0xd8 [ 20.533769] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.533903] kasan_bitops_generic+0xa0/0x1c8 [ 20.534057] kunit_try_run_case+0x170/0x3f0 [ 20.534203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.534469] kthread+0x328/0x630 [ 20.534679] ret_from_fork+0x10/0x20 [ 20.534813] [ 20.534944] The buggy address belongs to the object at fff00000c1cea980 [ 20.534944] which belongs to the cache kmalloc-16 of size 16 [ 20.535163] The buggy address is located 8 bytes inside of [ 20.535163] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.535367] [ 20.535393] The buggy address belongs to the physical page: [ 20.535448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 20.535839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.536080] page_type: f5(slab) [ 20.536239] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.536332] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.536394] page dumped because: kasan: bad access detected [ 20.536719] [ 20.537531] Memory state around the buggy address: [ 20.537640] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.537698] fff00000c1cea900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.537773] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.537875] ^ [ 20.537908] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.538422] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.538615] ================================================================== [ 20.558989] ================================================================== [ 20.559043] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.559184] Read of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.559314] [ 20.559687] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.559795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.559827] Hardware name: linux,dummy-virt (DT) [ 20.559859] Call trace: [ 20.559892] show_stack+0x20/0x38 (C) [ 20.559947] dump_stack_lvl+0x8c/0xd0 [ 20.559996] print_report+0x118/0x608 [ 20.560055] kasan_report+0xdc/0x128 [ 20.560104] __asan_report_load8_noabort+0x20/0x30 [ 20.560162] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.560402] kasan_bitops_generic+0x110/0x1c8 [ 20.560636] kunit_try_run_case+0x170/0x3f0 [ 20.560700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.560756] kthread+0x328/0x630 [ 20.560800] ret_from_fork+0x10/0x20 [ 20.560879] [ 20.560919] Allocated by task 261: [ 20.560976] kasan_save_stack+0x3c/0x68 [ 20.561359] kasan_save_track+0x20/0x40 [ 20.561418] kasan_save_alloc_info+0x40/0x58 [ 20.561461] __kasan_kmalloc+0xd4/0xd8 [ 20.561854] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.561960] kasan_bitops_generic+0xa0/0x1c8 [ 20.562079] kunit_try_run_case+0x170/0x3f0 [ 20.562255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.562376] kthread+0x328/0x630 [ 20.562434] ret_from_fork+0x10/0x20 [ 20.562475] [ 20.562791] The buggy address belongs to the object at fff00000c1cea980 [ 20.562791] which belongs to the cache kmalloc-16 of size 16 [ 20.562891] The buggy address is located 8 bytes inside of [ 20.562891] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.564329] page dumped because: kasan: bad access detected [ 20.566022] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.567726] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 20.567996] Hardware name: linux,dummy-virt (DT) [ 20.568416] kasan_bitops_generic+0x110/0x1c8 [ 20.568760] kasan_save_track+0x20/0x40 [ 20.569004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.570239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 20.571155] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.571315] page dumped because: kasan: bad access detected [ 20.572357] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.573701] Write of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.575673] __kasan_check_write+0x20/0x30 [ 20.576544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.578869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.580265] [ 20.580358] The buggy address belongs to the physical page: [ 20.581403] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.581759] [ 20.582429] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.584128] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 20.584728] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.585964] __asan_report_load8_noabort+0x20/0x30 [ 20.587134] kasan_save_stack+0x3c/0x68 [ 20.587370] kasan_bitops_generic+0xa0/0x1c8 [ 20.587702] The buggy address is located 8 bytes inside of [ 20.587702] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.588042] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.588086] page dumped because: kasan: bad access detected [ 20.588119] [ 20.588172] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.589577] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.591355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.592183] kasan_check_range+0x100/0x1a8 [ 20.593312] ret_from_fork+0x10/0x20 [ 20.593779] kasan_save_alloc_info+0x40/0x58 [ 20.594992] [ 20.595463] [ 20.595959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.596519] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.597291] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.599839] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.830828] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7cc/0x4858 [ 20.809543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 20.650098] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 20.640136] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 20.646406] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 20.634685] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.614373] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.204780] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.213055] Modules linked in: [ 94.213989] CPU: 0 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 94.215420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.215764] Hardware name: linux,dummy-virt (DT) [ 94.216375] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.217364] pc : kunit_test_null_dereference+0x70/0x170 [ 94.218022] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.218594] sp : ffff800080ed7d30 [ 94.218784] x29: ffff800080ed7d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.219205] x26: 1ffe000018ada701 x25: 0000000000000000 x24: 0000000000000004 [ 94.219653] x23: fff00000c56d380c x22: ffffa45e8be241b8 x21: fff00000c46de788 [ 94.220065] x20: 1ffff000101dafa6 x19: ffff800080087990 x18: 0000000019e022ba [ 94.220514] x17: 00000000f8e1f544 x16: fff00000c097583c x15: fff00000ff616b08 [ 94.220945] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: fffd800018ecbb3c [ 94.221314] x11: 1ffe000018ecbb3b x10: fffd800018ecbb3b x9 : ffffa45e8be1b620 [ 94.222458] x8 : ffff800080ed7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.224418] x5 : ffff7000101dafa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.224891] x2 : dfff800000000000 x1 : fff00000c765d100 x0 : ffff800080087990 [ 94.225375] Call trace: [ 94.226441] kunit_test_null_dereference+0x70/0x170 (P) [ 94.226720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.226964] kthread+0x328/0x630 [ 94.227144] ret_from_fork+0x10/0x20 [ 94.227586] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.228593] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.698597] ================================================================== [ 50.698666] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.698666] [ 50.698748] Use-after-free read at 0x0000000012362a2f (in kfence-#146): [ 50.698799] test_krealloc+0x51c/0x830 [ 50.698843] kunit_try_run_case+0x170/0x3f0 [ 50.698888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.698934] kthread+0x328/0x630 [ 50.698973] ret_from_fork+0x10/0x20 [ 50.699014] [ 50.699036] kfence-#146: 0x0000000012362a2f-0x0000000058de5283, size=32, cache=kmalloc-32 [ 50.699036] [ 50.699089] allocated by task 337 on cpu 1 at 50.697858s (0.001227s ago): [ 50.699155] test_alloc+0x29c/0x628 [ 50.699210] test_krealloc+0xc0/0x830 [ 50.699253] kunit_try_run_case+0x170/0x3f0 [ 50.699295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.699339] kthread+0x328/0x630 [ 50.699373] ret_from_fork+0x10/0x20 [ 50.699411] [ 50.699435] freed by task 337 on cpu 1 at 50.698182s (0.001249s ago): [ 50.699494] krealloc_noprof+0x148/0x360 [ 50.699534] test_krealloc+0x1dc/0x830 [ 50.699573] kunit_try_run_case+0x170/0x3f0 [ 50.699613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.699656] kthread+0x328/0x630 [ 50.699692] ret_from_fork+0x10/0x20 [ 50.699730] [ 50.699772] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 50.699847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.699876] Hardware name: linux,dummy-virt (DT) [ 50.699911] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.622305] ================================================================== [ 50.622407] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.622407] [ 50.622513] Use-after-free read at 0x00000000be189c9d (in kfence-#145): [ 50.622567] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.622618] kunit_try_run_case+0x170/0x3f0 [ 50.622663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.622709] kthread+0x328/0x630 [ 50.622749] ret_from_fork+0x10/0x20 [ 50.622792] [ 50.622815] kfence-#145: 0x00000000be189c9d-0x00000000f6764035, size=32, cache=test [ 50.622815] [ 50.622869] allocated by task 335 on cpu 1 at 50.597824s (0.025041s ago): [ 50.622941] test_alloc+0x230/0x628 [ 50.622980] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.623024] kunit_try_run_case+0x170/0x3f0 [ 50.623065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.623110] kthread+0x328/0x630 [ 50.623145] ret_from_fork+0x10/0x20 [ 50.623183] [ 50.623221] freed by task 335 on cpu 1 at 50.597935s (0.025281s ago): [ 50.623278] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.623321] kunit_try_run_case+0x170/0x3f0 [ 50.623363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.623404] kthread+0x328/0x630 [ 50.623440] ret_from_fork+0x10/0x20 [ 50.623479] [ 50.623526] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 50.623603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.623631] Hardware name: linux,dummy-virt (DT) [ 50.623668] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 28.145748] ================================================================== [ 28.145904] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 28.145904] [ 28.146035] Invalid read at 0x00000000db265786: [ 28.146129] test_invalid_access+0xdc/0x1f0 [ 28.146226] kunit_try_run_case+0x170/0x3f0 [ 28.146305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.146378] kthread+0x328/0x630 [ 28.146450] ret_from_fork+0x10/0x20 [ 28.146527] [ 28.146599] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.146707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.146765] Hardware name: linux,dummy-virt (DT) [ 28.146825] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.918185] ================================================================== [ 27.918302] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.918302] [ 27.918365] Corrupted memory at 0x0000000097f007d3 [ ! . . . . . . . . . . . . . . . ] (in kfence-#141): [ 27.918680] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.918730] kunit_try_run_case+0x170/0x3f0 [ 27.918775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.918818] kthread+0x328/0x630 [ 27.918857] ret_from_fork+0x10/0x20 [ 27.918896] [ 27.918921] kfence-#141: 0x0000000095da06a2-0x000000001bb6ef66, size=73, cache=kmalloc-96 [ 27.918921] [ 27.918975] allocated by task 325 on cpu 1 at 27.917944s (0.001028s ago): [ 27.919037] test_alloc+0x29c/0x628 [ 27.919076] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.919120] kunit_try_run_case+0x170/0x3f0 [ 27.919158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.919213] kthread+0x328/0x630 [ 27.919249] ret_from_fork+0x10/0x20 [ 27.919288] [ 27.919312] freed by task 325 on cpu 1 at 27.918089s (0.001220s ago): [ 27.919373] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.919416] kunit_try_run_case+0x170/0x3f0 [ 27.919457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.919501] kthread+0x328/0x630 [ 27.919539] ret_from_fork+0x10/0x20 [ 27.919577] [ 27.919622] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.919699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.919727] Hardware name: linux,dummy-virt (DT) [ 27.919762] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 27.502093] ================================================================== [ 27.502182] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.502182] [ 27.502296] Out-of-bounds read at 0x0000000041fcad6b (105B right of kfence-#137): [ 27.502355] test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.502404] kunit_try_run_case+0x170/0x3f0 [ 27.502458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.502502] kthread+0x328/0x630 [ 27.502541] ret_from_fork+0x10/0x20 [ 27.502582] [ 27.502607] kfence-#137: 0x000000005fea243b-0x00000000b6ce86a5, size=73, cache=kmalloc-96 [ 27.502607] [ 27.502659] allocated by task 323 on cpu 1 at 27.501867s (0.000788s ago): [ 27.502730] test_alloc+0x29c/0x628 [ 27.502771] test_kmalloc_aligned_oob_read+0x100/0x468 [ 27.502816] kunit_try_run_case+0x170/0x3f0 [ 27.502856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.502900] kthread+0x328/0x630 [ 27.502936] ret_from_fork+0x10/0x20 [ 27.502976] [ 27.503023] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.503101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.503131] Hardware name: linux,dummy-virt (DT) [ 27.503167] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 23.654213] ================================================================== [ 23.654299] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 23.654299] [ 23.654362] Corrupted memory at 0x000000009510cd2b [ ! ] (in kfence-#100): [ 23.654496] test_corruption+0x284/0x378 [ 23.654543] kunit_try_run_case+0x170/0x3f0 [ 23.654587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.654630] kthread+0x328/0x630 [ 23.654668] ret_from_fork+0x10/0x20 [ 23.654707] [ 23.654732] kfence-#100: 0x00000000d47a417d-0x00000000fa97c2b1, size=32, cache=kmalloc-32 [ 23.654732] [ 23.654785] allocated by task 311 on cpu 1 at 23.653921s (0.000861s ago): [ 23.654845] test_alloc+0x29c/0x628 [ 23.654884] test_corruption+0x198/0x378 [ 23.654925] kunit_try_run_case+0x170/0x3f0 [ 23.654966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.655009] kthread+0x328/0x630 [ 23.655044] ret_from_fork+0x10/0x20 [ 23.655082] [ 23.655106] freed by task 311 on cpu 1 at 23.654027s (0.001075s ago): [ 23.655164] test_corruption+0x284/0x378 [ 23.655214] kunit_try_run_case+0x170/0x3f0 [ 23.655254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.655297] kthread+0x328/0x630 [ 23.655332] ret_from_fork+0x10/0x20 [ 23.655371] [ 23.655413] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.655485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.655514] Hardware name: linux,dummy-virt (DT) [ 23.655547] ================================================================== [ 23.758004] ================================================================== [ 23.758096] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 23.758096] [ 23.758157] Corrupted memory at 0x000000004ddd3146 [ ! . . . . . . . . . . . . . . . ] (in kfence-#101): [ 23.758489] test_corruption+0x120/0x378 [ 23.758537] kunit_try_run_case+0x170/0x3f0 [ 23.758583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.758630] kthread+0x328/0x630 [ 23.758671] ret_from_fork+0x10/0x20 [ 23.758711] [ 23.758735] kfence-#101: 0x00000000f2e0d448-0x0000000096f87927, size=32, cache=test [ 23.758735] [ 23.758790] allocated by task 313 on cpu 1 at 23.757859s (0.000927s ago): [ 23.758851] test_alloc+0x230/0x628 [ 23.758892] test_corruption+0xdc/0x378 [ 23.758932] kunit_try_run_case+0x170/0x3f0 [ 23.758972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.759016] kthread+0x328/0x630 [ 23.759052] ret_from_fork+0x10/0x20 [ 23.759091] [ 23.759116] freed by task 313 on cpu 1 at 23.757918s (0.001194s ago): [ 23.759175] test_corruption+0x120/0x378 [ 23.759244] kunit_try_run_case+0x170/0x3f0 [ 23.759284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.759328] kthread+0x328/0x630 [ 23.759366] ret_from_fork+0x10/0x20 [ 23.759404] [ 23.759447] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.759522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.759550] Hardware name: linux,dummy-virt (DT) [ 23.759586] ================================================================== [ 23.862110] ================================================================== [ 23.862216] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.862216] [ 23.862278] Corrupted memory at 0x00000000b69d078d [ ! ] (in kfence-#102): [ 23.862391] test_corruption+0x1d8/0x378 [ 23.862443] kunit_try_run_case+0x170/0x3f0 [ 23.862488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.862532] kthread+0x328/0x630 [ 23.862569] ret_from_fork+0x10/0x20 [ 23.862608] [ 23.862633] kfence-#102: 0x000000006ccf22b8-0x000000003be79e7c, size=32, cache=test [ 23.862633] [ 23.862685] allocated by task 313 on cpu 1 at 23.861962s (0.000719s ago): [ 23.862745] test_alloc+0x230/0x628 [ 23.862784] test_corruption+0x198/0x378 [ 23.862825] kunit_try_run_case+0x170/0x3f0 [ 23.862865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.862907] kthread+0x328/0x630 [ 23.862944] ret_from_fork+0x10/0x20 [ 23.862982] [ 23.863004] freed by task 313 on cpu 1 at 23.862023s (0.000978s ago): [ 23.863064] test_corruption+0x1d8/0x378 [ 23.863103] kunit_try_run_case+0x170/0x3f0 [ 23.863142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.863186] kthread+0x328/0x630 [ 23.863236] ret_from_fork+0x10/0x20 [ 23.863275] [ 23.863317] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.863390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.863419] Hardware name: linux,dummy-virt (DT) [ 23.863455] ================================================================== [ 23.550231] ================================================================== [ 23.550341] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 23.550341] [ 23.550409] Corrupted memory at 0x00000000ebe134e6 [ ! . . . . . . . . . . . . . . . ] (in kfence-#99): [ 23.551540] test_corruption+0x278/0x378 [ 23.551592] kunit_try_run_case+0x170/0x3f0 [ 23.551638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.551683] kthread+0x328/0x630 [ 23.551722] ret_from_fork+0x10/0x20 [ 23.551763] [ 23.551787] kfence-#99: 0x00000000346a2afe-0x000000001800d295, size=32, cache=kmalloc-32 [ 23.551787] [ 23.551844] allocated by task 311 on cpu 1 at 23.549926s (0.001914s ago): [ 23.551907] test_alloc+0x29c/0x628 [ 23.551948] test_corruption+0xdc/0x378 [ 23.551988] kunit_try_run_case+0x170/0x3f0 [ 23.552028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.552071] kthread+0x328/0x630 [ 23.552108] ret_from_fork+0x10/0x20 [ 23.552147] [ 23.552170] freed by task 311 on cpu 1 at 23.550034s (0.002132s ago): [ 23.552241] test_corruption+0x278/0x378 [ 23.552283] kunit_try_run_case+0x170/0x3f0 [ 23.552323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.552367] kthread+0x328/0x630 [ 23.552404] ret_from_fork+0x10/0x20 [ 23.552443] [ 23.552488] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.552563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.552594] Hardware name: linux,dummy-virt (DT) [ 23.552631] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 23.342106] ================================================================== [ 23.342215] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.342215] [ 23.342278] Invalid free of 0x00000000b136f8d1 (in kfence-#97): [ 23.342333] test_invalid_addr_free+0x1ac/0x238 [ 23.342382] kunit_try_run_case+0x170/0x3f0 [ 23.342430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.342474] kthread+0x328/0x630 [ 23.342514] ret_from_fork+0x10/0x20 [ 23.342555] [ 23.342581] kfence-#97: 0x00000000203f9164-0x0000000053a51a38, size=32, cache=kmalloc-32 [ 23.342581] [ 23.342636] allocated by task 307 on cpu 0 at 23.341950s (0.000683s ago): [ 23.342699] test_alloc+0x29c/0x628 [ 23.342739] test_invalid_addr_free+0xd4/0x238 [ 23.342781] kunit_try_run_case+0x170/0x3f0 [ 23.342821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.342866] kthread+0x328/0x630 [ 23.342901] ret_from_fork+0x10/0x20 [ 23.342941] [ 23.342987] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.343065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.343094] Hardware name: linux,dummy-virt (DT) [ 23.343130] ================================================================== [ 23.445998] ================================================================== [ 23.446092] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 23.446092] [ 23.446149] Invalid free of 0x0000000019856fb6 (in kfence-#98): [ 23.446217] test_invalid_addr_free+0xec/0x238 [ 23.446263] kunit_try_run_case+0x170/0x3f0 [ 23.446308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.446352] kthread+0x328/0x630 [ 23.446391] ret_from_fork+0x10/0x20 [ 23.446436] [ 23.446462] kfence-#98: 0x000000003147afd0-0x000000001feea3e1, size=32, cache=test [ 23.446462] [ 23.446514] allocated by task 309 on cpu 0 at 23.445881s (0.000630s ago): [ 23.446577] test_alloc+0x230/0x628 [ 23.446617] test_invalid_addr_free+0xd4/0x238 [ 23.446659] kunit_try_run_case+0x170/0x3f0 [ 23.446698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.446741] kthread+0x328/0x630 [ 23.446779] ret_from_fork+0x10/0x20 [ 23.446817] [ 23.446860] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.446936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.446965] Hardware name: linux,dummy-virt (DT) [ 23.446998] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 23.238164] ================================================================== [ 23.238274] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 23.238274] [ 23.238334] Invalid free of 0x000000006fe7b543 (in kfence-#96): [ 23.238390] test_double_free+0x100/0x238 [ 23.238438] kunit_try_run_case+0x170/0x3f0 [ 23.238481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.238525] kthread+0x328/0x630 [ 23.238563] ret_from_fork+0x10/0x20 [ 23.238602] [ 23.238625] kfence-#96: 0x000000006fe7b543-0x000000000b47d9eb, size=32, cache=test [ 23.238625] [ 23.238680] allocated by task 305 on cpu 1 at 23.237936s (0.000740s ago): [ 23.238741] test_alloc+0x230/0x628 [ 23.238783] test_double_free+0xd4/0x238 [ 23.238822] kunit_try_run_case+0x170/0x3f0 [ 23.238862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.238906] kthread+0x328/0x630 [ 23.238941] ret_from_fork+0x10/0x20 [ 23.238980] [ 23.239003] freed by task 305 on cpu 1 at 23.237999s (0.001000s ago): [ 23.239065] test_double_free+0xf0/0x238 [ 23.239106] kunit_try_run_case+0x170/0x3f0 [ 23.239146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.239189] kthread+0x328/0x630 [ 23.239237] ret_from_fork+0x10/0x20 [ 23.239277] [ 23.239319] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.239395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.239423] Hardware name: linux,dummy-virt (DT) [ 23.239458] ================================================================== [ 23.134266] ================================================================== [ 23.134385] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 23.134385] [ 23.134461] Invalid free of 0x000000002dab1826 (in kfence-#95): [ 23.134528] test_double_free+0x1bc/0x238 [ 23.134575] kunit_try_run_case+0x170/0x3f0 [ 23.134621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.134665] kthread+0x328/0x630 [ 23.134703] ret_from_fork+0x10/0x20 [ 23.134744] [ 23.134768] kfence-#95: 0x000000002dab1826-0x0000000048002fae, size=32, cache=kmalloc-32 [ 23.134768] [ 23.134822] allocated by task 303 on cpu 1 at 23.133931s (0.000887s ago): [ 23.134884] test_alloc+0x29c/0x628 [ 23.134924] test_double_free+0xd4/0x238 [ 23.134966] kunit_try_run_case+0x170/0x3f0 [ 23.135004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.135048] kthread+0x328/0x630 [ 23.135083] ret_from_fork+0x10/0x20 [ 23.135122] [ 23.135146] freed by task 303 on cpu 1 at 23.134005s (0.001137s ago): [ 23.135223] test_double_free+0x1ac/0x238 [ 23.135264] kunit_try_run_case+0x170/0x3f0 [ 23.135304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.135347] kthread+0x328/0x630 [ 23.135384] ret_from_fork+0x10/0x20 [ 23.135423] [ 23.135472] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.135551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.135580] Hardware name: linux,dummy-virt (DT) [ 23.135616] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 22.822693] ================================================================== [ 22.822788] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.822788] [ 22.822953] Use-after-free read at 0x00000000cc7f0e75 (in kfence-#92): [ 22.823006] test_use_after_free_read+0x114/0x248 [ 22.823327] kunit_try_run_case+0x170/0x3f0 [ 22.823468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.823557] kthread+0x328/0x630 [ 22.823602] ret_from_fork+0x10/0x20 [ 22.823696] [ 22.823724] kfence-#92: 0x00000000cc7f0e75-0x00000000c946a745, size=32, cache=test [ 22.823724] [ 22.823776] allocated by task 297 on cpu 0 at 22.822103s (0.001669s ago): [ 22.823845] test_alloc+0x230/0x628 [ 22.823885] test_use_after_free_read+0xd0/0x248 [ 22.823927] kunit_try_run_case+0x170/0x3f0 [ 22.823979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.824028] kthread+0x328/0x630 [ 22.824065] ret_from_fork+0x10/0x20 [ 22.824103] [ 22.824133] freed by task 297 on cpu 0 at 22.822162s (0.001967s ago): [ 22.824251] test_use_after_free_read+0xf0/0x248 [ 22.824553] kunit_try_run_case+0x170/0x3f0 [ 22.824621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.824667] kthread+0x328/0x630 [ 22.824702] ret_from_fork+0x10/0x20 [ 22.825330] [ 22.825499] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.825689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.825793] Hardware name: linux,dummy-virt (DT) [ 22.825859] ================================================================== [ 22.719189] ================================================================== [ 22.719726] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.719726] [ 22.720148] Use-after-free read at 0x00000000a579c59c (in kfence-#91): [ 22.720263] test_use_after_free_read+0x114/0x248 [ 22.720441] kunit_try_run_case+0x170/0x3f0 [ 22.720502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.720548] kthread+0x328/0x630 [ 22.720592] ret_from_fork+0x10/0x20 [ 22.720671] [ 22.720698] kfence-#91: 0x00000000a579c59c-0x0000000014bf1f98, size=32, cache=kmalloc-32 [ 22.720698] [ 22.720762] allocated by task 295 on cpu 0 at 22.718461s (0.002287s ago): [ 22.720831] test_alloc+0x29c/0x628 [ 22.720876] test_use_after_free_read+0xd0/0x248 [ 22.720927] kunit_try_run_case+0x170/0x3f0 [ 22.720967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.721010] kthread+0x328/0x630 [ 22.721046] ret_from_fork+0x10/0x20 [ 22.721097] [ 22.721247] freed by task 295 on cpu 0 at 22.718532s (0.002616s ago): [ 22.721361] test_use_after_free_read+0x1c0/0x248 [ 22.721406] kunit_try_run_case+0x170/0x3f0 [ 22.721446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.721489] kthread+0x328/0x630 [ 22.721524] ret_from_fork+0x10/0x20 [ 22.721574] [ 22.721639] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.721718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.721747] Hardware name: linux,dummy-virt (DT) [ 22.721788] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 22.408556] ================================================================== [ 22.409005] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.409005] [ 22.409117] Out-of-bounds write at 0x00000000a08f7212 (1B left of kfence-#88): [ 22.409186] test_out_of_bounds_write+0x100/0x240 [ 22.409705] kunit_try_run_case+0x170/0x3f0 [ 22.409884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.409940] kthread+0x328/0x630 [ 22.410099] ret_from_fork+0x10/0x20 [ 22.410339] [ 22.410464] kfence-#88: 0x00000000018c485d-0x0000000015e016ee, size=32, cache=kmalloc-32 [ 22.410464] [ 22.410589] allocated by task 291 on cpu 0 at 22.408285s (0.002283s ago): [ 22.410665] test_alloc+0x29c/0x628 [ 22.410867] test_out_of_bounds_write+0xc8/0x240 [ 22.410998] kunit_try_run_case+0x170/0x3f0 [ 22.411421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.411700] kthread+0x328/0x630 [ 22.411900] ret_from_fork+0x10/0x20 [ 22.411945] [ 22.412018] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.412111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.412150] Hardware name: linux,dummy-virt (DT) [ 22.412486] ================================================================== [ 22.614769] ================================================================== [ 22.614972] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.614972] [ 22.615082] Out-of-bounds write at 0x000000000370769b (1B left of kfence-#90): [ 22.615268] test_out_of_bounds_write+0x100/0x240 [ 22.615324] kunit_try_run_case+0x170/0x3f0 [ 22.615388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.615441] kthread+0x328/0x630 [ 22.615715] ret_from_fork+0x10/0x20 [ 22.615785] [ 22.616003] kfence-#90: 0x000000004b2dc6de-0x000000008c8ca243, size=32, cache=test [ 22.616003] [ 22.616225] allocated by task 293 on cpu 0 at 22.614386s (0.001799s ago): [ 22.616314] test_alloc+0x230/0x628 [ 22.616438] test_out_of_bounds_write+0xc8/0x240 [ 22.616505] kunit_try_run_case+0x170/0x3f0 [ 22.616562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.616684] kthread+0x328/0x630 [ 22.616725] ret_from_fork+0x10/0x20 [ 22.616771] [ 22.617073] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.617155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.617239] Hardware name: linux,dummy-virt (DT) [ 22.617305] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.576465] ================================================================== [ 21.576585] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.576585] [ 21.576713] Out-of-bounds read at 0x000000000c334124 (1B left of kfence-#80): [ 21.576939] test_out_of_bounds_read+0x114/0x3e0 [ 21.576994] kunit_try_run_case+0x170/0x3f0 [ 21.577037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.577081] kthread+0x328/0x630 [ 21.577119] ret_from_fork+0x10/0x20 [ 21.577166] [ 21.577335] kfence-#80: 0x000000001a821520-0x00000000e64525eb, size=32, cache=kmalloc-32 [ 21.577335] [ 21.577539] allocated by task 287 on cpu 0 at 21.575478s (0.001966s ago): [ 21.578310] test_alloc+0x29c/0x628 [ 21.578443] test_out_of_bounds_read+0xdc/0x3e0 [ 21.578503] kunit_try_run_case+0x170/0x3f0 [ 21.578544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.578596] kthread+0x328/0x630 [ 21.578631] ret_from_fork+0x10/0x20 [ 21.578737] [ 21.578813] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.579098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.579253] Hardware name: linux,dummy-virt (DT) [ 21.579297] ================================================================== [ 21.782883] ================================================================== [ 21.782961] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.782961] [ 21.783340] Out-of-bounds read at 0x0000000013ded4d6 (32B right of kfence-#82): [ 21.783410] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.783749] kunit_try_run_case+0x170/0x3f0 [ 21.783818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.783865] kthread+0x328/0x630 [ 21.783953] ret_from_fork+0x10/0x20 [ 21.783998] [ 21.784023] kfence-#82: 0x00000000b507ae0b-0x00000000f6ddfe90, size=32, cache=kmalloc-32 [ 21.784023] [ 21.784376] allocated by task 287 on cpu 0 at 21.781966s (0.002401s ago): [ 21.784506] test_alloc+0x29c/0x628 [ 21.784559] test_out_of_bounds_read+0x198/0x3e0 [ 21.784603] kunit_try_run_case+0x170/0x3f0 [ 21.784643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.784686] kthread+0x328/0x630 [ 21.784724] ret_from_fork+0x10/0x20 [ 21.785030] [ 21.785093] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.785173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.785302] Hardware name: linux,dummy-virt (DT) [ 21.785338] ================================================================== [ 22.094716] ================================================================== [ 22.094807] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.094807] [ 22.095028] Out-of-bounds read at 0x00000000e10658c7 (1B left of kfence-#85): [ 22.095110] test_out_of_bounds_read+0x114/0x3e0 [ 22.095168] kunit_try_run_case+0x170/0x3f0 [ 22.095475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.095545] kthread+0x328/0x630 [ 22.095629] ret_from_fork+0x10/0x20 [ 22.095677] [ 22.095701] kfence-#85: 0x00000000f5e64d2f-0x00000000c4a76640, size=32, cache=test [ 22.095701] [ 22.096010] allocated by task 289 on cpu 0 at 22.094587s (0.001413s ago): [ 22.096161] test_alloc+0x230/0x628 [ 22.096561] test_out_of_bounds_read+0xdc/0x3e0 [ 22.096664] kunit_try_run_case+0x170/0x3f0 [ 22.096728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.097036] kthread+0x328/0x630 [ 22.097163] ret_from_fork+0x10/0x20 [ 22.097226] [ 22.097431] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.097928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.097965] Hardware name: linux,dummy-virt (DT) [ 22.098297] ================================================================== [ 22.302360] ================================================================== [ 22.302447] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.302447] [ 22.302837] Out-of-bounds read at 0x00000000d7f785ee (32B right of kfence-#87): [ 22.302918] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.302969] kunit_try_run_case+0x170/0x3f0 [ 22.303589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.303688] kthread+0x328/0x630 [ 22.303731] ret_from_fork+0x10/0x20 [ 22.303818] [ 22.304122] kfence-#87: 0x00000000bc609841-0x00000000ab883a54, size=32, cache=test [ 22.304122] [ 22.304275] allocated by task 289 on cpu 0 at 22.302276s (0.001908s ago): [ 22.304398] test_alloc+0x230/0x628 [ 22.304515] test_out_of_bounds_read+0x198/0x3e0 [ 22.304560] kunit_try_run_case+0x170/0x3f0 [ 22.304626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.304678] kthread+0x328/0x630 [ 22.304716] ret_from_fork+0x10/0x20 [ 22.304995] [ 22.305055] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.305206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.305244] Hardware name: linux,dummy-virt (DT) [ 22.305287] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 21.385308] ================================================================== [ 21.385361] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 21.385419] Write of size 121 at addr fff00000c5709400 by task kunit_try_catch/285 [ 21.386481] [ 21.386520] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.386902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.386933] Hardware name: linux,dummy-virt (DT) [ 21.387472] Call trace: [ 21.387512] show_stack+0x20/0x38 (C) [ 21.387568] dump_stack_lvl+0x8c/0xd0 [ 21.387625] print_report+0x118/0x608 [ 21.387674] kasan_report+0xdc/0x128 [ 21.387721] kasan_check_range+0x100/0x1a8 [ 21.387772] __kasan_check_write+0x20/0x30 [ 21.387819] strncpy_from_user+0x3c/0x2a0 [ 21.387868] copy_user_test_oob+0x5c0/0xec8 [ 21.387920] kunit_try_run_case+0x170/0x3f0 [ 21.387970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.388025] kthread+0x328/0x630 [ 21.388070] ret_from_fork+0x10/0x20 [ 21.388120] [ 21.388140] Allocated by task 285: [ 21.388169] kasan_save_stack+0x3c/0x68 [ 21.388564] kasan_save_track+0x20/0x40 [ 21.389544] kasan_save_alloc_info+0x40/0x58 [ 21.389601] __kasan_kmalloc+0xd4/0xd8 [ 21.389640] __kmalloc_noprof+0x198/0x4c8 [ 21.389680] kunit_kmalloc_array+0x34/0x88 [ 21.389720] copy_user_test_oob+0xac/0xec8 [ 21.389759] kunit_try_run_case+0x170/0x3f0 [ 21.389800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.389843] kthread+0x328/0x630 [ 21.389878] ret_from_fork+0x10/0x20 [ 21.389914] [ 21.389937] The buggy address belongs to the object at fff00000c5709400 [ 21.389937] which belongs to the cache kmalloc-128 of size 128 [ 21.389995] The buggy address is located 0 bytes inside of [ 21.389995] allocated 120-byte region [fff00000c5709400, fff00000c5709478) [ 21.390060] [ 21.390081] The buggy address belongs to the physical page: [ 21.390112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.390166] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.390294] page_type: f5(slab) [ 21.390348] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.390474] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.390536] page dumped because: kasan: bad access detected [ 21.390579] [ 21.390608] Memory state around the buggy address: [ 21.390645] fff00000c5709300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.390711] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.390757] >fff00000c5709400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.390797] ^ [ 21.390864] fff00000c5709480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.390910] fff00000c5709500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.390955] ================================================================== [ 21.392709] ================================================================== [ 21.392805] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 21.393057] Write of size 1 at addr fff00000c5709478 by task kunit_try_catch/285 [ 21.393215] [ 21.393272] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.393598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.393671] Hardware name: linux,dummy-virt (DT) [ 21.393734] Call trace: [ 21.393822] show_stack+0x20/0x38 (C) [ 21.393927] dump_stack_lvl+0x8c/0xd0 [ 21.394139] print_report+0x118/0x608 [ 21.394308] kasan_report+0xdc/0x128 [ 21.394480] __asan_report_store1_noabort+0x20/0x30 [ 21.394599] strncpy_from_user+0x270/0x2a0 [ 21.394737] copy_user_test_oob+0x5c0/0xec8 [ 21.394825] kunit_try_run_case+0x170/0x3f0 [ 21.394976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.395036] kthread+0x328/0x630 [ 21.395327] ret_from_fork+0x10/0x20 [ 21.395483] [ 21.395551] Allocated by task 285: [ 21.395641] kasan_save_stack+0x3c/0x68 [ 21.395698] kasan_save_track+0x20/0x40 [ 21.395752] kasan_save_alloc_info+0x40/0x58 [ 21.395795] __kasan_kmalloc+0xd4/0xd8 [ 21.395844] __kmalloc_noprof+0x198/0x4c8 [ 21.395884] kunit_kmalloc_array+0x34/0x88 [ 21.395933] copy_user_test_oob+0xac/0xec8 [ 21.395975] kunit_try_run_case+0x170/0x3f0 [ 21.396017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.396061] kthread+0x328/0x630 [ 21.396104] ret_from_fork+0x10/0x20 [ 21.396140] [ 21.396171] The buggy address belongs to the object at fff00000c5709400 [ 21.396171] which belongs to the cache kmalloc-128 of size 128 [ 21.396479] The buggy address is located 0 bytes to the right of [ 21.396479] allocated 120-byte region [fff00000c5709400, fff00000c5709478) [ 21.396702] [ 21.396763] The buggy address belongs to the physical page: [ 21.396900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.397032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.397268] page_type: f5(slab) [ 21.397385] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.397468] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.397518] page dumped because: kasan: bad access detected [ 21.397555] [ 21.397575] Memory state around the buggy address: [ 21.397789] fff00000c5709300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.397933] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.398095] >fff00000c5709400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.398365] ^ [ 21.398563] fff00000c5709480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.398667] fff00000c5709500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.398707] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 21.302031] ================================================================== [ 21.302165] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 21.302660] Write of size 121 at addr fff00000c5709400 by task kunit_try_catch/285 [ 21.303086] [ 21.303269] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.304112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.304297] Hardware name: linux,dummy-virt (DT) [ 21.304348] Call trace: [ 21.304948] show_stack+0x20/0x38 (C) [ 21.305366] dump_stack_lvl+0x8c/0xd0 [ 21.305608] print_report+0x118/0x608 [ 21.305845] kasan_report+0xdc/0x128 [ 21.305977] kasan_check_range+0x100/0x1a8 [ 21.306066] __kasan_check_write+0x20/0x30 [ 21.306384] copy_user_test_oob+0x234/0xec8 [ 21.306936] kunit_try_run_case+0x170/0x3f0 [ 21.307065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.307328] kthread+0x328/0x630 [ 21.307422] ret_from_fork+0x10/0x20 [ 21.307788] [ 21.307817] Allocated by task 285: [ 21.308484] kasan_save_stack+0x3c/0x68 [ 21.308621] kasan_save_track+0x20/0x40 [ 21.308786] kasan_save_alloc_info+0x40/0x58 [ 21.308971] __kasan_kmalloc+0xd4/0xd8 [ 21.309245] __kmalloc_noprof+0x198/0x4c8 [ 21.309623] kunit_kmalloc_array+0x34/0x88 [ 21.309883] copy_user_test_oob+0xac/0xec8 [ 21.310014] kunit_try_run_case+0x170/0x3f0 [ 21.310334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.310549] kthread+0x328/0x630 [ 21.310604] ret_from_fork+0x10/0x20 [ 21.310770] [ 21.310955] The buggy address belongs to the object at fff00000c5709400 [ 21.310955] which belongs to the cache kmalloc-128 of size 128 [ 21.311211] The buggy address is located 0 bytes inside of [ 21.311211] allocated 120-byte region [fff00000c5709400, fff00000c5709478) [ 21.311463] [ 21.311753] The buggy address belongs to the physical page: [ 21.311817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.312255] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.313103] page_type: f5(slab) [ 21.313295] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.313393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.313502] page dumped because: kasan: bad access detected [ 21.313707] [ 21.313779] Memory state around the buggy address: [ 21.313975] fff00000c5709300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.314036] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.314091] >fff00000c5709400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.314132] ^ [ 21.314608] fff00000c5709480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.314761] fff00000c5709500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.314877] ================================================================== [ 21.356453] ================================================================== [ 21.356521] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 21.356641] Read of size 121 at addr fff00000c5709400 by task kunit_try_catch/285 [ 21.356698] [ 21.356731] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.356819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.356847] Hardware name: linux,dummy-virt (DT) [ 21.357113] Call trace: [ 21.357153] show_stack+0x20/0x38 (C) [ 21.357216] dump_stack_lvl+0x8c/0xd0 [ 21.357265] print_report+0x118/0x608 [ 21.357314] kasan_report+0xdc/0x128 [ 21.357437] kasan_check_range+0x100/0x1a8 [ 21.358327] __kasan_check_read+0x20/0x30 [ 21.358467] copy_user_test_oob+0x3c8/0xec8 [ 21.358543] kunit_try_run_case+0x170/0x3f0 [ 21.359183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.359389] kthread+0x328/0x630 [ 21.359508] ret_from_fork+0x10/0x20 [ 21.359681] [ 21.359780] Allocated by task 285: [ 21.359864] kasan_save_stack+0x3c/0x68 [ 21.360221] kasan_save_track+0x20/0x40 [ 21.360529] kasan_save_alloc_info+0x40/0x58 [ 21.361070] __kasan_kmalloc+0xd4/0xd8 [ 21.361248] __kmalloc_noprof+0x198/0x4c8 [ 21.361370] kunit_kmalloc_array+0x34/0x88 [ 21.361475] copy_user_test_oob+0xac/0xec8 [ 21.361689] kunit_try_run_case+0x170/0x3f0 [ 21.361765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.362069] kthread+0x328/0x630 [ 21.362446] ret_from_fork+0x10/0x20 [ 21.362570] [ 21.362598] The buggy address belongs to the object at fff00000c5709400 [ 21.362598] which belongs to the cache kmalloc-128 of size 128 [ 21.363246] The buggy address is located 0 bytes inside of [ 21.363246] allocated 120-byte region [fff00000c5709400, fff00000c5709478) [ 21.363352] [ 21.363442] The buggy address belongs to the physical page: [ 21.363560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.363621] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.363670] page_type: f5(slab) [ 21.363709] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.363762] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.363805] page dumped because: kasan: bad access detected [ 21.363849] [ 21.363880] Memory state around the buggy address: [ 21.363915] fff00000c5709300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.363967] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.364011] >fff00000c5709400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.364059] ^ [ 21.364111] fff00000c5709480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.364157] fff00000c5709500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.364218] ================================================================== [ 21.346990] ================================================================== [ 21.347061] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 21.347119] Write of size 121 at addr fff00000c5709400 by task kunit_try_catch/285 [ 21.347627] [ 21.347683] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.348109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.348176] Hardware name: linux,dummy-virt (DT) [ 21.348298] Call trace: [ 21.348325] show_stack+0x20/0x38 (C) [ 21.348379] dump_stack_lvl+0x8c/0xd0 [ 21.348476] print_report+0x118/0x608 [ 21.348530] kasan_report+0xdc/0x128 [ 21.348860] kasan_check_range+0x100/0x1a8 [ 21.348989] __kasan_check_write+0x20/0x30 [ 21.349042] copy_user_test_oob+0x35c/0xec8 [ 21.349089] kunit_try_run_case+0x170/0x3f0 [ 21.349181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.349251] kthread+0x328/0x630 [ 21.349305] ret_from_fork+0x10/0x20 [ 21.349355] [ 21.349378] Allocated by task 285: [ 21.349417] kasan_save_stack+0x3c/0x68 [ 21.349471] kasan_save_track+0x20/0x40 [ 21.350322] kasan_save_alloc_info+0x40/0x58 [ 21.350539] __kasan_kmalloc+0xd4/0xd8 [ 21.350597] __kmalloc_noprof+0x198/0x4c8 [ 21.350662] kunit_kmalloc_array+0x34/0x88 [ 21.351009] copy_user_test_oob+0xac/0xec8 [ 21.351127] kunit_try_run_case+0x170/0x3f0 [ 21.351280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.351419] kthread+0x328/0x630 [ 21.351468] ret_from_fork+0x10/0x20 [ 21.351772] [ 21.351830] The buggy address belongs to the object at fff00000c5709400 [ 21.351830] which belongs to the cache kmalloc-128 of size 128 [ 21.351989] The buggy address is located 0 bytes inside of [ 21.351989] allocated 120-byte region [fff00000c5709400, fff00000c5709478) [ 21.352150] [ 21.352308] The buggy address belongs to the physical page: [ 21.352358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.352439] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.352780] page_type: f5(slab) [ 21.352858] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.353154] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.353293] page dumped because: kasan: bad access detected [ 21.353511] [ 21.353561] Memory state around the buggy address: [ 21.353618] fff00000c5709300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.353684] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.354065] >fff00000c5709400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.354362] ^ [ 21.354437] fff00000c5709480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.354496] fff00000c5709500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.354537] ================================================================== [ 21.379586] ================================================================== [ 21.379653] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 21.379720] Read of size 121 at addr fff00000c5709400 by task kunit_try_catch/285 [ 21.380233] [ 21.380276] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.380505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.380703] Hardware name: linux,dummy-virt (DT) [ 21.380940] Call trace: [ 21.381426] show_stack+0x20/0x38 (C) [ 21.381543] dump_stack_lvl+0x8c/0xd0 [ 21.381595] print_report+0x118/0x608 [ 21.381643] kasan_report+0xdc/0x128 [ 21.381692] kasan_check_range+0x100/0x1a8 [ 21.381741] __kasan_check_read+0x20/0x30 [ 21.382214] copy_user_test_oob+0x4a0/0xec8 [ 21.382275] kunit_try_run_case+0x170/0x3f0 [ 21.382326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.382379] kthread+0x328/0x630 [ 21.382430] ret_from_fork+0x10/0x20 [ 21.382480] [ 21.382502] Allocated by task 285: [ 21.382531] kasan_save_stack+0x3c/0x68 [ 21.382574] kasan_save_track+0x20/0x40 [ 21.382612] kasan_save_alloc_info+0x40/0x58 [ 21.382655] __kasan_kmalloc+0xd4/0xd8 [ 21.382692] __kmalloc_noprof+0x198/0x4c8 [ 21.382733] kunit_kmalloc_array+0x34/0x88 [ 21.382770] copy_user_test_oob+0xac/0xec8 [ 21.382810] kunit_try_run_case+0x170/0x3f0 [ 21.382850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.382895] kthread+0x328/0x630 [ 21.382928] ret_from_fork+0x10/0x20 [ 21.382964] [ 21.382986] The buggy address belongs to the object at fff00000c5709400 [ 21.382986] which belongs to the cache kmalloc-128 of size 128 [ 21.383043] The buggy address is located 0 bytes inside of [ 21.383043] allocated 120-byte region [fff00000c5709400, fff00000c5709478) [ 21.383105] [ 21.383127] The buggy address belongs to the physical page: [ 21.383160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.383220] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.383269] page_type: f5(slab) [ 21.383306] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.383359] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.383401] page dumped because: kasan: bad access detected [ 21.383434] [ 21.383455] Memory state around the buggy address: [ 21.383490] fff00000c5709300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.383539] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.383583] >fff00000c5709400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.383624] ^ [ 21.383668] fff00000c5709480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.383712] fff00000c5709500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.383753] ================================================================== [ 21.321094] ================================================================== [ 21.321152] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 21.321969] Read of size 121 at addr fff00000c5709400 by task kunit_try_catch/285 [ 21.322048] [ 21.322633] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.322928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.323009] Hardware name: linux,dummy-virt (DT) [ 21.323360] Call trace: [ 21.323426] show_stack+0x20/0x38 (C) [ 21.323579] dump_stack_lvl+0x8c/0xd0 [ 21.323940] print_report+0x118/0x608 [ 21.324048] kasan_report+0xdc/0x128 [ 21.324226] kasan_check_range+0x100/0x1a8 [ 21.324414] __kasan_check_read+0x20/0x30 [ 21.324602] copy_user_test_oob+0x728/0xec8 [ 21.324991] kunit_try_run_case+0x170/0x3f0 [ 21.325084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.325332] kthread+0x328/0x630 [ 21.325498] ret_from_fork+0x10/0x20 [ 21.325554] [ 21.325971] Allocated by task 285: [ 21.326162] kasan_save_stack+0x3c/0x68 [ 21.326363] kasan_save_track+0x20/0x40 [ 21.326794] kasan_save_alloc_info+0x40/0x58 [ 21.326940] __kasan_kmalloc+0xd4/0xd8 [ 21.327231] __kmalloc_noprof+0x198/0x4c8 [ 21.327409] kunit_kmalloc_array+0x34/0x88 [ 21.327725] copy_user_test_oob+0xac/0xec8 [ 21.328183] kunit_try_run_case+0x170/0x3f0 [ 21.328502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.328581] kthread+0x328/0x630 [ 21.329388] ret_from_fork+0x10/0x20 [ 21.329953] [ 21.330059] The buggy address belongs to the object at fff00000c5709400 [ 21.330059] which belongs to the cache kmalloc-128 of size 128 [ 21.330310] The buggy address is located 0 bytes inside of [ 21.330310] allocated 120-byte region [fff00000c5709400, fff00000c5709478) [ 21.330506] [ 21.330612] The buggy address belongs to the physical page: [ 21.330654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.331216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.331278] page_type: f5(slab) [ 21.331827] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.331889] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.332217] page dumped because: kasan: bad access detected [ 21.332514] [ 21.332654] Memory state around the buggy address: [ 21.332721] fff00000c5709300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.333334] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.333511] >fff00000c5709400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.333745] ^ [ 21.334057] fff00000c5709480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.334227] fff00000c5709500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.334398] ================================================================== [ 21.367460] ================================================================== [ 21.367523] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 21.367650] Write of size 121 at addr fff00000c5709400 by task kunit_try_catch/285 [ 21.367710] [ 21.367741] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.368009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.368043] Hardware name: linux,dummy-virt (DT) [ 21.368273] Call trace: [ 21.368458] show_stack+0x20/0x38 (C) [ 21.368574] dump_stack_lvl+0x8c/0xd0 [ 21.369083] print_report+0x118/0x608 [ 21.369273] kasan_report+0xdc/0x128 [ 21.369612] kasan_check_range+0x100/0x1a8 [ 21.369699] __kasan_check_write+0x20/0x30 [ 21.369874] copy_user_test_oob+0x434/0xec8 [ 21.370058] kunit_try_run_case+0x170/0x3f0 [ 21.370115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.370345] kthread+0x328/0x630 [ 21.370508] ret_from_fork+0x10/0x20 [ 21.370956] [ 21.371153] Allocated by task 285: [ 21.371245] kasan_save_stack+0x3c/0x68 [ 21.371296] kasan_save_track+0x20/0x40 [ 21.371881] kasan_save_alloc_info+0x40/0x58 [ 21.372129] __kasan_kmalloc+0xd4/0xd8 [ 21.372217] __kmalloc_noprof+0x198/0x4c8 [ 21.372443] kunit_kmalloc_array+0x34/0x88 [ 21.372502] copy_user_test_oob+0xac/0xec8 [ 21.372543] kunit_try_run_case+0x170/0x3f0 [ 21.372905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.373113] kthread+0x328/0x630 [ 21.373234] ret_from_fork+0x10/0x20 [ 21.373384] [ 21.373411] The buggy address belongs to the object at fff00000c5709400 [ 21.373411] which belongs to the cache kmalloc-128 of size 128 [ 21.373869] The buggy address is located 0 bytes inside of [ 21.373869] allocated 120-byte region [fff00000c5709400, fff00000c5709478) [ 21.373948] [ 21.374078] The buggy address belongs to the physical page: [ 21.374114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.374792] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.374862] page_type: f5(slab) [ 21.375384] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.375530] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.375789] page dumped because: kasan: bad access detected [ 21.375862] [ 21.375918] Memory state around the buggy address: [ 21.375980] fff00000c5709300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.376291] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.376366] >fff00000c5709400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.376409] ^ [ 21.376453] fff00000c5709480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.376497] fff00000c5709500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.376707] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.268271] ================================================================== [ 21.268325] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 21.268379] Write of size 8 at addr fff00000c5709378 by task kunit_try_catch/281 [ 21.268528] [ 21.268768] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.268871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.269110] Hardware name: linux,dummy-virt (DT) [ 21.269189] Call trace: [ 21.269225] show_stack+0x20/0x38 (C) [ 21.269315] dump_stack_lvl+0x8c/0xd0 [ 21.269436] print_report+0x118/0x608 [ 21.269517] kasan_report+0xdc/0x128 [ 21.269596] kasan_check_range+0x100/0x1a8 [ 21.269657] __kasan_check_write+0x20/0x30 [ 21.269927] copy_to_kernel_nofault+0x8c/0x250 [ 21.270203] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 21.270305] kunit_try_run_case+0x170/0x3f0 [ 21.270365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.270434] kthread+0x328/0x630 [ 21.270501] ret_from_fork+0x10/0x20 [ 21.270568] [ 21.270603] Allocated by task 281: [ 21.270650] kasan_save_stack+0x3c/0x68 [ 21.270700] kasan_save_track+0x20/0x40 [ 21.270748] kasan_save_alloc_info+0x40/0x58 [ 21.270790] __kasan_kmalloc+0xd4/0xd8 [ 21.270837] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.270878] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.270926] kunit_try_run_case+0x170/0x3f0 [ 21.270989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.271036] kthread+0x328/0x630 [ 21.271069] ret_from_fork+0x10/0x20 [ 21.271118] [ 21.271148] The buggy address belongs to the object at fff00000c5709300 [ 21.271148] which belongs to the cache kmalloc-128 of size 128 [ 21.271217] The buggy address is located 0 bytes to the right of [ 21.271217] allocated 120-byte region [fff00000c5709300, fff00000c5709378) [ 21.271281] [ 21.271356] The buggy address belongs to the physical page: [ 21.271753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.271871] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.272014] page_type: f5(slab) [ 21.272139] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.272330] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.272439] page dumped because: kasan: bad access detected [ 21.272492] [ 21.272512] Memory state around the buggy address: [ 21.272547] fff00000c5709200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.272827] fff00000c5709280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.272959] >fff00000c5709300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.273071] ^ [ 21.273317] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.273502] fff00000c5709400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.273548] ================================================================== [ 21.259947] ================================================================== [ 21.260092] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 21.260259] Read of size 8 at addr fff00000c5709378 by task kunit_try_catch/281 [ 21.260313] [ 21.260348] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.260433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.260461] Hardware name: linux,dummy-virt (DT) [ 21.260495] Call trace: [ 21.260536] show_stack+0x20/0x38 (C) [ 21.260588] dump_stack_lvl+0x8c/0xd0 [ 21.260636] print_report+0x118/0x608 [ 21.260771] kasan_report+0xdc/0x128 [ 21.260820] __asan_report_load8_noabort+0x20/0x30 [ 21.260868] copy_to_kernel_nofault+0x204/0x250 [ 21.260920] copy_to_kernel_nofault_oob+0x158/0x418 [ 21.261109] kunit_try_run_case+0x170/0x3f0 [ 21.261263] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.261325] kthread+0x328/0x630 [ 21.261369] ret_from_fork+0x10/0x20 [ 21.261707] [ 21.261876] Allocated by task 281: [ 21.261994] kasan_save_stack+0x3c/0x68 [ 21.262058] kasan_save_track+0x20/0x40 [ 21.262100] kasan_save_alloc_info+0x40/0x58 [ 21.262141] __kasan_kmalloc+0xd4/0xd8 [ 21.262578] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.262692] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.263015] kunit_try_run_case+0x170/0x3f0 [ 21.263387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.263457] kthread+0x328/0x630 [ 21.263515] ret_from_fork+0x10/0x20 [ 21.263780] [ 21.263956] The buggy address belongs to the object at fff00000c5709300 [ 21.263956] which belongs to the cache kmalloc-128 of size 128 [ 21.264394] The buggy address is located 0 bytes to the right of [ 21.264394] allocated 120-byte region [fff00000c5709300, fff00000c5709378) [ 21.264535] [ 21.264655] The buggy address belongs to the physical page: [ 21.264690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 21.264758] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.265326] page_type: f5(slab) [ 21.265487] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.265803] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.265973] page dumped because: kasan: bad access detected [ 21.266013] [ 21.266033] Memory state around the buggy address: [ 21.266097] fff00000c5709200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.266145] fff00000c5709280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.266511] >fff00000c5709300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.266626] ^ [ 21.266883] fff00000c5709380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.267056] fff00000c5709400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.267100] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 21.224007] ================================================================== [ 21.224062] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 21.224267] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 21.224487] [ 21.224741] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.224846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.224875] Hardware name: linux,dummy-virt (DT) [ 21.224993] Call trace: [ 21.225019] show_stack+0x20/0x38 (C) [ 21.225126] dump_stack_lvl+0x8c/0xd0 [ 21.225174] print_report+0x310/0x608 [ 21.225233] kasan_report+0xdc/0x128 [ 21.225427] __asan_report_load1_noabort+0x20/0x30 [ 21.225532] vmalloc_oob+0x51c/0x5d0 [ 21.225913] kunit_try_run_case+0x170/0x3f0 [ 21.225987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.226042] kthread+0x328/0x630 [ 21.226086] ret_from_fork+0x10/0x20 [ 21.226334] [ 21.226447] The buggy address belongs to the virtual mapping at [ 21.226447] [ffff8000800fe000, ffff800080100000) created by: [ 21.226447] vmalloc_oob+0x98/0x5d0 [ 21.226565] [ 21.226654] The buggy address belongs to the physical page: [ 21.226930] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d0 [ 21.227119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.227316] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.227405] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.227495] page dumped because: kasan: bad access detected [ 21.227579] [ 21.227601] Memory state around the buggy address: [ 21.227634] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.227679] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.228122] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.228407] ^ [ 21.228463] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.228510] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.228572] ================================================================== [ 21.219117] ================================================================== [ 21.219356] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 21.219609] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 21.219722] [ 21.219804] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.219887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.219915] Hardware name: linux,dummy-virt (DT) [ 21.219949] Call trace: [ 21.219976] show_stack+0x20/0x38 (C) [ 21.220027] dump_stack_lvl+0x8c/0xd0 [ 21.220153] print_report+0x310/0x608 [ 21.220214] kasan_report+0xdc/0x128 [ 21.220262] __asan_report_load1_noabort+0x20/0x30 [ 21.220461] vmalloc_oob+0x578/0x5d0 [ 21.220593] kunit_try_run_case+0x170/0x3f0 [ 21.220656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.220760] kthread+0x328/0x630 [ 21.220804] ret_from_fork+0x10/0x20 [ 21.220896] [ 21.220937] The buggy address belongs to the virtual mapping at [ 21.220937] [ffff8000800fe000, ffff800080100000) created by: [ 21.220937] vmalloc_oob+0x98/0x5d0 [ 21.221068] [ 21.221092] The buggy address belongs to the physical page: [ 21.221126] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d0 [ 21.221206] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.221307] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.221357] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.221612] page dumped because: kasan: bad access detected [ 21.222263] [ 21.222321] Memory state around the buggy address: [ 21.222399] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.222684] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.222797] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.222862] ^ [ 21.222906] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.222952] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.222993] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 21.012307] ================================================================== [ 21.012582] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 21.012651] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.012702] [ 21.012743] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.012823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.013407] Hardware name: linux,dummy-virt (DT) [ 21.013505] Call trace: [ 21.013689] show_stack+0x20/0x38 (C) [ 21.013747] dump_stack_lvl+0x8c/0xd0 [ 21.013796] print_report+0x118/0x608 [ 21.013843] kasan_report+0xdc/0x128 [ 21.014063] __asan_report_store8_noabort+0x20/0x30 [ 21.014446] kasan_atomics_helper+0x3e5c/0x4858 [ 21.014642] kasan_atomics+0x198/0x2e0 [ 21.014693] kunit_try_run_case+0x170/0x3f0 [ 21.014753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.014833] kthread+0x328/0x630 [ 21.014875] ret_from_fork+0x10/0x20 [ 21.014932] [ 21.014955] Allocated by task 265: [ 21.014984] kasan_save_stack+0x3c/0x68 [ 21.015036] kasan_save_track+0x20/0x40 [ 21.015077] kasan_save_alloc_info+0x40/0x58 [ 21.015118] __kasan_kmalloc+0xd4/0xd8 [ 21.015165] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.015217] kasan_atomics+0xb8/0x2e0 [ 21.015254] kunit_try_run_case+0x170/0x3f0 [ 21.015296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.015353] kthread+0x328/0x630 [ 21.015397] ret_from_fork+0x10/0x20 [ 21.015435] [ 21.015455] The buggy address belongs to the object at fff00000c56d1100 [ 21.015455] which belongs to the cache kmalloc-64 of size 64 [ 21.015514] The buggy address is located 0 bytes to the right of [ 21.015514] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.015579] [ 21.015609] The buggy address belongs to the physical page: [ 21.015658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.015711] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.015761] page_type: f5(slab) [ 21.015809] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.015871] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.015918] page dumped because: kasan: bad access detected [ 21.015954] [ 21.015973] Memory state around the buggy address: [ 21.016007] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.016052] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.016096] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.016136] ^ [ 21.016178] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.016616] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.017022] ================================================================== [ 21.155301] ================================================================== [ 21.155438] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 21.155497] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.155550] [ 21.155581] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.155661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.155716] Hardware name: linux,dummy-virt (DT) [ 21.155749] Call trace: [ 21.155774] show_stack+0x20/0x38 (C) [ 21.155846] dump_stack_lvl+0x8c/0xd0 [ 21.155895] print_report+0x118/0x608 [ 21.155942] kasan_report+0xdc/0x128 [ 21.155989] kasan_check_range+0x100/0x1a8 [ 21.156153] __kasan_check_write+0x20/0x30 [ 21.156255] kasan_atomics_helper+0x15b4/0x4858 [ 21.156308] kasan_atomics+0x198/0x2e0 [ 21.156410] kunit_try_run_case+0x170/0x3f0 [ 21.156477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.156558] kthread+0x328/0x630 [ 21.156785] ret_from_fork+0x10/0x20 [ 21.156988] [ 21.157015] Allocated by task 265: [ 21.157084] kasan_save_stack+0x3c/0x68 [ 21.157207] kasan_save_track+0x20/0x40 [ 21.157284] kasan_save_alloc_info+0x40/0x58 [ 21.157328] __kasan_kmalloc+0xd4/0xd8 [ 21.157367] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.157407] kasan_atomics+0xb8/0x2e0 [ 21.157445] kunit_try_run_case+0x170/0x3f0 [ 21.157515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.157561] kthread+0x328/0x630 [ 21.157830] ret_from_fork+0x10/0x20 [ 21.157906] [ 21.158177] The buggy address belongs to the object at fff00000c56d1100 [ 21.158177] which belongs to the cache kmalloc-64 of size 64 [ 21.158401] The buggy address is located 0 bytes to the right of [ 21.158401] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.158603] [ 21.158660] The buggy address belongs to the physical page: [ 21.158788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.158894] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.158982] page_type: f5(slab) [ 21.159101] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.159164] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.159217] page dumped because: kasan: bad access detected [ 21.159270] [ 21.159290] Memory state around the buggy address: [ 21.159324] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.159378] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.159423] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.159465] ^ [ 21.159498] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.159542] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.159590] ================================================================== [ 21.200639] ================================================================== [ 21.200826] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 21.201066] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.201156] [ 21.201203] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.201399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.201822] Hardware name: linux,dummy-virt (DT) [ 21.201897] Call trace: [ 21.201944] show_stack+0x20/0x38 (C) [ 21.202005] dump_stack_lvl+0x8c/0xd0 [ 21.202055] print_report+0x118/0x608 [ 21.202103] kasan_report+0xdc/0x128 [ 21.202161] kasan_check_range+0x100/0x1a8 [ 21.202219] __kasan_check_write+0x20/0x30 [ 21.202266] kasan_atomics_helper+0x17ec/0x4858 [ 21.202315] kasan_atomics+0x198/0x2e0 [ 21.202380] kunit_try_run_case+0x170/0x3f0 [ 21.202437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.202642] kthread+0x328/0x630 [ 21.202769] ret_from_fork+0x10/0x20 [ 21.203139] [ 21.203228] Allocated by task 265: [ 21.203324] kasan_save_stack+0x3c/0x68 [ 21.203429] kasan_save_track+0x20/0x40 [ 21.203517] kasan_save_alloc_info+0x40/0x58 [ 21.203624] __kasan_kmalloc+0xd4/0xd8 [ 21.203743] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.203822] kasan_atomics+0xb8/0x2e0 [ 21.203861] kunit_try_run_case+0x170/0x3f0 [ 21.203900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.203947] kthread+0x328/0x630 [ 21.203981] ret_from_fork+0x10/0x20 [ 21.204145] [ 21.204260] The buggy address belongs to the object at fff00000c56d1100 [ 21.204260] which belongs to the cache kmalloc-64 of size 64 [ 21.204353] The buggy address is located 0 bytes to the right of [ 21.204353] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.204477] [ 21.204498] The buggy address belongs to the physical page: [ 21.204531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.204757] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.204865] page_type: f5(slab) [ 21.204961] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.205075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.205226] page dumped because: kasan: bad access detected [ 21.205335] [ 21.205455] Memory state around the buggy address: [ 21.205514] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.205560] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.205817] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.205979] ^ [ 21.206055] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.206236] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.206515] ================================================================== [ 21.036580] ================================================================== [ 21.036761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 21.036823] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.037257] [ 21.037601] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.037732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.038257] Hardware name: linux,dummy-virt (DT) [ 21.038348] Call trace: [ 21.038696] show_stack+0x20/0x38 (C) [ 21.038847] dump_stack_lvl+0x8c/0xd0 [ 21.039157] print_report+0x118/0x608 [ 21.039386] kasan_report+0xdc/0x128 [ 21.039584] kasan_check_range+0x100/0x1a8 [ 21.039739] __kasan_check_write+0x20/0x30 [ 21.039794] kasan_atomics_helper+0xf88/0x4858 [ 21.039846] kasan_atomics+0x198/0x2e0 [ 21.040019] kunit_try_run_case+0x170/0x3f0 [ 21.040514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.040689] kthread+0x328/0x630 [ 21.040775] ret_from_fork+0x10/0x20 [ 21.041037] [ 21.041065] Allocated by task 265: [ 21.041097] kasan_save_stack+0x3c/0x68 [ 21.041676] kasan_save_track+0x20/0x40 [ 21.041832] kasan_save_alloc_info+0x40/0x58 [ 21.042098] __kasan_kmalloc+0xd4/0xd8 [ 21.042234] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.042373] kasan_atomics+0xb8/0x2e0 [ 21.042519] kunit_try_run_case+0x170/0x3f0 [ 21.042652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.042780] kthread+0x328/0x630 [ 21.042853] ret_from_fork+0x10/0x20 [ 21.043057] [ 21.043225] The buggy address belongs to the object at fff00000c56d1100 [ 21.043225] which belongs to the cache kmalloc-64 of size 64 [ 21.043337] The buggy address is located 0 bytes to the right of [ 21.043337] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.043525] [ 21.043570] The buggy address belongs to the physical page: [ 21.043604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.043658] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.044301] page_type: f5(slab) [ 21.044460] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.044697] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.044781] page dumped because: kasan: bad access detected [ 21.044957] [ 21.045265] Memory state around the buggy address: [ 21.045612] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.045857] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.046263] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.046394] ^ [ 21.046446] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.046567] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.046984] ================================================================== [ 20.992631] ================================================================== [ 20.992848] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 20.993107] Read of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 20.993161] [ 20.993208] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.993287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.993684] Hardware name: linux,dummy-virt (DT) [ 20.994015] Call trace: [ 20.994334] show_stack+0x20/0x38 (C) [ 20.994489] dump_stack_lvl+0x8c/0xd0 [ 20.994699] print_report+0x118/0x608 [ 20.994851] kasan_report+0xdc/0x128 [ 20.994901] __asan_report_load8_noabort+0x20/0x30 [ 20.995325] kasan_atomics_helper+0x3f58/0x4858 [ 20.995576] kasan_atomics+0x198/0x2e0 [ 20.995795] kunit_try_run_case+0x170/0x3f0 [ 20.995973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.996155] kthread+0x328/0x630 [ 20.996378] ret_from_fork+0x10/0x20 [ 20.996794] [ 20.996879] Allocated by task 265: [ 20.997013] kasan_save_stack+0x3c/0x68 [ 20.997109] kasan_save_track+0x20/0x40 [ 20.997290] kasan_save_alloc_info+0x40/0x58 [ 20.997452] __kasan_kmalloc+0xd4/0xd8 [ 20.997599] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.997648] kasan_atomics+0xb8/0x2e0 [ 20.997852] kunit_try_run_case+0x170/0x3f0 [ 20.998068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.998368] kthread+0x328/0x630 [ 20.998525] ret_from_fork+0x10/0x20 [ 20.998766] [ 20.998823] The buggy address belongs to the object at fff00000c56d1100 [ 20.998823] which belongs to the cache kmalloc-64 of size 64 [ 20.998900] The buggy address is located 0 bytes to the right of [ 20.998900] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.998966] [ 20.999139] The buggy address belongs to the physical page: [ 20.999204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.999272] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.999333] page_type: f5(slab) [ 20.999380] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.999433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.999486] page dumped because: kasan: bad access detected [ 20.999529] [ 20.999550] Memory state around the buggy address: [ 20.999584] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.999630] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.999674] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.999728] ^ [ 20.999769] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.999814] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.999864] ================================================================== [ 21.146502] ================================================================== [ 21.146552] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 21.146604] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.146654] [ 21.146686] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.146766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.146795] Hardware name: linux,dummy-virt (DT) [ 21.146828] Call trace: [ 21.146854] show_stack+0x20/0x38 (C) [ 21.146901] dump_stack_lvl+0x8c/0xd0 [ 21.146949] print_report+0x118/0x608 [ 21.146996] kasan_report+0xdc/0x128 [ 21.147043] kasan_check_range+0x100/0x1a8 [ 21.147091] __kasan_check_write+0x20/0x30 [ 21.147138] kasan_atomics_helper+0x14e4/0x4858 [ 21.147187] kasan_atomics+0x198/0x2e0 [ 21.147249] kunit_try_run_case+0x170/0x3f0 [ 21.147298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.147352] kthread+0x328/0x630 [ 21.147394] ret_from_fork+0x10/0x20 [ 21.147442] [ 21.147462] Allocated by task 265: [ 21.147490] kasan_save_stack+0x3c/0x68 [ 21.147532] kasan_save_track+0x20/0x40 [ 21.147571] kasan_save_alloc_info+0x40/0x58 [ 21.147613] __kasan_kmalloc+0xd4/0xd8 [ 21.147652] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.147692] kasan_atomics+0xb8/0x2e0 [ 21.147730] kunit_try_run_case+0x170/0x3f0 [ 21.147769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.147813] kthread+0x328/0x630 [ 21.147848] ret_from_fork+0x10/0x20 [ 21.147885] [ 21.147905] The buggy address belongs to the object at fff00000c56d1100 [ 21.147905] which belongs to the cache kmalloc-64 of size 64 [ 21.147964] The buggy address is located 0 bytes to the right of [ 21.147964] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.148028] [ 21.148048] The buggy address belongs to the physical page: [ 21.148080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.148133] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.148180] page_type: f5(slab) [ 21.148297] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.148364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.148407] page dumped because: kasan: bad access detected [ 21.148441] [ 21.148461] Memory state around the buggy address: [ 21.148495] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.148567] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.148642] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.148685] ^ [ 21.148718] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.148768] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.148824] ================================================================== [ 21.194228] ================================================================== [ 21.194545] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 21.194623] Read of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.194680] [ 21.194715] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.195029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.195071] Hardware name: linux,dummy-virt (DT) [ 21.195222] Call trace: [ 21.195248] show_stack+0x20/0x38 (C) [ 21.195302] dump_stack_lvl+0x8c/0xd0 [ 21.195483] print_report+0x118/0x608 [ 21.195565] kasan_report+0xdc/0x128 [ 21.195774] __asan_report_load8_noabort+0x20/0x30 [ 21.195841] kasan_atomics_helper+0x3e20/0x4858 [ 21.195953] kasan_atomics+0x198/0x2e0 [ 21.196079] kunit_try_run_case+0x170/0x3f0 [ 21.196149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.196221] kthread+0x328/0x630 [ 21.196265] ret_from_fork+0x10/0x20 [ 21.196314] [ 21.196345] Allocated by task 265: [ 21.196392] kasan_save_stack+0x3c/0x68 [ 21.196436] kasan_save_track+0x20/0x40 [ 21.196499] kasan_save_alloc_info+0x40/0x58 [ 21.196584] __kasan_kmalloc+0xd4/0xd8 [ 21.196624] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.196665] kasan_atomics+0xb8/0x2e0 [ 21.196705] kunit_try_run_case+0x170/0x3f0 [ 21.196840] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.197065] kthread+0x328/0x630 [ 21.197142] ret_from_fork+0x10/0x20 [ 21.197184] [ 21.197408] The buggy address belongs to the object at fff00000c56d1100 [ 21.197408] which belongs to the cache kmalloc-64 of size 64 [ 21.197598] The buggy address is located 0 bytes to the right of [ 21.197598] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.197952] [ 21.198239] The buggy address belongs to the physical page: [ 21.198319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.198375] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.198453] page_type: f5(slab) [ 21.198494] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.198546] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.198589] page dumped because: kasan: bad access detected [ 21.198749] [ 21.198883] Memory state around the buggy address: [ 21.199181] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.199269] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.199315] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.199646] ^ [ 21.199753] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.200029] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.200134] ================================================================== [ 21.018594] ================================================================== [ 21.018647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 21.018699] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.018964] [ 21.019007] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.019107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.019323] Hardware name: linux,dummy-virt (DT) [ 21.019619] Call trace: [ 21.019966] show_stack+0x20/0x38 (C) [ 21.020053] dump_stack_lvl+0x8c/0xd0 [ 21.020269] print_report+0x118/0x608 [ 21.020331] kasan_report+0xdc/0x128 [ 21.020382] kasan_check_range+0x100/0x1a8 [ 21.020451] __kasan_check_write+0x20/0x30 [ 21.020700] kasan_atomics_helper+0xeb8/0x4858 [ 21.020805] kasan_atomics+0x198/0x2e0 [ 21.021115] kunit_try_run_case+0x170/0x3f0 [ 21.021328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.021548] kthread+0x328/0x630 [ 21.021638] ret_from_fork+0x10/0x20 [ 21.021771] [ 21.021894] Allocated by task 265: [ 21.022061] kasan_save_stack+0x3c/0x68 [ 21.022309] kasan_save_track+0x20/0x40 [ 21.022513] kasan_save_alloc_info+0x40/0x58 [ 21.022706] __kasan_kmalloc+0xd4/0xd8 [ 21.022791] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.023115] kasan_atomics+0xb8/0x2e0 [ 21.023185] kunit_try_run_case+0x170/0x3f0 [ 21.023367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.023893] kthread+0x328/0x630 [ 21.024308] ret_from_fork+0x10/0x20 [ 21.024361] [ 21.024397] The buggy address belongs to the object at fff00000c56d1100 [ 21.024397] which belongs to the cache kmalloc-64 of size 64 [ 21.024634] The buggy address is located 0 bytes to the right of [ 21.024634] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.025075] [ 21.025301] The buggy address belongs to the physical page: [ 21.025639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.026121] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.026457] page_type: f5(slab) [ 21.026560] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.026795] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.027009] page dumped because: kasan: bad access detected [ 21.027180] [ 21.027657] Memory state around the buggy address: [ 21.027821] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.027914] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.028342] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.029004] ^ [ 21.029089] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.029245] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.029646] ================================================================== [ 21.065700] ================================================================== [ 21.065869] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 21.065922] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.065974] [ 21.066135] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.066928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.067240] Hardware name: linux,dummy-virt (DT) [ 21.067315] Call trace: [ 21.067342] show_stack+0x20/0x38 (C) [ 21.067731] dump_stack_lvl+0x8c/0xd0 [ 21.067864] print_report+0x118/0x608 [ 21.068280] kasan_report+0xdc/0x128 [ 21.068424] kasan_check_range+0x100/0x1a8 [ 21.068602] __kasan_check_write+0x20/0x30 [ 21.068692] kasan_atomics_helper+0x10c0/0x4858 [ 21.069249] kasan_atomics+0x198/0x2e0 [ 21.069481] kunit_try_run_case+0x170/0x3f0 [ 21.069962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.070050] kthread+0x328/0x630 [ 21.070222] ret_from_fork+0x10/0x20 [ 21.070443] [ 21.070494] Allocated by task 265: [ 21.070688] kasan_save_stack+0x3c/0x68 [ 21.070805] kasan_save_track+0x20/0x40 [ 21.071205] kasan_save_alloc_info+0x40/0x58 [ 21.071537] __kasan_kmalloc+0xd4/0xd8 [ 21.071681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.071989] kasan_atomics+0xb8/0x2e0 [ 21.072164] kunit_try_run_case+0x170/0x3f0 [ 21.072487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.072621] kthread+0x328/0x630 [ 21.073098] ret_from_fork+0x10/0x20 [ 21.073297] [ 21.073705] The buggy address belongs to the object at fff00000c56d1100 [ 21.073705] which belongs to the cache kmalloc-64 of size 64 [ 21.073869] The buggy address is located 0 bytes to the right of [ 21.073869] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.073939] [ 21.073962] The buggy address belongs to the physical page: [ 21.073994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.074566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.074680] page_type: f5(slab) [ 21.075110] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.075383] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.075459] page dumped because: kasan: bad access detected [ 21.075755] [ 21.075990] Memory state around the buggy address: [ 21.076095] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.076347] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.076672] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.076814] ^ [ 21.077023] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.077228] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.077441] ================================================================== [ 21.078537] ================================================================== [ 21.078598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 21.078983] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.079133] [ 21.079218] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.079463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.079527] Hardware name: linux,dummy-virt (DT) [ 21.079772] Call trace: [ 21.080026] show_stack+0x20/0x38 (C) [ 21.080393] dump_stack_lvl+0x8c/0xd0 [ 21.080603] print_report+0x118/0x608 [ 21.080664] kasan_report+0xdc/0x128 [ 21.081042] kasan_check_range+0x100/0x1a8 [ 21.081114] __kasan_check_write+0x20/0x30 [ 21.081287] kasan_atomics_helper+0x1128/0x4858 [ 21.081373] kasan_atomics+0x198/0x2e0 [ 21.081429] kunit_try_run_case+0x170/0x3f0 [ 21.081783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.082280] kthread+0x328/0x630 [ 21.082411] ret_from_fork+0x10/0x20 [ 21.082492] [ 21.082531] Allocated by task 265: [ 21.082573] kasan_save_stack+0x3c/0x68 [ 21.082629] kasan_save_track+0x20/0x40 [ 21.082693] kasan_save_alloc_info+0x40/0x58 [ 21.082748] __kasan_kmalloc+0xd4/0xd8 [ 21.082817] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.082865] kasan_atomics+0xb8/0x2e0 [ 21.082907] kunit_try_run_case+0x170/0x3f0 [ 21.082948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.083014] kthread+0x328/0x630 [ 21.083050] ret_from_fork+0x10/0x20 [ 21.083137] [ 21.083169] The buggy address belongs to the object at fff00000c56d1100 [ 21.083169] which belongs to the cache kmalloc-64 of size 64 [ 21.083247] The buggy address is located 0 bytes to the right of [ 21.083247] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.083314] [ 21.083335] The buggy address belongs to the physical page: [ 21.083378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.083430] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.083500] page_type: f5(slab) [ 21.083550] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.083621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.083669] page dumped because: kasan: bad access detected [ 21.083703] [ 21.083722] Memory state around the buggy address: [ 21.083757] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.083802] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.083860] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.083901] ^ [ 21.083950] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.083995] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.084044] ================================================================== [ 21.171232] ================================================================== [ 21.171306] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 21.171356] Read of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.171442] [ 21.171473] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.171698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.171762] Hardware name: linux,dummy-virt (DT) [ 21.171798] Call trace: [ 21.171849] show_stack+0x20/0x38 (C) [ 21.171932] dump_stack_lvl+0x8c/0xd0 [ 21.172002] print_report+0x118/0x608 [ 21.172087] kasan_report+0xdc/0x128 [ 21.172158] __asan_report_load8_noabort+0x20/0x30 [ 21.172257] kasan_atomics_helper+0x3df4/0x4858 [ 21.172309] kasan_atomics+0x198/0x2e0 [ 21.172355] kunit_try_run_case+0x170/0x3f0 [ 21.172478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.172630] kthread+0x328/0x630 [ 21.172683] ret_from_fork+0x10/0x20 [ 21.172787] [ 21.172812] Allocated by task 265: [ 21.173066] kasan_save_stack+0x3c/0x68 [ 21.173147] kasan_save_track+0x20/0x40 [ 21.173224] kasan_save_alloc_info+0x40/0x58 [ 21.173305] __kasan_kmalloc+0xd4/0xd8 [ 21.173362] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.173409] kasan_atomics+0xb8/0x2e0 [ 21.173493] kunit_try_run_case+0x170/0x3f0 [ 21.173564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.173611] kthread+0x328/0x630 [ 21.173644] ret_from_fork+0x10/0x20 [ 21.173680] [ 21.173919] The buggy address belongs to the object at fff00000c56d1100 [ 21.173919] which belongs to the cache kmalloc-64 of size 64 [ 21.174056] The buggy address is located 0 bytes to the right of [ 21.174056] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.174180] [ 21.174480] The buggy address belongs to the physical page: [ 21.174578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.174718] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.174876] page_type: f5(slab) [ 21.174917] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.174969] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.175124] page dumped because: kasan: bad access detected [ 21.175244] [ 21.175571] Memory state around the buggy address: [ 21.175643] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.175689] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.176035] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.176159] ^ [ 21.176402] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.176569] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.176695] ================================================================== [ 21.030489] ================================================================== [ 21.030803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 21.030878] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.030938] [ 21.031149] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.031257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.031342] Hardware name: linux,dummy-virt (DT) [ 21.031379] Call trace: [ 21.031404] show_stack+0x20/0x38 (C) [ 21.031800] dump_stack_lvl+0x8c/0xd0 [ 21.032062] print_report+0x118/0x608 [ 21.032279] kasan_report+0xdc/0x128 [ 21.032417] kasan_check_range+0x100/0x1a8 [ 21.032540] __kasan_check_write+0x20/0x30 [ 21.032734] kasan_atomics_helper+0xf20/0x4858 [ 21.032892] kasan_atomics+0x198/0x2e0 [ 21.033560] kunit_try_run_case+0x170/0x3f0 [ 21.033705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.033879] kthread+0x328/0x630 [ 21.033957] ret_from_fork+0x10/0x20 [ 21.034183] [ 21.034375] Allocated by task 265: [ 21.034538] kasan_save_stack+0x3c/0x68 [ 21.034608] kasan_save_track+0x20/0x40 [ 21.034649] kasan_save_alloc_info+0x40/0x58 [ 21.034709] __kasan_kmalloc+0xd4/0xd8 [ 21.034747] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.034799] kasan_atomics+0xb8/0x2e0 [ 21.034839] kunit_try_run_case+0x170/0x3f0 [ 21.034892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.034953] kthread+0x328/0x630 [ 21.034987] ret_from_fork+0x10/0x20 [ 21.035026] [ 21.035056] The buggy address belongs to the object at fff00000c56d1100 [ 21.035056] which belongs to the cache kmalloc-64 of size 64 [ 21.035116] The buggy address is located 0 bytes to the right of [ 21.035116] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.035211] [ 21.035256] The buggy address belongs to the physical page: [ 21.035289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.035356] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.035404] page_type: f5(slab) [ 21.035442] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.035494] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.035536] page dumped because: kasan: bad access detected [ 21.035579] [ 21.035598] Memory state around the buggy address: [ 21.035645] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.035696] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.035740] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.035794] ^ [ 21.035826] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.035886] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.035926] ================================================================== [ 21.165442] ================================================================== [ 21.165556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 21.165677] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.165770] [ 21.165939] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.166266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.166389] Hardware name: linux,dummy-virt (DT) [ 21.166534] Call trace: [ 21.166605] show_stack+0x20/0x38 (C) [ 21.166774] dump_stack_lvl+0x8c/0xd0 [ 21.166821] print_report+0x118/0x608 [ 21.166869] kasan_report+0xdc/0x128 [ 21.166915] kasan_check_range+0x100/0x1a8 [ 21.167454] __kasan_check_write+0x20/0x30 [ 21.167534] kasan_atomics_helper+0x1644/0x4858 [ 21.167863] kasan_atomics+0x198/0x2e0 [ 21.168034] kunit_try_run_case+0x170/0x3f0 [ 21.168148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.168317] kthread+0x328/0x630 [ 21.168413] ret_from_fork+0x10/0x20 [ 21.168474] [ 21.168496] Allocated by task 265: [ 21.168526] kasan_save_stack+0x3c/0x68 [ 21.168568] kasan_save_track+0x20/0x40 [ 21.168618] kasan_save_alloc_info+0x40/0x58 [ 21.168660] __kasan_kmalloc+0xd4/0xd8 [ 21.168703] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.168752] kasan_atomics+0xb8/0x2e0 [ 21.168789] kunit_try_run_case+0x170/0x3f0 [ 21.168835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.168884] kthread+0x328/0x630 [ 21.168918] ret_from_fork+0x10/0x20 [ 21.168965] [ 21.168995] The buggy address belongs to the object at fff00000c56d1100 [ 21.168995] which belongs to the cache kmalloc-64 of size 64 [ 21.169055] The buggy address is located 0 bytes to the right of [ 21.169055] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.169121] [ 21.169142] The buggy address belongs to the physical page: [ 21.169174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.169236] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.169285] page_type: f5(slab) [ 21.169322] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.169374] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.169859] page dumped because: kasan: bad access detected [ 21.169960] [ 21.170136] Memory state around the buggy address: [ 21.170175] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.170406] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.170497] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.170631] ^ [ 21.170760] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.170805] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.170845] ================================================================== [ 21.148937] ================================================================== [ 21.148995] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 21.149051] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.149102] [ 21.149130] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.149222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.149259] Hardware name: linux,dummy-virt (DT) [ 21.149289] Call trace: [ 21.149324] show_stack+0x20/0x38 (C) [ 21.149372] dump_stack_lvl+0x8c/0xd0 [ 21.149419] print_report+0x118/0x608 [ 21.149492] kasan_report+0xdc/0x128 [ 21.149541] kasan_check_range+0x100/0x1a8 [ 21.149658] __kasan_check_write+0x20/0x30 [ 21.149741] kasan_atomics_helper+0x154c/0x4858 [ 21.149791] kasan_atomics+0x198/0x2e0 [ 21.149837] kunit_try_run_case+0x170/0x3f0 [ 21.149886] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.149973] kthread+0x328/0x630 [ 21.150091] ret_from_fork+0x10/0x20 [ 21.150249] [ 21.150282] Allocated by task 265: [ 21.150386] kasan_save_stack+0x3c/0x68 [ 21.150566] kasan_save_track+0x20/0x40 [ 21.150607] kasan_save_alloc_info+0x40/0x58 [ 21.150650] __kasan_kmalloc+0xd4/0xd8 [ 21.150688] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.150771] kasan_atomics+0xb8/0x2e0 [ 21.150812] kunit_try_run_case+0x170/0x3f0 [ 21.150887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.150933] kthread+0x328/0x630 [ 21.150968] ret_from_fork+0x10/0x20 [ 21.151006] [ 21.151093] The buggy address belongs to the object at fff00000c56d1100 [ 21.151093] which belongs to the cache kmalloc-64 of size 64 [ 21.151188] The buggy address is located 0 bytes to the right of [ 21.151188] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.151344] [ 21.151395] The buggy address belongs to the physical page: [ 21.151479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.151785] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.151905] page_type: f5(slab) [ 21.151984] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.152036] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.152257] page dumped because: kasan: bad access detected [ 21.152493] [ 21.152672] Memory state around the buggy address: [ 21.152756] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.152987] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.153302] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.153351] ^ [ 21.153386] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.153731] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.153930] ================================================================== [ 21.128451] ================================================================== [ 21.128499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 21.128545] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.128597] [ 21.128626] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.128707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.128734] Hardware name: linux,dummy-virt (DT) [ 21.128765] Call trace: [ 21.128788] show_stack+0x20/0x38 (C) [ 21.128837] dump_stack_lvl+0x8c/0xd0 [ 21.128883] print_report+0x118/0x608 [ 21.128931] kasan_report+0xdc/0x128 [ 21.128976] kasan_check_range+0x100/0x1a8 [ 21.129026] __kasan_check_write+0x20/0x30 [ 21.129072] kasan_atomics_helper+0x1414/0x4858 [ 21.130811] kasan_atomics+0x198/0x2e0 [ 21.130915] kunit_try_run_case+0x170/0x3f0 [ 21.131114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.131304] kthread+0x328/0x630 [ 21.131354] ret_from_fork+0x10/0x20 [ 21.131402] [ 21.131433] Allocated by task 265: [ 21.131473] kasan_save_stack+0x3c/0x68 [ 21.131525] kasan_save_track+0x20/0x40 [ 21.131575] kasan_save_alloc_info+0x40/0x58 [ 21.131626] __kasan_kmalloc+0xd4/0xd8 [ 21.131674] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.131715] kasan_atomics+0xb8/0x2e0 [ 21.131752] kunit_try_run_case+0x170/0x3f0 [ 21.131793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.131839] kthread+0x328/0x630 [ 21.131881] ret_from_fork+0x10/0x20 [ 21.131926] [ 21.131954] The buggy address belongs to the object at fff00000c56d1100 [ 21.131954] which belongs to the cache kmalloc-64 of size 64 [ 21.132015] The buggy address is located 0 bytes to the right of [ 21.132015] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.132079] [ 21.132109] The buggy address belongs to the physical page: [ 21.132165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.132240] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.132306] page_type: f5(slab) [ 21.132351] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.132411] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.132454] page dumped because: kasan: bad access detected [ 21.132488] [ 21.132529] Memory state around the buggy address: [ 21.132564] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.132609] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.132668] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.132710] ^ [ 21.132752] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.132805] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.132843] ================================================================== [ 20.963423] ================================================================== [ 20.963487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 20.963540] Write of size 4 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 20.964022] [ 20.964224] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.964321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.964349] Hardware name: linux,dummy-virt (DT) [ 20.964415] Call trace: [ 20.964442] show_stack+0x20/0x38 (C) [ 20.964665] dump_stack_lvl+0x8c/0xd0 [ 20.964800] print_report+0x118/0x608 [ 20.964852] kasan_report+0xdc/0x128 [ 20.964900] kasan_check_range+0x100/0x1a8 [ 20.964955] __kasan_check_write+0x20/0x30 [ 20.965043] kasan_atomics_helper+0xd3c/0x4858 [ 20.965096] kasan_atomics+0x198/0x2e0 [ 20.965156] kunit_try_run_case+0x170/0x3f0 [ 20.965226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.965280] kthread+0x328/0x630 [ 20.965324] ret_from_fork+0x10/0x20 [ 20.965371] [ 20.965392] Allocated by task 265: [ 20.965423] kasan_save_stack+0x3c/0x68 [ 20.965715] kasan_save_track+0x20/0x40 [ 20.966277] kasan_save_alloc_info+0x40/0x58 [ 20.966350] __kasan_kmalloc+0xd4/0xd8 [ 20.966391] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.966442] kasan_atomics+0xb8/0x2e0 [ 20.966626] kunit_try_run_case+0x170/0x3f0 [ 20.966670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.966717] kthread+0x328/0x630 [ 20.966895] ret_from_fork+0x10/0x20 [ 20.967097] [ 20.967368] The buggy address belongs to the object at fff00000c56d1100 [ 20.967368] which belongs to the cache kmalloc-64 of size 64 [ 20.967483] The buggy address is located 0 bytes to the right of [ 20.967483] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.967853] [ 20.968040] The buggy address belongs to the physical page: [ 20.968309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.968505] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.968924] page_type: f5(slab) [ 20.969309] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.969395] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.969440] page dumped because: kasan: bad access detected [ 20.969736] [ 20.969879] Memory state around the buggy address: [ 20.970115] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.970245] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.970299] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.970508] ^ [ 20.970770] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.971145] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.971329] ================================================================== [ 21.122891] ================================================================== [ 21.122938] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 21.122988] Read of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.123039] [ 21.123070] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.123148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.123177] Hardware name: linux,dummy-virt (DT) [ 21.123225] Call trace: [ 21.123251] show_stack+0x20/0x38 (C) [ 21.123299] dump_stack_lvl+0x8c/0xd0 [ 21.123347] print_report+0x118/0x608 [ 21.123394] kasan_report+0xdc/0x128 [ 21.123441] __asan_report_load8_noabort+0x20/0x30 [ 21.123491] kasan_atomics_helper+0x3f04/0x4858 [ 21.123540] kasan_atomics+0x198/0x2e0 [ 21.123587] kunit_try_run_case+0x170/0x3f0 [ 21.123636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.123688] kthread+0x328/0x630 [ 21.123732] ret_from_fork+0x10/0x20 [ 21.123780] [ 21.123800] Allocated by task 265: [ 21.123829] kasan_save_stack+0x3c/0x68 [ 21.123870] kasan_save_track+0x20/0x40 [ 21.123909] kasan_save_alloc_info+0x40/0x58 [ 21.123951] __kasan_kmalloc+0xd4/0xd8 [ 21.123988] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.124029] kasan_atomics+0xb8/0x2e0 [ 21.124065] kunit_try_run_case+0x170/0x3f0 [ 21.124105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.124148] kthread+0x328/0x630 [ 21.124181] ret_from_fork+0x10/0x20 [ 21.127436] [ 21.127460] The buggy address belongs to the object at fff00000c56d1100 [ 21.127460] which belongs to the cache kmalloc-64 of size 64 [ 21.127530] The buggy address is located 0 bytes to the right of [ 21.127530] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.127596] [ 21.127617] The buggy address belongs to the physical page: [ 21.127649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.127704] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.127754] page_type: f5(slab) [ 21.127793] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.127845] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.127888] page dumped because: kasan: bad access detected [ 21.127922] [ 21.127942] Memory state around the buggy address: [ 21.127976] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.128020] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.128065] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.128105] ^ [ 21.128141] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.128183] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.128237] ================================================================== [ 21.133080] ================================================================== [ 21.133128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 21.133175] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.133977] [ 21.134569] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.135126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.135202] Hardware name: linux,dummy-virt (DT) [ 21.135483] Call trace: [ 21.135713] show_stack+0x20/0x38 (C) [ 21.136116] dump_stack_lvl+0x8c/0xd0 [ 21.136623] print_report+0x118/0x608 [ 21.136710] kasan_report+0xdc/0x128 [ 21.136786] kasan_check_range+0x100/0x1a8 [ 21.136938] __kasan_check_write+0x20/0x30 [ 21.137342] kasan_atomics_helper+0x147c/0x4858 [ 21.137527] kasan_atomics+0x198/0x2e0 [ 21.137624] kunit_try_run_case+0x170/0x3f0 [ 21.137802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.138145] kthread+0x328/0x630 [ 21.138376] ret_from_fork+0x10/0x20 [ 21.139136] [ 21.139213] Allocated by task 265: [ 21.139265] kasan_save_stack+0x3c/0x68 [ 21.139383] kasan_save_track+0x20/0x40 [ 21.139634] kasan_save_alloc_info+0x40/0x58 [ 21.139989] __kasan_kmalloc+0xd4/0xd8 [ 21.140150] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.140355] kasan_atomics+0xb8/0x2e0 [ 21.140862] kunit_try_run_case+0x170/0x3f0 [ 21.141251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.141912] kthread+0x328/0x630 [ 21.142031] ret_from_fork+0x10/0x20 [ 21.142131] [ 21.142444] The buggy address belongs to the object at fff00000c56d1100 [ 21.142444] which belongs to the cache kmalloc-64 of size 64 [ 21.142699] The buggy address is located 0 bytes to the right of [ 21.142699] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.142877] [ 21.142908] The buggy address belongs to the physical page: [ 21.142942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.143053] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.143451] page_type: f5(slab) [ 21.143571] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.143964] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.144233] page dumped because: kasan: bad access detected [ 21.144653] [ 21.144680] Memory state around the buggy address: [ 21.145048] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.145244] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.145489] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.145581] ^ [ 21.145619] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.145663] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.145702] ================================================================== [ 21.085214] ================================================================== [ 21.085269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 21.085321] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.085622] [ 21.085719] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.085806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.085835] Hardware name: linux,dummy-virt (DT) [ 21.086045] Call trace: [ 21.086317] show_stack+0x20/0x38 (C) [ 21.086600] dump_stack_lvl+0x8c/0xd0 [ 21.086704] print_report+0x118/0x608 [ 21.086892] kasan_report+0xdc/0x128 [ 21.086954] kasan_check_range+0x100/0x1a8 [ 21.087373] __kasan_check_write+0x20/0x30 [ 21.087625] kasan_atomics_helper+0x1190/0x4858 [ 21.087842] kasan_atomics+0x198/0x2e0 [ 21.087933] kunit_try_run_case+0x170/0x3f0 [ 21.088099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.088179] kthread+0x328/0x630 [ 21.088424] ret_from_fork+0x10/0x20 [ 21.088849] [ 21.089035] Allocated by task 265: [ 21.089189] kasan_save_stack+0x3c/0x68 [ 21.089348] kasan_save_track+0x20/0x40 [ 21.089421] kasan_save_alloc_info+0x40/0x58 [ 21.089508] __kasan_kmalloc+0xd4/0xd8 [ 21.089929] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.090232] kasan_atomics+0xb8/0x2e0 [ 21.090594] kunit_try_run_case+0x170/0x3f0 [ 21.090878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.091138] kthread+0x328/0x630 [ 21.091253] ret_from_fork+0x10/0x20 [ 21.091575] [ 21.091663] The buggy address belongs to the object at fff00000c56d1100 [ 21.091663] which belongs to the cache kmalloc-64 of size 64 [ 21.092215] The buggy address is located 0 bytes to the right of [ 21.092215] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.092330] [ 21.092374] The buggy address belongs to the physical page: [ 21.092814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.092898] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.093208] page_type: f5(slab) [ 21.093491] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.093581] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.093884] page dumped because: kasan: bad access detected [ 21.094106] [ 21.094395] Memory state around the buggy address: [ 21.094442] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.094846] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.095047] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.095125] ^ [ 21.095296] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.095541] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.095597] ================================================================== [ 20.871017] ================================================================== [ 20.871186] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 20.871682] Call trace: [ 20.872573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.873333] __kasan_kmalloc+0xd4/0xd8 [ 20.874449] The buggy address is located 0 bytes to the right of [ 20.874449] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.875272] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.876982] Call trace: [ 20.878629] [ 20.878678] Allocated by task 265: [ 20.878708] kasan_save_stack+0x3c/0x68 [ 20.878752] kasan_save_track+0x20/0x40 [ 20.878793] kasan_save_alloc_info+0x40/0x58 [ 20.879041] __kasan_kmalloc+0xd4/0xd8 [ 20.879091] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.879665] kasan_atomics+0xb8/0x2e0 [ 20.879809] kunit_try_run_case+0x170/0x3f0 [ 20.879925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.880025] kthread+0x328/0x630 [ 20.880061] ret_from_fork+0x10/0x20 [ 20.880144] [ 20.880409] The buggy address belongs to the object at fff00000c56d1100 [ 20.880409] which belongs to the cache kmalloc-64 of size 64 [ 20.880488] The buggy address is located 0 bytes to the right of [ 20.880488] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.880670] [ 20.880868] The buggy address belongs to the physical page: [ 20.880954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.881059] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.881182] page_type: f5(slab) [ 20.881291] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.881418] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.881569] page dumped because: kasan: bad access detected [ 20.881785] [ 20.881867] Memory state around the buggy address: [ 20.881921] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.881983] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.882028] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.882384] ^ [ 20.882448] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.882494] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.882533] ================================================================== [ 21.176920] ================================================================== [ 21.176968] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 21.177017] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.177067] [ 21.177124] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.177219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.177248] Hardware name: linux,dummy-virt (DT) [ 21.177279] Call trace: [ 21.177304] show_stack+0x20/0x38 (C) [ 21.177351] dump_stack_lvl+0x8c/0xd0 [ 21.177400] print_report+0x118/0x608 [ 21.177594] kasan_report+0xdc/0x128 [ 21.177872] kasan_check_range+0x100/0x1a8 [ 21.177990] __kasan_check_write+0x20/0x30 [ 21.178039] kasan_atomics_helper+0x16d0/0x4858 [ 21.178113] kasan_atomics+0x198/0x2e0 [ 21.178159] kunit_try_run_case+0x170/0x3f0 [ 21.178219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.178422] kthread+0x328/0x630 [ 21.178563] ret_from_fork+0x10/0x20 [ 21.178720] [ 21.179019] Allocated by task 265: [ 21.179148] kasan_save_stack+0x3c/0x68 [ 21.179256] kasan_save_track+0x20/0x40 [ 21.179320] kasan_save_alloc_info+0x40/0x58 [ 21.179403] __kasan_kmalloc+0xd4/0xd8 [ 21.179501] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.179615] kasan_atomics+0xb8/0x2e0 [ 21.179693] kunit_try_run_case+0x170/0x3f0 [ 21.179788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.179835] kthread+0x328/0x630 [ 21.179918] ret_from_fork+0x10/0x20 [ 21.180495] [ 21.180616] The buggy address belongs to the object at fff00000c56d1100 [ 21.180616] which belongs to the cache kmalloc-64 of size 64 [ 21.180805] The buggy address is located 0 bytes to the right of [ 21.180805] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.180900] [ 21.180960] The buggy address belongs to the physical page: [ 21.180994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.181210] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.181410] page_type: f5(slab) [ 21.181573] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.181920] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.182044] page dumped because: kasan: bad access detected [ 21.182307] [ 21.182332] Memory state around the buggy address: [ 21.182376] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.182422] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.182471] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.182634] ^ [ 21.182734] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.183051] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.183267] ================================================================== [ 21.183628] ================================================================== [ 21.183700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 21.183764] Read of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.183826] [ 21.183856] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.183948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.183989] Hardware name: linux,dummy-virt (DT) [ 21.184027] Call trace: [ 21.184099] show_stack+0x20/0x38 (C) [ 21.184175] dump_stack_lvl+0x8c/0xd0 [ 21.184236] print_report+0x118/0x608 [ 21.184283] kasan_report+0xdc/0x128 [ 21.184331] __asan_report_load8_noabort+0x20/0x30 [ 21.184380] kasan_atomics_helper+0x3e10/0x4858 [ 21.184428] kasan_atomics+0x198/0x2e0 [ 21.184476] kunit_try_run_case+0x170/0x3f0 [ 21.184523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.184577] kthread+0x328/0x630 [ 21.184626] ret_from_fork+0x10/0x20 [ 21.184683] [ 21.184704] Allocated by task 265: [ 21.184734] kasan_save_stack+0x3c/0x68 [ 21.184784] kasan_save_track+0x20/0x40 [ 21.184825] kasan_save_alloc_info+0x40/0x58 [ 21.184867] __kasan_kmalloc+0xd4/0xd8 [ 21.184905] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.184946] kasan_atomics+0xb8/0x2e0 [ 21.184990] kunit_try_run_case+0x170/0x3f0 [ 21.185038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.185082] kthread+0x328/0x630 [ 21.185126] ret_from_fork+0x10/0x20 [ 21.185162] [ 21.185182] The buggy address belongs to the object at fff00000c56d1100 [ 21.185182] which belongs to the cache kmalloc-64 of size 64 [ 21.185734] The buggy address is located 0 bytes to the right of [ 21.185734] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.185827] [ 21.185848] The buggy address belongs to the physical page: [ 21.186292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.186364] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.186414] page_type: f5(slab) [ 21.186595] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.186648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.186692] page dumped because: kasan: bad access detected [ 21.186847] [ 21.186876] Memory state around the buggy address: [ 21.186931] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.187000] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.187051] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.187122] ^ [ 21.187204] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.187252] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.187426] ================================================================== [ 21.000134] ================================================================== [ 21.000545] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 21.000942] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.001041] [ 21.001076] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.001517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.001594] Hardware name: linux,dummy-virt (DT) [ 21.001888] Call trace: [ 21.001965] show_stack+0x20/0x38 (C) [ 21.002159] dump_stack_lvl+0x8c/0xd0 [ 21.002434] print_report+0x118/0x608 [ 21.002560] kasan_report+0xdc/0x128 [ 21.002815] kasan_check_range+0x100/0x1a8 [ 21.003097] __kasan_check_write+0x20/0x30 [ 21.003303] kasan_atomics_helper+0xe44/0x4858 [ 21.003389] kasan_atomics+0x198/0x2e0 [ 21.003447] kunit_try_run_case+0x170/0x3f0 [ 21.003494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.004061] kthread+0x328/0x630 [ 21.004173] ret_from_fork+0x10/0x20 [ 21.004753] [ 21.004781] Allocated by task 265: [ 21.004830] kasan_save_stack+0x3c/0x68 [ 21.005066] kasan_save_track+0x20/0x40 [ 21.005142] kasan_save_alloc_info+0x40/0x58 [ 21.005447] __kasan_kmalloc+0xd4/0xd8 [ 21.005737] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.005998] kasan_atomics+0xb8/0x2e0 [ 21.006053] kunit_try_run_case+0x170/0x3f0 [ 21.006457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.006722] kthread+0x328/0x630 [ 21.006881] ret_from_fork+0x10/0x20 [ 21.006926] [ 21.007366] The buggy address belongs to the object at fff00000c56d1100 [ 21.007366] which belongs to the cache kmalloc-64 of size 64 [ 21.007723] The buggy address is located 0 bytes to the right of [ 21.007723] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.007797] [ 21.007819] The buggy address belongs to the physical page: [ 21.008166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.008415] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.008686] page_type: f5(slab) [ 21.008821] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.008876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.009105] page dumped because: kasan: bad access detected [ 21.009453] [ 21.009627] Memory state around the buggy address: [ 21.009756] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.009915] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.009964] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.010220] ^ [ 21.010467] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.010946] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.011257] ================================================================== [ 20.951317] ================================================================== [ 20.951371] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 20.951553] Read of size 4 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 20.951715] [ 20.951861] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.952344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.952528] Hardware name: linux,dummy-virt (DT) [ 20.952571] Call trace: [ 20.952630] show_stack+0x20/0x38 (C) [ 20.952811] dump_stack_lvl+0x8c/0xd0 [ 20.952930] print_report+0x118/0x608 [ 20.952984] kasan_report+0xdc/0x128 [ 20.953091] __asan_report_load4_noabort+0x20/0x30 [ 20.953143] kasan_atomics_helper+0x3dd8/0x4858 [ 20.953251] kasan_atomics+0x198/0x2e0 [ 20.953304] kunit_try_run_case+0x170/0x3f0 [ 20.953503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.953978] kthread+0x328/0x630 [ 20.954270] ret_from_fork+0x10/0x20 [ 20.954453] [ 20.954544] Allocated by task 265: [ 20.954969] kasan_save_stack+0x3c/0x68 [ 20.955103] kasan_save_track+0x20/0x40 [ 20.955213] kasan_save_alloc_info+0x40/0x58 [ 20.955623] __kasan_kmalloc+0xd4/0xd8 [ 20.955803] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.955933] kasan_atomics+0xb8/0x2e0 [ 20.956102] kunit_try_run_case+0x170/0x3f0 [ 20.956350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.956445] kthread+0x328/0x630 [ 20.956485] ret_from_fork+0x10/0x20 [ 20.956683] [ 20.956771] The buggy address belongs to the object at fff00000c56d1100 [ 20.956771] which belongs to the cache kmalloc-64 of size 64 [ 20.957132] The buggy address is located 0 bytes to the right of [ 20.957132] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.957389] [ 20.957446] The buggy address belongs to the physical page: [ 20.957646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.957925] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.958160] page_type: f5(slab) [ 20.958431] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.958693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.958863] page dumped because: kasan: bad access detected [ 20.959356] [ 20.959435] Memory state around the buggy address: [ 20.959481] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.959537] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.959830] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.960285] ^ [ 20.960539] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.960769] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.960858] ================================================================== [ 21.097077] ================================================================== [ 21.097213] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 21.097439] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.097877] [ 21.098135] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.098449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.098519] Hardware name: linux,dummy-virt (DT) [ 21.098553] Call trace: [ 21.098584] show_stack+0x20/0x38 (C) [ 21.098639] dump_stack_lvl+0x8c/0xd0 [ 21.098686] print_report+0x118/0x608 [ 21.099072] kasan_report+0xdc/0x128 [ 21.099345] kasan_check_range+0x100/0x1a8 [ 21.099530] __kasan_check_write+0x20/0x30 [ 21.099777] kasan_atomics_helper+0x11f8/0x4858 [ 21.100051] kasan_atomics+0x198/0x2e0 [ 21.100345] kunit_try_run_case+0x170/0x3f0 [ 21.100552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.100803] kthread+0x328/0x630 [ 21.100874] ret_from_fork+0x10/0x20 [ 21.100923] [ 21.100993] Allocated by task 265: [ 21.101227] kasan_save_stack+0x3c/0x68 [ 21.101703] kasan_save_track+0x20/0x40 [ 21.101769] kasan_save_alloc_info+0x40/0x58 [ 21.101814] __kasan_kmalloc+0xd4/0xd8 [ 21.101852] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.101894] kasan_atomics+0xb8/0x2e0 [ 21.101931] kunit_try_run_case+0x170/0x3f0 [ 21.101972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.102016] kthread+0x328/0x630 [ 21.102050] ret_from_fork+0x10/0x20 [ 21.102088] [ 21.102111] The buggy address belongs to the object at fff00000c56d1100 [ 21.102111] which belongs to the cache kmalloc-64 of size 64 [ 21.102172] The buggy address is located 0 bytes to the right of [ 21.102172] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.102249] [ 21.102271] The buggy address belongs to the physical page: [ 21.102304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.102357] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.102408] page_type: f5(slab) [ 21.102451] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.102503] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.102546] page dumped because: kasan: bad access detected [ 21.102580] [ 21.102600] Memory state around the buggy address: [ 21.102635] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.102679] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.102724] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.102764] ^ [ 21.102800] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.102841] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.102881] ================================================================== [ 21.058586] ================================================================== [ 21.058647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 21.058700] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.058849] [ 21.058983] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.059168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.059497] Hardware name: linux,dummy-virt (DT) [ 21.059681] Call trace: [ 21.059887] show_stack+0x20/0x38 (C) [ 21.060159] dump_stack_lvl+0x8c/0xd0 [ 21.060248] print_report+0x118/0x608 [ 21.060671] kasan_report+0xdc/0x128 [ 21.060914] kasan_check_range+0x100/0x1a8 [ 21.060988] __kasan_check_write+0x20/0x30 [ 21.061375] kasan_atomics_helper+0x1058/0x4858 [ 21.061637] kasan_atomics+0x198/0x2e0 [ 21.061740] kunit_try_run_case+0x170/0x3f0 [ 21.061919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.062156] kthread+0x328/0x630 [ 21.062237] ret_from_fork+0x10/0x20 [ 21.062607] [ 21.062653] Allocated by task 265: [ 21.062758] kasan_save_stack+0x3c/0x68 [ 21.062821] kasan_save_track+0x20/0x40 [ 21.062862] kasan_save_alloc_info+0x40/0x58 [ 21.062910] __kasan_kmalloc+0xd4/0xd8 [ 21.062956] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.062998] kasan_atomics+0xb8/0x2e0 [ 21.063042] kunit_try_run_case+0x170/0x3f0 [ 21.063082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.063134] kthread+0x328/0x630 [ 21.063170] ret_from_fork+0x10/0x20 [ 21.063227] [ 21.063249] The buggy address belongs to the object at fff00000c56d1100 [ 21.063249] which belongs to the cache kmalloc-64 of size 64 [ 21.063324] The buggy address is located 0 bytes to the right of [ 21.063324] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.063400] [ 21.063423] The buggy address belongs to the physical page: [ 21.063471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.063534] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.063584] page_type: f5(slab) [ 21.063633] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.063708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.063751] page dumped because: kasan: bad access detected [ 21.063785] [ 21.063814] Memory state around the buggy address: [ 21.063853] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.063921] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.063967] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.064007] ^ [ 21.064050] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.064104] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.064142] ================================================================== [ 21.114840] ================================================================== [ 21.114892] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 21.114942] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.114993] [ 21.115064] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.115148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.115175] Hardware name: linux,dummy-virt (DT) [ 21.115506] Call trace: [ 21.115547] show_stack+0x20/0x38 (C) [ 21.115603] dump_stack_lvl+0x8c/0xd0 [ 21.115650] print_report+0x118/0x608 [ 21.115699] kasan_report+0xdc/0x128 [ 21.115745] kasan_check_range+0x100/0x1a8 [ 21.115795] __kasan_check_write+0x20/0x30 [ 21.115841] kasan_atomics_helper+0x1384/0x4858 [ 21.115889] kasan_atomics+0x198/0x2e0 [ 21.115936] kunit_try_run_case+0x170/0x3f0 [ 21.116020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.116100] kthread+0x328/0x630 [ 21.116145] ret_from_fork+0x10/0x20 [ 21.116617] [ 21.116655] Allocated by task 265: [ 21.116688] kasan_save_stack+0x3c/0x68 [ 21.116733] kasan_save_track+0x20/0x40 [ 21.117361] kasan_save_alloc_info+0x40/0x58 [ 21.117431] __kasan_kmalloc+0xd4/0xd8 [ 21.117627] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.117808] kasan_atomics+0xb8/0x2e0 [ 21.117905] kunit_try_run_case+0x170/0x3f0 [ 21.118416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.118514] kthread+0x328/0x630 [ 21.118672] ret_from_fork+0x10/0x20 [ 21.118874] [ 21.118932] The buggy address belongs to the object at fff00000c56d1100 [ 21.118932] which belongs to the cache kmalloc-64 of size 64 [ 21.119001] The buggy address is located 0 bytes to the right of [ 21.119001] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.119273] [ 21.119424] The buggy address belongs to the physical page: [ 21.119757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.119819] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.120147] page_type: f5(slab) [ 21.120542] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.122260] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.122313] page dumped because: kasan: bad access detected [ 21.122349] [ 21.122369] Memory state around the buggy address: [ 21.122404] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.122456] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.122501] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.122542] ^ [ 21.122577] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.122621] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.122659] ================================================================== [ 20.982783] ================================================================== [ 20.982929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 20.983128] Read of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 20.983208] [ 20.983560] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.983679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.983713] Hardware name: linux,dummy-virt (DT) [ 20.983746] Call trace: [ 20.983770] show_stack+0x20/0x38 (C) [ 20.983969] dump_stack_lvl+0x8c/0xd0 [ 20.984032] print_report+0x118/0x608 [ 20.984082] kasan_report+0xdc/0x128 [ 20.984487] kasan_check_range+0x100/0x1a8 [ 20.984630] __kasan_check_read+0x20/0x30 [ 20.984764] kasan_atomics_helper+0xdd4/0x4858 [ 20.984868] kasan_atomics+0x198/0x2e0 [ 20.984922] kunit_try_run_case+0x170/0x3f0 [ 20.984972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.985026] kthread+0x328/0x630 [ 20.985069] ret_from_fork+0x10/0x20 [ 20.985343] [ 20.985918] Allocated by task 265: [ 20.985970] kasan_save_stack+0x3c/0x68 [ 20.986266] kasan_save_track+0x20/0x40 [ 20.986326] kasan_save_alloc_info+0x40/0x58 [ 20.986368] __kasan_kmalloc+0xd4/0xd8 [ 20.986408] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.986613] kasan_atomics+0xb8/0x2e0 [ 20.986841] kunit_try_run_case+0x170/0x3f0 [ 20.987624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.987775] kthread+0x328/0x630 [ 20.988707] ret_from_fork+0x10/0x20 [ 20.989008] [ 20.989170] The buggy address belongs to the object at fff00000c56d1100 [ 20.989170] which belongs to the cache kmalloc-64 of size 64 [ 20.989414] The buggy address is located 0 bytes to the right of [ 20.989414] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.989862] [ 20.990040] The buggy address belongs to the physical page: [ 20.990149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.990367] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.990733] page_type: f5(slab) [ 20.990825] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.991011] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.991094] page dumped because: kasan: bad access detected [ 20.991139] [ 20.991168] Memory state around the buggy address: [ 20.991227] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.991279] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.991323] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.991361] ^ [ 20.991398] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.991442] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.991482] ================================================================== [ 20.887880] ================================================================== [ 20.887970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 20.888130] Write of size 4 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 20.888242] [ 20.888300] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.888411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.888517] Hardware name: linux,dummy-virt (DT) [ 20.888553] Call trace: [ 20.888613] show_stack+0x20/0x38 (C) [ 20.888938] kasan_report+0xdc/0x128 [ 20.889286] kasan_atomics_helper+0xad4/0x4858 [ 20.890489] kasan_save_alloc_info+0x40/0x58 [ 20.890624] __kasan_kmalloc+0xd4/0xd8 [ 20.890785] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.890850] kasan_atomics+0xb8/0x2e0 [ 20.890887] kunit_try_run_case+0x170/0x3f0 [ 20.891098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.891349] kthread+0x328/0x630 [ 20.891515] ret_from_fork+0x10/0x20 [ 20.891555] [ 20.891687] The buggy address belongs to the object at fff00000c56d1100 [ 20.891687] which belongs to the cache kmalloc-64 of size 64 [ 20.891894] The buggy address is located 0 bytes to the right of [ 20.891894] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.892238] [ 20.892281] The buggy address belongs to the physical page: [ 20.892331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.892388] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.892439] page_type: f5(slab) [ 20.892488] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.892542] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.892814] page dumped because: kasan: bad access detected [ 20.893085] [ 20.893126] Memory state around the buggy address: [ 20.893185] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.893500] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.893824] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.893871] ^ [ 20.894164] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.894347] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.896561] Read of size 4 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 20.897057] kasan_atomics_helper+0x3dcc/0x4858 [ 20.898626] kasan_save_alloc_info+0x40/0x58 [ 20.898711] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.899007] kasan_atomics+0xb8/0x2e0 [ 20.899791] [ 20.900508] [ 20.901039] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.901516] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.901704] [ 20.902054] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.902553] ^ [ 20.902912] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.904879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.907113] kasan_save_alloc_info+0x40/0x58 [ 20.907388] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.907470] kasan_atomics+0xb8/0x2e0 [ 20.907674] kunit_try_run_case+0x170/0x3f0 [ 20.907913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.908728] [ 20.909162] [ 20.909425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.910257] page dumped because: kasan: bad access detected [ 20.910676] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.911031] ^ [ 20.911554] ================================================================== [ 20.752721] ================================================================== [ 20.754706] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 20.754864] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.755030] Call trace: [ 20.755423] kasan_atomics+0x198/0x2e0 [ 20.755723] kasan_save_stack+0x3c/0x68 [ 20.755888] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.757017] [ 20.765721] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.766826] page dumped because: kasan: bad access detected [ 20.767906] Call trace: [ 20.768857] kasan_save_stack+0x3c/0x68 [ 20.769893] The buggy address is located 0 bytes to the right of [ 20.769893] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.771019] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.772574] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.776395] kasan_atomics+0xb8/0x2e0 [ 20.777803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.778455] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.780148] kasan_atomics_helper+0x54c/0x4858 [ 20.782047] The buggy address is located 0 bytes to the right of [ 20.782047] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.783785] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.785441] ================================================================== [ 20.973047] ================================================================== [ 20.973172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 20.973239] Read of size 4 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 20.973291] [ 20.973334] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.973426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.973459] Hardware name: linux,dummy-virt (DT) [ 20.973584] Call trace: [ 20.973786] show_stack+0x20/0x38 (C) [ 20.974100] dump_stack_lvl+0x8c/0xd0 [ 20.974258] print_report+0x118/0x608 [ 20.974359] kasan_report+0xdc/0x128 [ 20.974416] __asan_report_load4_noabort+0x20/0x30 [ 20.974472] kasan_atomics_helper+0x3e04/0x4858 [ 20.974523] kasan_atomics+0x198/0x2e0 [ 20.975157] kunit_try_run_case+0x170/0x3f0 [ 20.975341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.975521] kthread+0x328/0x630 [ 20.975637] ret_from_fork+0x10/0x20 [ 20.976217] [ 20.976723] Allocated by task 265: [ 20.977123] kasan_save_stack+0x3c/0x68 [ 20.977219] kasan_save_track+0x20/0x40 [ 20.977397] kasan_save_alloc_info+0x40/0x58 [ 20.977538] __kasan_kmalloc+0xd4/0xd8 [ 20.977580] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.977743] kasan_atomics+0xb8/0x2e0 [ 20.978026] kunit_try_run_case+0x170/0x3f0 [ 20.978103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.978339] kthread+0x328/0x630 [ 20.978531] ret_from_fork+0x10/0x20 [ 20.978612] [ 20.978673] The buggy address belongs to the object at fff00000c56d1100 [ 20.978673] which belongs to the cache kmalloc-64 of size 64 [ 20.978982] The buggy address is located 0 bytes to the right of [ 20.978982] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.979323] [ 20.979395] The buggy address belongs to the physical page: [ 20.979523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.979596] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.979650] page_type: f5(slab) [ 20.979692] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.979744] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.979812] page dumped because: kasan: bad access detected [ 20.979855] [ 20.979884] Memory state around the buggy address: [ 20.979942] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.979989] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.980039] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.980079] ^ [ 20.980122] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.980167] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.980218] ================================================================== [ 20.883133] ================================================================== [ 20.883266] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 20.883318] Write of size 4 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 20.883370] [ 20.883402] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.883484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.883623] Hardware name: linux,dummy-virt (DT) [ 20.883738] Call trace: [ 20.883786] show_stack+0x20/0x38 (C) [ 20.883841] dump_stack_lvl+0x8c/0xd0 [ 20.883889] print_report+0x118/0x608 [ 20.884026] kasan_report+0xdc/0x128 [ 20.884230] kasan_check_range+0x100/0x1a8 [ 20.884292] __kasan_check_write+0x20/0x30 [ 20.884370] kasan_atomics_helper+0xa6c/0x4858 [ 20.884422] kasan_atomics+0x198/0x2e0 [ 20.884469] kunit_try_run_case+0x170/0x3f0 [ 20.884528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.884583] kthread+0x328/0x630 [ 20.884627] ret_from_fork+0x10/0x20 [ 20.884684] [ 20.884705] Allocated by task 265: [ 20.884735] kasan_save_stack+0x3c/0x68 [ 20.884779] kasan_save_track+0x20/0x40 [ 20.884819] kasan_save_alloc_info+0x40/0x58 [ 20.884860] __kasan_kmalloc+0xd4/0xd8 [ 20.884913] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.884956] kasan_atomics+0xb8/0x2e0 [ 20.884994] kunit_try_run_case+0x170/0x3f0 [ 20.885034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.885096] kthread+0x328/0x630 [ 20.885131] ret_from_fork+0x10/0x20 [ 20.885169] [ 20.885202] The buggy address belongs to the object at fff00000c56d1100 [ 20.885202] which belongs to the cache kmalloc-64 of size 64 [ 20.885554] The buggy address is located 0 bytes to the right of [ 20.885554] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 20.885885] [ 20.885913] The buggy address belongs to the physical page: [ 20.886014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 20.886095] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.886243] page_type: f5(slab) [ 20.886282] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.886372] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.886486] page dumped because: kasan: bad access detected [ 20.886520] [ 20.886580] Memory state around the buggy address: [ 20.886696] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.886913] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.886959] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.887029] ^ [ 20.887264] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.887463] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.887592] ================================================================== [ 21.159782] ================================================================== [ 21.159850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 21.159900] Read of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.159960] [ 21.159999] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.160078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.160106] Hardware name: linux,dummy-virt (DT) [ 21.160138] Call trace: [ 21.160177] show_stack+0x20/0x38 (C) [ 21.160453] dump_stack_lvl+0x8c/0xd0 [ 21.160528] print_report+0x118/0x608 [ 21.160761] kasan_report+0xdc/0x128 [ 21.160823] __asan_report_load8_noabort+0x20/0x30 [ 21.160902] kasan_atomics_helper+0x3db0/0x4858 [ 21.160953] kasan_atomics+0x198/0x2e0 [ 21.161000] kunit_try_run_case+0x170/0x3f0 [ 21.161049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.161103] kthread+0x328/0x630 [ 21.161147] ret_from_fork+0x10/0x20 [ 21.161357] [ 21.161430] Allocated by task 265: [ 21.161488] kasan_save_stack+0x3c/0x68 [ 21.161553] kasan_save_track+0x20/0x40 [ 21.161821] kasan_save_alloc_info+0x40/0x58 [ 21.161943] __kasan_kmalloc+0xd4/0xd8 [ 21.162003] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.162068] kasan_atomics+0xb8/0x2e0 [ 21.162174] kunit_try_run_case+0x170/0x3f0 [ 21.162267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.162356] kthread+0x328/0x630 [ 21.162421] ret_from_fork+0x10/0x20 [ 21.162607] [ 21.162706] The buggy address belongs to the object at fff00000c56d1100 [ 21.162706] which belongs to the cache kmalloc-64 of size 64 [ 21.162768] The buggy address is located 0 bytes to the right of [ 21.162768] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.162834] [ 21.162855] The buggy address belongs to the physical page: [ 21.163030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.163178] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.163293] page_type: f5(slab) [ 21.163388] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.163476] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.163682] page dumped because: kasan: bad access detected [ 21.163827] [ 21.163851] Memory state around the buggy address: [ 21.163981] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.164063] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.164128] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.164180] ^ [ 21.164228] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.164271] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.164591] ================================================================== [ 21.103081] ================================================================== [ 21.103128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 21.103172] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.103323] [ 21.103361] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.103492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.103560] Hardware name: linux,dummy-virt (DT) [ 21.103626] Call trace: [ 21.103650] show_stack+0x20/0x38 (C) [ 21.103717] dump_stack_lvl+0x8c/0xd0 [ 21.103787] print_report+0x118/0x608 [ 21.103836] kasan_report+0xdc/0x128 [ 21.103882] kasan_check_range+0x100/0x1a8 [ 21.103949] __kasan_check_write+0x20/0x30 [ 21.103996] kasan_atomics_helper+0x126c/0x4858 [ 21.104045] kasan_atomics+0x198/0x2e0 [ 21.104278] kunit_try_run_case+0x170/0x3f0 [ 21.104328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.104521] kthread+0x328/0x630 [ 21.104626] ret_from_fork+0x10/0x20 [ 21.104692] [ 21.104741] Allocated by task 265: [ 21.104773] kasan_save_stack+0x3c/0x68 [ 21.104852] kasan_save_track+0x20/0x40 [ 21.105020] kasan_save_alloc_info+0x40/0x58 [ 21.105106] __kasan_kmalloc+0xd4/0xd8 [ 21.105226] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.105271] kasan_atomics+0xb8/0x2e0 [ 21.105308] kunit_try_run_case+0x170/0x3f0 [ 21.105387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.105488] kthread+0x328/0x630 [ 21.105612] ret_from_fork+0x10/0x20 [ 21.105699] [ 21.105721] The buggy address belongs to the object at fff00000c56d1100 [ 21.105721] which belongs to the cache kmalloc-64 of size 64 [ 21.105780] The buggy address is located 0 bytes to the right of [ 21.105780] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.105845] [ 21.105866] The buggy address belongs to the physical page: [ 21.106157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.106316] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.106418] page_type: f5(slab) [ 21.106461] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.106515] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.106558] page dumped because: kasan: bad access detected [ 21.106602] [ 21.106633] Memory state around the buggy address: [ 21.106668] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.106713] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.106764] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.106804] ^ [ 21.106840] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.106882] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.106922] ================================================================== [ 21.107326] ================================================================== [ 21.107546] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 21.107654] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.107707] [ 21.107736] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.107816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.107843] Hardware name: linux,dummy-virt (DT) [ 21.107876] Call trace: [ 21.107899] show_stack+0x20/0x38 (C) [ 21.108102] dump_stack_lvl+0x8c/0xd0 [ 21.108163] print_report+0x118/0x608 [ 21.108225] kasan_report+0xdc/0x128 [ 21.108271] kasan_check_range+0x100/0x1a8 [ 21.108321] __kasan_check_write+0x20/0x30 [ 21.108545] kasan_atomics_helper+0x12d8/0x4858 [ 21.108763] kasan_atomics+0x198/0x2e0 [ 21.108894] kunit_try_run_case+0x170/0x3f0 [ 21.109009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.109091] kthread+0x328/0x630 [ 21.109219] ret_from_fork+0x10/0x20 [ 21.109283] [ 21.109304] Allocated by task 265: [ 21.109334] kasan_save_stack+0x3c/0x68 [ 21.109444] kasan_save_track+0x20/0x40 [ 21.109608] kasan_save_alloc_info+0x40/0x58 [ 21.109898] __kasan_kmalloc+0xd4/0xd8 [ 21.110180] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.110343] kasan_atomics+0xb8/0x2e0 [ 21.110522] kunit_try_run_case+0x170/0x3f0 [ 21.110634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.110784] kthread+0x328/0x630 [ 21.110865] ret_from_fork+0x10/0x20 [ 21.110972] [ 21.111110] The buggy address belongs to the object at fff00000c56d1100 [ 21.111110] which belongs to the cache kmalloc-64 of size 64 [ 21.111172] The buggy address is located 0 bytes to the right of [ 21.111172] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.111247] [ 21.111268] The buggy address belongs to the physical page: [ 21.111607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.111717] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.111881] page_type: f5(slab) [ 21.112027] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.112266] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.112411] page dumped because: kasan: bad access detected [ 21.112551] [ 21.112572] Memory state around the buggy address: [ 21.112864] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.113097] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.113280] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.113649] ^ [ 21.113693] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.113737] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.113777] ================================================================== [ 21.187761] ================================================================== [ 21.187937] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 21.187999] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.188048] [ 21.188143] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.188245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.188471] Hardware name: linux,dummy-virt (DT) [ 21.188514] Call trace: [ 21.188537] show_stack+0x20/0x38 (C) [ 21.188590] dump_stack_lvl+0x8c/0xd0 [ 21.188785] print_report+0x118/0x608 [ 21.188859] kasan_report+0xdc/0x128 [ 21.188921] kasan_check_range+0x100/0x1a8 [ 21.188973] __kasan_check_write+0x20/0x30 [ 21.189094] kasan_atomics_helper+0x175c/0x4858 [ 21.189208] kasan_atomics+0x198/0x2e0 [ 21.189369] kunit_try_run_case+0x170/0x3f0 [ 21.189427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.189548] kthread+0x328/0x630 [ 21.189606] ret_from_fork+0x10/0x20 [ 21.189764] [ 21.189825] Allocated by task 265: [ 21.189855] kasan_save_stack+0x3c/0x68 [ 21.190015] kasan_save_track+0x20/0x40 [ 21.190058] kasan_save_alloc_info+0x40/0x58 [ 21.190309] __kasan_kmalloc+0xd4/0xd8 [ 21.190435] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.190547] kasan_atomics+0xb8/0x2e0 [ 21.190851] kunit_try_run_case+0x170/0x3f0 [ 21.191030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.191141] kthread+0x328/0x630 [ 21.191257] ret_from_fork+0x10/0x20 [ 21.191354] [ 21.191504] The buggy address belongs to the object at fff00000c56d1100 [ 21.191504] which belongs to the cache kmalloc-64 of size 64 [ 21.191594] The buggy address is located 0 bytes to the right of [ 21.191594] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.191660] [ 21.191681] The buggy address belongs to the physical page: [ 21.191728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.191780] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.191961] page_type: f5(slab) [ 21.192012] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.192553] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.192838] page dumped because: kasan: bad access detected [ 21.192935] [ 21.192956] Memory state around the buggy address: [ 21.192993] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.193325] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.193431] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.193526] ^ [ 21.193562] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.193751] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.193869] ================================================================== [ 21.049032] ================================================================== [ 21.049104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 21.049283] Write of size 8 at addr fff00000c56d1130 by task kunit_try_catch/265 [ 21.049383] [ 21.049419] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.049747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.049855] Hardware name: linux,dummy-virt (DT) [ 21.049966] Call trace: [ 21.049990] show_stack+0x20/0x38 (C) [ 21.050044] dump_stack_lvl+0x8c/0xd0 [ 21.050451] print_report+0x118/0x608 [ 21.050528] kasan_report+0xdc/0x128 [ 21.050728] kasan_check_range+0x100/0x1a8 [ 21.050933] __kasan_check_write+0x20/0x30 [ 21.051015] kasan_atomics_helper+0xff0/0x4858 [ 21.051067] kasan_atomics+0x198/0x2e0 [ 21.051288] kunit_try_run_case+0x170/0x3f0 [ 21.051618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.051884] kthread+0x328/0x630 [ 21.052165] ret_from_fork+0x10/0x20 [ 21.052284] [ 21.052309] Allocated by task 265: [ 21.052395] kasan_save_stack+0x3c/0x68 [ 21.052795] kasan_save_track+0x20/0x40 [ 21.052967] kasan_save_alloc_info+0x40/0x58 [ 21.053083] __kasan_kmalloc+0xd4/0xd8 [ 21.053245] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.053335] kasan_atomics+0xb8/0x2e0 [ 21.053376] kunit_try_run_case+0x170/0x3f0 [ 21.053437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.053845] kthread+0x328/0x630 [ 21.054005] ret_from_fork+0x10/0x20 [ 21.054167] [ 21.054311] The buggy address belongs to the object at fff00000c56d1100 [ 21.054311] which belongs to the cache kmalloc-64 of size 64 [ 21.054443] The buggy address is located 0 bytes to the right of [ 21.054443] allocated 48-byte region [fff00000c56d1100, fff00000c56d1130) [ 21.054658] [ 21.054847] The buggy address belongs to the physical page: [ 21.055211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d1 [ 21.055488] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.055637] page_type: f5(slab) [ 21.055689] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.055742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.055920] page dumped because: kasan: bad access detected [ 21.056174] [ 21.056342] Memory state around the buggy address: [ 21.056575] fff00000c56d1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.056654] fff00000c56d1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.056979] >fff00000c56d1100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.057037] ^ [ 21.057077] fff00000c56d1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.057122] fff00000c56d1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.057547] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 20.511051] ================================================================== [ 20.511257] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 20.511488] Read of size 1 at addr fff00000c56d5090 by task kunit_try_catch/259 [ 20.511557] [ 20.511694] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.511920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.511982] Hardware name: linux,dummy-virt (DT) [ 20.512039] Call trace: [ 20.512081] show_stack+0x20/0x38 (C) [ 20.512142] dump_stack_lvl+0x8c/0xd0 [ 20.512237] print_report+0x118/0x608 [ 20.512297] kasan_report+0xdc/0x128 [ 20.512345] __asan_report_load1_noabort+0x20/0x30 [ 20.512403] strnlen+0x80/0x88 [ 20.512462] kasan_strings+0x478/0xb00 [ 20.512509] kunit_try_run_case+0x170/0x3f0 [ 20.512566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.512620] kthread+0x328/0x630 [ 20.512671] ret_from_fork+0x10/0x20 [ 20.512726] [ 20.512747] Allocated by task 259: [ 20.512786] kasan_save_stack+0x3c/0x68 [ 20.512832] kasan_save_track+0x20/0x40 [ 20.512872] kasan_save_alloc_info+0x40/0x58 [ 20.512915] __kasan_kmalloc+0xd4/0xd8 [ 20.512952] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.512993] kasan_strings+0xc8/0xb00 [ 20.513029] kunit_try_run_case+0x170/0x3f0 [ 20.513069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.513113] kthread+0x328/0x630 [ 20.513158] ret_from_fork+0x10/0x20 [ 20.513206] [ 20.513351] Freed by task 259: [ 20.513689] kasan_save_stack+0x3c/0x68 [ 20.513753] kasan_save_track+0x20/0x40 [ 20.513795] kasan_save_free_info+0x4c/0x78 [ 20.514268] __kasan_slab_free+0x6c/0x98 [ 20.514659] kfree+0x214/0x3c8 [ 20.514746] kasan_strings+0x24c/0xb00 [ 20.514930] kunit_try_run_case+0x170/0x3f0 [ 20.515102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.515188] kthread+0x328/0x630 [ 20.515580] ret_from_fork+0x10/0x20 [ 20.515659] [ 20.515853] The buggy address belongs to the object at fff00000c56d5080 [ 20.515853] which belongs to the cache kmalloc-32 of size 32 [ 20.516051] The buggy address is located 16 bytes inside of [ 20.516051] freed 32-byte region [fff00000c56d5080, fff00000c56d50a0) [ 20.516152] [ 20.516291] The buggy address belongs to the physical page: [ 20.516439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d5 [ 20.516500] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.516798] page_type: f5(slab) [ 20.516858] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.516969] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.517070] page dumped because: kasan: bad access detected [ 20.517399] [ 20.517457] Memory state around the buggy address: [ 20.517502] fff00000c56d4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.517814] fff00000c56d5000: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.517887] >fff00000c56d5080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.518077] ^ [ 20.518185] fff00000c56d5100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.518340] fff00000c56d5180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.518467] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.501405] ================================================================== [ 20.501711] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 20.501879] Read of size 1 at addr fff00000c56d5090 by task kunit_try_catch/259 [ 20.502040] [ 20.502102] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.502212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.502242] Hardware name: linux,dummy-virt (DT) [ 20.502274] Call trace: [ 20.502299] show_stack+0x20/0x38 (C) [ 20.502733] dump_stack_lvl+0x8c/0xd0 [ 20.502869] print_report+0x118/0x608 [ 20.503022] kasan_report+0xdc/0x128 [ 20.503073] __asan_report_load1_noabort+0x20/0x30 [ 20.503379] strlen+0xa8/0xb0 [ 20.503555] kasan_strings+0x418/0xb00 [ 20.503722] kunit_try_run_case+0x170/0x3f0 [ 20.503797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.503980] kthread+0x328/0x630 [ 20.504038] ret_from_fork+0x10/0x20 [ 20.504439] [ 20.504639] Allocated by task 259: [ 20.504718] kasan_save_stack+0x3c/0x68 [ 20.504842] kasan_save_track+0x20/0x40 [ 20.504894] kasan_save_alloc_info+0x40/0x58 [ 20.504935] __kasan_kmalloc+0xd4/0xd8 [ 20.504984] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.505024] kasan_strings+0xc8/0xb00 [ 20.505062] kunit_try_run_case+0x170/0x3f0 [ 20.505106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.505162] kthread+0x328/0x630 [ 20.505226] ret_from_fork+0x10/0x20 [ 20.505263] [ 20.505293] Freed by task 259: [ 20.505334] kasan_save_stack+0x3c/0x68 [ 20.505372] kasan_save_track+0x20/0x40 [ 20.505422] kasan_save_free_info+0x4c/0x78 [ 20.505653] __kasan_slab_free+0x6c/0x98 [ 20.505708] kfree+0x214/0x3c8 [ 20.505770] kasan_strings+0x24c/0xb00 [ 20.506160] kunit_try_run_case+0x170/0x3f0 [ 20.506265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.506344] kthread+0x328/0x630 [ 20.506836] ret_from_fork+0x10/0x20 [ 20.507108] [ 20.507154] The buggy address belongs to the object at fff00000c56d5080 [ 20.507154] which belongs to the cache kmalloc-32 of size 32 [ 20.507263] The buggy address is located 16 bytes inside of [ 20.507263] freed 32-byte region [fff00000c56d5080, fff00000c56d50a0) [ 20.507345] [ 20.507388] The buggy address belongs to the physical page: [ 20.507534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d5 [ 20.507731] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.507786] page_type: f5(slab) [ 20.508106] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.508172] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.508292] page dumped because: kasan: bad access detected [ 20.508361] [ 20.508469] Memory state around the buggy address: [ 20.508537] fff00000c56d4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.508730] fff00000c56d5000: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.509007] >fff00000c56d5080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.509434] ^ [ 20.509797] fff00000c56d5100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.509853] fff00000c56d5180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.509898] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.491006] ================================================================== [ 20.491126] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 20.491182] Read of size 1 at addr fff00000c56d5090 by task kunit_try_catch/259 [ 20.491475] [ 20.491584] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.491705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.491776] Hardware name: linux,dummy-virt (DT) [ 20.491814] Call trace: [ 20.491839] show_stack+0x20/0x38 (C) [ 20.491891] dump_stack_lvl+0x8c/0xd0 [ 20.492104] print_report+0x118/0x608 [ 20.492171] kasan_report+0xdc/0x128 [ 20.492453] __asan_report_load1_noabort+0x20/0x30 [ 20.492531] kasan_strings+0x95c/0xb00 [ 20.492578] kunit_try_run_case+0x170/0x3f0 [ 20.492930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.493101] kthread+0x328/0x630 [ 20.493177] ret_from_fork+0x10/0x20 [ 20.493281] [ 20.493310] Allocated by task 259: [ 20.493339] kasan_save_stack+0x3c/0x68 [ 20.493391] kasan_save_track+0x20/0x40 [ 20.493512] kasan_save_alloc_info+0x40/0x58 [ 20.493690] __kasan_kmalloc+0xd4/0xd8 [ 20.493864] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.493940] kasan_strings+0xc8/0xb00 [ 20.494049] kunit_try_run_case+0x170/0x3f0 [ 20.494304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.494362] kthread+0x328/0x630 [ 20.494743] ret_from_fork+0x10/0x20 [ 20.494934] [ 20.495016] Freed by task 259: [ 20.495111] kasan_save_stack+0x3c/0x68 [ 20.495229] kasan_save_track+0x20/0x40 [ 20.495497] kasan_save_free_info+0x4c/0x78 [ 20.495591] __kasan_slab_free+0x6c/0x98 [ 20.495769] kfree+0x214/0x3c8 [ 20.495907] kasan_strings+0x24c/0xb00 [ 20.496006] kunit_try_run_case+0x170/0x3f0 [ 20.496172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.496282] kthread+0x328/0x630 [ 20.496412] ret_from_fork+0x10/0x20 [ 20.496859] [ 20.496944] The buggy address belongs to the object at fff00000c56d5080 [ 20.496944] which belongs to the cache kmalloc-32 of size 32 [ 20.497038] The buggy address is located 16 bytes inside of [ 20.497038] freed 32-byte region [fff00000c56d5080, fff00000c56d50a0) [ 20.497179] [ 20.497407] The buggy address belongs to the physical page: [ 20.497470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d5 [ 20.497766] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.497909] page_type: f5(slab) [ 20.497980] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.498174] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.498533] page dumped because: kasan: bad access detected [ 20.498588] [ 20.498908] Memory state around the buggy address: [ 20.498977] fff00000c56d4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.499226] fff00000c56d5000: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.499371] >fff00000c56d5080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.499481] ^ [ 20.499865] fff00000c56d5100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.499925] fff00000c56d5180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.500048] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.482597] ================================================================== [ 20.482773] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 20.482978] Read of size 1 at addr fff00000c56d5090 by task kunit_try_catch/259 [ 20.483263] [ 20.483314] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.483403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.483459] Hardware name: linux,dummy-virt (DT) [ 20.483502] Call trace: [ 20.483536] show_stack+0x20/0x38 (C) [ 20.483591] dump_stack_lvl+0x8c/0xd0 [ 20.483641] print_report+0x118/0x608 [ 20.483691] kasan_report+0xdc/0x128 [ 20.483739] __asan_report_load1_noabort+0x20/0x30 [ 20.483801] strcmp+0xc0/0xc8 [ 20.483847] kasan_strings+0x340/0xb00 [ 20.483894] kunit_try_run_case+0x170/0x3f0 [ 20.483945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.483999] kthread+0x328/0x630 [ 20.484053] ret_from_fork+0x10/0x20 [ 20.484102] [ 20.484123] Allocated by task 259: [ 20.484163] kasan_save_stack+0x3c/0x68 [ 20.484228] kasan_save_track+0x20/0x40 [ 20.484267] kasan_save_alloc_info+0x40/0x58 [ 20.484326] __kasan_kmalloc+0xd4/0xd8 [ 20.484365] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.484408] kasan_strings+0xc8/0xb00 [ 20.484455] kunit_try_run_case+0x170/0x3f0 [ 20.484508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.484553] kthread+0x328/0x630 [ 20.484592] ret_from_fork+0x10/0x20 [ 20.484629] [ 20.484649] Freed by task 259: [ 20.484690] kasan_save_stack+0x3c/0x68 [ 20.484730] kasan_save_track+0x20/0x40 [ 20.484778] kasan_save_free_info+0x4c/0x78 [ 20.484818] __kasan_slab_free+0x6c/0x98 [ 20.484858] kfree+0x214/0x3c8 [ 20.484906] kasan_strings+0x24c/0xb00 [ 20.484944] kunit_try_run_case+0x170/0x3f0 [ 20.484983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.485037] kthread+0x328/0x630 [ 20.485072] ret_from_fork+0x10/0x20 [ 20.485108] [ 20.485153] The buggy address belongs to the object at fff00000c56d5080 [ 20.485153] which belongs to the cache kmalloc-32 of size 32 [ 20.485692] The buggy address is located 16 bytes inside of [ 20.485692] freed 32-byte region [fff00000c56d5080, fff00000c56d50a0) [ 20.485785] [ 20.485841] The buggy address belongs to the physical page: [ 20.485887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056d5 [ 20.485968] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.486415] page_type: f5(slab) [ 20.486623] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.487232] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.487427] page dumped because: kasan: bad access detected [ 20.487708] [ 20.487835] Memory state around the buggy address: [ 20.488402] fff00000c56d4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.488491] fff00000c56d5000: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.488766] >fff00000c56d5080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.488899] ^ [ 20.489288] fff00000c56d5100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.489374] fff00000c56d5180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.489635] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.457492] ================================================================== [ 20.457723] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 20.457937] Read of size 1 at addr fff00000c5707ed8 by task kunit_try_catch/257 [ 20.457999] [ 20.458106] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.458384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.458579] Hardware name: linux,dummy-virt (DT) [ 20.458616] Call trace: [ 20.458688] show_stack+0x20/0x38 (C) [ 20.459158] dump_stack_lvl+0x8c/0xd0 [ 20.459314] print_report+0x118/0x608 [ 20.459368] kasan_report+0xdc/0x128 [ 20.459748] __asan_report_load1_noabort+0x20/0x30 [ 20.459833] memcmp+0x198/0x1d8 [ 20.460215] kasan_memcmp+0x16c/0x300 [ 20.460380] kunit_try_run_case+0x170/0x3f0 [ 20.460612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.460844] kthread+0x328/0x630 [ 20.461257] ret_from_fork+0x10/0x20 [ 20.461434] [ 20.461459] Allocated by task 257: [ 20.461819] kasan_save_stack+0x3c/0x68 [ 20.461886] kasan_save_track+0x20/0x40 [ 20.462019] kasan_save_alloc_info+0x40/0x58 [ 20.462221] __kasan_kmalloc+0xd4/0xd8 [ 20.462295] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.462472] kasan_memcmp+0xbc/0x300 [ 20.462512] kunit_try_run_case+0x170/0x3f0 [ 20.462811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.462969] kthread+0x328/0x630 [ 20.463075] ret_from_fork+0x10/0x20 [ 20.463151] [ 20.463340] The buggy address belongs to the object at fff00000c5707ec0 [ 20.463340] which belongs to the cache kmalloc-32 of size 32 [ 20.463433] The buggy address is located 0 bytes to the right of [ 20.463433] allocated 24-byte region [fff00000c5707ec0, fff00000c5707ed8) [ 20.463836] [ 20.463984] The buggy address belongs to the physical page: [ 20.464150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105707 [ 20.464280] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.464388] page_type: f5(slab) [ 20.464508] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.464605] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.465262] page dumped because: kasan: bad access detected [ 20.465324] [ 20.465368] Memory state around the buggy address: [ 20.466043] fff00000c5707d80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.466105] fff00000c5707e00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.466508] >fff00000c5707e80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.466673] ^ [ 20.466849] fff00000c5707f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.466936] fff00000c5707f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.466994] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.430996] ================================================================== [ 20.431059] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 20.431354] Read of size 1 at addr ffff800080997b4a by task kunit_try_catch/253 [ 20.431426] [ 20.431859] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.431963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.432253] Hardware name: linux,dummy-virt (DT) [ 20.432350] Call trace: [ 20.432462] show_stack+0x20/0x38 (C) [ 20.432629] dump_stack_lvl+0x8c/0xd0 [ 20.432846] print_report+0x310/0x608 [ 20.432972] kasan_report+0xdc/0x128 [ 20.433028] __asan_report_load1_noabort+0x20/0x30 [ 20.433080] kasan_alloca_oob_right+0x2dc/0x340 [ 20.433135] kunit_try_run_case+0x170/0x3f0 [ 20.433352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.433423] kthread+0x328/0x630 [ 20.433660] ret_from_fork+0x10/0x20 [ 20.433904] [ 20.434270] The buggy address belongs to stack of task kunit_try_catch/253 [ 20.434443] [ 20.434532] The buggy address belongs to the virtual mapping at [ 20.434532] [ffff800080990000, ffff800080999000) created by: [ 20.434532] kernel_clone+0x150/0x7a8 [ 20.434739] [ 20.434764] The buggy address belongs to the physical page: [ 20.434799] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106437 [ 20.435295] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.435649] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.435812] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.436219] page dumped because: kasan: bad access detected [ 20.436267] [ 20.436301] Memory state around the buggy address: [ 20.436344] ffff800080997a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.436413] ffff800080997a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.436513] >ffff800080997b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.436556] ^ [ 20.436594] ffff800080997b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.436648] ffff800080997c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.436697] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.414795] ================================================================== [ 20.415142] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 20.415224] Read of size 1 at addr ffff800080997b5f by task kunit_try_catch/251 [ 20.415277] [ 20.415347] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.415470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.415841] Hardware name: linux,dummy-virt (DT) [ 20.415957] Call trace: [ 20.416002] show_stack+0x20/0x38 (C) [ 20.416320] dump_stack_lvl+0x8c/0xd0 [ 20.416385] print_report+0x310/0x608 [ 20.416644] kasan_report+0xdc/0x128 [ 20.416805] __asan_report_load1_noabort+0x20/0x30 [ 20.416867] kasan_alloca_oob_left+0x2b8/0x310 [ 20.416917] kunit_try_run_case+0x170/0x3f0 [ 20.416975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.417174] kthread+0x328/0x630 [ 20.417245] ret_from_fork+0x10/0x20 [ 20.417298] [ 20.417332] The buggy address belongs to stack of task kunit_try_catch/251 [ 20.417405] [ 20.417432] The buggy address belongs to the virtual mapping at [ 20.417432] [ffff800080990000, ffff800080999000) created by: [ 20.417432] kernel_clone+0x150/0x7a8 [ 20.417934] [ 20.417978] The buggy address belongs to the physical page: [ 20.418014] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106437 [ 20.418478] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.418590] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.419003] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.419156] page dumped because: kasan: bad access detected [ 20.419345] [ 20.419369] Memory state around the buggy address: [ 20.419434] ffff800080997a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.419650] ffff800080997a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.419767] >ffff800080997b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 20.419996] ^ [ 20.420055] ffff800080997b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.420111] ffff800080997c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.420153] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.394900] ================================================================== [ 20.395163] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 20.395251] Read of size 1 at addr ffff800080997c2a by task kunit_try_catch/249 [ 20.395590] [ 20.395665] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.395913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.395948] Hardware name: linux,dummy-virt (DT) [ 20.396255] Call trace: [ 20.396446] show_stack+0x20/0x38 (C) [ 20.396514] dump_stack_lvl+0x8c/0xd0 [ 20.396914] print_report+0x310/0x608 [ 20.397040] kasan_report+0xdc/0x128 [ 20.397093] __asan_report_load1_noabort+0x20/0x30 [ 20.397147] kasan_stack_oob+0x238/0x270 [ 20.397205] kunit_try_run_case+0x170/0x3f0 [ 20.397257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.397311] kthread+0x328/0x630 [ 20.397355] ret_from_fork+0x10/0x20 [ 20.397404] [ 20.397794] The buggy address belongs to stack of task kunit_try_catch/249 [ 20.398415] and is located at offset 138 in frame: [ 20.398751] kasan_stack_oob+0x0/0x270 [ 20.399718] [ 20.400109] This frame has 4 objects: [ 20.400672] [48, 49) '__assertion' [ 20.401100] [64, 72) 'array' [ 20.401304] [96, 112) '__assertion' [ 20.401521] [128, 138) 'stack_array' [ 20.401703] [ 20.401741] The buggy address belongs to the virtual mapping at [ 20.401741] [ffff800080990000, ffff800080999000) created by: [ 20.401741] kernel_clone+0x150/0x7a8 [ 20.402153] [ 20.402219] The buggy address belongs to the physical page: [ 20.402297] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106437 [ 20.402483] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.402684] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.402749] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.402807] page dumped because: kasan: bad access detected [ 20.402852] [ 20.402919] Memory state around the buggy address: [ 20.402956] ffff800080997b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.403009] ffff800080997b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 20.403055] >ffff800080997c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 20.403095] ^ [ 20.403129] ffff800080997c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 20.403182] ffff800080997d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.403241] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.365402] ================================================================== [ 20.365480] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 20.365531] Read of size 1 at addr ffffa45e9274f5cd by task kunit_try_catch/245 [ 20.365582] [ 20.365618] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.365698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.365724] Hardware name: linux,dummy-virt (DT) [ 20.365757] Call trace: [ 20.365778] show_stack+0x20/0x38 (C) [ 20.365826] dump_stack_lvl+0x8c/0xd0 [ 20.365871] print_report+0x310/0x608 [ 20.365918] kasan_report+0xdc/0x128 [ 20.365963] __asan_report_load1_noabort+0x20/0x30 [ 20.366015] kasan_global_oob_right+0x230/0x270 [ 20.366063] kunit_try_run_case+0x170/0x3f0 [ 20.366111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.366799] kthread+0x328/0x630 [ 20.366887] ret_from_fork+0x10/0x20 [ 20.367295] [ 20.367780] The buggy address belongs to the variable: [ 20.368014] global_array+0xd/0x40 [ 20.368525] [ 20.369043] The buggy address belongs to the virtual mapping at [ 20.369043] [ffffa45e90900000, ffffa45e92801000) created by: [ 20.369043] paging_init+0x66c/0x7d0 [ 20.369357] [ 20.369717] The buggy address belongs to the physical page: [ 20.369781] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 20.369866] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 20.370420] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 20.370567] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.370801] page dumped because: kasan: bad access detected [ 20.370852] [ 20.370889] Memory state around the buggy address: [ 20.371276] ffffa45e9274f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.371473] ffffa45e9274f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.371619] >ffffa45e9274f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 20.371730] ^ [ 20.371766] ffffa45e9274f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.371958] ffffa45e9274f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.372157] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.351279] ================================================================== [ 20.351430] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.351751] Free of addr fff00000c78e0001 by task kunit_try_catch/243 [ 20.351803] [ 20.351929] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.352277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.352466] Hardware name: linux,dummy-virt (DT) [ 20.352544] Call trace: [ 20.352570] show_stack+0x20/0x38 (C) [ 20.352624] dump_stack_lvl+0x8c/0xd0 [ 20.352687] print_report+0x118/0x608 [ 20.352745] kasan_report_invalid_free+0xc0/0xe8 [ 20.352846] __kasan_mempool_poison_object+0xfc/0x150 [ 20.352901] mempool_free+0x28c/0x328 [ 20.352945] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.352996] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 20.353056] kunit_try_run_case+0x170/0x3f0 [ 20.353115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.353176] kthread+0x328/0x630 [ 20.353238] ret_from_fork+0x10/0x20 [ 20.353286] [ 20.353307] The buggy address belongs to the physical page: [ 20.353338] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e0 [ 20.353392] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.353456] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.353843] page_type: f8(unknown) [ 20.354036] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.354225] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.354278] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.354350] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.354672] head: 0bfffe0000000002 ffffc1ffc31e3801 00000000ffffffff 00000000ffffffff [ 20.354780] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.355358] page dumped because: kasan: bad access detected [ 20.355649] [ 20.355768] Memory state around the buggy address: [ 20.356066] fff00000c78dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.356152] fff00000c78dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.356229] >fff00000c78e0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.356269] ^ [ 20.356297] fff00000c78e0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.356582] fff00000c78e0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.356710] ================================================================== [ 20.323811] ================================================================== [ 20.324090] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.324247] Free of addr fff00000c56edf01 by task kunit_try_catch/241 [ 20.324335] [ 20.324400] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.324481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.324506] Hardware name: linux,dummy-virt (DT) [ 20.324537] Call trace: [ 20.324773] show_stack+0x20/0x38 (C) [ 20.324840] dump_stack_lvl+0x8c/0xd0 [ 20.325019] print_report+0x118/0x608 [ 20.325072] kasan_report_invalid_free+0xc0/0xe8 [ 20.325166] check_slab_allocation+0xfc/0x108 [ 20.325231] __kasan_mempool_poison_object+0x78/0x150 [ 20.325494] mempool_free+0x28c/0x328 [ 20.325614] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.325799] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.326011] kunit_try_run_case+0x170/0x3f0 [ 20.326069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.326335] kthread+0x328/0x630 [ 20.326473] ret_from_fork+0x10/0x20 [ 20.326625] [ 20.326702] Allocated by task 241: [ 20.326737] kasan_save_stack+0x3c/0x68 [ 20.326965] kasan_save_track+0x20/0x40 [ 20.327174] kasan_save_alloc_info+0x40/0x58 [ 20.327263] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.327350] remove_element+0x130/0x1f8 [ 20.327388] mempool_alloc_preallocated+0x58/0xc0 [ 20.327499] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 20.327661] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.327945] kunit_try_run_case+0x170/0x3f0 [ 20.328031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.328325] kthread+0x328/0x630 [ 20.328564] ret_from_fork+0x10/0x20 [ 20.328768] [ 20.328928] The buggy address belongs to the object at fff00000c56edf00 [ 20.328928] which belongs to the cache kmalloc-128 of size 128 [ 20.329059] The buggy address is located 1 bytes inside of [ 20.329059] 128-byte region [fff00000c56edf00, fff00000c56edf80) [ 20.329290] [ 20.329359] The buggy address belongs to the physical page: [ 20.329559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056ed [ 20.329835] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.329965] page_type: f5(slab) [ 20.330058] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.330183] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 20.330236] page dumped because: kasan: bad access detected [ 20.330268] [ 20.330285] Memory state around the buggy address: [ 20.330324] fff00000c56ede00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.330518] fff00000c56ede80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.330655] >fff00000c56edf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.330855] ^ [ 20.330910] fff00000c56edf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.331180] fff00000c56ee000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.331344] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.314789] ================================================================== [ 20.314864] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.314919] Free of addr fff00000c78e0000 by task kunit_try_catch/239 [ 20.315040] [ 20.315075] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.315155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.315182] Hardware name: linux,dummy-virt (DT) [ 20.315227] Call trace: [ 20.315405] show_stack+0x20/0x38 (C) [ 20.315459] dump_stack_lvl+0x8c/0xd0 [ 20.315506] print_report+0x118/0x608 [ 20.315564] kasan_report_invalid_free+0xc0/0xe8 [ 20.315631] __kasan_mempool_poison_pages+0xe0/0xe8 [ 20.315682] mempool_free+0x24c/0x328 [ 20.315744] mempool_double_free_helper+0x150/0x2e8 [ 20.315839] mempool_page_alloc_double_free+0xbc/0x118 [ 20.316005] kunit_try_run_case+0x170/0x3f0 [ 20.316057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.316110] kthread+0x328/0x630 [ 20.316152] ret_from_fork+0x10/0x20 [ 20.316210] [ 20.316230] The buggy address belongs to the physical page: [ 20.316270] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e0 [ 20.316323] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.316400] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.316536] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.316654] page dumped because: kasan: bad access detected [ 20.316695] [ 20.316713] Memory state around the buggy address: [ 20.316745] fff00000c78dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.316859] fff00000c78dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.317079] >fff00000c78e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.317171] ^ [ 20.317211] fff00000c78e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.317253] fff00000c78e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.317292] ================================================================== [ 20.266771] ================================================================== [ 20.266842] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.269235] Free of addr fff00000c56edb00 by task kunit_try_catch/235 [ 20.269314] [ 20.269351] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.269431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.269458] Hardware name: linux,dummy-virt (DT) [ 20.270392] Call trace: [ 20.270420] show_stack+0x20/0x38 (C) [ 20.270480] dump_stack_lvl+0x8c/0xd0 [ 20.271349] print_report+0x118/0x608 [ 20.271821] kasan_report_invalid_free+0xc0/0xe8 [ 20.272132] check_slab_allocation+0xd4/0x108 [ 20.272380] __kasan_mempool_poison_object+0x78/0x150 [ 20.272437] mempool_free+0x28c/0x328 [ 20.272487] mempool_double_free_helper+0x150/0x2e8 [ 20.272538] mempool_kmalloc_double_free+0xc0/0x118 [ 20.273604] kunit_try_run_case+0x170/0x3f0 [ 20.273896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.274400] kthread+0x328/0x630 [ 20.274818] ret_from_fork+0x10/0x20 [ 20.275013] [ 20.275036] Allocated by task 235: [ 20.275315] kasan_save_stack+0x3c/0x68 [ 20.275427] kasan_save_track+0x20/0x40 [ 20.275571] kasan_save_alloc_info+0x40/0x58 [ 20.275843] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.276141] remove_element+0x130/0x1f8 [ 20.276245] mempool_alloc_preallocated+0x58/0xc0 [ 20.276286] mempool_double_free_helper+0x94/0x2e8 [ 20.276758] mempool_kmalloc_double_free+0xc0/0x118 [ 20.277244] kunit_try_run_case+0x170/0x3f0 [ 20.277289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.277581] kthread+0x328/0x630 [ 20.277625] ret_from_fork+0x10/0x20 [ 20.277662] [ 20.277683] Freed by task 235: [ 20.277718] kasan_save_stack+0x3c/0x68 [ 20.277757] kasan_save_track+0x20/0x40 [ 20.277794] kasan_save_free_info+0x4c/0x78 [ 20.278184] __kasan_mempool_poison_object+0xc0/0x150 [ 20.278258] mempool_free+0x28c/0x328 [ 20.278293] mempool_double_free_helper+0x100/0x2e8 [ 20.278657] mempool_kmalloc_double_free+0xc0/0x118 [ 20.279169] kunit_try_run_case+0x170/0x3f0 [ 20.279220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.279264] kthread+0x328/0x630 [ 20.279304] ret_from_fork+0x10/0x20 [ 20.279346] [ 20.279833] The buggy address belongs to the object at fff00000c56edb00 [ 20.279833] which belongs to the cache kmalloc-128 of size 128 [ 20.279973] The buggy address is located 0 bytes inside of [ 20.279973] 128-byte region [fff00000c56edb00, fff00000c56edb80) [ 20.280457] [ 20.280485] The buggy address belongs to the physical page: [ 20.280518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056ed [ 20.280572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.280636] page_type: f5(slab) [ 20.280779] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.281074] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.281242] page dumped because: kasan: bad access detected [ 20.281280] [ 20.281304] Memory state around the buggy address: [ 20.281339] fff00000c56eda00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.281707] fff00000c56eda80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.282048] >fff00000c56edb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.282093] ^ [ 20.282121] fff00000c56edb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.282172] fff00000c56edc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.282218] ================================================================== [ 20.296391] ================================================================== [ 20.297220] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.297288] Free of addr fff00000c78e0000 by task kunit_try_catch/237 [ 20.297331] [ 20.297414] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.297570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.297598] Hardware name: linux,dummy-virt (DT) [ 20.297649] Call trace: [ 20.297674] show_stack+0x20/0x38 (C) [ 20.298014] dump_stack_lvl+0x8c/0xd0 [ 20.298229] print_report+0x118/0x608 [ 20.298526] kasan_report_invalid_free+0xc0/0xe8 [ 20.298853] __kasan_mempool_poison_object+0x14c/0x150 [ 20.299149] mempool_free+0x28c/0x328 [ 20.299431] mempool_double_free_helper+0x150/0x2e8 [ 20.299520] mempool_kmalloc_large_double_free+0xc0/0x118 [ 20.299584] kunit_try_run_case+0x170/0x3f0 [ 20.299657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.299840] kthread+0x328/0x630 [ 20.299882] ret_from_fork+0x10/0x20 [ 20.300644] [ 20.301297] The buggy address belongs to the physical page: [ 20.301420] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e0 [ 20.302941] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.303073] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.303139] page_type: f8(unknown) [ 20.303182] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.303241] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.304900] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.304957] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.305006] head: 0bfffe0000000002 ffffc1ffc31e3801 00000000ffffffff 00000000ffffffff [ 20.305054] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.305094] page dumped because: kasan: bad access detected [ 20.305126] [ 20.305144] Memory state around the buggy address: [ 20.305179] fff00000c78dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.306646] fff00000c78dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.306695] >fff00000c78e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.306734] ^ [ 20.306762] fff00000c78e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.306806] fff00000c78e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.306844] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.231771] ================================================================== [ 20.231845] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.231914] Read of size 1 at addr fff00000c78e0000 by task kunit_try_catch/233 [ 20.231964] [ 20.232005] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.232087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.232114] Hardware name: linux,dummy-virt (DT) [ 20.232148] Call trace: [ 20.232173] show_stack+0x20/0x38 (C) [ 20.235737] dump_stack_lvl+0x8c/0xd0 [ 20.236149] print_report+0x118/0x608 [ 20.236540] kasan_report+0xdc/0x128 [ 20.236773] __asan_report_load1_noabort+0x20/0x30 [ 20.236954] mempool_uaf_helper+0x314/0x340 [ 20.237186] mempool_page_alloc_uaf+0xc0/0x118 [ 20.237254] kunit_try_run_case+0x170/0x3f0 [ 20.237307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.237361] kthread+0x328/0x630 [ 20.237403] ret_from_fork+0x10/0x20 [ 20.238727] [ 20.239111] The buggy address belongs to the physical page: [ 20.239171] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e0 [ 20.239467] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.239541] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.239592] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.240142] page dumped because: kasan: bad access detected [ 20.240703] [ 20.240923] Memory state around the buggy address: [ 20.241083] fff00000c78dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.241137] fff00000c78dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.241180] >fff00000c78e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.241228] ^ [ 20.241257] fff00000c78e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.241969] fff00000c78e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.243689] ================================================================== [ 20.158597] ================================================================== [ 20.158655] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.158707] Read of size 1 at addr fff00000c78dc000 by task kunit_try_catch/229 [ 20.158754] [ 20.158783] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.158865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.158891] Hardware name: linux,dummy-virt (DT) [ 20.158922] Call trace: [ 20.158945] show_stack+0x20/0x38 (C) [ 20.158992] dump_stack_lvl+0x8c/0xd0 [ 20.159037] print_report+0x118/0x608 [ 20.159083] kasan_report+0xdc/0x128 [ 20.159127] __asan_report_load1_noabort+0x20/0x30 [ 20.159207] mempool_uaf_helper+0x314/0x340 [ 20.159262] mempool_kmalloc_large_uaf+0xc4/0x120 [ 20.159434] kunit_try_run_case+0x170/0x3f0 [ 20.159513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.159568] kthread+0x328/0x630 [ 20.159610] ret_from_fork+0x10/0x20 [ 20.159663] [ 20.159771] The buggy address belongs to the physical page: [ 20.159933] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc [ 20.160108] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.160243] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.160355] page_type: f8(unknown) [ 20.160401] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.160578] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.160625] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.160673] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.160802] head: 0bfffe0000000002 ffffc1ffc31e3701 00000000ffffffff 00000000ffffffff [ 20.161027] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.161068] page dumped because: kasan: bad access detected [ 20.161765] [ 20.161851] Memory state around the buggy address: [ 20.161885] fff00000c78dbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.161929] fff00000c78dbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.161971] >fff00000c78dc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.162032] ^ [ 20.162060] fff00000c78dc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.162101] fff00000c78dc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.162139] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.146499] ================================================================== [ 20.146563] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.146618] Read of size 1 at addr fff00000c56ed700 by task kunit_try_catch/227 [ 20.146666] [ 20.146712] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.147009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.147078] Hardware name: linux,dummy-virt (DT) [ 20.147251] Call trace: [ 20.147376] show_stack+0x20/0x38 (C) [ 20.147528] dump_stack_lvl+0x8c/0xd0 [ 20.147682] print_report+0x118/0x608 [ 20.147746] kasan_report+0xdc/0x128 [ 20.147791] __asan_report_load1_noabort+0x20/0x30 [ 20.147842] mempool_uaf_helper+0x314/0x340 [ 20.147887] mempool_kmalloc_uaf+0xc4/0x120 [ 20.147933] kunit_try_run_case+0x170/0x3f0 [ 20.147980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.148032] kthread+0x328/0x630 [ 20.148081] ret_from_fork+0x10/0x20 [ 20.148224] [ 20.148243] Allocated by task 227: [ 20.148272] kasan_save_stack+0x3c/0x68 [ 20.148313] kasan_save_track+0x20/0x40 [ 20.148351] kasan_save_alloc_info+0x40/0x58 [ 20.148390] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.148433] remove_element+0x130/0x1f8 [ 20.148470] mempool_alloc_preallocated+0x58/0xc0 [ 20.148509] mempool_uaf_helper+0xa4/0x340 [ 20.148545] mempool_kmalloc_uaf+0xc4/0x120 [ 20.148583] kunit_try_run_case+0x170/0x3f0 [ 20.148620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.148663] kthread+0x328/0x630 [ 20.148694] ret_from_fork+0x10/0x20 [ 20.148731] [ 20.148749] Freed by task 227: [ 20.148813] kasan_save_stack+0x3c/0x68 [ 20.148994] kasan_save_track+0x20/0x40 [ 20.149202] kasan_save_free_info+0x4c/0x78 [ 20.149242] __kasan_mempool_poison_object+0xc0/0x150 [ 20.149283] mempool_free+0x28c/0x328 [ 20.149319] mempool_uaf_helper+0x104/0x340 [ 20.149354] mempool_kmalloc_uaf+0xc4/0x120 [ 20.149391] kunit_try_run_case+0x170/0x3f0 [ 20.149428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.149734] kthread+0x328/0x630 [ 20.149924] ret_from_fork+0x10/0x20 [ 20.149959] [ 20.149978] The buggy address belongs to the object at fff00000c56ed700 [ 20.149978] which belongs to the cache kmalloc-128 of size 128 [ 20.150041] The buggy address is located 0 bytes inside of [ 20.150041] freed 128-byte region [fff00000c56ed700, fff00000c56ed780) [ 20.150137] [ 20.150157] The buggy address belongs to the physical page: [ 20.150231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056ed [ 20.150544] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.150620] page_type: f5(slab) [ 20.150661] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.150710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.150750] page dumped because: kasan: bad access detected [ 20.150781] [ 20.150798] Memory state around the buggy address: [ 20.150846] fff00000c56ed600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.150922] fff00000c56ed680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.150964] >fff00000c56ed700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.151002] ^ [ 20.151028] fff00000c56ed780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.151069] fff00000c56ed800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.151107] ================================================================== [ 20.170871] ================================================================== [ 20.170932] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.171005] Read of size 1 at addr fff00000c5706240 by task kunit_try_catch/231 [ 20.171217] [ 20.171270] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.171623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.171649] Hardware name: linux,dummy-virt (DT) [ 20.171777] Call trace: [ 20.171800] show_stack+0x20/0x38 (C) [ 20.171847] dump_stack_lvl+0x8c/0xd0 [ 20.171891] print_report+0x118/0x608 [ 20.171937] kasan_report+0xdc/0x128 [ 20.171980] __asan_report_load1_noabort+0x20/0x30 [ 20.172039] mempool_uaf_helper+0x314/0x340 [ 20.172219] mempool_slab_uaf+0xc0/0x118 [ 20.172264] kunit_try_run_case+0x170/0x3f0 [ 20.172309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.172361] kthread+0x328/0x630 [ 20.172402] ret_from_fork+0x10/0x20 [ 20.172449] [ 20.172466] Allocated by task 231: [ 20.172493] kasan_save_stack+0x3c/0x68 [ 20.172533] kasan_save_track+0x20/0x40 [ 20.172570] kasan_save_alloc_info+0x40/0x58 [ 20.172610] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.172653] remove_element+0x16c/0x1f8 [ 20.172689] mempool_alloc_preallocated+0x58/0xc0 [ 20.172728] mempool_uaf_helper+0xa4/0x340 [ 20.172765] mempool_slab_uaf+0xc0/0x118 [ 20.172804] kunit_try_run_case+0x170/0x3f0 [ 20.172842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.172915] kthread+0x328/0x630 [ 20.173098] ret_from_fork+0x10/0x20 [ 20.173135] [ 20.173153] Freed by task 231: [ 20.173492] kasan_save_stack+0x3c/0x68 [ 20.173621] kasan_save_track+0x20/0x40 [ 20.173678] kasan_save_free_info+0x4c/0x78 [ 20.173728] __kasan_mempool_poison_object+0xc0/0x150 [ 20.173837] mempool_free+0x28c/0x328 [ 20.173873] mempool_uaf_helper+0x104/0x340 [ 20.173910] mempool_slab_uaf+0xc0/0x118 [ 20.173947] kunit_try_run_case+0x170/0x3f0 [ 20.173984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.174030] kthread+0x328/0x630 [ 20.174064] ret_from_fork+0x10/0x20 [ 20.174101] [ 20.174119] The buggy address belongs to the object at fff00000c5706240 [ 20.174119] which belongs to the cache test_cache of size 123 [ 20.174178] The buggy address is located 0 bytes inside of [ 20.174178] freed 123-byte region [fff00000c5706240, fff00000c57062bb) [ 20.174269] [ 20.174290] The buggy address belongs to the physical page: [ 20.174319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105706 [ 20.174370] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.174416] page_type: f5(slab) [ 20.174456] raw: 0bfffe0000000000 fff00000c56e6140 dead000000000122 0000000000000000 [ 20.174504] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.174558] page dumped because: kasan: bad access detected [ 20.174675] [ 20.174722] Memory state around the buggy address: [ 20.174773] fff00000c5706100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.174964] fff00000c5706180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.175006] >fff00000c5706200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.175345] ^ [ 20.175385] fff00000c5706280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.175476] fff00000c5706300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.175542] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.088961] ================================================================== [ 20.089328] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.089414] Read of size 1 at addr fff00000c56ed373 by task kunit_try_catch/221 [ 20.089656] [ 20.089727] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.089924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.090059] Hardware name: linux,dummy-virt (DT) [ 20.090095] Call trace: [ 20.090161] show_stack+0x20/0x38 (C) [ 20.090314] dump_stack_lvl+0x8c/0xd0 [ 20.090365] print_report+0x118/0x608 [ 20.090418] kasan_report+0xdc/0x128 [ 20.090469] __asan_report_load1_noabort+0x20/0x30 [ 20.090768] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.090846] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.091135] kunit_try_run_case+0x170/0x3f0 [ 20.091261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.091674] kthread+0x328/0x630 [ 20.091720] ret_from_fork+0x10/0x20 [ 20.091770] [ 20.091891] Allocated by task 221: [ 20.091923] kasan_save_stack+0x3c/0x68 [ 20.092243] kasan_save_track+0x20/0x40 [ 20.092281] kasan_save_alloc_info+0x40/0x58 [ 20.092960] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.093096] remove_element+0x130/0x1f8 [ 20.093572] mempool_alloc_preallocated+0x58/0xc0 [ 20.093628] mempool_oob_right_helper+0x98/0x2f0 [ 20.093670] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.093748] kunit_try_run_case+0x170/0x3f0 [ 20.094208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.094469] kthread+0x328/0x630 [ 20.094509] ret_from_fork+0x10/0x20 [ 20.094892] [ 20.094955] The buggy address belongs to the object at fff00000c56ed300 [ 20.094955] which belongs to the cache kmalloc-128 of size 128 [ 20.095290] The buggy address is located 0 bytes to the right of [ 20.095290] allocated 115-byte region [fff00000c56ed300, fff00000c56ed373) [ 20.095424] [ 20.095564] The buggy address belongs to the physical page: [ 20.095600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056ed [ 20.095657] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.096030] page_type: f5(slab) [ 20.096094] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.096151] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.096583] page dumped because: kasan: bad access detected [ 20.096618] [ 20.096644] Memory state around the buggy address: [ 20.097012] fff00000c56ed200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.097075] fff00000c56ed280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.097119] >fff00000c56ed300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.097158] ^ [ 20.097215] fff00000c56ed380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.097582] fff00000c56ed400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.097834] ================================================================== [ 20.126985] ================================================================== [ 20.127261] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.127482] Read of size 1 at addr fff00000c56e32bb by task kunit_try_catch/225 [ 20.127546] [ 20.127672] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.127912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.128045] Hardware name: linux,dummy-virt (DT) [ 20.128247] Call trace: [ 20.128271] show_stack+0x20/0x38 (C) [ 20.128319] dump_stack_lvl+0x8c/0xd0 [ 20.128365] print_report+0x118/0x608 [ 20.128411] kasan_report+0xdc/0x128 [ 20.128456] __asan_report_load1_noabort+0x20/0x30 [ 20.128507] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.128554] mempool_slab_oob_right+0xc0/0x118 [ 20.128663] kunit_try_run_case+0x170/0x3f0 [ 20.128719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.128874] kthread+0x328/0x630 [ 20.128949] ret_from_fork+0x10/0x20 [ 20.128997] [ 20.129015] Allocated by task 225: [ 20.129053] kasan_save_stack+0x3c/0x68 [ 20.129094] kasan_save_track+0x20/0x40 [ 20.129130] kasan_save_alloc_info+0x40/0x58 [ 20.129171] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.129226] remove_element+0x16c/0x1f8 [ 20.129268] mempool_alloc_preallocated+0x58/0xc0 [ 20.129305] mempool_oob_right_helper+0x98/0x2f0 [ 20.129450] mempool_slab_oob_right+0xc0/0x118 [ 20.129592] kunit_try_run_case+0x170/0x3f0 [ 20.129776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.129821] kthread+0x328/0x630 [ 20.129853] ret_from_fork+0x10/0x20 [ 20.129889] [ 20.129909] The buggy address belongs to the object at fff00000c56e3240 [ 20.129909] which belongs to the cache test_cache of size 123 [ 20.129965] The buggy address is located 0 bytes to the right of [ 20.129965] allocated 123-byte region [fff00000c56e3240, fff00000c56e32bb) [ 20.130027] [ 20.130047] The buggy address belongs to the physical page: [ 20.130078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e3 [ 20.130152] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.130221] page_type: f5(slab) [ 20.130265] raw: 0bfffe0000000000 fff00000c56e6000 dead000000000122 0000000000000000 [ 20.130505] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.130574] page dumped because: kasan: bad access detected [ 20.130605] [ 20.130624] Memory state around the buggy address: [ 20.130704] fff00000c56e3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.130808] fff00000c56e3200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.130902] >fff00000c56e3280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.131013] ^ [ 20.131097] fff00000c56e3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.131163] fff00000c56e3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.131221] ================================================================== [ 20.119301] ================================================================== [ 20.119378] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.119437] Read of size 1 at addr fff00000c78da001 by task kunit_try_catch/223 [ 20.119488] [ 20.119521] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.119602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.119630] Hardware name: linux,dummy-virt (DT) [ 20.119662] Call trace: [ 20.119685] show_stack+0x20/0x38 (C) [ 20.119732] dump_stack_lvl+0x8c/0xd0 [ 20.119778] print_report+0x118/0x608 [ 20.119825] kasan_report+0xdc/0x128 [ 20.119870] __asan_report_load1_noabort+0x20/0x30 [ 20.119919] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.119968] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 20.120018] kunit_try_run_case+0x170/0x3f0 [ 20.120068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.120120] kthread+0x328/0x630 [ 20.120160] ret_from_fork+0x10/0x20 [ 20.120217] [ 20.120239] The buggy address belongs to the physical page: [ 20.120273] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 20.120326] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.120371] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.120424] page_type: f8(unknown) [ 20.120463] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.120514] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.120563] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.120610] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.120659] head: 0bfffe0000000002 ffffc1ffc31e3601 00000000ffffffff 00000000ffffffff [ 20.120707] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.120747] page dumped because: kasan: bad access detected [ 20.120779] [ 20.120797] Memory state around the buggy address: [ 20.120829] fff00000c78d9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.120871] fff00000c78d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.120913] >fff00000c78da000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.120951] ^ [ 20.120980] fff00000c78da080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.121021] fff00000c78da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.121058] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.531883] ================================================================== [ 19.531961] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 19.532032] Read of size 1 at addr fff00000c1b58b40 by task kunit_try_catch/215 [ 19.532082] [ 19.532123] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.532220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.532248] Hardware name: linux,dummy-virt (DT) [ 19.532281] Call trace: [ 19.532307] show_stack+0x20/0x38 (C) [ 19.532363] dump_stack_lvl+0x8c/0xd0 [ 19.532412] print_report+0x118/0x608 [ 19.532457] kasan_report+0xdc/0x128 [ 19.532502] __kasan_check_byte+0x54/0x70 [ 19.532548] kmem_cache_destroy+0x34/0x218 [ 19.532594] kmem_cache_double_destroy+0x174/0x300 [ 19.532647] kunit_try_run_case+0x170/0x3f0 [ 19.532696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.532747] kthread+0x328/0x630 [ 19.532790] ret_from_fork+0x10/0x20 [ 19.532837] [ 19.532856] Allocated by task 215: [ 19.532885] kasan_save_stack+0x3c/0x68 [ 19.532925] kasan_save_track+0x20/0x40 [ 19.532964] kasan_save_alloc_info+0x40/0x58 [ 19.533003] __kasan_slab_alloc+0xa8/0xb0 [ 19.533041] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.533085] __kmem_cache_create_args+0x178/0x280 [ 19.533125] kmem_cache_double_destroy+0xc0/0x300 [ 19.533162] kunit_try_run_case+0x170/0x3f0 [ 19.533209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.533251] kthread+0x328/0x630 [ 19.533284] ret_from_fork+0x10/0x20 [ 19.533319] [ 19.533337] Freed by task 215: [ 19.533364] kasan_save_stack+0x3c/0x68 [ 19.533400] kasan_save_track+0x20/0x40 [ 19.533437] kasan_save_free_info+0x4c/0x78 [ 19.533505] __kasan_slab_free+0x6c/0x98 [ 19.533553] kmem_cache_free+0x260/0x468 [ 19.533591] slab_kmem_cache_release+0x38/0x50 [ 19.533628] kmem_cache_release+0x1c/0x30 [ 19.533665] kobject_put+0x17c/0x420 [ 19.533700] sysfs_slab_release+0x1c/0x30 [ 19.533737] kmem_cache_destroy+0x118/0x218 [ 19.533773] kmem_cache_double_destroy+0x128/0x300 [ 19.533813] kunit_try_run_case+0x170/0x3f0 [ 19.533851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.533897] kthread+0x328/0x630 [ 19.533929] ret_from_fork+0x10/0x20 [ 19.533964] [ 19.533983] The buggy address belongs to the object at fff00000c1b58b40 [ 19.533983] which belongs to the cache kmem_cache of size 208 [ 19.534040] The buggy address is located 0 bytes inside of [ 19.534040] freed 208-byte region [fff00000c1b58b40, fff00000c1b58c10) [ 19.534099] [ 19.534121] The buggy address belongs to the physical page: [ 19.534153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b58 [ 19.534216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.534268] page_type: f5(slab) [ 19.534308] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 19.534357] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.534398] page dumped because: kasan: bad access detected [ 19.534436] [ 19.534453] Memory state around the buggy address: [ 19.534487] fff00000c1b58a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.534534] fff00000c1b58a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 19.534576] >fff00000c1b58b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.534614] ^ [ 19.534650] fff00000c1b58b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.534692] fff00000c1b58c00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.534734] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.381936] ================================================================== [ 19.382041] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 19.382116] Read of size 1 at addr fff00000c56f8000 by task kunit_try_catch/213 [ 19.382168] [ 19.382240] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.382327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.382377] Hardware name: linux,dummy-virt (DT) [ 19.382414] Call trace: [ 19.382443] show_stack+0x20/0x38 (C) [ 19.382497] dump_stack_lvl+0x8c/0xd0 [ 19.382545] print_report+0x118/0x608 [ 19.382593] kasan_report+0xdc/0x128 [ 19.382637] __asan_report_load1_noabort+0x20/0x30 [ 19.382688] kmem_cache_rcu_uaf+0x388/0x468 [ 19.382850] kunit_try_run_case+0x170/0x3f0 [ 19.382917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.382970] kthread+0x328/0x630 [ 19.383022] ret_from_fork+0x10/0x20 [ 19.383072] [ 19.383090] Allocated by task 213: [ 19.383121] kasan_save_stack+0x3c/0x68 [ 19.383163] kasan_save_track+0x20/0x40 [ 19.383210] kasan_save_alloc_info+0x40/0x58 [ 19.383250] __kasan_slab_alloc+0xa8/0xb0 [ 19.383288] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.383328] kmem_cache_rcu_uaf+0x12c/0x468 [ 19.383365] kunit_try_run_case+0x170/0x3f0 [ 19.383402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.383446] kthread+0x328/0x630 [ 19.383488] ret_from_fork+0x10/0x20 [ 19.383525] [ 19.383542] Freed by task 0: [ 19.383575] kasan_save_stack+0x3c/0x68 [ 19.383755] kasan_save_track+0x20/0x40 [ 19.383872] kasan_save_free_info+0x4c/0x78 [ 19.383911] __kasan_slab_free+0x6c/0x98 [ 19.383946] slab_free_after_rcu_debug+0xd4/0x2f8 [ 19.383985] rcu_core+0x9f4/0x1e20 [ 19.384021] rcu_core_si+0x18/0x30 [ 19.384056] handle_softirqs+0x374/0xb28 [ 19.384093] __do_softirq+0x1c/0x28 [ 19.384125] [ 19.384144] Last potentially related work creation: [ 19.384169] kasan_save_stack+0x3c/0x68 [ 19.384782] kasan_record_aux_stack+0xb4/0xc8 [ 19.384830] kmem_cache_free+0x120/0x468 [ 19.384869] kmem_cache_rcu_uaf+0x16c/0x468 [ 19.384934] kunit_try_run_case+0x170/0x3f0 [ 19.385310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.385357] kthread+0x328/0x630 [ 19.385388] ret_from_fork+0x10/0x20 [ 19.385433] [ 19.385451] The buggy address belongs to the object at fff00000c56f8000 [ 19.385451] which belongs to the cache test_cache of size 200 [ 19.385596] The buggy address is located 0 bytes inside of [ 19.385596] freed 200-byte region [fff00000c56f8000, fff00000c56f80c8) [ 19.385691] [ 19.385713] The buggy address belongs to the physical page: [ 19.385746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f8 [ 19.385802] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.385854] page_type: f5(slab) [ 19.385896] raw: 0bfffe0000000000 fff00000c1b58a00 dead000000000122 0000000000000000 [ 19.385946] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.385986] page dumped because: kasan: bad access detected [ 19.386017] [ 19.386035] Memory state around the buggy address: [ 19.386069] fff00000c56f7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386111] fff00000c56f7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386292] >fff00000c56f8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.386410] ^ [ 19.386507] fff00000c56f8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.386552] fff00000c56f8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386631] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.847280] ================================================================== [ 18.847342] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 18.847414] Free of addr fff00000c56f5001 by task kunit_try_catch/211 [ 18.847538] [ 18.847583] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.847682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.848000] Hardware name: linux,dummy-virt (DT) [ 18.848105] Call trace: [ 18.848175] show_stack+0x20/0x38 (C) [ 18.848261] dump_stack_lvl+0x8c/0xd0 [ 18.848377] print_report+0x118/0x608 [ 18.848452] kasan_report_invalid_free+0xc0/0xe8 [ 18.848507] check_slab_allocation+0xfc/0x108 [ 18.848620] __kasan_slab_pre_free+0x2c/0x48 [ 18.848685] kmem_cache_free+0xf0/0x468 [ 18.848735] kmem_cache_invalid_free+0x184/0x3c8 [ 18.848808] kunit_try_run_case+0x170/0x3f0 [ 18.848883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.848937] kthread+0x328/0x630 [ 18.848999] ret_from_fork+0x10/0x20 [ 18.849275] [ 18.849325] Allocated by task 211: [ 18.849385] kasan_save_stack+0x3c/0x68 [ 18.849430] kasan_save_track+0x20/0x40 [ 18.849510] kasan_save_alloc_info+0x40/0x58 [ 18.849669] __kasan_slab_alloc+0xa8/0xb0 [ 18.849744] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.849816] kmem_cache_invalid_free+0x12c/0x3c8 [ 18.849950] kunit_try_run_case+0x170/0x3f0 [ 18.850124] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.850169] kthread+0x328/0x630 [ 18.850209] ret_from_fork+0x10/0x20 [ 18.850245] [ 18.850266] The buggy address belongs to the object at fff00000c56f5000 [ 18.850266] which belongs to the cache test_cache of size 200 [ 18.850733] The buggy address is located 1 bytes inside of [ 18.850733] 200-byte region [fff00000c56f5000, fff00000c56f50c8) [ 18.850866] [ 18.851041] The buggy address belongs to the physical page: [ 18.851224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f5 [ 18.851385] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.851521] page_type: f5(slab) [ 18.851560] raw: 0bfffe0000000000 fff00000c1b588c0 dead000000000122 0000000000000000 [ 18.851652] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.851958] page dumped because: kasan: bad access detected [ 18.852127] [ 18.852318] Memory state around the buggy address: [ 18.852463] fff00000c56f4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.852548] fff00000c56f4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.852607] >fff00000c56f5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.852759] ^ [ 18.852790] fff00000c56f5080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.852863] fff00000c56f5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.853075] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.822782] ================================================================== [ 18.822858] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 18.822929] Free of addr fff00000c56f3000 by task kunit_try_catch/209 [ 18.823281] [ 18.823381] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.823467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.823559] Hardware name: linux,dummy-virt (DT) [ 18.823658] Call trace: [ 18.823779] show_stack+0x20/0x38 (C) [ 18.823835] dump_stack_lvl+0x8c/0xd0 [ 18.823885] print_report+0x118/0x608 [ 18.824350] kasan_report_invalid_free+0xc0/0xe8 [ 18.824413] check_slab_allocation+0xd4/0x108 [ 18.824621] __kasan_slab_pre_free+0x2c/0x48 [ 18.824720] kmem_cache_free+0xf0/0x468 [ 18.824812] kmem_cache_double_free+0x190/0x3c8 [ 18.824862] kunit_try_run_case+0x170/0x3f0 [ 18.824911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.824967] kthread+0x328/0x630 [ 18.825018] ret_from_fork+0x10/0x20 [ 18.825069] [ 18.825354] Allocated by task 209: [ 18.825416] kasan_save_stack+0x3c/0x68 [ 18.825500] kasan_save_track+0x20/0x40 [ 18.825584] kasan_save_alloc_info+0x40/0x58 [ 18.825624] __kasan_slab_alloc+0xa8/0xb0 [ 18.825877] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.825928] kmem_cache_double_free+0x12c/0x3c8 [ 18.825966] kunit_try_run_case+0x170/0x3f0 [ 18.826004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.826069] kthread+0x328/0x630 [ 18.826105] ret_from_fork+0x10/0x20 [ 18.826141] [ 18.826161] Freed by task 209: [ 18.826189] kasan_save_stack+0x3c/0x68 [ 18.826587] kasan_save_track+0x20/0x40 [ 18.826675] kasan_save_free_info+0x4c/0x78 [ 18.826722] __kasan_slab_free+0x6c/0x98 [ 18.826757] kmem_cache_free+0x260/0x468 [ 18.827067] kmem_cache_double_free+0x140/0x3c8 [ 18.827216] kunit_try_run_case+0x170/0x3f0 [ 18.827315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.827362] kthread+0x328/0x630 [ 18.827395] ret_from_fork+0x10/0x20 [ 18.827430] [ 18.827449] The buggy address belongs to the object at fff00000c56f3000 [ 18.827449] which belongs to the cache test_cache of size 200 [ 18.827533] The buggy address is located 0 bytes inside of [ 18.827533] 200-byte region [fff00000c56f3000, fff00000c56f30c8) [ 18.827592] [ 18.827614] The buggy address belongs to the physical page: [ 18.827647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f3 [ 18.827917] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.828003] page_type: f5(slab) [ 18.828464] raw: 0bfffe0000000000 fff00000c1b58780 dead000000000122 0000000000000000 [ 18.828586] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.828653] page dumped because: kasan: bad access detected [ 18.828685] [ 18.828919] Memory state around the buggy address: [ 18.828995] fff00000c56f2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.829042] fff00000c56f2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.829085] >fff00000c56f3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.829123] ^ [ 18.829311] fff00000c56f3080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.829442] fff00000c56f3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.829567] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.569993] ================================================================== [ 18.570150] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 18.570253] Read of size 1 at addr fff00000c56f10c8 by task kunit_try_catch/207 [ 18.570336] [ 18.570402] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.570525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.570573] Hardware name: linux,dummy-virt (DT) [ 18.570630] Call trace: [ 18.570707] show_stack+0x20/0x38 (C) [ 18.570758] dump_stack_lvl+0x8c/0xd0 [ 18.570836] print_report+0x118/0x608 [ 18.570890] kasan_report+0xdc/0x128 [ 18.570955] __asan_report_load1_noabort+0x20/0x30 [ 18.571007] kmem_cache_oob+0x344/0x430 [ 18.571052] kunit_try_run_case+0x170/0x3f0 [ 18.571099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.571150] kthread+0x328/0x630 [ 18.571368] ret_from_fork+0x10/0x20 [ 18.571456] [ 18.571534] Allocated by task 207: [ 18.571591] kasan_save_stack+0x3c/0x68 [ 18.571633] kasan_save_track+0x20/0x40 [ 18.571671] kasan_save_alloc_info+0x40/0x58 [ 18.571721] __kasan_slab_alloc+0xa8/0xb0 [ 18.571787] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.571863] kmem_cache_oob+0x12c/0x430 [ 18.571921] kunit_try_run_case+0x170/0x3f0 [ 18.572016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.572098] kthread+0x328/0x630 [ 18.572130] ret_from_fork+0x10/0x20 [ 18.572183] [ 18.572414] The buggy address belongs to the object at fff00000c56f1000 [ 18.572414] which belongs to the cache test_cache of size 200 [ 18.572528] The buggy address is located 0 bytes to the right of [ 18.572528] allocated 200-byte region [fff00000c56f1000, fff00000c56f10c8) [ 18.572593] [ 18.572614] The buggy address belongs to the physical page: [ 18.572661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056f1 [ 18.572855] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.572921] page_type: f5(slab) [ 18.572960] raw: 0bfffe0000000000 fff00000c1b58640 dead000000000122 0000000000000000 [ 18.573018] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.573085] page dumped because: kasan: bad access detected [ 18.573118] [ 18.573163] Memory state around the buggy address: [ 18.573207] fff00000c56f0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.573276] fff00000c56f1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.573570] >fff00000c56f1080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.573674] ^ [ 18.573821] fff00000c56f1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.573905] fff00000c56f1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.574006] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.547878] ================================================================== [ 18.547943] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 18.548012] Read of size 8 at addr fff00000c56eb640 by task kunit_try_catch/200 [ 18.548061] [ 18.548094] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.548188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.548229] Hardware name: linux,dummy-virt (DT) [ 18.548261] Call trace: [ 18.548282] show_stack+0x20/0x38 (C) [ 18.548332] dump_stack_lvl+0x8c/0xd0 [ 18.548379] print_report+0x118/0x608 [ 18.548425] kasan_report+0xdc/0x128 [ 18.548470] __asan_report_load8_noabort+0x20/0x30 [ 18.548517] workqueue_uaf+0x480/0x4a8 [ 18.548561] kunit_try_run_case+0x170/0x3f0 [ 18.548701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.548767] kthread+0x328/0x630 [ 18.548808] ret_from_fork+0x10/0x20 [ 18.548855] [ 18.548875] Allocated by task 200: [ 18.548904] kasan_save_stack+0x3c/0x68 [ 18.548945] kasan_save_track+0x20/0x40 [ 18.548983] kasan_save_alloc_info+0x40/0x58 [ 18.549024] __kasan_kmalloc+0xd4/0xd8 [ 18.549059] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.549099] workqueue_uaf+0x13c/0x4a8 [ 18.549134] kunit_try_run_case+0x170/0x3f0 [ 18.549172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.549225] kthread+0x328/0x630 [ 18.549258] ret_from_fork+0x10/0x20 [ 18.549873] [ 18.549918] Freed by task 24: [ 18.549947] kasan_save_stack+0x3c/0x68 [ 18.549989] kasan_save_track+0x20/0x40 [ 18.550027] kasan_save_free_info+0x4c/0x78 [ 18.550065] __kasan_slab_free+0x6c/0x98 [ 18.550238] kfree+0x214/0x3c8 [ 18.550316] workqueue_uaf_work+0x18/0x30 [ 18.550415] process_one_work+0x530/0xf98 [ 18.550571] worker_thread+0x618/0xf38 [ 18.550704] kthread+0x328/0x630 [ 18.550772] ret_from_fork+0x10/0x20 [ 18.550809] [ 18.550827] Last potentially related work creation: [ 18.550852] kasan_save_stack+0x3c/0x68 [ 18.550891] kasan_record_aux_stack+0xb4/0xc8 [ 18.551109] __queue_work+0x65c/0x1008 [ 18.551235] queue_work_on+0xbc/0xf8 [ 18.551327] workqueue_uaf+0x210/0x4a8 [ 18.551364] kunit_try_run_case+0x170/0x3f0 [ 18.551638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.551775] kthread+0x328/0x630 [ 18.551871] ret_from_fork+0x10/0x20 [ 18.551992] [ 18.552012] The buggy address belongs to the object at fff00000c56eb640 [ 18.552012] which belongs to the cache kmalloc-32 of size 32 [ 18.552306] The buggy address is located 0 bytes inside of [ 18.552306] freed 32-byte region [fff00000c56eb640, fff00000c56eb660) [ 18.552470] [ 18.552594] The buggy address belongs to the physical page: [ 18.552681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056eb [ 18.552734] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.553001] page_type: f5(slab) [ 18.553093] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.553202] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.553286] page dumped because: kasan: bad access detected [ 18.553383] [ 18.553401] Memory state around the buggy address: [ 18.553434] fff00000c56eb500: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 18.553704] fff00000c56eb580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.553789] >fff00000c56eb600: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 18.553889] ^ [ 18.553958] fff00000c56eb680: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.554069] fff00000c56eb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.554130] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.530602] ================================================================== [ 18.530779] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 18.530852] Read of size 4 at addr fff00000c56eb440 by task swapper/1/0 [ 18.530908] [ 18.530959] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.531040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.531068] Hardware name: linux,dummy-virt (DT) [ 18.531099] Call trace: [ 18.531122] show_stack+0x20/0x38 (C) [ 18.531172] dump_stack_lvl+0x8c/0xd0 [ 18.531252] print_report+0x118/0x608 [ 18.531303] kasan_report+0xdc/0x128 [ 18.531358] __asan_report_load4_noabort+0x20/0x30 [ 18.531407] rcu_uaf_reclaim+0x64/0x70 [ 18.531459] rcu_core+0x9f4/0x1e20 [ 18.531514] rcu_core_si+0x18/0x30 [ 18.531557] handle_softirqs+0x374/0xb28 [ 18.531603] __do_softirq+0x1c/0x28 [ 18.531645] ____do_softirq+0x18/0x30 [ 18.531688] call_on_irq_stack+0x24/0x30 [ 18.531733] do_softirq_own_stack+0x24/0x38 [ 18.531778] __irq_exit_rcu+0x1fc/0x318 [ 18.531822] irq_exit_rcu+0x1c/0x80 [ 18.531872] el1_interrupt+0x38/0x58 [ 18.531926] el1h_64_irq_handler+0x18/0x28 [ 18.531973] el1h_64_irq+0x6c/0x70 [ 18.532076] arch_local_irq_enable+0x4/0x8 (P) [ 18.532126] do_idle+0x384/0x4e8 [ 18.532170] cpu_startup_entry+0x64/0x80 [ 18.532570] secondary_start_kernel+0x288/0x340 [ 18.532868] __secondary_switched+0xc0/0xc8 [ 18.532950] [ 18.532998] Allocated by task 198: [ 18.533045] kasan_save_stack+0x3c/0x68 [ 18.533089] kasan_save_track+0x20/0x40 [ 18.533126] kasan_save_alloc_info+0x40/0x58 [ 18.533179] __kasan_kmalloc+0xd4/0xd8 [ 18.533255] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.533321] rcu_uaf+0xb0/0x2d8 [ 18.533366] kunit_try_run_case+0x170/0x3f0 [ 18.533406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.533476] kthread+0x328/0x630 [ 18.533509] ret_from_fork+0x10/0x20 [ 18.533545] [ 18.533565] Freed by task 0: [ 18.533592] kasan_save_stack+0x3c/0x68 [ 18.533735] kasan_save_track+0x20/0x40 [ 18.533873] kasan_save_free_info+0x4c/0x78 [ 18.533969] __kasan_slab_free+0x6c/0x98 [ 18.534066] kfree+0x214/0x3c8 [ 18.534230] rcu_uaf_reclaim+0x28/0x70 [ 18.534399] rcu_core+0x9f4/0x1e20 [ 18.534539] rcu_core_si+0x18/0x30 [ 18.534705] handle_softirqs+0x374/0xb28 [ 18.534806] __do_softirq+0x1c/0x28 [ 18.534841] [ 18.534875] Last potentially related work creation: [ 18.534909] kasan_save_stack+0x3c/0x68 [ 18.534949] kasan_record_aux_stack+0xb4/0xc8 [ 18.535089] __call_rcu_common.constprop.0+0x74/0x8c8 [ 18.535134] call_rcu+0x18/0x30 [ 18.535167] rcu_uaf+0x14c/0x2d8 [ 18.535273] kunit_try_run_case+0x170/0x3f0 [ 18.535373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.535434] kthread+0x328/0x630 [ 18.535513] ret_from_fork+0x10/0x20 [ 18.535580] [ 18.535629] The buggy address belongs to the object at fff00000c56eb440 [ 18.535629] which belongs to the cache kmalloc-32 of size 32 [ 18.535721] The buggy address is located 0 bytes inside of [ 18.535721] freed 32-byte region [fff00000c56eb440, fff00000c56eb460) [ 18.535923] [ 18.536026] The buggy address belongs to the physical page: [ 18.536060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056eb [ 18.536442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.536510] page_type: f5(slab) [ 18.536559] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.536844] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.536914] page dumped because: kasan: bad access detected [ 18.537117] [ 18.537189] Memory state around the buggy address: [ 18.537342] fff00000c56eb300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.537405] fff00000c56eb380: fa fb fb fb fc fc fc fc 00 00 05 fc fc fc fc fc [ 18.537483] >fff00000c56eb400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.537521] ^ [ 18.537556] fff00000c56eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.537598] fff00000c56eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.537744] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.295733] ================================================================== [ 18.295889] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 18.295946] Read of size 1 at addr fff00000c56ed000 by task kunit_try_catch/196 [ 18.296037] [ 18.296179] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.296286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.296313] Hardware name: linux,dummy-virt (DT) [ 18.296531] Call trace: [ 18.296627] show_stack+0x20/0x38 (C) [ 18.296721] dump_stack_lvl+0x8c/0xd0 [ 18.296952] print_report+0x118/0x608 [ 18.297013] kasan_report+0xdc/0x128 [ 18.297218] __kasan_check_byte+0x54/0x70 [ 18.297281] ksize+0x30/0x88 [ 18.297323] ksize_uaf+0x168/0x5f8 [ 18.297366] kunit_try_run_case+0x170/0x3f0 [ 18.297514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.297737] kthread+0x328/0x630 [ 18.297782] ret_from_fork+0x10/0x20 [ 18.297830] [ 18.297849] Allocated by task 196: [ 18.297972] kasan_save_stack+0x3c/0x68 [ 18.298032] kasan_save_track+0x20/0x40 [ 18.298212] kasan_save_alloc_info+0x40/0x58 [ 18.298326] __kasan_kmalloc+0xd4/0xd8 [ 18.298457] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.298587] ksize_uaf+0xb8/0x5f8 [ 18.298673] kunit_try_run_case+0x170/0x3f0 [ 18.298711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.298966] kthread+0x328/0x630 [ 18.299137] ret_from_fork+0x10/0x20 [ 18.299223] [ 18.299243] Freed by task 196: [ 18.299591] kasan_save_stack+0x3c/0x68 [ 18.299681] kasan_save_track+0x20/0x40 [ 18.299740] kasan_save_free_info+0x4c/0x78 [ 18.299996] __kasan_slab_free+0x6c/0x98 [ 18.300066] kfree+0x214/0x3c8 [ 18.300235] ksize_uaf+0x11c/0x5f8 [ 18.300396] kunit_try_run_case+0x170/0x3f0 [ 18.300466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.300618] kthread+0x328/0x630 [ 18.300669] ret_from_fork+0x10/0x20 [ 18.300706] [ 18.300764] The buggy address belongs to the object at fff00000c56ed000 [ 18.300764] which belongs to the cache kmalloc-128 of size 128 [ 18.300836] The buggy address is located 0 bytes inside of [ 18.300836] freed 128-byte region [fff00000c56ed000, fff00000c56ed080) [ 18.300897] [ 18.300925] The buggy address belongs to the physical page: [ 18.300959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056ed [ 18.301022] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.301072] page_type: f5(slab) [ 18.301111] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.301159] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.301212] page dumped because: kasan: bad access detected [ 18.301244] [ 18.301284] Memory state around the buggy address: [ 18.301331] fff00000c56ecf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.301383] fff00000c56ecf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.301425] >fff00000c56ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.301472] ^ [ 18.301894] fff00000c56ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.301988] fff00000c56ed100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.302050] ================================================================== [ 18.304421] ================================================================== [ 18.304474] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 18.304519] Read of size 1 at addr fff00000c56ed000 by task kunit_try_catch/196 [ 18.304620] [ 18.304677] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.304940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.305005] Hardware name: linux,dummy-virt (DT) [ 18.305207] Call trace: [ 18.305270] show_stack+0x20/0x38 (C) [ 18.305347] dump_stack_lvl+0x8c/0xd0 [ 18.305498] print_report+0x118/0x608 [ 18.305568] kasan_report+0xdc/0x128 [ 18.305640] __asan_report_load1_noabort+0x20/0x30 [ 18.305704] ksize_uaf+0x598/0x5f8 [ 18.305748] kunit_try_run_case+0x170/0x3f0 [ 18.305797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.305849] kthread+0x328/0x630 [ 18.306297] ret_from_fork+0x10/0x20 [ 18.306516] [ 18.306621] Allocated by task 196: [ 18.306699] kasan_save_stack+0x3c/0x68 [ 18.306769] kasan_save_track+0x20/0x40 [ 18.306986] kasan_save_alloc_info+0x40/0x58 [ 18.307332] __kasan_kmalloc+0xd4/0xd8 [ 18.307516] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.307640] ksize_uaf+0xb8/0x5f8 [ 18.307770] kunit_try_run_case+0x170/0x3f0 [ 18.307945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.308123] kthread+0x328/0x630 [ 18.308250] ret_from_fork+0x10/0x20 [ 18.308289] [ 18.308603] Freed by task 196: [ 18.308775] kasan_save_stack+0x3c/0x68 [ 18.308937] kasan_save_track+0x20/0x40 [ 18.309035] kasan_save_free_info+0x4c/0x78 [ 18.309122] __kasan_slab_free+0x6c/0x98 [ 18.309159] kfree+0x214/0x3c8 [ 18.309202] ksize_uaf+0x11c/0x5f8 [ 18.309238] kunit_try_run_case+0x170/0x3f0 [ 18.309276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.309365] kthread+0x328/0x630 [ 18.309402] ret_from_fork+0x10/0x20 [ 18.309446] [ 18.309465] The buggy address belongs to the object at fff00000c56ed000 [ 18.309465] which belongs to the cache kmalloc-128 of size 128 [ 18.309779] The buggy address is located 0 bytes inside of [ 18.309779] freed 128-byte region [fff00000c56ed000, fff00000c56ed080) [ 18.309972] [ 18.309993] The buggy address belongs to the physical page: [ 18.310025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056ed [ 18.310080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.310518] page_type: f5(slab) [ 18.310617] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.310836] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.310965] page dumped because: kasan: bad access detected [ 18.311135] [ 18.311156] Memory state around the buggy address: [ 18.311189] fff00000c56ecf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.311553] fff00000c56ecf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.311705] >fff00000c56ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.311803] ^ [ 18.311965] fff00000c56ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.312073] fff00000c56ed100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.312490] ================================================================== [ 18.313401] ================================================================== [ 18.313452] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 18.313857] Read of size 1 at addr fff00000c56ed078 by task kunit_try_catch/196 [ 18.313910] [ 18.313956] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.314245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.314414] Hardware name: linux,dummy-virt (DT) [ 18.314492] Call trace: [ 18.314800] show_stack+0x20/0x38 (C) [ 18.314903] dump_stack_lvl+0x8c/0xd0 [ 18.314962] print_report+0x118/0x608 [ 18.315294] kasan_report+0xdc/0x128 [ 18.315522] __asan_report_load1_noabort+0x20/0x30 [ 18.315720] ksize_uaf+0x544/0x5f8 [ 18.315811] kunit_try_run_case+0x170/0x3f0 [ 18.316178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.316370] kthread+0x328/0x630 [ 18.316469] ret_from_fork+0x10/0x20 [ 18.316626] [ 18.316660] Allocated by task 196: [ 18.316693] kasan_save_stack+0x3c/0x68 [ 18.316784] kasan_save_track+0x20/0x40 [ 18.316832] kasan_save_alloc_info+0x40/0x58 [ 18.316873] __kasan_kmalloc+0xd4/0xd8 [ 18.316910] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.316948] ksize_uaf+0xb8/0x5f8 [ 18.316984] kunit_try_run_case+0x170/0x3f0 [ 18.317021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.317075] kthread+0x328/0x630 [ 18.317106] ret_from_fork+0x10/0x20 [ 18.317142] [ 18.317162] Freed by task 196: [ 18.317188] kasan_save_stack+0x3c/0x68 [ 18.317569] kasan_save_track+0x20/0x40 [ 18.317648] kasan_save_free_info+0x4c/0x78 [ 18.317812] __kasan_slab_free+0x6c/0x98 [ 18.317907] kfree+0x214/0x3c8 [ 18.318094] ksize_uaf+0x11c/0x5f8 [ 18.318285] kunit_try_run_case+0x170/0x3f0 [ 18.318361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.318524] kthread+0x328/0x630 [ 18.318639] ret_from_fork+0x10/0x20 [ 18.318767] [ 18.318847] The buggy address belongs to the object at fff00000c56ed000 [ 18.318847] which belongs to the cache kmalloc-128 of size 128 [ 18.319041] The buggy address is located 120 bytes inside of [ 18.319041] freed 128-byte region [fff00000c56ed000, fff00000c56ed080) [ 18.319232] [ 18.319278] The buggy address belongs to the physical page: [ 18.319546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056ed [ 18.319715] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.319893] page_type: f5(slab) [ 18.319990] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.320050] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.320490] page dumped because: kasan: bad access detected [ 18.320545] [ 18.320639] Memory state around the buggy address: [ 18.320825] fff00000c56ecf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.321183] fff00000c56ecf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.321294] >fff00000c56ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.321983] ^ [ 18.322090] fff00000c56ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.322138] fff00000c56ed100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.322175] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.273473] ================================================================== [ 18.273536] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 18.273623] Read of size 1 at addr fff00000c1cf4f78 by task kunit_try_catch/194 [ 18.273699] [ 18.273730] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.274085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.274143] Hardware name: linux,dummy-virt (DT) [ 18.274175] Call trace: [ 18.274278] show_stack+0x20/0x38 (C) [ 18.274460] dump_stack_lvl+0x8c/0xd0 [ 18.274509] print_report+0x118/0x608 [ 18.274555] kasan_report+0xdc/0x128 [ 18.274662] __asan_report_load1_noabort+0x20/0x30 [ 18.274762] ksize_unpoisons_memory+0x618/0x740 [ 18.274885] kunit_try_run_case+0x170/0x3f0 [ 18.275000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.275076] kthread+0x328/0x630 [ 18.275119] ret_from_fork+0x10/0x20 [ 18.275165] [ 18.275463] Allocated by task 194: [ 18.275584] kasan_save_stack+0x3c/0x68 [ 18.275683] kasan_save_track+0x20/0x40 [ 18.275786] kasan_save_alloc_info+0x40/0x58 [ 18.275863] __kasan_kmalloc+0xd4/0xd8 [ 18.276074] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.276152] ksize_unpoisons_memory+0xc0/0x740 [ 18.276291] kunit_try_run_case+0x170/0x3f0 [ 18.276327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.276418] kthread+0x328/0x630 [ 18.276627] ret_from_fork+0x10/0x20 [ 18.276783] [ 18.276813] The buggy address belongs to the object at fff00000c1cf4f00 [ 18.276813] which belongs to the cache kmalloc-128 of size 128 [ 18.276871] The buggy address is located 5 bytes to the right of [ 18.276871] allocated 115-byte region [fff00000c1cf4f00, fff00000c1cf4f73) [ 18.276936] [ 18.276965] The buggy address belongs to the physical page: [ 18.277003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 18.277054] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.277111] page_type: f5(slab) [ 18.277213] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.277567] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.277640] page dumped because: kasan: bad access detected [ 18.277841] [ 18.278046] Memory state around the buggy address: [ 18.278086] fff00000c1cf4e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.278133] fff00000c1cf4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.278176] >fff00000c1cf4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.278354] ^ [ 18.278469] fff00000c1cf4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.278644] fff00000c1cf5000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.278785] ================================================================== [ 18.280476] ================================================================== [ 18.281441] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 18.281525] Read of size 1 at addr fff00000c1cf4f7f by task kunit_try_catch/194 [ 18.281602] [ 18.281680] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.281772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.282069] Hardware name: linux,dummy-virt (DT) [ 18.282364] Call trace: [ 18.282414] show_stack+0x20/0x38 (C) [ 18.282578] dump_stack_lvl+0x8c/0xd0 [ 18.282928] print_report+0x118/0x608 [ 18.283064] kasan_report+0xdc/0x128 [ 18.283276] __asan_report_load1_noabort+0x20/0x30 [ 18.283451] ksize_unpoisons_memory+0x690/0x740 [ 18.283583] kunit_try_run_case+0x170/0x3f0 [ 18.283665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.283848] kthread+0x328/0x630 [ 18.283921] ret_from_fork+0x10/0x20 [ 18.283988] [ 18.284007] Allocated by task 194: [ 18.284043] kasan_save_stack+0x3c/0x68 [ 18.284095] kasan_save_track+0x20/0x40 [ 18.284132] kasan_save_alloc_info+0x40/0x58 [ 18.284174] __kasan_kmalloc+0xd4/0xd8 [ 18.284221] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.284264] ksize_unpoisons_memory+0xc0/0x740 [ 18.284317] kunit_try_run_case+0x170/0x3f0 [ 18.284359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.284409] kthread+0x328/0x630 [ 18.284440] ret_from_fork+0x10/0x20 [ 18.284475] [ 18.284493] The buggy address belongs to the object at fff00000c1cf4f00 [ 18.284493] which belongs to the cache kmalloc-128 of size 128 [ 18.284550] The buggy address is located 12 bytes to the right of [ 18.284550] allocated 115-byte region [fff00000c1cf4f00, fff00000c1cf4f73) [ 18.284613] [ 18.284644] The buggy address belongs to the physical page: [ 18.284676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 18.284728] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.284795] page_type: f5(slab) [ 18.284833] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.284891] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.284944] page dumped because: kasan: bad access detected [ 18.284984] [ 18.285002] Memory state around the buggy address: [ 18.285033] fff00000c1cf4e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.285099] fff00000c1cf4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.285141] >fff00000c1cf4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.285198] ^ [ 18.285238] fff00000c1cf4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.285940] fff00000c1cf5000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.285987] ================================================================== [ 18.268745] ================================================================== [ 18.268829] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 18.268905] Read of size 1 at addr fff00000c1cf4f73 by task kunit_try_catch/194 [ 18.268956] [ 18.269010] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.269117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.269164] Hardware name: linux,dummy-virt (DT) [ 18.269212] Call trace: [ 18.269234] show_stack+0x20/0x38 (C) [ 18.269329] dump_stack_lvl+0x8c/0xd0 [ 18.269440] print_report+0x118/0x608 [ 18.269487] kasan_report+0xdc/0x128 [ 18.269531] __asan_report_load1_noabort+0x20/0x30 [ 18.269807] ksize_unpoisons_memory+0x628/0x740 [ 18.269882] kunit_try_run_case+0x170/0x3f0 [ 18.269932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.269986] kthread+0x328/0x630 [ 18.270029] ret_from_fork+0x10/0x20 [ 18.270154] [ 18.270213] Allocated by task 194: [ 18.270243] kasan_save_stack+0x3c/0x68 [ 18.270337] kasan_save_track+0x20/0x40 [ 18.270498] kasan_save_alloc_info+0x40/0x58 [ 18.270608] __kasan_kmalloc+0xd4/0xd8 [ 18.270647] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.270710] ksize_unpoisons_memory+0xc0/0x740 [ 18.270767] kunit_try_run_case+0x170/0x3f0 [ 18.270805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.270848] kthread+0x328/0x630 [ 18.270880] ret_from_fork+0x10/0x20 [ 18.270916] [ 18.270936] The buggy address belongs to the object at fff00000c1cf4f00 [ 18.270936] which belongs to the cache kmalloc-128 of size 128 [ 18.270990] The buggy address is located 0 bytes to the right of [ 18.270990] allocated 115-byte region [fff00000c1cf4f00, fff00000c1cf4f73) [ 18.271170] [ 18.271247] The buggy address belongs to the physical page: [ 18.271367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 18.271442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.271492] page_type: f5(slab) [ 18.271530] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.271580] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.271812] page dumped because: kasan: bad access detected [ 18.271846] [ 18.271863] Memory state around the buggy address: [ 18.271899] fff00000c1cf4e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.271941] fff00000c1cf4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.272012] >fff00000c1cf4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.272093] ^ [ 18.272132] fff00000c1cf4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.272243] fff00000c1cf5000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.272280] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.250927] ================================================================== [ 18.251149] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 18.251222] Free of addr fff00000c1cea960 by task kunit_try_catch/192 [ 18.251266] [ 18.251296] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.251376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.251402] Hardware name: linux,dummy-virt (DT) [ 18.251442] Call trace: [ 18.251466] show_stack+0x20/0x38 (C) [ 18.251519] dump_stack_lvl+0x8c/0xd0 [ 18.251566] print_report+0x118/0x608 [ 18.251610] kasan_report_invalid_free+0xc0/0xe8 [ 18.251659] check_slab_allocation+0xd4/0x108 [ 18.251706] __kasan_slab_pre_free+0x2c/0x48 [ 18.251753] kfree+0xe8/0x3c8 [ 18.251793] kfree_sensitive+0x3c/0xb0 [ 18.251836] kmalloc_double_kzfree+0x168/0x308 [ 18.251900] kunit_try_run_case+0x170/0x3f0 [ 18.251946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.251997] kthread+0x328/0x630 [ 18.252038] ret_from_fork+0x10/0x20 [ 18.252085] [ 18.252105] Allocated by task 192: [ 18.252133] kasan_save_stack+0x3c/0x68 [ 18.252174] kasan_save_track+0x20/0x40 [ 18.252221] kasan_save_alloc_info+0x40/0x58 [ 18.252263] __kasan_kmalloc+0xd4/0xd8 [ 18.252299] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.252338] kmalloc_double_kzfree+0xb8/0x308 [ 18.252385] kunit_try_run_case+0x170/0x3f0 [ 18.252423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.252465] kthread+0x328/0x630 [ 18.252506] ret_from_fork+0x10/0x20 [ 18.252542] [ 18.252560] Freed by task 192: [ 18.252586] kasan_save_stack+0x3c/0x68 [ 18.252623] kasan_save_track+0x20/0x40 [ 18.252660] kasan_save_free_info+0x4c/0x78 [ 18.252701] __kasan_slab_free+0x6c/0x98 [ 18.252737] kfree+0x214/0x3c8 [ 18.252770] kfree_sensitive+0x80/0xb0 [ 18.252806] kmalloc_double_kzfree+0x11c/0x308 [ 18.252846] kunit_try_run_case+0x170/0x3f0 [ 18.252884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.252927] kthread+0x328/0x630 [ 18.252960] ret_from_fork+0x10/0x20 [ 18.252994] [ 18.253023] The buggy address belongs to the object at fff00000c1cea960 [ 18.253023] which belongs to the cache kmalloc-16 of size 16 [ 18.253085] The buggy address is located 0 bytes inside of [ 18.253085] 16-byte region [fff00000c1cea960, fff00000c1cea970) [ 18.253143] [ 18.253162] The buggy address belongs to the physical page: [ 18.253200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 18.254155] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.254248] page_type: f5(slab) [ 18.254307] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.254391] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.254648] page dumped because: kasan: bad access detected [ 18.254721] [ 18.254757] Memory state around the buggy address: [ 18.254892] fff00000c1cea800: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 18.256255] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.256342] >fff00000c1cea900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.257861] ^ [ 18.259107] fff00000c1cea980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.259470] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.259580] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.240754] ================================================================== [ 18.240815] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 18.240889] Read of size 1 at addr fff00000c1cea960 by task kunit_try_catch/192 [ 18.240947] [ 18.240980] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.241060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.241096] Hardware name: linux,dummy-virt (DT) [ 18.241127] Call trace: [ 18.241157] show_stack+0x20/0x38 (C) [ 18.241219] dump_stack_lvl+0x8c/0xd0 [ 18.241264] print_report+0x118/0x608 [ 18.241309] kasan_report+0xdc/0x128 [ 18.241364] __kasan_check_byte+0x54/0x70 [ 18.241411] kfree_sensitive+0x30/0xb0 [ 18.241807] kmalloc_double_kzfree+0x168/0x308 [ 18.242066] kunit_try_run_case+0x170/0x3f0 [ 18.242354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.242419] kthread+0x328/0x630 [ 18.242465] ret_from_fork+0x10/0x20 [ 18.242520] [ 18.242541] Allocated by task 192: [ 18.242926] kasan_save_stack+0x3c/0x68 [ 18.243088] kasan_save_track+0x20/0x40 [ 18.243235] kasan_save_alloc_info+0x40/0x58 [ 18.243278] __kasan_kmalloc+0xd4/0xd8 [ 18.243366] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.243733] kmalloc_double_kzfree+0xb8/0x308 [ 18.243816] kunit_try_run_case+0x170/0x3f0 [ 18.243870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.244065] kthread+0x328/0x630 [ 18.244268] ret_from_fork+0x10/0x20 [ 18.244356] [ 18.244404] Freed by task 192: [ 18.244432] kasan_save_stack+0x3c/0x68 [ 18.244664] kasan_save_track+0x20/0x40 [ 18.244880] kasan_save_free_info+0x4c/0x78 [ 18.244978] __kasan_slab_free+0x6c/0x98 [ 18.245107] kfree+0x214/0x3c8 [ 18.245545] kfree_sensitive+0x80/0xb0 [ 18.245691] kmalloc_double_kzfree+0x11c/0x308 [ 18.245736] kunit_try_run_case+0x170/0x3f0 [ 18.245801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.245850] kthread+0x328/0x630 [ 18.246217] ret_from_fork+0x10/0x20 [ 18.246347] [ 18.246384] The buggy address belongs to the object at fff00000c1cea960 [ 18.246384] which belongs to the cache kmalloc-16 of size 16 [ 18.246729] The buggy address is located 0 bytes inside of [ 18.246729] freed 16-byte region [fff00000c1cea960, fff00000c1cea970) [ 18.247100] [ 18.247360] The buggy address belongs to the physical page: [ 18.247474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 18.247657] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.247748] page_type: f5(slab) [ 18.248028] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.248150] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.248297] page dumped because: kasan: bad access detected [ 18.248330] [ 18.248369] Memory state around the buggy address: [ 18.248689] fff00000c1cea800: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 18.248823] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.248905] >fff00000c1cea900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.249160] ^ [ 18.249404] fff00000c1cea980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.249623] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.249794] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.212973] ================================================================== [ 18.213630] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 18.213821] Read of size 1 at addr fff00000c6436028 by task kunit_try_catch/188 [ 18.213933] [ 18.214045] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.214324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.214485] Hardware name: linux,dummy-virt (DT) [ 18.214565] Call trace: [ 18.214709] show_stack+0x20/0x38 (C) [ 18.214765] dump_stack_lvl+0x8c/0xd0 [ 18.214843] print_report+0x118/0x608 [ 18.215132] kasan_report+0xdc/0x128 [ 18.215293] __asan_report_load1_noabort+0x20/0x30 [ 18.215447] kmalloc_uaf2+0x3f4/0x468 [ 18.215679] kunit_try_run_case+0x170/0x3f0 [ 18.216154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.216301] kthread+0x328/0x630 [ 18.216370] ret_from_fork+0x10/0x20 [ 18.216710] [ 18.216739] Allocated by task 188: [ 18.216794] kasan_save_stack+0x3c/0x68 [ 18.217389] kasan_save_track+0x20/0x40 [ 18.217754] kasan_save_alloc_info+0x40/0x58 [ 18.217833] __kasan_kmalloc+0xd4/0xd8 [ 18.217975] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.218049] kmalloc_uaf2+0xc4/0x468 [ 18.218083] kunit_try_run_case+0x170/0x3f0 [ 18.218174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.218238] kthread+0x328/0x630 [ 18.218269] ret_from_fork+0x10/0x20 [ 18.218305] [ 18.218354] Freed by task 188: [ 18.218383] kasan_save_stack+0x3c/0x68 [ 18.218528] kasan_save_track+0x20/0x40 [ 18.218702] kasan_save_free_info+0x4c/0x78 [ 18.218848] __kasan_slab_free+0x6c/0x98 [ 18.218953] kfree+0x214/0x3c8 [ 18.219026] kmalloc_uaf2+0x134/0x468 [ 18.219247] kunit_try_run_case+0x170/0x3f0 [ 18.219653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.219834] kthread+0x328/0x630 [ 18.220018] ret_from_fork+0x10/0x20 [ 18.220115] [ 18.220231] The buggy address belongs to the object at fff00000c6436000 [ 18.220231] which belongs to the cache kmalloc-64 of size 64 [ 18.220512] The buggy address is located 40 bytes inside of [ 18.220512] freed 64-byte region [fff00000c6436000, fff00000c6436040) [ 18.220687] [ 18.220712] The buggy address belongs to the physical page: [ 18.221061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106436 [ 18.221212] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.221362] page_type: f5(slab) [ 18.221486] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.221678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.221860] page dumped because: kasan: bad access detected [ 18.221892] [ 18.221909] Memory state around the buggy address: [ 18.222283] fff00000c6435f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.222378] fff00000c6435f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.222499] >fff00000c6436000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.222539] ^ [ 18.222573] fff00000c6436080: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.223077] fff00000c6436100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.223275] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 18.192088] ================================================================== [ 18.192149] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 18.192214] Write of size 33 at addr fff00000c641ee80 by task kunit_try_catch/186 [ 18.192771] [ 18.192909] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.192997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.193024] Hardware name: linux,dummy-virt (DT) [ 18.193126] Call trace: [ 18.193152] show_stack+0x20/0x38 (C) [ 18.193314] dump_stack_lvl+0x8c/0xd0 [ 18.193403] print_report+0x118/0x608 [ 18.193455] kasan_report+0xdc/0x128 [ 18.193913] kasan_check_range+0x100/0x1a8 [ 18.194116] __asan_memset+0x34/0x78 [ 18.194160] kmalloc_uaf_memset+0x170/0x310 [ 18.194223] kunit_try_run_case+0x170/0x3f0 [ 18.194406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.194845] kthread+0x328/0x630 [ 18.195025] ret_from_fork+0x10/0x20 [ 18.195295] [ 18.195319] Allocated by task 186: [ 18.195377] kasan_save_stack+0x3c/0x68 [ 18.195656] kasan_save_track+0x20/0x40 [ 18.195777] kasan_save_alloc_info+0x40/0x58 [ 18.196014] __kasan_kmalloc+0xd4/0xd8 [ 18.196226] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.196477] kmalloc_uaf_memset+0xb8/0x310 [ 18.196770] kunit_try_run_case+0x170/0x3f0 [ 18.197131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.197418] kthread+0x328/0x630 [ 18.197637] ret_from_fork+0x10/0x20 [ 18.197983] [ 18.198017] Freed by task 186: [ 18.198058] kasan_save_stack+0x3c/0x68 [ 18.198107] kasan_save_track+0x20/0x40 [ 18.198144] kasan_save_free_info+0x4c/0x78 [ 18.198213] __kasan_slab_free+0x6c/0x98 [ 18.198258] kfree+0x214/0x3c8 [ 18.198290] kmalloc_uaf_memset+0x11c/0x310 [ 18.198621] kunit_try_run_case+0x170/0x3f0 [ 18.198683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.198978] kthread+0x328/0x630 [ 18.199219] ret_from_fork+0x10/0x20 [ 18.199342] [ 18.199446] The buggy address belongs to the object at fff00000c641ee80 [ 18.199446] which belongs to the cache kmalloc-64 of size 64 [ 18.199606] The buggy address is located 0 bytes inside of [ 18.199606] freed 64-byte region [fff00000c641ee80, fff00000c641eec0) [ 18.199778] [ 18.199828] The buggy address belongs to the physical page: [ 18.199860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10641e [ 18.200254] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.200417] page_type: f5(slab) [ 18.200460] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.200795] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.200854] page dumped because: kasan: bad access detected [ 18.201004] [ 18.201033] Memory state around the buggy address: [ 18.201068] fff00000c641ed80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.201275] fff00000c641ee00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.201515] >fff00000c641ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.201729] ^ [ 18.201828] fff00000c641ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.201960] fff00000c641ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.202218] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 18.176864] ================================================================== [ 18.176973] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 18.177034] Read of size 1 at addr fff00000c1cea948 by task kunit_try_catch/184 [ 18.177081] [ 18.177117] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.177600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.177640] Hardware name: linux,dummy-virt (DT) [ 18.177674] Call trace: [ 18.177696] show_stack+0x20/0x38 (C) [ 18.177911] dump_stack_lvl+0x8c/0xd0 [ 18.178252] print_report+0x118/0x608 [ 18.178528] kasan_report+0xdc/0x128 [ 18.178576] __asan_report_load1_noabort+0x20/0x30 [ 18.178628] kmalloc_uaf+0x300/0x338 [ 18.178670] kunit_try_run_case+0x170/0x3f0 [ 18.178718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.178769] kthread+0x328/0x630 [ 18.178810] ret_from_fork+0x10/0x20 [ 18.178880] [ 18.178899] Allocated by task 184: [ 18.178945] kasan_save_stack+0x3c/0x68 [ 18.178997] kasan_save_track+0x20/0x40 [ 18.179049] kasan_save_alloc_info+0x40/0x58 [ 18.179089] __kasan_kmalloc+0xd4/0xd8 [ 18.179140] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.179181] kmalloc_uaf+0xb8/0x338 [ 18.179237] kunit_try_run_case+0x170/0x3f0 [ 18.179282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.179325] kthread+0x328/0x630 [ 18.179356] ret_from_fork+0x10/0x20 [ 18.179402] [ 18.179420] Freed by task 184: [ 18.179447] kasan_save_stack+0x3c/0x68 [ 18.179483] kasan_save_track+0x20/0x40 [ 18.179520] kasan_save_free_info+0x4c/0x78 [ 18.179581] __kasan_slab_free+0x6c/0x98 [ 18.179625] kfree+0x214/0x3c8 [ 18.179660] kmalloc_uaf+0x11c/0x338 [ 18.179695] kunit_try_run_case+0x170/0x3f0 [ 18.179736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.179781] kthread+0x328/0x630 [ 18.179812] ret_from_fork+0x10/0x20 [ 18.179861] [ 18.179890] The buggy address belongs to the object at fff00000c1cea940 [ 18.179890] which belongs to the cache kmalloc-16 of size 16 [ 18.179960] The buggy address is located 8 bytes inside of [ 18.179960] freed 16-byte region [fff00000c1cea940, fff00000c1cea950) [ 18.180030] [ 18.180050] The buggy address belongs to the physical page: [ 18.180096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 18.180158] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.180552] page_type: f5(slab) [ 18.181013] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.181099] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.181210] page dumped because: kasan: bad access detected [ 18.181276] [ 18.181318] Memory state around the buggy address: [ 18.181746] fff00000c1cea800: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 18.181979] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.182321] >fff00000c1cea900: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 18.182403] ^ [ 18.182457] fff00000c1cea980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.182791] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.182951] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 18.157376] ================================================================== [ 18.157611] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.157827] Read of size 64 at addr fff00000c641eb84 by task kunit_try_catch/182 [ 18.158030] [ 18.158175] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.158415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.158596] Hardware name: linux,dummy-virt (DT) [ 18.158807] Call trace: [ 18.158974] show_stack+0x20/0x38 (C) [ 18.159067] dump_stack_lvl+0x8c/0xd0 [ 18.159244] print_report+0x118/0x608 [ 18.159481] kasan_report+0xdc/0x128 [ 18.159635] kasan_check_range+0x100/0x1a8 [ 18.159686] __asan_memmove+0x3c/0x98 [ 18.159788] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.160173] kunit_try_run_case+0x170/0x3f0 [ 18.160418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.160637] kthread+0x328/0x630 [ 18.160708] ret_from_fork+0x10/0x20 [ 18.161066] [ 18.161118] Allocated by task 182: [ 18.161272] kasan_save_stack+0x3c/0x68 [ 18.161457] kasan_save_track+0x20/0x40 [ 18.161718] kasan_save_alloc_info+0x40/0x58 [ 18.161760] __kasan_kmalloc+0xd4/0xd8 [ 18.161814] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.161864] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 18.161903] kunit_try_run_case+0x170/0x3f0 [ 18.162254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.162410] kthread+0x328/0x630 [ 18.162561] ret_from_fork+0x10/0x20 [ 18.162730] [ 18.162851] The buggy address belongs to the object at fff00000c641eb80 [ 18.162851] which belongs to the cache kmalloc-64 of size 64 [ 18.163109] The buggy address is located 4 bytes inside of [ 18.163109] allocated 64-byte region [fff00000c641eb80, fff00000c641ebc0) [ 18.163372] [ 18.163442] The buggy address belongs to the physical page: [ 18.163522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10641e [ 18.163667] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.163836] page_type: f5(slab) [ 18.163877] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.163981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.164386] page dumped because: kasan: bad access detected [ 18.164583] [ 18.164607] Memory state around the buggy address: [ 18.164837] fff00000c641ea80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 18.165208] fff00000c641eb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.165312] >fff00000c641eb80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.165454] ^ [ 18.165743] fff00000c641ec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.165980] fff00000c641ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.166140] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.136674] ================================================================== [ 18.136738] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.137181] Read of size 18446744073709551614 at addr fff00000c641e984 by task kunit_try_catch/180 [ 18.137447] [ 18.137566] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.137935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.137995] Hardware name: linux,dummy-virt (DT) [ 18.138106] Call trace: [ 18.138168] show_stack+0x20/0x38 (C) [ 18.138349] dump_stack_lvl+0x8c/0xd0 [ 18.138409] print_report+0x118/0x608 [ 18.138560] kasan_report+0xdc/0x128 [ 18.138666] kasan_check_range+0x100/0x1a8 [ 18.139014] __asan_memmove+0x3c/0x98 [ 18.139129] kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.139534] kunit_try_run_case+0x170/0x3f0 [ 18.139679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.139786] kthread+0x328/0x630 [ 18.139938] ret_from_fork+0x10/0x20 [ 18.141009] [ 18.141033] Allocated by task 180: [ 18.141483] kasan_save_stack+0x3c/0x68 [ 18.141632] kasan_save_track+0x20/0x40 [ 18.141753] kasan_save_alloc_info+0x40/0x58 [ 18.141958] __kasan_kmalloc+0xd4/0xd8 [ 18.142005] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.143117] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 18.143226] kunit_try_run_case+0x170/0x3f0 [ 18.143320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.143395] kthread+0x328/0x630 [ 18.143529] ret_from_fork+0x10/0x20 [ 18.143568] [ 18.143870] The buggy address belongs to the object at fff00000c641e980 [ 18.143870] which belongs to the cache kmalloc-64 of size 64 [ 18.144109] The buggy address is located 4 bytes inside of [ 18.144109] 64-byte region [fff00000c641e980, fff00000c641e9c0) [ 18.144827] [ 18.144904] The buggy address belongs to the physical page: [ 18.145044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10641e [ 18.145131] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.145641] page_type: f5(slab) [ 18.145866] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.146067] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.146246] page dumped because: kasan: bad access detected [ 18.146351] [ 18.146485] Memory state around the buggy address: [ 18.146590] fff00000c641e880: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 18.146634] fff00000c641e900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.146676] >fff00000c641e980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.146713] ^ [ 18.146742] fff00000c641ea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.147109] fff00000c641ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.147260] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.123515] ================================================================== [ 18.123602] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 18.123655] Write of size 16 at addr fff00000c1cf4e69 by task kunit_try_catch/178 [ 18.123711] [ 18.123744] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.123827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.123852] Hardware name: linux,dummy-virt (DT) [ 18.123890] Call trace: [ 18.123913] show_stack+0x20/0x38 (C) [ 18.123960] dump_stack_lvl+0x8c/0xd0 [ 18.124004] print_report+0x118/0x608 [ 18.124054] kasan_report+0xdc/0x128 [ 18.124099] kasan_check_range+0x100/0x1a8 [ 18.124145] __asan_memset+0x34/0x78 [ 18.124209] kmalloc_oob_memset_16+0x150/0x2f8 [ 18.124255] kunit_try_run_case+0x170/0x3f0 [ 18.124301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.124357] kthread+0x328/0x630 [ 18.124397] ret_from_fork+0x10/0x20 [ 18.124442] [ 18.124460] Allocated by task 178: [ 18.124496] kasan_save_stack+0x3c/0x68 [ 18.124536] kasan_save_track+0x20/0x40 [ 18.124572] kasan_save_alloc_info+0x40/0x58 [ 18.124610] __kasan_kmalloc+0xd4/0xd8 [ 18.124645] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.124683] kmalloc_oob_memset_16+0xb0/0x2f8 [ 18.124718] kunit_try_run_case+0x170/0x3f0 [ 18.124755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.124796] kthread+0x328/0x630 [ 18.124828] ret_from_fork+0x10/0x20 [ 18.124863] [ 18.124883] The buggy address belongs to the object at fff00000c1cf4e00 [ 18.124883] which belongs to the cache kmalloc-128 of size 128 [ 18.124936] The buggy address is located 105 bytes inside of [ 18.124936] allocated 120-byte region [fff00000c1cf4e00, fff00000c1cf4e78) [ 18.124994] [ 18.125013] The buggy address belongs to the physical page: [ 18.125041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 18.125090] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.125135] page_type: f5(slab) [ 18.125170] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.125369] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.125671] page dumped because: kasan: bad access detected [ 18.126291] [ 18.126383] Memory state around the buggy address: [ 18.126444] fff00000c1cf4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.126510] fff00000c1cf4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.127009] >fff00000c1cf4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.127177] ^ [ 18.127391] fff00000c1cf4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.127572] fff00000c1cf4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.127675] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.107125] ================================================================== [ 18.107291] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 18.107387] Write of size 8 at addr fff00000c1cf4d71 by task kunit_try_catch/176 [ 18.107573] [ 18.107899] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.107986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.108116] Hardware name: linux,dummy-virt (DT) [ 18.108260] Call trace: [ 18.108286] show_stack+0x20/0x38 (C) [ 18.108354] dump_stack_lvl+0x8c/0xd0 [ 18.108408] print_report+0x118/0x608 [ 18.108452] kasan_report+0xdc/0x128 [ 18.108495] kasan_check_range+0x100/0x1a8 [ 18.108817] __asan_memset+0x34/0x78 [ 18.108886] kmalloc_oob_memset_8+0x150/0x2f8 [ 18.108933] kunit_try_run_case+0x170/0x3f0 [ 18.109016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.109120] kthread+0x328/0x630 [ 18.109238] ret_from_fork+0x10/0x20 [ 18.109317] [ 18.109355] Allocated by task 176: [ 18.110224] kasan_save_stack+0x3c/0x68 [ 18.110319] kasan_save_track+0x20/0x40 [ 18.110438] kasan_save_alloc_info+0x40/0x58 [ 18.110502] __kasan_kmalloc+0xd4/0xd8 [ 18.110539] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.110577] kmalloc_oob_memset_8+0xb0/0x2f8 [ 18.110613] kunit_try_run_case+0x170/0x3f0 [ 18.110935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.111055] kthread+0x328/0x630 [ 18.111092] ret_from_fork+0x10/0x20 [ 18.111137] [ 18.111178] The buggy address belongs to the object at fff00000c1cf4d00 [ 18.111178] which belongs to the cache kmalloc-128 of size 128 [ 18.111243] The buggy address is located 113 bytes inside of [ 18.111243] allocated 120-byte region [fff00000c1cf4d00, fff00000c1cf4d78) [ 18.111302] [ 18.111333] The buggy address belongs to the physical page: [ 18.111369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 18.111424] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.111479] page_type: f5(slab) [ 18.111521] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.111574] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.111611] page dumped because: kasan: bad access detected [ 18.111646] [ 18.111664] Memory state around the buggy address: [ 18.111707] fff00000c1cf4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.111749] fff00000c1cf4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.111789] >fff00000c1cf4d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.111825] ^ [ 18.111872] fff00000c1cf4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.111913] fff00000c1cf4e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.111949] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.087943] ================================================================== [ 18.088003] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 18.088409] Write of size 4 at addr fff00000c1cf4c75 by task kunit_try_catch/174 [ 18.088528] [ 18.088586] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.088667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.088692] Hardware name: linux,dummy-virt (DT) [ 18.088722] Call trace: [ 18.088803] show_stack+0x20/0x38 (C) [ 18.088855] dump_stack_lvl+0x8c/0xd0 [ 18.088927] print_report+0x118/0x608 [ 18.089250] kasan_report+0xdc/0x128 [ 18.090117] kasan_check_range+0x100/0x1a8 [ 18.090220] __asan_memset+0x34/0x78 [ 18.090283] kmalloc_oob_memset_4+0x150/0x300 [ 18.090437] kunit_try_run_case+0x170/0x3f0 [ 18.090487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.090868] kthread+0x328/0x630 [ 18.090989] ret_from_fork+0x10/0x20 [ 18.091507] [ 18.091548] Allocated by task 174: [ 18.091600] kasan_save_stack+0x3c/0x68 [ 18.091646] kasan_save_track+0x20/0x40 [ 18.091972] kasan_save_alloc_info+0x40/0x58 [ 18.092130] __kasan_kmalloc+0xd4/0xd8 [ 18.092295] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.092381] kmalloc_oob_memset_4+0xb0/0x300 [ 18.092520] kunit_try_run_case+0x170/0x3f0 [ 18.092581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.092863] kthread+0x328/0x630 [ 18.093171] ret_from_fork+0x10/0x20 [ 18.093312] [ 18.093412] The buggy address belongs to the object at fff00000c1cf4c00 [ 18.093412] which belongs to the cache kmalloc-128 of size 128 [ 18.093612] The buggy address is located 117 bytes inside of [ 18.093612] allocated 120-byte region [fff00000c1cf4c00, fff00000c1cf4c78) [ 18.093719] [ 18.093827] The buggy address belongs to the physical page: [ 18.093876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 18.094020] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.094080] page_type: f5(slab) [ 18.094119] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.094538] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.094601] page dumped because: kasan: bad access detected [ 18.094724] [ 18.094769] Memory state around the buggy address: [ 18.094801] fff00000c1cf4b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.095122] fff00000c1cf4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.095267] >fff00000c1cf4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.095376] ^ [ 18.095829] fff00000c1cf4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.096284] fff00000c1cf4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.096366] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.074736] ================================================================== [ 18.074802] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 18.074858] Write of size 2 at addr fff00000c1cf4b77 by task kunit_try_catch/172 [ 18.074905] [ 18.074939] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.075018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.075043] Hardware name: linux,dummy-virt (DT) [ 18.075085] Call trace: [ 18.075108] show_stack+0x20/0x38 (C) [ 18.075154] dump_stack_lvl+0x8c/0xd0 [ 18.075215] print_report+0x118/0x608 [ 18.075260] kasan_report+0xdc/0x128 [ 18.075312] kasan_check_range+0x100/0x1a8 [ 18.075359] __asan_memset+0x34/0x78 [ 18.075400] kmalloc_oob_memset_2+0x150/0x2f8 [ 18.075445] kunit_try_run_case+0x170/0x3f0 [ 18.075490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.075540] kthread+0x328/0x630 [ 18.075580] ret_from_fork+0x10/0x20 [ 18.075631] [ 18.075651] Allocated by task 172: [ 18.075678] kasan_save_stack+0x3c/0x68 [ 18.075718] kasan_save_track+0x20/0x40 [ 18.075755] kasan_save_alloc_info+0x40/0x58 [ 18.075793] __kasan_kmalloc+0xd4/0xd8 [ 18.075830] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.075868] kmalloc_oob_memset_2+0xb0/0x2f8 [ 18.075904] kunit_try_run_case+0x170/0x3f0 [ 18.075939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.075981] kthread+0x328/0x630 [ 18.076011] ret_from_fork+0x10/0x20 [ 18.076067] [ 18.076087] The buggy address belongs to the object at fff00000c1cf4b00 [ 18.076087] which belongs to the cache kmalloc-128 of size 128 [ 18.076141] The buggy address is located 119 bytes inside of [ 18.076141] allocated 120-byte region [fff00000c1cf4b00, fff00000c1cf4b78) [ 18.076478] [ 18.077054] The buggy address belongs to the physical page: [ 18.077113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 18.077180] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.077242] page_type: f5(slab) [ 18.077299] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.077386] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.077499] page dumped because: kasan: bad access detected [ 18.077544] [ 18.077571] Memory state around the buggy address: [ 18.077603] fff00000c1cf4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.077644] fff00000c1cf4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.077703] >fff00000c1cf4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.077739] ^ [ 18.077778] fff00000c1cf4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.077818] fff00000c1cf4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.078303] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.052748] ================================================================== [ 18.052841] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 18.052890] Write of size 128 at addr fff00000c1cf4a00 by task kunit_try_catch/170 [ 18.052943] [ 18.052985] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.053064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.053089] Hardware name: linux,dummy-virt (DT) [ 18.053127] Call trace: [ 18.053150] show_stack+0x20/0x38 (C) [ 18.053224] dump_stack_lvl+0x8c/0xd0 [ 18.053270] print_report+0x118/0x608 [ 18.053314] kasan_report+0xdc/0x128 [ 18.053359] kasan_check_range+0x100/0x1a8 [ 18.053404] __asan_memset+0x34/0x78 [ 18.053445] kmalloc_oob_in_memset+0x144/0x2d0 [ 18.053735] kunit_try_run_case+0x170/0x3f0 [ 18.053948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.054258] kthread+0x328/0x630 [ 18.054366] ret_from_fork+0x10/0x20 [ 18.055067] [ 18.055139] Allocated by task 170: [ 18.055213] kasan_save_stack+0x3c/0x68 [ 18.055347] kasan_save_track+0x20/0x40 [ 18.055530] kasan_save_alloc_info+0x40/0x58 [ 18.055572] __kasan_kmalloc+0xd4/0xd8 [ 18.055651] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.055841] kmalloc_oob_in_memset+0xb0/0x2d0 [ 18.056080] kunit_try_run_case+0x170/0x3f0 [ 18.056357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.056519] kthread+0x328/0x630 [ 18.056695] ret_from_fork+0x10/0x20 [ 18.056761] [ 18.056922] The buggy address belongs to the object at fff00000c1cf4a00 [ 18.056922] which belongs to the cache kmalloc-128 of size 128 [ 18.057015] The buggy address is located 0 bytes inside of [ 18.057015] allocated 120-byte region [fff00000c1cf4a00, fff00000c1cf4a78) [ 18.057502] [ 18.057653] The buggy address belongs to the physical page: [ 18.057688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 18.057740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.058248] page_type: f5(slab) [ 18.058305] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.058567] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.058811] page dumped because: kasan: bad access detected [ 18.058848] [ 18.058877] Memory state around the buggy address: [ 18.059221] fff00000c1cf4900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.059309] fff00000c1cf4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.059492] >fff00000c1cf4a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.059623] ^ [ 18.059869] fff00000c1cf4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.060106] fff00000c1cf4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.060183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.033293] ================================================================== [ 18.033372] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 18.033421] Read of size 16 at addr fff00000c1cea920 by task kunit_try_catch/168 [ 18.033469] [ 18.033499] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.033846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.034138] Hardware name: linux,dummy-virt (DT) [ 18.034176] Call trace: [ 18.034212] show_stack+0x20/0x38 (C) [ 18.034445] dump_stack_lvl+0x8c/0xd0 [ 18.034516] print_report+0x118/0x608 [ 18.034667] kasan_report+0xdc/0x128 [ 18.034717] __asan_report_load16_noabort+0x20/0x30 [ 18.035143] kmalloc_uaf_16+0x3bc/0x438 [ 18.035753] kunit_try_run_case+0x170/0x3f0 [ 18.036063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.036232] kthread+0x328/0x630 [ 18.036333] ret_from_fork+0x10/0x20 [ 18.036696] [ 18.036754] Allocated by task 168: [ 18.036806] kasan_save_stack+0x3c/0x68 [ 18.036923] kasan_save_track+0x20/0x40 [ 18.037337] kasan_save_alloc_info+0x40/0x58 [ 18.037518] __kasan_kmalloc+0xd4/0xd8 [ 18.037689] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.037781] kmalloc_uaf_16+0x140/0x438 [ 18.038040] kunit_try_run_case+0x170/0x3f0 [ 18.038109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.038266] kthread+0x328/0x630 [ 18.038447] ret_from_fork+0x10/0x20 [ 18.038592] [ 18.038688] Freed by task 168: [ 18.038749] kasan_save_stack+0x3c/0x68 [ 18.038788] kasan_save_track+0x20/0x40 [ 18.038849] kasan_save_free_info+0x4c/0x78 [ 18.039058] __kasan_slab_free+0x6c/0x98 [ 18.039123] kfree+0x214/0x3c8 [ 18.039275] kmalloc_uaf_16+0x190/0x438 [ 18.039352] kunit_try_run_case+0x170/0x3f0 [ 18.039557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.039862] kthread+0x328/0x630 [ 18.040046] ret_from_fork+0x10/0x20 [ 18.040246] [ 18.040357] The buggy address belongs to the object at fff00000c1cea920 [ 18.040357] which belongs to the cache kmalloc-16 of size 16 [ 18.040512] The buggy address is located 0 bytes inside of [ 18.040512] freed 16-byte region [fff00000c1cea920, fff00000c1cea930) [ 18.040693] [ 18.040792] The buggy address belongs to the physical page: [ 18.040885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 18.041004] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.041266] page_type: f5(slab) [ 18.041355] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.041601] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.041782] page dumped because: kasan: bad access detected [ 18.041822] [ 18.041840] Memory state around the buggy address: [ 18.041872] fff00000c1cea800: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 18.042214] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.042326] >fff00000c1cea900: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.042365] ^ [ 18.042615] fff00000c1cea980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.042901] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.043040] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.020246] ================================================================== [ 18.020441] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 18.020495] Write of size 16 at addr fff00000c1cea8c0 by task kunit_try_catch/166 [ 18.020618] [ 18.020739] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.020827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.020855] Hardware name: linux,dummy-virt (DT) [ 18.020954] Call trace: [ 18.021025] show_stack+0x20/0x38 (C) [ 18.021174] dump_stack_lvl+0x8c/0xd0 [ 18.021236] print_report+0x118/0x608 [ 18.021281] kasan_report+0xdc/0x128 [ 18.021410] __asan_report_store16_noabort+0x20/0x30 [ 18.021462] kmalloc_oob_16+0x3a0/0x3f8 [ 18.021835] kunit_try_run_case+0x170/0x3f0 [ 18.021938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.022099] kthread+0x328/0x630 [ 18.022143] ret_from_fork+0x10/0x20 [ 18.022526] [ 18.022671] Allocated by task 166: [ 18.022754] kasan_save_stack+0x3c/0x68 [ 18.022920] kasan_save_track+0x20/0x40 [ 18.022990] kasan_save_alloc_info+0x40/0x58 [ 18.023030] __kasan_kmalloc+0xd4/0xd8 [ 18.023247] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.023337] kmalloc_oob_16+0xb4/0x3f8 [ 18.023384] kunit_try_run_case+0x170/0x3f0 [ 18.023517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.023767] kthread+0x328/0x630 [ 18.023886] ret_from_fork+0x10/0x20 [ 18.024007] [ 18.024028] The buggy address belongs to the object at fff00000c1cea8c0 [ 18.024028] which belongs to the cache kmalloc-16 of size 16 [ 18.024288] The buggy address is located 0 bytes inside of [ 18.024288] allocated 13-byte region [fff00000c1cea8c0, fff00000c1cea8cd) [ 18.024392] [ 18.024430] The buggy address belongs to the physical page: [ 18.024460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 18.024541] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.024608] page_type: f5(slab) [ 18.024654] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.024703] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.024742] page dumped because: kasan: bad access detected [ 18.024780] [ 18.024798] Memory state around the buggy address: [ 18.024838] fff00000c1cea780: fa fb fc fc fa fb fc fc 00 07 fc fc fa fb fc fc [ 18.024890] fff00000c1cea800: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 18.024938] >fff00000c1cea880: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 18.024975] ^ [ 18.025014] fff00000c1cea900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.025054] fff00000c1cea980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.025090] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 18.003471] ================================================================== [ 18.003521] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 18.003567] Read of size 1 at addr fff00000c0b97e00 by task kunit_try_catch/164 [ 18.003614] [ 18.003643] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.003719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.003744] Hardware name: linux,dummy-virt (DT) [ 18.003773] Call trace: [ 18.003793] show_stack+0x20/0x38 (C) [ 18.003839] dump_stack_lvl+0x8c/0xd0 [ 18.003884] print_report+0x118/0x608 [ 18.003929] kasan_report+0xdc/0x128 [ 18.003973] __asan_report_load1_noabort+0x20/0x30 [ 18.004021] krealloc_uaf+0x4c8/0x520 [ 18.004064] kunit_try_run_case+0x170/0x3f0 [ 18.004109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.004159] kthread+0x328/0x630 [ 18.005311] ret_from_fork+0x10/0x20 [ 18.005373] [ 18.005391] Allocated by task 164: [ 18.005418] kasan_save_stack+0x3c/0x68 [ 18.005477] kasan_save_track+0x20/0x40 [ 18.005515] kasan_save_alloc_info+0x40/0x58 [ 18.006319] __kasan_kmalloc+0xd4/0xd8 [ 18.006913] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.006953] krealloc_uaf+0xc8/0x520 [ 18.006991] kunit_try_run_case+0x170/0x3f0 [ 18.007374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.007494] kthread+0x328/0x630 [ 18.007624] ret_from_fork+0x10/0x20 [ 18.007701] [ 18.007895] Freed by task 164: [ 18.008038] kasan_save_stack+0x3c/0x68 [ 18.008122] kasan_save_track+0x20/0x40 [ 18.008365] kasan_save_free_info+0x4c/0x78 [ 18.008514] __kasan_slab_free+0x6c/0x98 [ 18.008654] kfree+0x214/0x3c8 [ 18.008800] krealloc_uaf+0x12c/0x520 [ 18.008889] kunit_try_run_case+0x170/0x3f0 [ 18.008937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.009139] kthread+0x328/0x630 [ 18.009188] ret_from_fork+0x10/0x20 [ 18.009323] [ 18.009429] The buggy address belongs to the object at fff00000c0b97e00 [ 18.009429] which belongs to the cache kmalloc-256 of size 256 [ 18.009588] The buggy address is located 0 bytes inside of [ 18.009588] freed 256-byte region [fff00000c0b97e00, fff00000c0b97f00) [ 18.009725] [ 18.009870] The buggy address belongs to the physical page: [ 18.009982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 18.010045] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.010091] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.010422] page_type: f5(slab) [ 18.010617] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.010799] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.010948] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.011065] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.011129] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 18.011176] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.011391] page dumped because: kasan: bad access detected [ 18.011653] [ 18.011787] Memory state around the buggy address: [ 18.011836] fff00000c0b97d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.011880] fff00000c0b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.011927] >fff00000c0b97e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.011964] ^ [ 18.011996] fff00000c0b97e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.012048] fff00000c0b97f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.012084] ================================================================== [ 17.988467] ================================================================== [ 17.988550] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 17.988603] Read of size 1 at addr fff00000c0b97e00 by task kunit_try_catch/164 [ 17.988650] [ 17.988680] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.988765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.988790] Hardware name: linux,dummy-virt (DT) [ 17.988819] Call trace: [ 17.988840] show_stack+0x20/0x38 (C) [ 17.988885] dump_stack_lvl+0x8c/0xd0 [ 17.988944] print_report+0x118/0x608 [ 17.988989] kasan_report+0xdc/0x128 [ 17.989042] __kasan_check_byte+0x54/0x70 [ 17.989087] krealloc_noprof+0x44/0x360 [ 17.989132] krealloc_uaf+0x180/0x520 [ 17.989174] kunit_try_run_case+0x170/0x3f0 [ 17.990076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.990135] kthread+0x328/0x630 [ 17.990177] ret_from_fork+0x10/0x20 [ 17.990514] [ 17.990580] Allocated by task 164: [ 17.990703] kasan_save_stack+0x3c/0x68 [ 17.990750] kasan_save_track+0x20/0x40 [ 17.990787] kasan_save_alloc_info+0x40/0x58 [ 17.991143] __kasan_kmalloc+0xd4/0xd8 [ 17.991317] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.991739] krealloc_uaf+0xc8/0x520 [ 17.991830] kunit_try_run_case+0x170/0x3f0 [ 17.991971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.992154] kthread+0x328/0x630 [ 17.992263] ret_from_fork+0x10/0x20 [ 17.992574] [ 17.992632] Freed by task 164: [ 17.992799] kasan_save_stack+0x3c/0x68 [ 17.992860] kasan_save_track+0x20/0x40 [ 17.993134] kasan_save_free_info+0x4c/0x78 [ 17.993261] __kasan_slab_free+0x6c/0x98 [ 17.993361] kfree+0x214/0x3c8 [ 17.993486] krealloc_uaf+0x12c/0x520 [ 17.993574] kunit_try_run_case+0x170/0x3f0 [ 17.993622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.993670] kthread+0x328/0x630 [ 17.993956] ret_from_fork+0x10/0x20 [ 17.994164] [ 17.994274] The buggy address belongs to the object at fff00000c0b97e00 [ 17.994274] which belongs to the cache kmalloc-256 of size 256 [ 17.994769] The buggy address is located 0 bytes inside of [ 17.994769] freed 256-byte region [fff00000c0b97e00, fff00000c0b97f00) [ 17.995098] [ 17.995168] The buggy address belongs to the physical page: [ 17.995485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 17.995607] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.995673] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.997025] page_type: f5(slab) [ 17.999349] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.999534] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.999646] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.000853] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.000926] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 18.000974] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.002571] page dumped because: kasan: bad access detected [ 18.002609] [ 18.002628] Memory state around the buggy address: [ 18.002661] fff00000c0b97d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.002703] fff00000c0b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.002743] >fff00000c0b97e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.002779] ^ [ 18.002807] fff00000c0b97e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.002847] fff00000c0b97f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.002883] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.953785] ================================================================== [ 17.953839] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.953886] Write of size 1 at addr fff00000c78420c9 by task kunit_try_catch/162 [ 17.953933] [ 17.953989] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.954066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.954091] Hardware name: linux,dummy-virt (DT) [ 17.954126] Call trace: [ 17.954147] show_stack+0x20/0x38 (C) [ 17.954487] dump_stack_lvl+0x8c/0xd0 [ 17.955042] print_report+0x118/0x608 [ 17.955155] kasan_report+0xdc/0x128 [ 17.955369] __asan_report_store1_noabort+0x20/0x30 [ 17.955515] krealloc_less_oob_helper+0xa48/0xc50 [ 17.955648] krealloc_large_less_oob+0x20/0x38 [ 17.955804] kunit_try_run_case+0x170/0x3f0 [ 17.955868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.956039] kthread+0x328/0x630 [ 17.956085] ret_from_fork+0x10/0x20 [ 17.956327] [ 17.956445] The buggy address belongs to the physical page: [ 17.956498] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 17.956801] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.956904] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.957099] page_type: f8(unknown) [ 17.957329] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.957392] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.957669] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.957794] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.957912] head: 0bfffe0000000002 ffffc1ffc31e1001 00000000ffffffff 00000000ffffffff [ 17.958088] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.958239] page dumped because: kasan: bad access detected [ 17.958359] [ 17.958500] Memory state around the buggy address: [ 17.958560] fff00000c7841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.958608] fff00000c7842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.958870] >fff00000c7842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.958987] ^ [ 17.959078] fff00000c7842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.959238] fff00000c7842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.959325] ================================================================== [ 17.966154] ================================================================== [ 17.966207] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.966254] Write of size 1 at addr fff00000c78420da by task kunit_try_catch/162 [ 17.966301] [ 17.966589] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.966758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.966868] Hardware name: linux,dummy-virt (DT) [ 17.966917] Call trace: [ 17.966966] show_stack+0x20/0x38 (C) [ 17.967033] dump_stack_lvl+0x8c/0xd0 [ 17.967166] print_report+0x118/0x608 [ 17.967242] kasan_report+0xdc/0x128 [ 17.967287] __asan_report_store1_noabort+0x20/0x30 [ 17.967333] krealloc_less_oob_helper+0xa80/0xc50 [ 17.967380] krealloc_large_less_oob+0x20/0x38 [ 17.967484] kunit_try_run_case+0x170/0x3f0 [ 17.967531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.967582] kthread+0x328/0x630 [ 17.967622] ret_from_fork+0x10/0x20 [ 17.967667] [ 17.967686] The buggy address belongs to the physical page: [ 17.967715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 17.967767] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.967811] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.967868] page_type: f8(unknown) [ 17.967905] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.967961] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.968017] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.968063] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.968110] head: 0bfffe0000000002 ffffc1ffc31e1001 00000000ffffffff 00000000ffffffff [ 17.968156] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.968203] page dumped because: kasan: bad access detected [ 17.968634] [ 17.968657] Memory state around the buggy address: [ 17.968688] fff00000c7841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.968730] fff00000c7842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.968966] >fff00000c7842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.969113] ^ [ 17.969160] fff00000c7842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.969279] fff00000c7842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.969322] ================================================================== [ 17.928597] ================================================================== [ 17.928724] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.928962] Write of size 1 at addr fff00000c0b97ceb by task kunit_try_catch/158 [ 17.929010] [ 17.929575] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.929676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.929702] Hardware name: linux,dummy-virt (DT) [ 17.929792] Call trace: [ 17.929814] show_stack+0x20/0x38 (C) [ 17.929863] dump_stack_lvl+0x8c/0xd0 [ 17.929908] print_report+0x118/0x608 [ 17.929960] kasan_report+0xdc/0x128 [ 17.930004] __asan_report_store1_noabort+0x20/0x30 [ 17.930051] krealloc_less_oob_helper+0xa58/0xc50 [ 17.930101] krealloc_less_oob+0x20/0x38 [ 17.930146] kunit_try_run_case+0x170/0x3f0 [ 17.930200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.930376] kthread+0x328/0x630 [ 17.930602] ret_from_fork+0x10/0x20 [ 17.930821] [ 17.930841] Allocated by task 158: [ 17.930868] kasan_save_stack+0x3c/0x68 [ 17.930908] kasan_save_track+0x20/0x40 [ 17.930964] kasan_save_alloc_info+0x40/0x58 [ 17.931012] __kasan_krealloc+0x118/0x178 [ 17.931049] krealloc_noprof+0x128/0x360 [ 17.931084] krealloc_less_oob_helper+0x168/0xc50 [ 17.931122] krealloc_less_oob+0x20/0x38 [ 17.931159] kunit_try_run_case+0x170/0x3f0 [ 17.931206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.931247] kthread+0x328/0x630 [ 17.931279] ret_from_fork+0x10/0x20 [ 17.931314] [ 17.931332] The buggy address belongs to the object at fff00000c0b97c00 [ 17.931332] which belongs to the cache kmalloc-256 of size 256 [ 17.931386] The buggy address is located 34 bytes to the right of [ 17.931386] allocated 201-byte region [fff00000c0b97c00, fff00000c0b97cc9) [ 17.931447] [ 17.931476] The buggy address belongs to the physical page: [ 17.931505] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 17.931578] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.931638] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.931695] page_type: f5(slab) [ 17.931732] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.931785] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.931842] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.931898] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.931944] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 17.931990] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.932028] page dumped because: kasan: bad access detected [ 17.932066] [ 17.932084] Memory state around the buggy address: [ 17.932113] fff00000c0b97b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.932154] fff00000c0b97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.932212] >fff00000c0b97c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.933024] ^ [ 17.933104] fff00000c0b97d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.933155] fff00000c0b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.933271] ================================================================== [ 17.960529] ================================================================== [ 17.960595] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.960696] Write of size 1 at addr fff00000c78420d0 by task kunit_try_catch/162 [ 17.960773] [ 17.960821] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.960905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.960930] Hardware name: linux,dummy-virt (DT) [ 17.961143] Call trace: [ 17.961283] show_stack+0x20/0x38 (C) [ 17.961338] dump_stack_lvl+0x8c/0xd0 [ 17.961401] print_report+0x118/0x608 [ 17.961447] kasan_report+0xdc/0x128 [ 17.961612] __asan_report_store1_noabort+0x20/0x30 [ 17.961696] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.961744] krealloc_large_less_oob+0x20/0x38 [ 17.961818] kunit_try_run_case+0x170/0x3f0 [ 17.961987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.962159] kthread+0x328/0x630 [ 17.962239] ret_from_fork+0x10/0x20 [ 17.962426] [ 17.962516] The buggy address belongs to the physical page: [ 17.962729] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 17.962786] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.962839] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.962888] page_type: f8(unknown) [ 17.962992] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.963113] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.963289] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.963376] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.963490] head: 0bfffe0000000002 ffffc1ffc31e1001 00000000ffffffff 00000000ffffffff [ 17.963588] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.963702] page dumped because: kasan: bad access detected [ 17.963790] [ 17.963833] Memory state around the buggy address: [ 17.963864] fff00000c7841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.964079] fff00000c7842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.964136] >fff00000c7842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.964203] ^ [ 17.964271] fff00000c7842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.964424] fff00000c7842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.964560] ================================================================== [ 17.969391] ================================================================== [ 17.969432] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.969702] Write of size 1 at addr fff00000c78420ea by task kunit_try_catch/162 [ 17.969791] [ 17.969873] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.970007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.970135] Hardware name: linux,dummy-virt (DT) [ 17.970301] Call trace: [ 17.970433] show_stack+0x20/0x38 (C) [ 17.970521] dump_stack_lvl+0x8c/0xd0 [ 17.970701] print_report+0x118/0x608 [ 17.970748] kasan_report+0xdc/0x128 [ 17.970793] __asan_report_store1_noabort+0x20/0x30 [ 17.970898] krealloc_less_oob_helper+0xae4/0xc50 [ 17.971069] krealloc_large_less_oob+0x20/0x38 [ 17.971244] kunit_try_run_case+0x170/0x3f0 [ 17.971332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.971427] kthread+0x328/0x630 [ 17.971604] ret_from_fork+0x10/0x20 [ 17.971757] [ 17.971777] The buggy address belongs to the physical page: [ 17.971807] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 17.972133] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.972267] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.972424] page_type: f8(unknown) [ 17.972553] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.972642] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.972843] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.972908] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.973282] head: 0bfffe0000000002 ffffc1ffc31e1001 00000000ffffffff 00000000ffffffff [ 17.973377] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.973488] page dumped because: kasan: bad access detected [ 17.973519] [ 17.973537] Memory state around the buggy address: [ 17.973567] fff00000c7841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.973608] fff00000c7842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.973648] >fff00000c7842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.973683] ^ [ 17.973722] fff00000c7842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.973763] fff00000c7842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.973798] ================================================================== [ 17.974819] ================================================================== [ 17.974885] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.975134] Write of size 1 at addr fff00000c78420eb by task kunit_try_catch/162 [ 17.975222] [ 17.975349] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.975565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.975611] Hardware name: linux,dummy-virt (DT) [ 17.975670] Call trace: [ 17.975709] show_stack+0x20/0x38 (C) [ 17.975815] dump_stack_lvl+0x8c/0xd0 [ 17.975862] print_report+0x118/0x608 [ 17.975907] kasan_report+0xdc/0x128 [ 17.975950] __asan_report_store1_noabort+0x20/0x30 [ 17.976002] krealloc_less_oob_helper+0xa58/0xc50 [ 17.976334] krealloc_large_less_oob+0x20/0x38 [ 17.976467] kunit_try_run_case+0x170/0x3f0 [ 17.976517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.976568] kthread+0x328/0x630 [ 17.976609] ret_from_fork+0x10/0x20 [ 17.976666] [ 17.976686] The buggy address belongs to the physical page: [ 17.976715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 17.976765] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.976810] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.976864] page_type: f8(unknown) [ 17.976902] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.976960] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.977009] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.977055] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.977110] head: 0bfffe0000000002 ffffc1ffc31e1001 00000000ffffffff 00000000ffffffff [ 17.977167] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.977215] page dumped because: kasan: bad access detected [ 17.977249] [ 17.977267] Memory state around the buggy address: [ 17.977305] fff00000c7841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.977347] fff00000c7842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.977395] >fff00000c7842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.977432] ^ [ 17.977468] fff00000c7842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.977826] fff00000c7842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.977907] ================================================================== [ 17.915402] ================================================================== [ 17.915479] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.915545] Write of size 1 at addr fff00000c0b97cda by task kunit_try_catch/158 [ 17.915643] [ 17.915713] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.915792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.915818] Hardware name: linux,dummy-virt (DT) [ 17.916022] Call trace: [ 17.916068] show_stack+0x20/0x38 (C) [ 17.916176] dump_stack_lvl+0x8c/0xd0 [ 17.916243] print_report+0x118/0x608 [ 17.916382] kasan_report+0xdc/0x128 [ 17.916474] __asan_report_store1_noabort+0x20/0x30 [ 17.916560] krealloc_less_oob_helper+0xa80/0xc50 [ 17.916616] krealloc_less_oob+0x20/0x38 [ 17.916963] kunit_try_run_case+0x170/0x3f0 [ 17.917048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.917102] kthread+0x328/0x630 [ 17.917154] ret_from_fork+0x10/0x20 [ 17.917365] [ 17.917514] Allocated by task 158: [ 17.917594] kasan_save_stack+0x3c/0x68 [ 17.917770] kasan_save_track+0x20/0x40 [ 17.917819] kasan_save_alloc_info+0x40/0x58 [ 17.917867] __kasan_krealloc+0x118/0x178 [ 17.917911] krealloc_noprof+0x128/0x360 [ 17.918185] krealloc_less_oob_helper+0x168/0xc50 [ 17.918376] krealloc_less_oob+0x20/0x38 [ 17.918599] kunit_try_run_case+0x170/0x3f0 [ 17.918742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.918866] kthread+0x328/0x630 [ 17.919018] ret_from_fork+0x10/0x20 [ 17.919063] [ 17.919144] The buggy address belongs to the object at fff00000c0b97c00 [ 17.919144] which belongs to the cache kmalloc-256 of size 256 [ 17.919323] The buggy address is located 17 bytes to the right of [ 17.919323] allocated 201-byte region [fff00000c0b97c00, fff00000c0b97cc9) [ 17.919414] [ 17.919434] The buggy address belongs to the physical page: [ 17.919472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 17.919539] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.919583] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.919633] page_type: f5(slab) [ 17.919687] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.919745] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.919803] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.919849] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.919896] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 17.919942] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.919979] page dumped because: kasan: bad access detected [ 17.920023] [ 17.920042] Memory state around the buggy address: [ 17.920072] fff00000c0b97b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.920112] fff00000c0b97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.920160] >fff00000c0b97c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.920223] ^ [ 17.920274] fff00000c0b97d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.920334] fff00000c0b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.920379] ================================================================== [ 17.907217] ================================================================== [ 17.907489] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.907535] Write of size 1 at addr fff00000c0b97cd0 by task kunit_try_catch/158 [ 17.907840] [ 17.907873] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.908416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.908456] Hardware name: linux,dummy-virt (DT) [ 17.908488] Call trace: [ 17.908508] show_stack+0x20/0x38 (C) [ 17.908557] dump_stack_lvl+0x8c/0xd0 [ 17.908624] print_report+0x118/0x608 [ 17.908681] kasan_report+0xdc/0x128 [ 17.908727] __asan_report_store1_noabort+0x20/0x30 [ 17.908773] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.908819] krealloc_less_oob+0x20/0x38 [ 17.908862] kunit_try_run_case+0x170/0x3f0 [ 17.908907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.909036] kthread+0x328/0x630 [ 17.909081] ret_from_fork+0x10/0x20 [ 17.909127] [ 17.909145] Allocated by task 158: [ 17.909172] kasan_save_stack+0x3c/0x68 [ 17.909436] kasan_save_track+0x20/0x40 [ 17.909588] kasan_save_alloc_info+0x40/0x58 [ 17.909907] __kasan_krealloc+0x118/0x178 [ 17.909955] krealloc_noprof+0x128/0x360 [ 17.910102] krealloc_less_oob_helper+0x168/0xc50 [ 17.910257] krealloc_less_oob+0x20/0x38 [ 17.910365] kunit_try_run_case+0x170/0x3f0 [ 17.910441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.910547] kthread+0x328/0x630 [ 17.910869] ret_from_fork+0x10/0x20 [ 17.910977] [ 17.911097] The buggy address belongs to the object at fff00000c0b97c00 [ 17.911097] which belongs to the cache kmalloc-256 of size 256 [ 17.911156] The buggy address is located 7 bytes to the right of [ 17.911156] allocated 201-byte region [fff00000c0b97c00, fff00000c0b97cc9) [ 17.911530] [ 17.911578] The buggy address belongs to the physical page: [ 17.911616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 17.911702] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.911748] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.912113] page_type: f5(slab) [ 17.912322] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.912394] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.912464] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.912712] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.912837] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 17.913099] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.913228] page dumped because: kasan: bad access detected [ 17.913288] [ 17.913352] Memory state around the buggy address: [ 17.913501] fff00000c0b97b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.913715] fff00000c0b97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.914078] >fff00000c0b97c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.914160] ^ [ 17.914311] fff00000c0b97d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.914377] fff00000c0b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.914515] ================================================================== [ 17.902713] ================================================================== [ 17.902773] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.902824] Write of size 1 at addr fff00000c0b97cc9 by task kunit_try_catch/158 [ 17.902872] [ 17.902903] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.902979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.903004] Hardware name: linux,dummy-virt (DT) [ 17.903033] Call trace: [ 17.903054] show_stack+0x20/0x38 (C) [ 17.903129] dump_stack_lvl+0x8c/0xd0 [ 17.903175] print_report+0x118/0x608 [ 17.903240] kasan_report+0xdc/0x128 [ 17.903284] __asan_report_store1_noabort+0x20/0x30 [ 17.903330] krealloc_less_oob_helper+0xa48/0xc50 [ 17.903386] krealloc_less_oob+0x20/0x38 [ 17.903430] kunit_try_run_case+0x170/0x3f0 [ 17.903484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.903535] kthread+0x328/0x630 [ 17.903576] ret_from_fork+0x10/0x20 [ 17.903631] [ 17.903649] Allocated by task 158: [ 17.903682] kasan_save_stack+0x3c/0x68 [ 17.903721] kasan_save_track+0x20/0x40 [ 17.903757] kasan_save_alloc_info+0x40/0x58 [ 17.903801] __kasan_krealloc+0x118/0x178 [ 17.903838] krealloc_noprof+0x128/0x360 [ 17.903873] krealloc_less_oob_helper+0x168/0xc50 [ 17.903917] krealloc_less_oob+0x20/0x38 [ 17.903952] kunit_try_run_case+0x170/0x3f0 [ 17.903995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.904036] kthread+0x328/0x630 [ 17.904067] ret_from_fork+0x10/0x20 [ 17.904102] [ 17.904120] The buggy address belongs to the object at fff00000c0b97c00 [ 17.904120] which belongs to the cache kmalloc-256 of size 256 [ 17.904173] The buggy address is located 0 bytes to the right of [ 17.904173] allocated 201-byte region [fff00000c0b97c00, fff00000c0b97cc9) [ 17.904518] [ 17.904546] The buggy address belongs to the physical page: [ 17.904610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 17.904669] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.904714] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.904810] page_type: f5(slab) [ 17.905137] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.905205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.905254] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.905336] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.905586] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 17.905676] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.905805] page dumped because: kasan: bad access detected [ 17.905837] [ 17.905855] Memory state around the buggy address: [ 17.905958] fff00000c0b97b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.906098] fff00000c0b97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.906157] >fff00000c0b97c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.906405] ^ [ 17.906453] fff00000c0b97d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.906495] fff00000c0b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.906532] ================================================================== [ 17.920959] ================================================================== [ 17.921023] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.921081] Write of size 1 at addr fff00000c0b97cea by task kunit_try_catch/158 [ 17.921179] [ 17.921266] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.921346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.921407] Hardware name: linux,dummy-virt (DT) [ 17.921540] Call trace: [ 17.921898] show_stack+0x20/0x38 (C) [ 17.921952] dump_stack_lvl+0x8c/0xd0 [ 17.921997] print_report+0x118/0x608 [ 17.922159] kasan_report+0xdc/0x128 [ 17.922342] __asan_report_store1_noabort+0x20/0x30 [ 17.922458] krealloc_less_oob_helper+0xae4/0xc50 [ 17.922631] krealloc_less_oob+0x20/0x38 [ 17.922725] kunit_try_run_case+0x170/0x3f0 [ 17.922938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.923000] kthread+0x328/0x630 [ 17.923040] ret_from_fork+0x10/0x20 [ 17.923114] [ 17.923132] Allocated by task 158: [ 17.923159] kasan_save_stack+0x3c/0x68 [ 17.923424] kasan_save_track+0x20/0x40 [ 17.923572] kasan_save_alloc_info+0x40/0x58 [ 17.923669] __kasan_krealloc+0x118/0x178 [ 17.923859] krealloc_noprof+0x128/0x360 [ 17.923927] krealloc_less_oob_helper+0x168/0xc50 [ 17.924216] krealloc_less_oob+0x20/0x38 [ 17.924377] kunit_try_run_case+0x170/0x3f0 [ 17.924581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.924678] kthread+0x328/0x630 [ 17.924811] ret_from_fork+0x10/0x20 [ 17.924868] [ 17.924929] The buggy address belongs to the object at fff00000c0b97c00 [ 17.924929] which belongs to the cache kmalloc-256 of size 256 [ 17.925188] The buggy address is located 33 bytes to the right of [ 17.925188] allocated 201-byte region [fff00000c0b97c00, fff00000c0b97cc9) [ 17.925457] [ 17.925515] The buggy address belongs to the physical page: [ 17.925696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 17.925867] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.925945] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.926016] page_type: f5(slab) [ 17.926053] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.926317] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.926485] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.926561] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.926707] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 17.926820] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.926940] page dumped because: kasan: bad access detected [ 17.927020] [ 17.927083] Memory state around the buggy address: [ 17.927202] fff00000c0b97b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927247] fff00000c0b97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.927320] >fff00000c0b97c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.927530] ^ [ 17.927745] fff00000c0b97d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927838] fff00000c0b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.928000] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.883753] ================================================================== [ 17.883808] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.883857] Write of size 1 at addr fff00000c0b97aeb by task kunit_try_catch/156 [ 17.883912] [ 17.883949] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.884132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.884159] Hardware name: linux,dummy-virt (DT) [ 17.884329] Call trace: [ 17.884369] show_stack+0x20/0x38 (C) [ 17.884558] dump_stack_lvl+0x8c/0xd0 [ 17.884611] print_report+0x118/0x608 [ 17.884682] kasan_report+0xdc/0x128 [ 17.884727] __asan_report_store1_noabort+0x20/0x30 [ 17.884905] krealloc_more_oob_helper+0x60c/0x678 [ 17.885080] krealloc_more_oob+0x20/0x38 [ 17.885156] kunit_try_run_case+0x170/0x3f0 [ 17.885214] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.885279] kthread+0x328/0x630 [ 17.885346] ret_from_fork+0x10/0x20 [ 17.885412] [ 17.885434] Allocated by task 156: [ 17.885463] kasan_save_stack+0x3c/0x68 [ 17.885579] kasan_save_track+0x20/0x40 [ 17.885679] kasan_save_alloc_info+0x40/0x58 [ 17.885764] __kasan_krealloc+0x118/0x178 [ 17.885833] krealloc_noprof+0x128/0x360 [ 17.885869] krealloc_more_oob_helper+0x168/0x678 [ 17.885907] krealloc_more_oob+0x20/0x38 [ 17.885942] kunit_try_run_case+0x170/0x3f0 [ 17.885978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.886210] kthread+0x328/0x630 [ 17.886460] ret_from_fork+0x10/0x20 [ 17.886695] [ 17.886787] The buggy address belongs to the object at fff00000c0b97a00 [ 17.886787] which belongs to the cache kmalloc-256 of size 256 [ 17.887053] The buggy address is located 0 bytes to the right of [ 17.887053] allocated 235-byte region [fff00000c0b97a00, fff00000c0b97aeb) [ 17.887319] [ 17.887464] The buggy address belongs to the physical page: [ 17.887500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 17.887553] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.887980] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.888076] page_type: f5(slab) [ 17.888153] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.888300] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.888451] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.888548] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.888595] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 17.888641] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.888679] page dumped because: kasan: bad access detected [ 17.888718] [ 17.888735] Memory state around the buggy address: [ 17.888765] fff00000c0b97980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.888806] fff00000c0b97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.888847] >fff00000c0b97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.888894] ^ [ 17.888941] fff00000c0b97b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.888983] fff00000c0b97b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.889021] ================================================================== [ 17.945151] ================================================================== [ 17.945208] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.945254] Write of size 1 at addr fff00000c78420f0 by task kunit_try_catch/160 [ 17.945317] [ 17.945347] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.945465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.945560] Hardware name: linux,dummy-virt (DT) [ 17.945739] Call trace: [ 17.945765] show_stack+0x20/0x38 (C) [ 17.945814] dump_stack_lvl+0x8c/0xd0 [ 17.945858] print_report+0x118/0x608 [ 17.945910] kasan_report+0xdc/0x128 [ 17.946022] __asan_report_store1_noabort+0x20/0x30 [ 17.946125] krealloc_more_oob_helper+0x5c0/0x678 [ 17.946307] krealloc_large_more_oob+0x20/0x38 [ 17.946408] kunit_try_run_case+0x170/0x3f0 [ 17.946474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.946752] kthread+0x328/0x630 [ 17.946893] ret_from_fork+0x10/0x20 [ 17.947071] [ 17.947132] The buggy address belongs to the physical page: [ 17.947162] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 17.947463] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.947548] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.947699] page_type: f8(unknown) [ 17.947825] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.947877] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.947978] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.949731] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.949785] head: 0bfffe0000000002 ffffc1ffc31e1001 00000000ffffffff 00000000ffffffff [ 17.949832] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.950137] page dumped because: kasan: bad access detected [ 17.950169] [ 17.950187] Memory state around the buggy address: [ 17.950520] fff00000c7841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.950565] fff00000c7842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.950605] >fff00000c7842080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.950755] ^ [ 17.950798] fff00000c7842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.950839] fff00000c7842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.950875] ================================================================== [ 17.890518] ================================================================== [ 17.890584] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.890639] Write of size 1 at addr fff00000c0b97af0 by task kunit_try_catch/156 [ 17.890693] [ 17.890742] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.890818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.890843] Hardware name: linux,dummy-virt (DT) [ 17.890878] Call trace: [ 17.890997] show_stack+0x20/0x38 (C) [ 17.891044] dump_stack_lvl+0x8c/0xd0 [ 17.891088] print_report+0x118/0x608 [ 17.891134] kasan_report+0xdc/0x128 [ 17.891314] __asan_report_store1_noabort+0x20/0x30 [ 17.891376] krealloc_more_oob_helper+0x5c0/0x678 [ 17.891477] krealloc_more_oob+0x20/0x38 [ 17.891542] kunit_try_run_case+0x170/0x3f0 [ 17.891589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.891657] kthread+0x328/0x630 [ 17.891782] ret_from_fork+0x10/0x20 [ 17.891830] [ 17.891848] Allocated by task 156: [ 17.891874] kasan_save_stack+0x3c/0x68 [ 17.891913] kasan_save_track+0x20/0x40 [ 17.891948] kasan_save_alloc_info+0x40/0x58 [ 17.891986] __kasan_krealloc+0x118/0x178 [ 17.892216] krealloc_noprof+0x128/0x360 [ 17.892267] krealloc_more_oob_helper+0x168/0x678 [ 17.892403] krealloc_more_oob+0x20/0x38 [ 17.892534] kunit_try_run_case+0x170/0x3f0 [ 17.892600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.892643] kthread+0x328/0x630 [ 17.892771] ret_from_fork+0x10/0x20 [ 17.892807] [ 17.892826] The buggy address belongs to the object at fff00000c0b97a00 [ 17.892826] which belongs to the cache kmalloc-256 of size 256 [ 17.892989] The buggy address is located 5 bytes to the right of [ 17.892989] allocated 235-byte region [fff00000c0b97a00, fff00000c0b97aeb) [ 17.893060] [ 17.893079] The buggy address belongs to the physical page: [ 17.893157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 17.893244] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.893290] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.893338] page_type: f5(slab) [ 17.893373] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.893482] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.893620] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.893776] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.893875] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 17.893930] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.893968] page dumped because: kasan: bad access detected [ 17.894005] [ 17.894022] Memory state around the buggy address: [ 17.894052] fff00000c0b97980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.894093] fff00000c0b97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.894133] >fff00000c0b97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.894178] ^ [ 17.894225] fff00000c0b97b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.894287] fff00000c0b97b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.894330] ================================================================== [ 17.941065] ================================================================== [ 17.941134] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.941240] Write of size 1 at addr fff00000c78420eb by task kunit_try_catch/160 [ 17.941293] [ 17.941339] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.941443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.941470] Hardware name: linux,dummy-virt (DT) [ 17.941623] Call trace: [ 17.941645] show_stack+0x20/0x38 (C) [ 17.941695] dump_stack_lvl+0x8c/0xd0 [ 17.941748] print_report+0x118/0x608 [ 17.941887] kasan_report+0xdc/0x128 [ 17.942037] __asan_report_store1_noabort+0x20/0x30 [ 17.942125] krealloc_more_oob_helper+0x60c/0x678 [ 17.942266] krealloc_large_more_oob+0x20/0x38 [ 17.942587] kunit_try_run_case+0x170/0x3f0 [ 17.942720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.942841] kthread+0x328/0x630 [ 17.942937] ret_from_fork+0x10/0x20 [ 17.943054] [ 17.943104] The buggy address belongs to the physical page: [ 17.943134] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 17.943407] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.943542] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.943676] page_type: f8(unknown) [ 17.943723] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.943820] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.943967] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.944015] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.944312] head: 0bfffe0000000002 ffffc1ffc31e1001 00000000ffffffff 00000000ffffffff [ 17.944391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.944440] page dumped because: kasan: bad access detected [ 17.944470] [ 17.944489] Memory state around the buggy address: [ 17.944555] fff00000c7841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.944606] fff00000c7842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.944646] >fff00000c7842080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.944696] ^ [ 17.944733] fff00000c7842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.944789] fff00000c7842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.944826] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 17.872842] ================================================================== [ 17.872898] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 17.873033] Read of size 1 at addr fff00000c7840000 by task kunit_try_catch/154 [ 17.873251] [ 17.873399] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.873520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.873636] Hardware name: linux,dummy-virt (DT) [ 17.873694] Call trace: [ 17.873790] show_stack+0x20/0x38 (C) [ 17.873960] dump_stack_lvl+0x8c/0xd0 [ 17.874094] print_report+0x118/0x608 [ 17.874209] kasan_report+0xdc/0x128 [ 17.874255] __asan_report_load1_noabort+0x20/0x30 [ 17.874304] page_alloc_uaf+0x328/0x350 [ 17.874348] kunit_try_run_case+0x170/0x3f0 [ 17.874395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.874851] kthread+0x328/0x630 [ 17.874954] ret_from_fork+0x10/0x20 [ 17.875090] [ 17.875178] The buggy address belongs to the physical page: [ 17.875318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 17.875435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.875507] page_type: f0(buddy) [ 17.875849] raw: 0bfffe0000000000 fff00000ff616170 fff00000ff616170 0000000000000000 [ 17.875933] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 17.876239] page dumped because: kasan: bad access detected [ 17.876316] [ 17.876456] Memory state around the buggy address: [ 17.876516] fff00000c783ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.876597] fff00000c783ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.876638] >fff00000c7840000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.876674] ^ [ 17.876701] fff00000c7840080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.876750] fff00000c7840100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.876795] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 17.857241] ================================================================== [ 17.857322] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 17.857378] Free of addr fff00000c65e4001 by task kunit_try_catch/150 [ 17.857688] [ 17.857746] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.857836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.857862] Hardware name: linux,dummy-virt (DT) [ 17.857911] Call trace: [ 17.857957] show_stack+0x20/0x38 (C) [ 17.858032] dump_stack_lvl+0x8c/0xd0 [ 17.858204] print_report+0x118/0x608 [ 17.858313] kasan_report_invalid_free+0xc0/0xe8 [ 17.858458] __kasan_kfree_large+0x5c/0xa8 [ 17.858572] free_large_kmalloc+0x64/0x190 [ 17.858619] kfree+0x270/0x3c8 [ 17.858797] kmalloc_large_invalid_free+0x108/0x270 [ 17.859035] kunit_try_run_case+0x170/0x3f0 [ 17.859154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.859318] kthread+0x328/0x630 [ 17.859398] ret_from_fork+0x10/0x20 [ 17.859444] [ 17.859607] The buggy address belongs to the physical page: [ 17.859686] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065e4 [ 17.859826] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.859942] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.860028] page_type: f8(unknown) [ 17.860140] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.860188] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.860263] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.860447] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.860621] head: 0bfffe0000000002 ffffc1ffc3197901 00000000ffffffff 00000000ffffffff [ 17.860774] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.860882] page dumped because: kasan: bad access detected [ 17.860932] [ 17.860951] Memory state around the buggy address: [ 17.861089] fff00000c65e3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.861155] fff00000c65e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.861421] >fff00000c65e4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.861581] ^ [ 17.861659] fff00000c65e4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.861739] fff00000c65e4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.861837] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 17.850519] ================================================================== [ 17.850582] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 17.850701] Read of size 1 at addr fff00000c65e4000 by task kunit_try_catch/148 [ 17.850749] [ 17.850889] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.850978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.851051] Hardware name: linux,dummy-virt (DT) [ 17.851119] Call trace: [ 17.851153] show_stack+0x20/0x38 (C) [ 17.851214] dump_stack_lvl+0x8c/0xd0 [ 17.851340] print_report+0x118/0x608 [ 17.851553] kasan_report+0xdc/0x128 [ 17.851623] __asan_report_load1_noabort+0x20/0x30 [ 17.851689] kmalloc_large_uaf+0x2cc/0x2f8 [ 17.851779] kunit_try_run_case+0x170/0x3f0 [ 17.851858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.851910] kthread+0x328/0x630 [ 17.851966] ret_from_fork+0x10/0x20 [ 17.852012] [ 17.852138] The buggy address belongs to the physical page: [ 17.852168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065e4 [ 17.852228] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.852398] raw: 0bfffe0000000000 fff00000da478c40 fff00000da478c40 0000000000000000 [ 17.852483] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 17.852539] page dumped because: kasan: bad access detected [ 17.852594] [ 17.852612] Memory state around the buggy address: [ 17.852643] fff00000c65e3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.852689] fff00000c65e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.852729] >fff00000c65e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.852765] ^ [ 17.852823] fff00000c65e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.852931] fff00000c65e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.852969] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 17.840572] ================================================================== [ 17.840798] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 17.840861] Write of size 1 at addr fff00000c65e600a by task kunit_try_catch/146 [ 17.840947] [ 17.841012] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.841133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.841159] Hardware name: linux,dummy-virt (DT) [ 17.841227] Call trace: [ 17.841266] show_stack+0x20/0x38 (C) [ 17.841315] dump_stack_lvl+0x8c/0xd0 [ 17.841422] print_report+0x118/0x608 [ 17.841470] kasan_report+0xdc/0x128 [ 17.841549] __asan_report_store1_noabort+0x20/0x30 [ 17.841598] kmalloc_large_oob_right+0x278/0x2b8 [ 17.841646] kunit_try_run_case+0x170/0x3f0 [ 17.842036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.842166] kthread+0x328/0x630 [ 17.842267] ret_from_fork+0x10/0x20 [ 17.842463] [ 17.842570] The buggy address belongs to the physical page: [ 17.842610] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065e4 [ 17.842743] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.842820] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.842992] page_type: f8(unknown) [ 17.843031] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.843103] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.843462] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.843658] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.844087] head: 0bfffe0000000002 ffffc1ffc3197901 00000000ffffffff 00000000ffffffff [ 17.844257] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.844303] page dumped because: kasan: bad access detected [ 17.844333] [ 17.844363] Memory state around the buggy address: [ 17.844411] fff00000c65e5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.844453] fff00000c65e5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.844495] >fff00000c65e6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.844539] ^ [ 17.844566] fff00000c65e6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.844619] fff00000c65e6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.844655] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 17.831080] ================================================================== [ 17.831139] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.831186] Write of size 1 at addr fff00000c7819f00 by task kunit_try_catch/144 [ 17.831383] [ 17.831414] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.831726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.831814] Hardware name: linux,dummy-virt (DT) [ 17.831847] Call trace: [ 17.831868] show_stack+0x20/0x38 (C) [ 17.831927] dump_stack_lvl+0x8c/0xd0 [ 17.831983] print_report+0x118/0x608 [ 17.832031] kasan_report+0xdc/0x128 [ 17.832076] __asan_report_store1_noabort+0x20/0x30 [ 17.832124] kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.832170] kunit_try_run_case+0x170/0x3f0 [ 17.832227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.832278] kthread+0x328/0x630 [ 17.832319] ret_from_fork+0x10/0x20 [ 17.832365] [ 17.832385] Allocated by task 144: [ 17.832413] kasan_save_stack+0x3c/0x68 [ 17.832453] kasan_save_track+0x20/0x40 [ 17.832490] kasan_save_alloc_info+0x40/0x58 [ 17.832545] __kasan_kmalloc+0xd4/0xd8 [ 17.832581] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.832619] kmalloc_big_oob_right+0xb8/0x2f0 [ 17.832656] kunit_try_run_case+0x170/0x3f0 [ 17.832692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.832735] kthread+0x328/0x630 [ 17.832774] ret_from_fork+0x10/0x20 [ 17.832815] [ 17.832835] The buggy address belongs to the object at fff00000c7818000 [ 17.832835] which belongs to the cache kmalloc-8k of size 8192 [ 17.832899] The buggy address is located 0 bytes to the right of [ 17.832899] allocated 7936-byte region [fff00000c7818000, fff00000c7819f00) [ 17.832962] [ 17.832982] The buggy address belongs to the physical page: [ 17.833012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 17.833061] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.833105] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.833154] page_type: f5(slab) [ 17.833201] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.833258] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.833317] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.833373] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.833421] head: 0bfffe0000000003 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 17.833776] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.834113] page dumped because: kasan: bad access detected [ 17.834172] [ 17.834270] Memory state around the buggy address: [ 17.834323] fff00000c7819e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.834411] fff00000c7819e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.834566] >fff00000c7819f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.834666] ^ [ 17.834771] fff00000c7819f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.834837] fff00000c781a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.834874] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 17.822371] ================================================================== [ 17.822417] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 17.822470] Write of size 1 at addr fff00000c1cf4978 by task kunit_try_catch/142 [ 17.822519] [ 17.822548] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.822628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.822655] Hardware name: linux,dummy-virt (DT) [ 17.822753] Call trace: [ 17.822801] show_stack+0x20/0x38 (C) [ 17.822866] dump_stack_lvl+0x8c/0xd0 [ 17.822913] print_report+0x118/0x608 [ 17.822958] kasan_report+0xdc/0x128 [ 17.823003] __asan_report_store1_noabort+0x20/0x30 [ 17.823050] kmalloc_track_caller_oob_right+0x418/0x488 [ 17.823100] kunit_try_run_case+0x170/0x3f0 [ 17.823147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.823211] kthread+0x328/0x630 [ 17.823252] ret_from_fork+0x10/0x20 [ 17.823298] [ 17.823460] Allocated by task 142: [ 17.823561] kasan_save_stack+0x3c/0x68 [ 17.823605] kasan_save_track+0x20/0x40 [ 17.823641] kasan_save_alloc_info+0x40/0x58 [ 17.823688] __kasan_kmalloc+0xd4/0xd8 [ 17.823739] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.823782] kmalloc_track_caller_oob_right+0x184/0x488 [ 17.823840] kunit_try_run_case+0x170/0x3f0 [ 17.823926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.823971] kthread+0x328/0x630 [ 17.824005] ret_from_fork+0x10/0x20 [ 17.824093] [ 17.824162] The buggy address belongs to the object at fff00000c1cf4900 [ 17.824162] which belongs to the cache kmalloc-128 of size 128 [ 17.824232] The buggy address is located 0 bytes to the right of [ 17.824232] allocated 120-byte region [fff00000c1cf4900, fff00000c1cf4978) [ 17.824295] [ 17.824464] The buggy address belongs to the physical page: [ 17.824493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 17.824711] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.824772] page_type: f5(slab) [ 17.824850] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.824917] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.824974] page dumped because: kasan: bad access detected [ 17.825020] [ 17.825074] Memory state around the buggy address: [ 17.825132] fff00000c1cf4800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.825175] fff00000c1cf4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.825360] >fff00000c1cf4900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.825398] ^ [ 17.825436] fff00000c1cf4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.825589] fff00000c1cf4a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.825738] ================================================================== [ 17.818719] ================================================================== [ 17.818786] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.818839] Write of size 1 at addr fff00000c1cf4878 by task kunit_try_catch/142 [ 17.818887] [ 17.818925] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.819005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.819031] Hardware name: linux,dummy-virt (DT) [ 17.819061] Call trace: [ 17.819082] show_stack+0x20/0x38 (C) [ 17.819129] dump_stack_lvl+0x8c/0xd0 [ 17.819174] print_report+0x118/0x608 [ 17.819235] kasan_report+0xdc/0x128 [ 17.819280] __asan_report_store1_noabort+0x20/0x30 [ 17.819339] kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.819392] kunit_try_run_case+0x170/0x3f0 [ 17.819439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.819501] kthread+0x328/0x630 [ 17.819544] ret_from_fork+0x10/0x20 [ 17.819592] [ 17.819609] Allocated by task 142: [ 17.819637] kasan_save_stack+0x3c/0x68 [ 17.819685] kasan_save_track+0x20/0x40 [ 17.819722] kasan_save_alloc_info+0x40/0x58 [ 17.819769] __kasan_kmalloc+0xd4/0xd8 [ 17.819805] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.819848] kmalloc_track_caller_oob_right+0xa8/0x488 [ 17.819888] kunit_try_run_case+0x170/0x3f0 [ 17.819926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.819968] kthread+0x328/0x630 [ 17.819999] ret_from_fork+0x10/0x20 [ 17.820042] [ 17.820061] The buggy address belongs to the object at fff00000c1cf4800 [ 17.820061] which belongs to the cache kmalloc-128 of size 128 [ 17.820115] The buggy address is located 0 bytes to the right of [ 17.820115] allocated 120-byte region [fff00000c1cf4800, fff00000c1cf4878) [ 17.820176] [ 17.820205] The buggy address belongs to the physical page: [ 17.820234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 17.820284] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.820328] page_type: f5(slab) [ 17.820365] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.820413] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.820452] page dumped because: kasan: bad access detected [ 17.820481] [ 17.820498] Memory state around the buggy address: [ 17.820528] fff00000c1cf4700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.820649] fff00000c1cf4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.821017] >fff00000c1cf4800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.821075] ^ [ 17.821214] fff00000c1cf4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.821307] fff00000c1cf4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.821346] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 17.804025] ================================================================== [ 17.804185] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 17.804300] Read of size 1 at addr fff00000c7811000 by task kunit_try_catch/140 [ 17.804365] [ 17.804397] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.804529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.804556] Hardware name: linux,dummy-virt (DT) [ 17.804608] Call trace: [ 17.804631] show_stack+0x20/0x38 (C) [ 17.804679] dump_stack_lvl+0x8c/0xd0 [ 17.804723] print_report+0x118/0x608 [ 17.804768] kasan_report+0xdc/0x128 [ 17.804838] __asan_report_load1_noabort+0x20/0x30 [ 17.804889] kmalloc_node_oob_right+0x2f4/0x330 [ 17.804965] kunit_try_run_case+0x170/0x3f0 [ 17.805106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.805166] kthread+0x328/0x630 [ 17.805310] ret_from_fork+0x10/0x20 [ 17.805482] [ 17.805511] Allocated by task 140: [ 17.805541] kasan_save_stack+0x3c/0x68 [ 17.805609] kasan_save_track+0x20/0x40 [ 17.805678] kasan_save_alloc_info+0x40/0x58 [ 17.805718] __kasan_kmalloc+0xd4/0xd8 [ 17.805753] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 17.805792] kmalloc_node_oob_right+0xbc/0x330 [ 17.805828] kunit_try_run_case+0x170/0x3f0 [ 17.805865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.805906] kthread+0x328/0x630 [ 17.805938] ret_from_fork+0x10/0x20 [ 17.805972] [ 17.805990] The buggy address belongs to the object at fff00000c7810000 [ 17.805990] which belongs to the cache kmalloc-4k of size 4096 [ 17.806297] The buggy address is located 0 bytes to the right of [ 17.806297] allocated 4096-byte region [fff00000c7810000, fff00000c7811000) [ 17.806435] [ 17.806525] The buggy address belongs to the physical page: [ 17.806723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107810 [ 17.807444] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.807510] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.807873] page_type: f5(slab) [ 17.807927] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.807981] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.808066] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.808507] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.808620] head: 0bfffe0000000003 ffffc1ffc31e0401 00000000ffffffff 00000000ffffffff [ 17.808694] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.808742] page dumped because: kasan: bad access detected [ 17.809029] [ 17.809087] Memory state around the buggy address: [ 17.809122] fff00000c7810f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.809215] fff00000c7810f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.809256] >fff00000c7811000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.809300] ^ [ 17.809327] fff00000c7811080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.809373] fff00000c7811100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.809409] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.792984] ================================================================== [ 17.793070] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 17.793121] Read of size 1 at addr fff00000c1cea89f by task kunit_try_catch/138 [ 17.793169] [ 17.793255] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.793335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.793360] Hardware name: linux,dummy-virt (DT) [ 17.793487] Call trace: [ 17.793547] show_stack+0x20/0x38 (C) [ 17.793849] dump_stack_lvl+0x8c/0xd0 [ 17.793907] print_report+0x118/0x608 [ 17.793984] kasan_report+0xdc/0x128 [ 17.794096] __asan_report_load1_noabort+0x20/0x30 [ 17.794300] kmalloc_oob_left+0x2ec/0x320 [ 17.794406] kunit_try_run_case+0x170/0x3f0 [ 17.794542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.794605] kthread+0x328/0x630 [ 17.794646] ret_from_fork+0x10/0x20 [ 17.794692] [ 17.794710] Allocated by task 26: [ 17.794741] kasan_save_stack+0x3c/0x68 [ 17.794782] kasan_save_track+0x20/0x40 [ 17.794818] kasan_save_alloc_info+0x40/0x58 [ 17.795080] __kasan_kmalloc+0xd4/0xd8 [ 17.795259] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.795346] kstrdup+0x54/0xc8 [ 17.795452] devtmpfs_work_loop+0x6f8/0xa58 [ 17.795581] devtmpfsd+0x50/0x58 [ 17.795640] kthread+0x328/0x630 [ 17.795699] ret_from_fork+0x10/0x20 [ 17.795735] [ 17.795778] Freed by task 26: [ 17.795815] kasan_save_stack+0x3c/0x68 [ 17.795860] kasan_save_track+0x20/0x40 [ 17.795902] kasan_save_free_info+0x4c/0x78 [ 17.795942] __kasan_slab_free+0x6c/0x98 [ 17.795978] kfree+0x214/0x3c8 [ 17.796009] devtmpfs_work_loop+0x804/0xa58 [ 17.796046] devtmpfsd+0x50/0x58 [ 17.796079] kthread+0x328/0x630 [ 17.796110] ret_from_fork+0x10/0x20 [ 17.796168] [ 17.796201] The buggy address belongs to the object at fff00000c1cea880 [ 17.796201] which belongs to the cache kmalloc-16 of size 16 [ 17.796256] The buggy address is located 15 bytes to the right of [ 17.796256] allocated 16-byte region [fff00000c1cea880, fff00000c1cea890) [ 17.796319] [ 17.796338] The buggy address belongs to the physical page: [ 17.796375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 17.796426] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.796474] page_type: f5(slab) [ 17.796512] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.796561] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.796610] page dumped because: kasan: bad access detected [ 17.796640] [ 17.796659] Memory state around the buggy address: [ 17.796707] fff00000c1cea780: fa fb fc fc fa fb fc fc 00 07 fc fc fa fb fc fc [ 17.796756] fff00000c1cea800: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 17.796798] >fff00000c1cea880: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 17.796834] ^ [ 17.796872] fff00000c1cea900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.796919] fff00000c1cea980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.796956] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 17.752427] ================================================================== [ 17.752750] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.753830] Write of size 1 at addr fff00000c1cf4773 by task kunit_try_catch/136 [ 17.754046] [ 17.755210] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 17.755891] Tainted: [N]=TEST [ 17.756135] Hardware name: linux,dummy-virt (DT) [ 17.756458] Call trace: [ 17.756660] show_stack+0x20/0x38 (C) [ 17.756839] dump_stack_lvl+0x8c/0xd0 [ 17.756916] print_report+0x118/0x608 [ 17.756976] kasan_report+0xdc/0x128 [ 17.757021] __asan_report_store1_noabort+0x20/0x30 [ 17.757068] kmalloc_oob_right+0x5a4/0x660 [ 17.757114] kunit_try_run_case+0x170/0x3f0 [ 17.757164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.757225] kthread+0x328/0x630 [ 17.757268] ret_from_fork+0x10/0x20 [ 17.758045] [ 17.758094] Allocated by task 136: [ 17.758229] kasan_save_stack+0x3c/0x68 [ 17.758594] kasan_save_track+0x20/0x40 [ 17.758684] kasan_save_alloc_info+0x40/0x58 [ 17.758790] __kasan_kmalloc+0xd4/0xd8 [ 17.758889] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.759036] kmalloc_oob_right+0xb0/0x660 [ 17.759201] kunit_try_run_case+0x170/0x3f0 [ 17.759296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.759398] kthread+0x328/0x630 [ 17.759491] ret_from_fork+0x10/0x20 [ 17.759572] [ 17.760007] The buggy address belongs to the object at fff00000c1cf4700 [ 17.760007] which belongs to the cache kmalloc-128 of size 128 [ 17.760609] The buggy address is located 0 bytes to the right of [ 17.760609] allocated 115-byte region [fff00000c1cf4700, fff00000c1cf4773) [ 17.760820] [ 17.761307] The buggy address belongs to the physical page: [ 17.761744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 17.762506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.763813] page_type: f5(slab) [ 17.765012] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.765131] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.765670] page dumped because: kasan: bad access detected [ 17.765862] [ 17.765898] Memory state around the buggy address: [ 17.766579] fff00000c1cf4600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.766756] fff00000c1cf4680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.767035] >fff00000c1cf4700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.767340] ^ [ 17.767631] fff00000c1cf4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.767898] fff00000c1cf4800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.768116] ================================================================== [ 17.768925] ================================================================== [ 17.768964] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.769010] Write of size 1 at addr fff00000c1cf4778 by task kunit_try_catch/136 [ 17.769059] [ 17.769092] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.769168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.769449] Hardware name: linux,dummy-virt (DT) [ 17.769483] Call trace: [ 17.769864] show_stack+0x20/0x38 (C) [ 17.769920] dump_stack_lvl+0x8c/0xd0 [ 17.769967] print_report+0x118/0x608 [ 17.770012] kasan_report+0xdc/0x128 [ 17.770163] __asan_report_store1_noabort+0x20/0x30 [ 17.770233] kmalloc_oob_right+0x538/0x660 [ 17.770278] kunit_try_run_case+0x170/0x3f0 [ 17.770324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.770375] kthread+0x328/0x630 [ 17.770415] ret_from_fork+0x10/0x20 [ 17.770468] [ 17.770485] Allocated by task 136: [ 17.770512] kasan_save_stack+0x3c/0x68 [ 17.770551] kasan_save_track+0x20/0x40 [ 17.770587] kasan_save_alloc_info+0x40/0x58 [ 17.770626] __kasan_kmalloc+0xd4/0xd8 [ 17.770660] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.770698] kmalloc_oob_right+0xb0/0x660 [ 17.770846] kunit_try_run_case+0x170/0x3f0 [ 17.770980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.771021] kthread+0x328/0x630 [ 17.771289] ret_from_fork+0x10/0x20 [ 17.771354] [ 17.771399] The buggy address belongs to the object at fff00000c1cf4700 [ 17.771399] which belongs to the cache kmalloc-128 of size 128 [ 17.771594] The buggy address is located 5 bytes to the right of [ 17.771594] allocated 115-byte region [fff00000c1cf4700, fff00000c1cf4773) [ 17.771678] [ 17.771697] The buggy address belongs to the physical page: [ 17.771725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 17.771773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.772032] page_type: f5(slab) [ 17.772157] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.772389] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.772428] page dumped because: kasan: bad access detected [ 17.772726] [ 17.772825] Memory state around the buggy address: [ 17.772942] fff00000c1cf4600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.773052] fff00000c1cf4680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.773329] >fff00000c1cf4700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.773459] ^ [ 17.773546] fff00000c1cf4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.773592] fff00000c1cf4800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.773710] ================================================================== [ 17.774638] ================================================================== [ 17.774716] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.774801] Read of size 1 at addr fff00000c1cf4780 by task kunit_try_catch/136 [ 17.774881] [ 17.774912] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.775072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.775294] Hardware name: linux,dummy-virt (DT) [ 17.775370] Call trace: [ 17.775392] show_stack+0x20/0x38 (C) [ 17.775457] dump_stack_lvl+0x8c/0xd0 [ 17.775532] print_report+0x118/0x608 [ 17.775597] kasan_report+0xdc/0x128 [ 17.775666] __asan_report_load1_noabort+0x20/0x30 [ 17.775716] kmalloc_oob_right+0x5d0/0x660 [ 17.775760] kunit_try_run_case+0x170/0x3f0 [ 17.775805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.775968] kthread+0x328/0x630 [ 17.776117] ret_from_fork+0x10/0x20 [ 17.776236] [ 17.776300] Allocated by task 136: [ 17.776358] kasan_save_stack+0x3c/0x68 [ 17.776416] kasan_save_track+0x20/0x40 [ 17.776452] kasan_save_alloc_info+0x40/0x58 [ 17.776589] __kasan_kmalloc+0xd4/0xd8 [ 17.776766] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.776850] kmalloc_oob_right+0xb0/0x660 [ 17.776913] kunit_try_run_case+0x170/0x3f0 [ 17.776969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.777016] kthread+0x328/0x630 [ 17.777124] ret_from_fork+0x10/0x20 [ 17.777160] [ 17.777178] The buggy address belongs to the object at fff00000c1cf4700 [ 17.777178] which belongs to the cache kmalloc-128 of size 128 [ 17.777260] The buggy address is located 13 bytes to the right of [ 17.777260] allocated 115-byte region [fff00000c1cf4700, fff00000c1cf4773) [ 17.777413] [ 17.777432] The buggy address belongs to the physical page: [ 17.777461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cf4 [ 17.777767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.777895] page_type: f5(slab) [ 17.778007] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.778100] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.778140] page dumped because: kasan: bad access detected [ 17.778169] [ 17.778186] Memory state around the buggy address: [ 17.778347] fff00000c1cf4680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.778389] fff00000c1cf4700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.778434] >fff00000c1cf4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.778471] ^ [ 17.778619] fff00000c1cf4800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.778700] fff00000c1cf4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.778750] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.131458] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.132319] Modules linked in: [ 95.132601] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 95.133080] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.133383] Hardware name: linux,dummy-virt (DT) [ 95.133645] pstate: 11400009 (nzcV daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 95.134307] pc : intlog10+0x38/0x48 [ 95.134524] lr : intlog10_test+0xe4/0x200 [ 95.134768] sp : ffff800082287c10 [ 95.134984] x29: ffff800082287c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.135399] x26: 1ffe0000196d9721 x25: 0000000000000000 x24: ffff800082287ce0 [ 95.135803] x23: ffff800082287d00 x22: 0000000000000000 x21: 1ffff00010450f82 [ 95.136258] x20: ffffa45e8e889ec0 x19: ffff800080087990 x18: 00000000a066c4e3 [ 95.136663] x17: 000000008268f8e5 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 95.137069] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: ffff748bd24e3381 [ 95.137693] x11: 1ffff48bd24e3380 x10: ffff748bd24e3380 x9 : ffffa45e8be36bdc [ 95.138125] x8 : ffffa45e92719c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.138535] x5 : ffff700010450f82 x4 : 1ffff00010010f3a x3 : 1ffff48bd1d113d8 [ 95.138963] x2 : 1ffff48bd1d113d8 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.139374] Call trace: [ 95.139554] intlog10+0x38/0x48 (P) [ 95.139812] kunit_try_run_case+0x170/0x3f0 [ 95.140088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.140377] kthread+0x328/0x630 [ 95.140599] ret_from_fork+0x10/0x20 [ 95.140800] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.083708] WARNING: CPU: 1 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.086989] Modules linked in: [ 95.087466] CPU: 1 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 95.088320] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.088532] Hardware name: linux,dummy-virt (DT) [ 95.088727] pstate: 11400009 (nzcV daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 95.089003] pc : intlog2+0xd8/0xf8 [ 95.089184] lr : intlog2_test+0xe4/0x200 [ 95.089860] sp : ffff8000821c7c10 [ 95.090469] x29: ffff8000821c7c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.091003] x26: 1ffe0000196f82e1 x25: 0000000000000000 x24: ffff8000821c7ce0 [ 95.091374] x23: ffff8000821c7d00 x22: 0000000000000000 x21: 1ffff00010438f82 [ 95.091722] x20: ffffa45e8e889dc0 x19: ffff800080087990 x18: 000000006ae014cc [ 95.092073] x17: 0000000030076e27 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 95.093120] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: ffff748bd24e3381 [ 95.094075] x11: 1ffff48bd24e3380 x10: ffff748bd24e3380 x9 : ffffa45e8be36ddc [ 95.095226] x8 : ffffa45e92719c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.096233] x5 : ffff700010438f82 x4 : 1ffff00010010f3a x3 : 1ffff48bd1d113b8 [ 95.097229] x2 : 1ffff48bd1d113b8 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.098358] Call trace: [ 95.098922] intlog2+0xd8/0xf8 (P) [ 95.099460] kunit_try_run_case+0x170/0x3f0 [ 95.100081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.100587] kthread+0x328/0x630 [ 95.100788] ret_from_fork+0x10/0x20 [ 95.101000] ---[ end trace 0000000000000000 ]---