Date
July 2, 2025, 11:09 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.726525] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 20.842177] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 20.803509] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 20.734475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 20.587986] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.071211] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.077445] Modules linked in: [ 94.078218] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 94.078821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.079326] Hardware name: linux,dummy-virt (DT) [ 94.079673] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.080233] pc : kunit_test_null_dereference+0x70/0x170 [ 94.080559] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.081215] sp : ffff800081ff7d30 [ 94.081541] x29: ffff800081ff7d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.082086] x26: 1ffe0000187f5961 x25: 0000000000000000 x24: 0000000000000004 [ 94.082735] x23: fff00000c3facb0c x22: ffff9689b0c24a78 x21: fff00000c57c1888 [ 94.083283] x20: 1ffff000103fefa6 x19: ffff800080087990 x18: 00000000ff79330a [ 94.083870] x17: 1ffe0000181abd6a x16: 0000000000000100 x15: 0000000000000000 [ 94.084401] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a589 x12: fffd8000182313a4 [ 94.084976] x11: 1ffe0000182313a3 x10: fffd8000182313a3 x9 : ffff9689b0c1bee0 [ 94.085722] x8 : ffff800081ff7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.086077] x5 : ffff7000103fefa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.086418] x2 : dfff800000000000 x1 : fff00000c1189440 x0 : ffff800080087990 [ 94.087038] Call trace: [ 94.087246] kunit_test_null_dereference+0x70/0x170 (P) [ 94.087518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.087787] kthread+0x328/0x630 [ 94.087971] ret_from_fork+0x10/0x20 [ 94.088397] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.089292] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.261965] ================================================================== [ 50.262036] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.262036] [ 50.262124] Use-after-free read at 0x0000000071590bcc (in kfence-#140): [ 50.262176] test_krealloc+0x51c/0x830 [ 50.262220] kunit_try_run_case+0x170/0x3f0 [ 50.262265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.262310] kthread+0x328/0x630 [ 50.262348] ret_from_fork+0x10/0x20 [ 50.262389] [ 50.262413] kfence-#140: 0x0000000071590bcc-0x000000003ddd8619, size=32, cache=kmalloc-32 [ 50.262413] [ 50.262465] allocated by task 337 on cpu 1 at 50.261264s (0.001197s ago): [ 50.262533] test_alloc+0x29c/0x628 [ 50.262587] test_krealloc+0xc0/0x830 [ 50.262626] kunit_try_run_case+0x170/0x3f0 [ 50.262665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.262706] kthread+0x328/0x630 [ 50.262743] ret_from_fork+0x10/0x20 [ 50.262780] [ 50.262803] freed by task 337 on cpu 1 at 50.261526s (0.001273s ago): [ 50.262867] krealloc_noprof+0x148/0x360 [ 50.262907] test_krealloc+0x1dc/0x830 [ 50.262946] kunit_try_run_case+0x170/0x3f0 [ 50.262985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.263029] kthread+0x328/0x630 [ 50.263063] ret_from_fork+0x10/0x20 [ 50.263102] [ 50.263149] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 50.263226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.263256] Hardware name: linux,dummy-virt (DT) [ 50.263292] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.173279] ================================================================== [ 50.173385] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.173385] [ 50.173487] Use-after-free read at 0x0000000060e40c39 (in kfence-#139): [ 50.173540] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.173608] kunit_try_run_case+0x170/0x3f0 [ 50.173655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.173701] kthread+0x328/0x630 [ 50.173742] ret_from_fork+0x10/0x20 [ 50.173783] [ 50.173809] kfence-#139: 0x0000000060e40c39-0x00000000e8355159, size=32, cache=test [ 50.173809] [ 50.173862] allocated by task 335 on cpu 0 at 50.153278s (0.020579s ago): [ 50.173931] test_alloc+0x230/0x628 [ 50.173972] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.174015] kunit_try_run_case+0x170/0x3f0 [ 50.174054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.174098] kthread+0x328/0x630 [ 50.174134] ret_from_fork+0x10/0x20 [ 50.174173] [ 50.174197] freed by task 335 on cpu 0 at 50.153399s (0.020794s ago): [ 50.174251] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.174294] kunit_try_run_case+0x170/0x3f0 [ 50.174332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.174375] kthread+0x328/0x630 [ 50.174410] ret_from_fork+0x10/0x20 [ 50.174449] [ 50.174495] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 50.174572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.174612] Hardware name: linux,dummy-virt (DT) [ 50.174647] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 27.292427] ================================================================== [ 27.292568] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 27.292568] [ 27.292695] Invalid read at 0x00000000da2ea66a: [ 27.293311] test_invalid_access+0xdc/0x1f0 [ 27.293800] kunit_try_run_case+0x170/0x3f0 [ 27.293873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.293924] kthread+0x328/0x630 [ 27.293970] ret_from_fork+0x10/0x20 [ 27.294026] [ 27.294080] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.294168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.294204] Hardware name: linux,dummy-virt (DT) [ 27.294247] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.065382] ================================================================== [ 27.065468] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.065468] [ 27.065528] Corrupted memory at 0x0000000010dfecaa [ ! . . . . . . . . . . . . . . . ] (in kfence-#132): [ 27.065850] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.065901] kunit_try_run_case+0x170/0x3f0 [ 27.065944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.065990] kthread+0x328/0x630 [ 27.066029] ret_from_fork+0x10/0x20 [ 27.066069] [ 27.066094] kfence-#132: 0x00000000c6f522f4-0x000000008f3346cc, size=73, cache=kmalloc-96 [ 27.066094] [ 27.066147] allocated by task 325 on cpu 0 at 27.065145s (0.000998s ago): [ 27.066209] test_alloc+0x29c/0x628 [ 27.066249] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.066291] kunit_try_run_case+0x170/0x3f0 [ 27.066332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.066373] kthread+0x328/0x630 [ 27.066409] ret_from_fork+0x10/0x20 [ 27.066447] [ 27.066471] freed by task 325 on cpu 0 at 27.065296s (0.001170s ago): [ 27.066533] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.066584] kunit_try_run_case+0x170/0x3f0 [ 27.066625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.066668] kthread+0x328/0x630 [ 27.066702] ret_from_fork+0x10/0x20 [ 27.066741] [ 27.066783] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.066863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.066892] Hardware name: linux,dummy-virt (DT) [ 27.066925] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 26.961326] ================================================================== [ 26.961411] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.961411] [ 26.961505] Out-of-bounds read at 0x00000000fb28135e (105B right of kfence-#131): [ 26.961565] test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.961632] kunit_try_run_case+0x170/0x3f0 [ 26.961679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.961723] kthread+0x328/0x630 [ 26.961763] ret_from_fork+0x10/0x20 [ 26.961803] [ 26.961827] kfence-#131: 0x00000000335d23dc-0x00000000a7df097e, size=73, cache=kmalloc-96 [ 26.961827] [ 26.961880] allocated by task 323 on cpu 0 at 26.961088s (0.000788s ago): [ 26.961951] test_alloc+0x29c/0x628 [ 26.961991] test_kmalloc_aligned_oob_read+0x100/0x468 [ 26.962035] kunit_try_run_case+0x170/0x3f0 [ 26.962075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.962118] kthread+0x328/0x630 [ 26.962154] ret_from_fork+0x10/0x20 [ 26.962193] [ 26.962240] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 26.962319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.962350] Hardware name: linux,dummy-virt (DT) [ 26.962386] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 23.633432] ================================================================== [ 23.633519] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 23.633519] [ 23.633591] Corrupted memory at 0x00000000d6c79fad [ ! ] (in kfence-#99): [ 23.633717] test_corruption+0x284/0x378 [ 23.633765] kunit_try_run_case+0x170/0x3f0 [ 23.633809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.633853] kthread+0x328/0x630 [ 23.633890] ret_from_fork+0x10/0x20 [ 23.633932] [ 23.633955] kfence-#99: 0x00000000b8922299-0x000000004d905a5e, size=32, cache=kmalloc-32 [ 23.633955] [ 23.634009] allocated by task 311 on cpu 0 at 23.633169s (0.000837s ago): [ 23.634068] test_alloc+0x29c/0x628 [ 23.634109] test_corruption+0x198/0x378 [ 23.634148] kunit_try_run_case+0x170/0x3f0 [ 23.634187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.634231] kthread+0x328/0x630 [ 23.634266] ret_from_fork+0x10/0x20 [ 23.634304] [ 23.634327] freed by task 311 on cpu 0 at 23.633270s (0.001053s ago): [ 23.634386] test_corruption+0x284/0x378 [ 23.634424] kunit_try_run_case+0x170/0x3f0 [ 23.634464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.634506] kthread+0x328/0x630 [ 23.634540] ret_from_fork+0x10/0x20 [ 23.634589] [ 23.634629] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.634704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.634732] Hardware name: linux,dummy-virt (DT) [ 23.634767] ================================================================== [ 24.049309] ================================================================== [ 24.049408] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 24.049408] [ 24.049470] Corrupted memory at 0x0000000028f83f25 [ ! . . . . . . . . . . . . . . . ] (in kfence-#103): [ 24.049790] test_corruption+0x120/0x378 [ 24.049837] kunit_try_run_case+0x170/0x3f0 [ 24.049882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.049927] kthread+0x328/0x630 [ 24.049967] ret_from_fork+0x10/0x20 [ 24.050007] [ 24.050030] kfence-#103: 0x00000000555c090b-0x00000000e555f847, size=32, cache=test [ 24.050030] [ 24.050087] allocated by task 313 on cpu 0 at 24.049143s (0.000940s ago): [ 24.050146] test_alloc+0x230/0x628 [ 24.050187] test_corruption+0xdc/0x378 [ 24.050228] kunit_try_run_case+0x170/0x3f0 [ 24.050267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.050310] kthread+0x328/0x630 [ 24.050344] ret_from_fork+0x10/0x20 [ 24.050382] [ 24.050406] freed by task 313 on cpu 0 at 24.049202s (0.001201s ago): [ 24.050465] test_corruption+0x120/0x378 [ 24.050505] kunit_try_run_case+0x170/0x3f0 [ 24.050544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.050596] kthread+0x328/0x630 [ 24.050632] ret_from_fork+0x10/0x20 [ 24.050672] [ 24.050714] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.050795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.050823] Hardware name: linux,dummy-virt (DT) [ 24.050860] ================================================================== [ 23.529386] ================================================================== [ 23.529487] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 23.529487] [ 23.529550] Corrupted memory at 0x000000001f32d527 [ ! . . . . . . . . . . . . . . . ] (in kfence-#98): [ 23.530683] test_corruption+0x278/0x378 [ 23.530736] kunit_try_run_case+0x170/0x3f0 [ 23.530782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.530828] kthread+0x328/0x630 [ 23.530873] ret_from_fork+0x10/0x20 [ 23.530912] [ 23.530935] kfence-#98: 0x00000000d954ffee-0x00000000763204cc, size=32, cache=kmalloc-32 [ 23.530935] [ 23.530991] allocated by task 311 on cpu 0 at 23.529102s (0.001885s ago): [ 23.531054] test_alloc+0x29c/0x628 [ 23.531094] test_corruption+0xdc/0x378 [ 23.531134] kunit_try_run_case+0x170/0x3f0 [ 23.531173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.531216] kthread+0x328/0x630 [ 23.531252] ret_from_fork+0x10/0x20 [ 23.531290] [ 23.531313] freed by task 311 on cpu 0 at 23.529214s (0.002095s ago): [ 23.531374] test_corruption+0x278/0x378 [ 23.531412] kunit_try_run_case+0x170/0x3f0 [ 23.531452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.531496] kthread+0x328/0x630 [ 23.531531] ret_from_fork+0x10/0x20 [ 23.531584] [ 23.531632] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.531711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.531741] Hardware name: linux,dummy-virt (DT) [ 23.531778] ================================================================== [ 24.153340] ================================================================== [ 24.153429] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 24.153429] [ 24.153488] Corrupted memory at 0x00000000f5809788 [ ! ] (in kfence-#104): [ 24.153618] test_corruption+0x1d8/0x378 [ 24.153664] kunit_try_run_case+0x170/0x3f0 [ 24.153707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.153753] kthread+0x328/0x630 [ 24.153790] ret_from_fork+0x10/0x20 [ 24.153830] [ 24.153853] kfence-#104: 0x00000000a367146a-0x00000000eb4442ba, size=32, cache=test [ 24.153853] [ 24.153906] allocated by task 313 on cpu 0 at 24.153191s (0.000711s ago): [ 24.153966] test_alloc+0x230/0x628 [ 24.154007] test_corruption+0x198/0x378 [ 24.154046] kunit_try_run_case+0x170/0x3f0 [ 24.154085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.154128] kthread+0x328/0x630 [ 24.154162] ret_from_fork+0x10/0x20 [ 24.154201] [ 24.154223] freed by task 313 on cpu 0 at 24.153254s (0.000966s ago): [ 24.154283] test_corruption+0x1d8/0x378 [ 24.154321] kunit_try_run_case+0x170/0x3f0 [ 24.154360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.154401] kthread+0x328/0x630 [ 24.154436] ret_from_fork+0x10/0x20 [ 24.154473] [ 24.154515] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 24.154600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.154630] Hardware name: linux,dummy-virt (DT) [ 24.154664] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 23.321284] ================================================================== [ 23.321369] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.321369] [ 23.321430] Invalid free of 0x00000000b7aa2e21 (in kfence-#96): [ 23.321484] test_invalid_addr_free+0x1ac/0x238 [ 23.321531] kunit_try_run_case+0x170/0x3f0 [ 23.321593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.321637] kthread+0x328/0x630 [ 23.321677] ret_from_fork+0x10/0x20 [ 23.321717] [ 23.321741] kfence-#96: 0x0000000004b32fc8-0x0000000004311b9c, size=32, cache=kmalloc-32 [ 23.321741] [ 23.321798] allocated by task 307 on cpu 1 at 23.321136s (0.000658s ago): [ 23.321860] test_alloc+0x29c/0x628 [ 23.321901] test_invalid_addr_free+0xd4/0x238 [ 23.321942] kunit_try_run_case+0x170/0x3f0 [ 23.321981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.322025] kthread+0x328/0x630 [ 23.322060] ret_from_fork+0x10/0x20 [ 23.322099] [ 23.322147] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.322226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.322257] Hardware name: linux,dummy-virt (DT) [ 23.322293] ================================================================== [ 23.425205] ================================================================== [ 23.425291] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 23.425291] [ 23.425351] Invalid free of 0x00000000b9ef4f15 (in kfence-#97): [ 23.425400] test_invalid_addr_free+0xec/0x238 [ 23.425448] kunit_try_run_case+0x170/0x3f0 [ 23.425489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.425534] kthread+0x328/0x630 [ 23.425587] ret_from_fork+0x10/0x20 [ 23.425628] [ 23.425651] kfence-#97: 0x000000003f424765-0x000000009723ddbc, size=32, cache=test [ 23.425651] [ 23.425703] allocated by task 309 on cpu 1 at 23.425090s (0.000610s ago): [ 23.425765] test_alloc+0x230/0x628 [ 23.425806] test_invalid_addr_free+0xd4/0x238 [ 23.425846] kunit_try_run_case+0x170/0x3f0 [ 23.425886] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.425929] kthread+0x328/0x630 [ 23.425963] ret_from_fork+0x10/0x20 [ 23.426005] [ 23.426046] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.426123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.426152] Hardware name: linux,dummy-virt (DT) [ 23.426186] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 23.217280] ================================================================== [ 23.217371] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 23.217371] [ 23.217428] Invalid free of 0x00000000b96772e6 (in kfence-#95): [ 23.217483] test_double_free+0x100/0x238 [ 23.217529] kunit_try_run_case+0x170/0x3f0 [ 23.217589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.217632] kthread+0x328/0x630 [ 23.217672] ret_from_fork+0x10/0x20 [ 23.217711] [ 23.217734] kfence-#95: 0x00000000b96772e6-0x00000000fd863d86, size=32, cache=test [ 23.217734] [ 23.217787] allocated by task 305 on cpu 0 at 23.217071s (0.000712s ago): [ 23.217848] test_alloc+0x230/0x628 [ 23.217887] test_double_free+0xd4/0x238 [ 23.217927] kunit_try_run_case+0x170/0x3f0 [ 23.217965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.218009] kthread+0x328/0x630 [ 23.218043] ret_from_fork+0x10/0x20 [ 23.218081] [ 23.218105] freed by task 305 on cpu 0 at 23.217130s (0.000972s ago): [ 23.218165] test_double_free+0xf0/0x238 [ 23.218205] kunit_try_run_case+0x170/0x3f0 [ 23.218244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.218287] kthread+0x328/0x630 [ 23.218323] ret_from_fork+0x10/0x20 [ 23.218360] [ 23.218402] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.218480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.218510] Hardware name: linux,dummy-virt (DT) [ 23.218543] ================================================================== [ 23.113355] ================================================================== [ 23.113471] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 23.113471] [ 23.113536] Invalid free of 0x00000000af654106 (in kfence-#94): [ 23.113618] test_double_free+0x1bc/0x238 [ 23.113667] kunit_try_run_case+0x170/0x3f0 [ 23.113711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.113755] kthread+0x328/0x630 [ 23.113795] ret_from_fork+0x10/0x20 [ 23.113834] [ 23.113858] kfence-#94: 0x00000000af654106-0x00000000f384c7a3, size=32, cache=kmalloc-32 [ 23.113858] [ 23.113911] allocated by task 303 on cpu 0 at 23.113071s (0.000836s ago): [ 23.113972] test_alloc+0x29c/0x628 [ 23.114013] test_double_free+0xd4/0x238 [ 23.114052] kunit_try_run_case+0x170/0x3f0 [ 23.114093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.114134] kthread+0x328/0x630 [ 23.114169] ret_from_fork+0x10/0x20 [ 23.114208] [ 23.114231] freed by task 303 on cpu 0 at 23.113143s (0.001084s ago): [ 23.114293] test_double_free+0x1ac/0x238 [ 23.114334] kunit_try_run_case+0x170/0x3f0 [ 23.114377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.114420] kthread+0x328/0x630 [ 23.114456] ret_from_fork+0x10/0x20 [ 23.114495] [ 23.114542] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.114635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.114666] Hardware name: linux,dummy-virt (DT) [ 23.114701] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 22.699190] ================================================================== [ 22.699296] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.699296] [ 22.699531] Use-after-free read at 0x0000000061140d50 (in kfence-#90): [ 22.699821] test_use_after_free_read+0x114/0x248 [ 22.700052] kunit_try_run_case+0x170/0x3f0 [ 22.700165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.700453] kthread+0x328/0x630 [ 22.700561] ret_from_fork+0x10/0x20 [ 22.700664] [ 22.700731] kfence-#90: 0x0000000061140d50-0x0000000004351b86, size=32, cache=kmalloc-32 [ 22.700731] [ 22.701105] allocated by task 295 on cpu 0 at 22.698160s (0.002926s ago): [ 22.701317] test_alloc+0x29c/0x628 [ 22.701413] test_use_after_free_read+0xd0/0x248 [ 22.701693] kunit_try_run_case+0x170/0x3f0 [ 22.701836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.701923] kthread+0x328/0x630 [ 22.701960] ret_from_fork+0x10/0x20 [ 22.702048] [ 22.702246] freed by task 295 on cpu 0 at 22.698244s (0.003892s ago): [ 22.702403] test_use_after_free_read+0x1c0/0x248 [ 22.702495] kunit_try_run_case+0x170/0x3f0 [ 22.702545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.702609] kthread+0x328/0x630 [ 22.702665] ret_from_fork+0x10/0x20 [ 22.702721] [ 22.702788] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.702893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.702924] Hardware name: linux,dummy-virt (DT) [ 22.702968] ================================================================== [ 22.803755] ================================================================== [ 22.803921] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.803921] [ 22.804056] Use-after-free read at 0x0000000013865890 (in kfence-#91): [ 22.804131] test_use_after_free_read+0x114/0x248 [ 22.804182] kunit_try_run_case+0x170/0x3f0 [ 22.804561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.804673] kthread+0x328/0x630 [ 22.804772] ret_from_fork+0x10/0x20 [ 22.804939] [ 22.805038] kfence-#91: 0x0000000013865890-0x0000000025de78f4, size=32, cache=test [ 22.805038] [ 22.805464] allocated by task 297 on cpu 0 at 22.803212s (0.002245s ago): [ 22.805592] test_alloc+0x230/0x628 [ 22.805895] test_use_after_free_read+0xd0/0x248 [ 22.806026] kunit_try_run_case+0x170/0x3f0 [ 22.806116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.806221] kthread+0x328/0x630 [ 22.806294] ret_from_fork+0x10/0x20 [ 22.806672] [ 22.806801] freed by task 297 on cpu 0 at 22.803328s (0.003453s ago): [ 22.807139] test_use_after_free_read+0xf0/0x248 [ 22.807517] kunit_try_run_case+0x170/0x3f0 [ 22.807700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.807808] kthread+0x328/0x630 [ 22.807936] ret_from_fork+0x10/0x20 [ 22.808031] [ 22.808084] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.808491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.808570] Hardware name: linux,dummy-virt (DT) [ 22.808927] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 22.594953] ================================================================== [ 22.595247] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.595247] [ 22.595391] Out-of-bounds write at 0x00000000b3e263b9 (1B left of kfence-#89): [ 22.595484] test_out_of_bounds_write+0x100/0x240 [ 22.595534] kunit_try_run_case+0x170/0x3f0 [ 22.595597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.595641] kthread+0x328/0x630 [ 22.595946] ret_from_fork+0x10/0x20 [ 22.596040] [ 22.596066] kfence-#89: 0x00000000cac7a583-0x0000000075321ad4, size=32, cache=test [ 22.596066] [ 22.596157] allocated by task 293 on cpu 0 at 22.594597s (0.001556s ago): [ 22.596247] test_alloc+0x230/0x628 [ 22.596306] test_out_of_bounds_write+0xc8/0x240 [ 22.596350] kunit_try_run_case+0x170/0x3f0 [ 22.596679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.596761] kthread+0x328/0x630 [ 22.596803] ret_from_fork+0x10/0x20 [ 22.596850] [ 22.597198] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.597404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.597485] Hardware name: linux,dummy-virt (DT) [ 22.597637] ================================================================== [ 22.490668] ================================================================== [ 22.490737] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.490737] [ 22.490841] Out-of-bounds write at 0x00000000ed1e57f3 (1B left of kfence-#88): [ 22.490896] test_out_of_bounds_write+0x100/0x240 [ 22.490953] kunit_try_run_case+0x170/0x3f0 [ 22.490998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.491052] kthread+0x328/0x630 [ 22.491092] ret_from_fork+0x10/0x20 [ 22.491133] [ 22.491157] kfence-#88: 0x00000000a68e4d3d-0x00000000093986f5, size=32, cache=kmalloc-32 [ 22.491157] [ 22.491209] allocated by task 291 on cpu 0 at 22.490044s (0.001161s ago): [ 22.491277] test_alloc+0x29c/0x628 [ 22.491315] test_out_of_bounds_write+0xc8/0x240 [ 22.491357] kunit_try_run_case+0x170/0x3f0 [ 22.491395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.491438] kthread+0x328/0x630 [ 22.491482] ret_from_fork+0x10/0x20 [ 22.491520] [ 22.491570] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.491666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.491696] Hardware name: linux,dummy-virt (DT) [ 22.491730] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.763493] ================================================================== [ 21.763959] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.763959] [ 21.764084] Out-of-bounds read at 0x00000000b125fe4b (32B right of kfence-#81): [ 21.764146] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.764391] kunit_try_run_case+0x170/0x3f0 [ 21.764793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.764922] kthread+0x328/0x630 [ 21.765065] ret_from_fork+0x10/0x20 [ 21.765172] [ 21.765389] kfence-#81: 0x00000000dd2e5d2a-0x000000003d7c95bb, size=32, cache=kmalloc-32 [ 21.765389] [ 21.765651] allocated by task 287 on cpu 0 at 21.763130s (0.002492s ago): [ 21.765900] test_alloc+0x29c/0x628 [ 21.766108] test_out_of_bounds_read+0x198/0x3e0 [ 21.766292] kunit_try_run_case+0x170/0x3f0 [ 21.766374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.766863] kthread+0x328/0x630 [ 21.766964] ret_from_fork+0x10/0x20 [ 21.767139] [ 21.767215] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.767556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.767857] Hardware name: linux,dummy-virt (DT) [ 21.767926] ================================================================== [ 21.971257] ================================================================== [ 21.971350] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.971350] [ 21.971434] Out-of-bounds read at 0x00000000502a1c60 (1B left of kfence-#83): [ 21.971756] test_out_of_bounds_read+0x114/0x3e0 [ 21.971959] kunit_try_run_case+0x170/0x3f0 [ 21.972185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.972416] kthread+0x328/0x630 [ 21.972623] ret_from_fork+0x10/0x20 [ 21.972729] [ 21.972803] kfence-#83: 0x00000000a0f0d685-0x000000008a7c92db, size=32, cache=test [ 21.972803] [ 21.972875] allocated by task 289 on cpu 0 at 21.970869s (0.002002s ago): [ 21.973479] test_alloc+0x230/0x628 [ 21.973549] test_out_of_bounds_read+0xdc/0x3e0 [ 21.973740] kunit_try_run_case+0x170/0x3f0 [ 21.973933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.974023] kthread+0x328/0x630 [ 21.974073] ret_from_fork+0x10/0x20 [ 21.974395] [ 21.974598] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.974851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.974978] Hardware name: linux,dummy-virt (DT) [ 21.975188] ================================================================== [ 21.556076] ================================================================== [ 21.556186] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.556186] [ 21.556314] Out-of-bounds read at 0x00000000b38eb000 (1B left of kfence-#79): [ 21.557481] test_out_of_bounds_read+0x114/0x3e0 [ 21.557710] kunit_try_run_case+0x170/0x3f0 [ 21.557790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.558124] kthread+0x328/0x630 [ 21.558414] ret_from_fork+0x10/0x20 [ 21.558653] [ 21.559543] kfence-#79: 0x0000000095ede7f7-0x00000000cd03cc9c, size=32, cache=kmalloc-32 [ 21.559543] [ 21.559972] allocated by task 287 on cpu 0 at 21.554446s (0.005425s ago): [ 21.560437] test_alloc+0x29c/0x628 [ 21.560522] test_out_of_bounds_read+0xdc/0x3e0 [ 21.560591] kunit_try_run_case+0x170/0x3f0 [ 21.560646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.560690] kthread+0x328/0x630 [ 21.561097] ret_from_fork+0x10/0x20 [ 21.561633] [ 21.562081] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.563065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.563389] Hardware name: linux,dummy-virt (DT) [ 21.563679] ================================================================== [ 22.386221] ================================================================== [ 22.386361] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.386361] [ 22.386450] Out-of-bounds read at 0x0000000030591b83 (32B right of kfence-#87): [ 22.386777] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.386886] kunit_try_run_case+0x170/0x3f0 [ 22.386936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.386990] kthread+0x328/0x630 [ 22.387029] ret_from_fork+0x10/0x20 [ 22.387077] [ 22.387110] kfence-#87: 0x00000000a6159b63-0x0000000080d7f400, size=32, cache=test [ 22.387110] [ 22.387164] allocated by task 289 on cpu 0 at 22.386111s (0.001049s ago): [ 22.387240] test_alloc+0x230/0x628 [ 22.387290] test_out_of_bounds_read+0x198/0x3e0 [ 22.387340] kunit_try_run_case+0x170/0x3f0 [ 22.387380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.387423] kthread+0x328/0x630 [ 22.387468] ret_from_fork+0x10/0x20 [ 22.387509] [ 22.387553] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.387643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.387672] Hardware name: linux,dummy-virt (DT) [ 22.387716] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 21.457992] ================================================================== [ 21.458115] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 21.458174] Write of size 121 at addr fff00000c7041900 by task kunit_try_catch/285 [ 21.458304] [ 21.458338] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.458606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.458636] Hardware name: linux,dummy-virt (DT) [ 21.458675] Call trace: [ 21.458728] show_stack+0x20/0x38 (C) [ 21.458780] dump_stack_lvl+0x8c/0xd0 [ 21.458832] print_report+0x118/0x608 [ 21.458921] kasan_report+0xdc/0x128 [ 21.459154] kasan_check_range+0x100/0x1a8 [ 21.459215] __kasan_check_write+0x20/0x30 [ 21.459270] strncpy_from_user+0x3c/0x2a0 [ 21.459322] copy_user_test_oob+0x5c0/0xec8 [ 21.459380] kunit_try_run_case+0x170/0x3f0 [ 21.459430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.459485] kthread+0x328/0x630 [ 21.459685] ret_from_fork+0x10/0x20 [ 21.459959] [ 21.459979] Allocated by task 285: [ 21.460098] kasan_save_stack+0x3c/0x68 [ 21.460141] kasan_save_track+0x20/0x40 [ 21.460181] kasan_save_alloc_info+0x40/0x58 [ 21.460221] __kasan_kmalloc+0xd4/0xd8 [ 21.460260] __kmalloc_noprof+0x198/0x4c8 [ 21.460298] kunit_kmalloc_array+0x34/0x88 [ 21.460338] copy_user_test_oob+0xac/0xec8 [ 21.460546] kunit_try_run_case+0x170/0x3f0 [ 21.460687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.460778] kthread+0x328/0x630 [ 21.460812] ret_from_fork+0x10/0x20 [ 21.461000] [ 21.461026] The buggy address belongs to the object at fff00000c7041900 [ 21.461026] which belongs to the cache kmalloc-128 of size 128 [ 21.461088] The buggy address is located 0 bytes inside of [ 21.461088] allocated 120-byte region [fff00000c7041900, fff00000c7041978) [ 21.461152] [ 21.461173] The buggy address belongs to the physical page: [ 21.461207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.461284] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.461334] page_type: f5(slab) [ 21.461375] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.461429] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.461473] page dumped because: kasan: bad access detected [ 21.461506] [ 21.461526] Memory state around the buggy address: [ 21.461791] fff00000c7041800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.461927] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.461973] >fff00000c7041900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.462014] ^ [ 21.462167] fff00000c7041980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.462370] fff00000c7041a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.462412] ================================================================== [ 21.463047] ================================================================== [ 21.463103] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 21.463157] Write of size 1 at addr fff00000c7041978 by task kunit_try_catch/285 [ 21.463207] [ 21.463239] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.463339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.463371] Hardware name: linux,dummy-virt (DT) [ 21.463404] Call trace: [ 21.463427] show_stack+0x20/0x38 (C) [ 21.463475] dump_stack_lvl+0x8c/0xd0 [ 21.463587] print_report+0x118/0x608 [ 21.463637] kasan_report+0xdc/0x128 [ 21.463686] __asan_report_store1_noabort+0x20/0x30 [ 21.464112] strncpy_from_user+0x270/0x2a0 [ 21.464364] copy_user_test_oob+0x5c0/0xec8 [ 21.464414] kunit_try_run_case+0x170/0x3f0 [ 21.464481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.464749] kthread+0x328/0x630 [ 21.464997] ret_from_fork+0x10/0x20 [ 21.465219] [ 21.465241] Allocated by task 285: [ 21.465271] kasan_save_stack+0x3c/0x68 [ 21.465316] kasan_save_track+0x20/0x40 [ 21.465374] kasan_save_alloc_info+0x40/0x58 [ 21.465417] __kasan_kmalloc+0xd4/0xd8 [ 21.465458] __kmalloc_noprof+0x198/0x4c8 [ 21.465500] kunit_kmalloc_array+0x34/0x88 [ 21.465599] copy_user_test_oob+0xac/0xec8 [ 21.465639] kunit_try_run_case+0x170/0x3f0 [ 21.465681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.465747] kthread+0x328/0x630 [ 21.465902] ret_from_fork+0x10/0x20 [ 21.466013] [ 21.466035] The buggy address belongs to the object at fff00000c7041900 [ 21.466035] which belongs to the cache kmalloc-128 of size 128 [ 21.466184] The buggy address is located 0 bytes to the right of [ 21.466184] allocated 120-byte region [fff00000c7041900, fff00000c7041978) [ 21.466285] [ 21.466393] The buggy address belongs to the physical page: [ 21.466456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.466587] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.466637] page_type: f5(slab) [ 21.466677] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.466729] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.466771] page dumped because: kasan: bad access detected [ 21.466805] [ 21.466826] Memory state around the buggy address: [ 21.467008] fff00000c7041800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.467356] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.467407] >fff00000c7041900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.467448] ^ [ 21.467492] fff00000c7041980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.467537] fff00000c7041a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.467785] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 21.433807] ================================================================== [ 21.433901] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 21.434260] Write of size 121 at addr fff00000c7041900 by task kunit_try_catch/285 [ 21.434381] [ 21.434437] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.434861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.434912] Hardware name: linux,dummy-virt (DT) [ 21.434989] Call trace: [ 21.435046] show_stack+0x20/0x38 (C) [ 21.435107] dump_stack_lvl+0x8c/0xd0 [ 21.435249] print_report+0x118/0x608 [ 21.435304] kasan_report+0xdc/0x128 [ 21.435370] kasan_check_range+0x100/0x1a8 [ 21.436601] __kasan_check_write+0x20/0x30 [ 21.436679] copy_user_test_oob+0x35c/0xec8 [ 21.437262] kunit_try_run_case+0x170/0x3f0 [ 21.437352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.437410] kthread+0x328/0x630 [ 21.437456] ret_from_fork+0x10/0x20 [ 21.437508] [ 21.437529] Allocated by task 285: [ 21.437561] kasan_save_stack+0x3c/0x68 [ 21.440631] kasan_save_track+0x20/0x40 [ 21.440738] kasan_save_alloc_info+0x40/0x58 [ 21.440818] __kasan_kmalloc+0xd4/0xd8 [ 21.440859] __kmalloc_noprof+0x198/0x4c8 [ 21.440902] kunit_kmalloc_array+0x34/0x88 [ 21.440943] copy_user_test_oob+0xac/0xec8 [ 21.440983] kunit_try_run_case+0x170/0x3f0 [ 21.441022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.441068] kthread+0x328/0x630 [ 21.441103] ret_from_fork+0x10/0x20 [ 21.441249] [ 21.441286] The buggy address belongs to the object at fff00000c7041900 [ 21.441286] which belongs to the cache kmalloc-128 of size 128 [ 21.441455] The buggy address is located 0 bytes inside of [ 21.441455] allocated 120-byte region [fff00000c7041900, fff00000c7041978) [ 21.441760] [ 21.441839] The buggy address belongs to the physical page: [ 21.441920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.441976] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.442049] page_type: f5(slab) [ 21.442105] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.442157] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.442206] page dumped because: kasan: bad access detected [ 21.442378] [ 21.442400] Memory state around the buggy address: [ 21.442436] fff00000c7041800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.442652] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.442880] >fff00000c7041900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.442922] ^ [ 21.442980] fff00000c7041980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.443027] fff00000c7041a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.443202] ================================================================== [ 21.443902] ================================================================== [ 21.443958] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 21.444007] Read of size 121 at addr fff00000c7041900 by task kunit_try_catch/285 [ 21.444060] [ 21.444095] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.444184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.444212] Hardware name: linux,dummy-virt (DT) [ 21.444246] Call trace: [ 21.444290] show_stack+0x20/0x38 (C) [ 21.444355] dump_stack_lvl+0x8c/0xd0 [ 21.444411] print_report+0x118/0x608 [ 21.444540] kasan_report+0xdc/0x128 [ 21.444598] kasan_check_range+0x100/0x1a8 [ 21.444650] __kasan_check_read+0x20/0x30 [ 21.444723] copy_user_test_oob+0x3c8/0xec8 [ 21.444772] kunit_try_run_case+0x170/0x3f0 [ 21.444822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.444877] kthread+0x328/0x630 [ 21.444922] ret_from_fork+0x10/0x20 [ 21.445070] [ 21.445093] Allocated by task 285: [ 21.445187] kasan_save_stack+0x3c/0x68 [ 21.445230] kasan_save_track+0x20/0x40 [ 21.445271] kasan_save_alloc_info+0x40/0x58 [ 21.445314] __kasan_kmalloc+0xd4/0xd8 [ 21.445361] __kmalloc_noprof+0x198/0x4c8 [ 21.445402] kunit_kmalloc_array+0x34/0x88 [ 21.445441] copy_user_test_oob+0xac/0xec8 [ 21.445482] kunit_try_run_case+0x170/0x3f0 [ 21.445521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.445588] kthread+0x328/0x630 [ 21.445717] ret_from_fork+0x10/0x20 [ 21.445814] [ 21.445880] The buggy address belongs to the object at fff00000c7041900 [ 21.445880] which belongs to the cache kmalloc-128 of size 128 [ 21.445973] The buggy address is located 0 bytes inside of [ 21.445973] allocated 120-byte region [fff00000c7041900, fff00000c7041978) [ 21.446121] [ 21.446152] The buggy address belongs to the physical page: [ 21.446185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.446237] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.446286] page_type: f5(slab) [ 21.446324] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.446376] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.446418] page dumped because: kasan: bad access detected [ 21.446453] [ 21.446472] Memory state around the buggy address: [ 21.446525] fff00000c7041800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.446572] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.446628] >fff00000c7041900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.446671] ^ [ 21.446781] fff00000c7041980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.446872] fff00000c7041a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.446924] ================================================================== [ 21.398276] ================================================================== [ 21.398407] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 21.399122] Write of size 121 at addr fff00000c7041900 by task kunit_try_catch/285 [ 21.399559] [ 21.399649] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.399813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.399846] Hardware name: linux,dummy-virt (DT) [ 21.399958] Call trace: [ 21.400005] show_stack+0x20/0x38 (C) [ 21.400065] dump_stack_lvl+0x8c/0xd0 [ 21.400374] print_report+0x118/0x608 [ 21.400471] kasan_report+0xdc/0x128 [ 21.400617] kasan_check_range+0x100/0x1a8 [ 21.400755] __kasan_check_write+0x20/0x30 [ 21.400861] copy_user_test_oob+0x234/0xec8 [ 21.400949] kunit_try_run_case+0x170/0x3f0 [ 21.401292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.401392] kthread+0x328/0x630 [ 21.401492] ret_from_fork+0x10/0x20 [ 21.401674] [ 21.401732] Allocated by task 285: [ 21.401782] kasan_save_stack+0x3c/0x68 [ 21.402123] kasan_save_track+0x20/0x40 [ 21.402212] kasan_save_alloc_info+0x40/0x58 [ 21.402329] __kasan_kmalloc+0xd4/0xd8 [ 21.402408] __kmalloc_noprof+0x198/0x4c8 [ 21.402755] kunit_kmalloc_array+0x34/0x88 [ 21.402850] copy_user_test_oob+0xac/0xec8 [ 21.402910] kunit_try_run_case+0x170/0x3f0 [ 21.402952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.403013] kthread+0x328/0x630 [ 21.403050] ret_from_fork+0x10/0x20 [ 21.403088] [ 21.403132] The buggy address belongs to the object at fff00000c7041900 [ 21.403132] which belongs to the cache kmalloc-128 of size 128 [ 21.403215] The buggy address is located 0 bytes inside of [ 21.403215] allocated 120-byte region [fff00000c7041900, fff00000c7041978) [ 21.403282] [ 21.403306] The buggy address belongs to the physical page: [ 21.403345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.403412] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.403468] page_type: f5(slab) [ 21.403523] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.403599] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.403904] page dumped because: kasan: bad access detected [ 21.404192] [ 21.404268] Memory state around the buggy address: [ 21.404333] fff00000c7041800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.404615] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.404821] >fff00000c7041900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.404918] ^ [ 21.405000] fff00000c7041980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.405345] fff00000c7041a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.405517] ================================================================== [ 21.416155] ================================================================== [ 21.417121] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 21.417217] Read of size 121 at addr fff00000c7041900 by task kunit_try_catch/285 [ 21.417571] [ 21.417626] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.417999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.418117] Hardware name: linux,dummy-virt (DT) [ 21.418172] Call trace: [ 21.418207] show_stack+0x20/0x38 (C) [ 21.418303] dump_stack_lvl+0x8c/0xd0 [ 21.418358] print_report+0x118/0x608 [ 21.418419] kasan_report+0xdc/0x128 [ 21.418483] kasan_check_range+0x100/0x1a8 [ 21.418550] __kasan_check_read+0x20/0x30 [ 21.418610] copy_user_test_oob+0x728/0xec8 [ 21.418660] kunit_try_run_case+0x170/0x3f0 [ 21.418711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.418767] kthread+0x328/0x630 [ 21.418813] ret_from_fork+0x10/0x20 [ 21.418881] [ 21.418911] Allocated by task 285: [ 21.418973] kasan_save_stack+0x3c/0x68 [ 21.419025] kasan_save_track+0x20/0x40 [ 21.419081] kasan_save_alloc_info+0x40/0x58 [ 21.419122] __kasan_kmalloc+0xd4/0xd8 [ 21.419164] __kmalloc_noprof+0x198/0x4c8 [ 21.419214] kunit_kmalloc_array+0x34/0x88 [ 21.419269] copy_user_test_oob+0xac/0xec8 [ 21.419308] kunit_try_run_case+0x170/0x3f0 [ 21.419356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.419402] kthread+0x328/0x630 [ 21.419436] ret_from_fork+0x10/0x20 [ 21.419491] [ 21.419513] The buggy address belongs to the object at fff00000c7041900 [ 21.419513] which belongs to the cache kmalloc-128 of size 128 [ 21.419584] The buggy address is located 0 bytes inside of [ 21.419584] allocated 120-byte region [fff00000c7041900, fff00000c7041978) [ 21.419896] [ 21.420189] The buggy address belongs to the physical page: [ 21.420350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.420851] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.421057] page_type: f5(slab) [ 21.421455] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.422227] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.422424] page dumped because: kasan: bad access detected [ 21.422543] [ 21.422893] Memory state around the buggy address: [ 21.423097] fff00000c7041800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.423180] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.423293] >fff00000c7041900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.423369] ^ [ 21.423443] fff00000c7041980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.423734] fff00000c7041a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.423919] ================================================================== [ 21.452209] ================================================================== [ 21.452265] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 21.452313] Read of size 121 at addr fff00000c7041900 by task kunit_try_catch/285 [ 21.452366] [ 21.452398] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.452480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.452509] Hardware name: linux,dummy-virt (DT) [ 21.452541] Call trace: [ 21.452564] show_stack+0x20/0x38 (C) [ 21.452778] dump_stack_lvl+0x8c/0xd0 [ 21.452881] print_report+0x118/0x608 [ 21.452965] kasan_report+0xdc/0x128 [ 21.453012] kasan_check_range+0x100/0x1a8 [ 21.453063] __kasan_check_read+0x20/0x30 [ 21.453109] copy_user_test_oob+0x4a0/0xec8 [ 21.453159] kunit_try_run_case+0x170/0x3f0 [ 21.453217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.453307] kthread+0x328/0x630 [ 21.453374] ret_from_fork+0x10/0x20 [ 21.453426] [ 21.453446] Allocated by task 285: [ 21.453477] kasan_save_stack+0x3c/0x68 [ 21.453519] kasan_save_track+0x20/0x40 [ 21.453559] kasan_save_alloc_info+0x40/0x58 [ 21.453611] __kasan_kmalloc+0xd4/0xd8 [ 21.453651] __kmalloc_noprof+0x198/0x4c8 [ 21.453690] kunit_kmalloc_array+0x34/0x88 [ 21.453742] copy_user_test_oob+0xac/0xec8 [ 21.453788] kunit_try_run_case+0x170/0x3f0 [ 21.453858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.453906] kthread+0x328/0x630 [ 21.453941] ret_from_fork+0x10/0x20 [ 21.454275] [ 21.454348] The buggy address belongs to the object at fff00000c7041900 [ 21.454348] which belongs to the cache kmalloc-128 of size 128 [ 21.454427] The buggy address is located 0 bytes inside of [ 21.454427] allocated 120-byte region [fff00000c7041900, fff00000c7041978) [ 21.454491] [ 21.454539] The buggy address belongs to the physical page: [ 21.454596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.454841] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.454892] page_type: f5(slab) [ 21.454930] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.455041] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.455237] page dumped because: kasan: bad access detected [ 21.455392] [ 21.455432] Memory state around the buggy address: [ 21.455537] fff00000c7041800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.456079] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.456127] >fff00000c7041900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.456211] ^ [ 21.456298] fff00000c7041980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.456388] fff00000c7041a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.456728] ================================================================== [ 21.447434] ================================================================== [ 21.447613] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 21.447663] Write of size 121 at addr fff00000c7041900 by task kunit_try_catch/285 [ 21.447804] [ 21.447836] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.447924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.447951] Hardware name: linux,dummy-virt (DT) [ 21.447985] Call trace: [ 21.448009] show_stack+0x20/0x38 (C) [ 21.448058] dump_stack_lvl+0x8c/0xd0 [ 21.448109] print_report+0x118/0x608 [ 21.448166] kasan_report+0xdc/0x128 [ 21.448387] kasan_check_range+0x100/0x1a8 [ 21.448635] __kasan_check_write+0x20/0x30 [ 21.448767] copy_user_test_oob+0x434/0xec8 [ 21.448817] kunit_try_run_case+0x170/0x3f0 [ 21.448868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.448922] kthread+0x328/0x630 [ 21.448966] ret_from_fork+0x10/0x20 [ 21.449015] [ 21.449035] Allocated by task 285: [ 21.449066] kasan_save_stack+0x3c/0x68 [ 21.449109] kasan_save_track+0x20/0x40 [ 21.449149] kasan_save_alloc_info+0x40/0x58 [ 21.449192] __kasan_kmalloc+0xd4/0xd8 [ 21.449230] __kmalloc_noprof+0x198/0x4c8 [ 21.449325] kunit_kmalloc_array+0x34/0x88 [ 21.449464] copy_user_test_oob+0xac/0xec8 [ 21.449505] kunit_try_run_case+0x170/0x3f0 [ 21.449565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.449649] kthread+0x328/0x630 [ 21.449685] ret_from_fork+0x10/0x20 [ 21.449746] [ 21.449769] The buggy address belongs to the object at fff00000c7041900 [ 21.449769] which belongs to the cache kmalloc-128 of size 128 [ 21.449829] The buggy address is located 0 bytes inside of [ 21.449829] allocated 120-byte region [fff00000c7041900, fff00000c7041978) [ 21.449893] [ 21.449915] The buggy address belongs to the physical page: [ 21.449948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.450001] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.450050] page_type: f5(slab) [ 21.450088] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.450140] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.450247] page dumped because: kasan: bad access detected [ 21.450310] [ 21.450330] Memory state around the buggy address: [ 21.450462] fff00000c7041800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.450815] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.450902] >fff00000c7041900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.450945] ^ [ 21.450990] fff00000c7041980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.451037] fff00000c7041a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.451079] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.347959] ================================================================== [ 21.348025] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 21.348081] Write of size 8 at addr fff00000c7041878 by task kunit_try_catch/281 [ 21.348422] [ 21.348481] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.348795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.348910] Hardware name: linux,dummy-virt (DT) [ 21.349041] Call trace: [ 21.349106] show_stack+0x20/0x38 (C) [ 21.349164] dump_stack_lvl+0x8c/0xd0 [ 21.349507] print_report+0x118/0x608 [ 21.349705] kasan_report+0xdc/0x128 [ 21.349806] kasan_check_range+0x100/0x1a8 [ 21.350134] __kasan_check_write+0x20/0x30 [ 21.350450] copy_to_kernel_nofault+0x8c/0x250 [ 21.350673] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 21.350780] kunit_try_run_case+0x170/0x3f0 [ 21.350928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.350999] kthread+0x328/0x630 [ 21.351379] ret_from_fork+0x10/0x20 [ 21.351552] [ 21.351866] Allocated by task 281: [ 21.352129] kasan_save_stack+0x3c/0x68 [ 21.352446] kasan_save_track+0x20/0x40 [ 21.352587] kasan_save_alloc_info+0x40/0x58 [ 21.352944] __kasan_kmalloc+0xd4/0xd8 [ 21.353102] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.353463] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.353633] kunit_try_run_case+0x170/0x3f0 [ 21.353712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.353965] kthread+0x328/0x630 [ 21.354240] ret_from_fork+0x10/0x20 [ 21.354290] [ 21.354350] The buggy address belongs to the object at fff00000c7041800 [ 21.354350] which belongs to the cache kmalloc-128 of size 128 [ 21.354710] The buggy address is located 0 bytes to the right of [ 21.354710] allocated 120-byte region [fff00000c7041800, fff00000c7041878) [ 21.354788] [ 21.355006] The buggy address belongs to the physical page: [ 21.355238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.355384] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.355633] page_type: f5(slab) [ 21.355846] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.355937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.356141] page dumped because: kasan: bad access detected [ 21.356226] [ 21.356247] Memory state around the buggy address: [ 21.356304] fff00000c7041700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.356353] fff00000c7041780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.356516] >fff00000c7041800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.356571] ^ [ 21.356636] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.356691] fff00000c7041900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.356939] ================================================================== [ 21.335727] ================================================================== [ 21.335990] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 21.336111] Read of size 8 at addr fff00000c7041878 by task kunit_try_catch/281 [ 21.336168] [ 21.336239] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.336474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.336567] Hardware name: linux,dummy-virt (DT) [ 21.336756] Call trace: [ 21.336791] show_stack+0x20/0x38 (C) [ 21.336910] dump_stack_lvl+0x8c/0xd0 [ 21.336964] print_report+0x118/0x608 [ 21.337015] kasan_report+0xdc/0x128 [ 21.337061] __asan_report_load8_noabort+0x20/0x30 [ 21.337421] copy_to_kernel_nofault+0x204/0x250 [ 21.337525] copy_to_kernel_nofault_oob+0x158/0x418 [ 21.337692] kunit_try_run_case+0x170/0x3f0 [ 21.337790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.337927] kthread+0x328/0x630 [ 21.338286] ret_from_fork+0x10/0x20 [ 21.338445] [ 21.338527] Allocated by task 281: [ 21.338698] kasan_save_stack+0x3c/0x68 [ 21.338793] kasan_save_track+0x20/0x40 [ 21.338863] kasan_save_alloc_info+0x40/0x58 [ 21.339090] __kasan_kmalloc+0xd4/0xd8 [ 21.339305] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.339413] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.339482] kunit_try_run_case+0x170/0x3f0 [ 21.339626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.339717] kthread+0x328/0x630 [ 21.339756] ret_from_fork+0x10/0x20 [ 21.339827] [ 21.340657] The buggy address belongs to the object at fff00000c7041800 [ 21.340657] which belongs to the cache kmalloc-128 of size 128 [ 21.340753] The buggy address is located 0 bytes to the right of [ 21.340753] allocated 120-byte region [fff00000c7041800, fff00000c7041878) [ 21.340866] [ 21.340922] The buggy address belongs to the physical page: [ 21.341629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 21.341912] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.342002] page_type: f5(slab) [ 21.342077] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.342253] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.342327] page dumped because: kasan: bad access detected [ 21.342437] [ 21.342509] Memory state around the buggy address: [ 21.342562] fff00000c7041700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.342769] fff00000c7041780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.343079] >fff00000c7041800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.343295] ^ [ 21.343407] fff00000c7041880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.343489] fff00000c7041900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.343595] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 21.268566] ================================================================== [ 21.268692] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 21.268766] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 21.268820] [ 21.268863] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.268952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.268984] Hardware name: linux,dummy-virt (DT) [ 21.269022] Call trace: [ 21.269054] show_stack+0x20/0x38 (C) [ 21.269126] dump_stack_lvl+0x8c/0xd0 [ 21.269181] print_report+0x310/0x608 [ 21.269230] kasan_report+0xdc/0x128 [ 21.269278] __asan_report_load1_noabort+0x20/0x30 [ 21.269343] vmalloc_oob+0x578/0x5d0 [ 21.269391] kunit_try_run_case+0x170/0x3f0 [ 21.269442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.269498] kthread+0x328/0x630 [ 21.269542] ret_from_fork+0x10/0x20 [ 21.270459] [ 21.270702] The buggy address belongs to the virtual mapping at [ 21.270702] [ffff8000800fe000, ffff800080100000) created by: [ 21.270702] vmalloc_oob+0x98/0x5d0 [ 21.271033] [ 21.271066] The buggy address belongs to the physical page: [ 21.271141] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b9 [ 21.271495] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.271869] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.271992] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.272106] page dumped because: kasan: bad access detected [ 21.272146] [ 21.272185] Memory state around the buggy address: [ 21.272475] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.272612] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.272853] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.273054] ^ [ 21.273242] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.273488] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.273603] ================================================================== [ 21.275805] ================================================================== [ 21.275887] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 21.275948] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 21.276001] [ 21.276038] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.276126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.276153] Hardware name: linux,dummy-virt (DT) [ 21.276519] Call trace: [ 21.276561] show_stack+0x20/0x38 (C) [ 21.276939] dump_stack_lvl+0x8c/0xd0 [ 21.277098] print_report+0x310/0x608 [ 21.277206] kasan_report+0xdc/0x128 [ 21.277429] __asan_report_load1_noabort+0x20/0x30 [ 21.277708] vmalloc_oob+0x51c/0x5d0 [ 21.277781] kunit_try_run_case+0x170/0x3f0 [ 21.277961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.278056] kthread+0x328/0x630 [ 21.278243] ret_from_fork+0x10/0x20 [ 21.278298] [ 21.278454] The buggy address belongs to the virtual mapping at [ 21.278454] [ffff8000800fe000, ffff800080100000) created by: [ 21.278454] vmalloc_oob+0x98/0x5d0 [ 21.278699] [ 21.278760] The buggy address belongs to the physical page: [ 21.278980] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b9 [ 21.279247] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.279329] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.279446] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.279535] page dumped because: kasan: bad access detected [ 21.279586] [ 21.279608] Memory state around the buggy address: [ 21.279804] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.279965] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.280342] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.280474] ^ [ 21.280560] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.280717] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.280909] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 21.179495] ================================================================== [ 21.179565] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 21.179801] Read of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.179883] [ 21.180017] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.180107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.180219] Hardware name: linux,dummy-virt (DT) [ 21.180507] Call trace: [ 21.180589] show_stack+0x20/0x38 (C) [ 21.180808] dump_stack_lvl+0x8c/0xd0 [ 21.181118] print_report+0x118/0x608 [ 21.181200] kasan_report+0xdc/0x128 [ 21.181455] __asan_report_load8_noabort+0x20/0x30 [ 21.181635] kasan_atomics_helper+0x3db0/0x4858 [ 21.181841] kasan_atomics+0x198/0x2e0 [ 21.181940] kunit_try_run_case+0x170/0x3f0 [ 21.182288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.182418] kthread+0x328/0x630 [ 21.182515] ret_from_fork+0x10/0x20 [ 21.182966] [ 21.183031] Allocated by task 265: [ 21.183150] kasan_save_stack+0x3c/0x68 [ 21.183432] kasan_save_track+0x20/0x40 [ 21.183600] kasan_save_alloc_info+0x40/0x58 [ 21.183902] __kasan_kmalloc+0xd4/0xd8 [ 21.184129] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.184215] kasan_atomics+0xb8/0x2e0 [ 21.184388] kunit_try_run_case+0x170/0x3f0 [ 21.184476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.184777] kthread+0x328/0x630 [ 21.184981] ret_from_fork+0x10/0x20 [ 21.185263] [ 21.185436] The buggy address belongs to the object at fff00000c58ac280 [ 21.185436] which belongs to the cache kmalloc-64 of size 64 [ 21.185672] The buggy address is located 0 bytes to the right of [ 21.185672] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.185878] [ 21.185947] The buggy address belongs to the physical page: [ 21.186017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.186227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.186452] page_type: f5(slab) [ 21.186535] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.186883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.187071] page dumped because: kasan: bad access detected [ 21.187123] [ 21.187145] Memory state around the buggy address: [ 21.187370] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.187506] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.188181] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.188424] ^ [ 21.188494] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.188813] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.188864] ================================================================== [ 21.037799] ================================================================== [ 21.037851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 21.037957] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.038011] [ 21.038045] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.038620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.038674] Hardware name: linux,dummy-virt (DT) [ 21.038708] Call trace: [ 21.038914] show_stack+0x20/0x38 (C) [ 21.038980] dump_stack_lvl+0x8c/0xd0 [ 21.039031] print_report+0x118/0x608 [ 21.039077] kasan_report+0xdc/0x128 [ 21.039126] kasan_check_range+0x100/0x1a8 [ 21.039358] __kasan_check_write+0x20/0x30 [ 21.039486] kasan_atomics_helper+0xf88/0x4858 [ 21.039543] kasan_atomics+0x198/0x2e0 [ 21.039612] kunit_try_run_case+0x170/0x3f0 [ 21.039663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.039723] kthread+0x328/0x630 [ 21.039766] ret_from_fork+0x10/0x20 [ 21.039819] [ 21.039841] Allocated by task 265: [ 21.039871] kasan_save_stack+0x3c/0x68 [ 21.039925] kasan_save_track+0x20/0x40 [ 21.039973] kasan_save_alloc_info+0x40/0x58 [ 21.040016] __kasan_kmalloc+0xd4/0xd8 [ 21.040060] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.040103] kasan_atomics+0xb8/0x2e0 [ 21.040139] kunit_try_run_case+0x170/0x3f0 [ 21.040177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.040231] kthread+0x328/0x630 [ 21.040267] ret_from_fork+0x10/0x20 [ 21.040305] [ 21.040337] The buggy address belongs to the object at fff00000c58ac280 [ 21.040337] which belongs to the cache kmalloc-64 of size 64 [ 21.040398] The buggy address is located 0 bytes to the right of [ 21.040398] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.040462] [ 21.040484] The buggy address belongs to the physical page: [ 21.040517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.040569] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.040628] page_type: f5(slab) [ 21.040670] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.040750] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.041065] page dumped because: kasan: bad access detected [ 21.041322] [ 21.041758] Memory state around the buggy address: [ 21.042169] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.042243] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.042312] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.042525] ^ [ 21.042714] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.043086] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.043173] ================================================================== [ 20.875551] ================================================================== [ 20.875773] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 20.876027] Write of size 4 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.876264] [ 20.876349] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.876445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.876520] Hardware name: linux,dummy-virt (DT) [ 20.876591] Call trace: [ 20.876643] show_stack+0x20/0x38 (C) [ 20.877162] dump_stack_lvl+0x8c/0xd0 [ 20.877372] print_report+0x118/0x608 [ 20.877479] kasan_report+0xdc/0x128 [ 20.877717] kasan_check_range+0x100/0x1a8 [ 20.877908] __kasan_check_write+0x20/0x30 [ 20.878023] kasan_atomics_helper+0xa04/0x4858 [ 20.878094] kasan_atomics+0x198/0x2e0 [ 20.878293] kunit_try_run_case+0x170/0x3f0 [ 20.878490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.878701] kthread+0x328/0x630 [ 20.878803] ret_from_fork+0x10/0x20 [ 20.878925] [ 20.879025] Allocated by task 265: [ 20.879057] kasan_save_stack+0x3c/0x68 [ 20.879411] kasan_save_track+0x20/0x40 [ 20.879528] kasan_save_alloc_info+0x40/0x58 [ 20.879659] __kasan_kmalloc+0xd4/0xd8 [ 20.879734] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.879858] kasan_atomics+0xb8/0x2e0 [ 20.879938] kunit_try_run_case+0x170/0x3f0 [ 20.879997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.880228] kthread+0x328/0x630 [ 20.880324] ret_from_fork+0x10/0x20 [ 20.880544] [ 20.880676] The buggy address belongs to the object at fff00000c58ac280 [ 20.880676] which belongs to the cache kmalloc-64 of size 64 [ 20.880740] The buggy address is located 0 bytes to the right of [ 20.880740] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.880805] [ 20.880833] The buggy address belongs to the physical page: [ 20.880867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.881120] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.881402] page_type: f5(slab) [ 20.881496] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.881695] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.881763] page dumped because: kasan: bad access detected [ 20.881804] [ 20.881839] Memory state around the buggy address: [ 20.881874] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.881919] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.881966] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.882022] ^ [ 20.882058] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.882102] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.882142] ================================================================== [ 20.991671] ================================================================== [ 20.991720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 20.991801] Read of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.992039] [ 20.992083] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.992528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.992624] Hardware name: linux,dummy-virt (DT) [ 20.992661] Call trace: [ 20.992686] show_stack+0x20/0x38 (C) [ 20.992794] dump_stack_lvl+0x8c/0xd0 [ 20.992844] print_report+0x118/0x608 [ 20.993276] kasan_report+0xdc/0x128 [ 20.993567] __asan_report_load8_noabort+0x20/0x30 [ 20.994000] kasan_atomics_helper+0x3f58/0x4858 [ 20.994266] kasan_atomics+0x198/0x2e0 [ 20.994369] kunit_try_run_case+0x170/0x3f0 [ 20.994541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.994624] kthread+0x328/0x630 [ 20.994797] ret_from_fork+0x10/0x20 [ 20.995074] [ 20.995122] Allocated by task 265: [ 20.995328] kasan_save_stack+0x3c/0x68 [ 20.995558] kasan_save_track+0x20/0x40 [ 20.995671] kasan_save_alloc_info+0x40/0x58 [ 20.995730] __kasan_kmalloc+0xd4/0xd8 [ 20.995948] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.996061] kasan_atomics+0xb8/0x2e0 [ 20.996654] kunit_try_run_case+0x170/0x3f0 [ 20.996773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.996834] kthread+0x328/0x630 [ 20.997059] ret_from_fork+0x10/0x20 [ 20.997317] [ 20.997377] The buggy address belongs to the object at fff00000c58ac280 [ 20.997377] which belongs to the cache kmalloc-64 of size 64 [ 20.997590] The buggy address is located 0 bytes to the right of [ 20.997590] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.997829] [ 20.997886] The buggy address belongs to the physical page: [ 20.997938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.997997] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.998205] page_type: f5(slab) [ 20.998383] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.998454] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.998499] page dumped because: kasan: bad access detected [ 20.998532] [ 20.998565] Memory state around the buggy address: [ 20.998839] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.999014] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.999081] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.999421] ^ [ 20.999569] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.999632] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.000108] ================================================================== [ 21.222471] ================================================================== [ 21.222604] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 21.222760] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.222824] [ 21.222863] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.223165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.223209] Hardware name: linux,dummy-virt (DT) [ 21.223244] Call trace: [ 21.223318] show_stack+0x20/0x38 (C) [ 21.223374] dump_stack_lvl+0x8c/0xd0 [ 21.223429] print_report+0x118/0x608 [ 21.223522] kasan_report+0xdc/0x128 [ 21.223584] kasan_check_range+0x100/0x1a8 [ 21.223635] __kasan_check_write+0x20/0x30 [ 21.223700] kasan_atomics_helper+0x175c/0x4858 [ 21.223752] kasan_atomics+0x198/0x2e0 [ 21.223799] kunit_try_run_case+0x170/0x3f0 [ 21.224186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.224398] kthread+0x328/0x630 [ 21.224483] ret_from_fork+0x10/0x20 [ 21.224534] [ 21.224629] Allocated by task 265: [ 21.224662] kasan_save_stack+0x3c/0x68 [ 21.224713] kasan_save_track+0x20/0x40 [ 21.224760] kasan_save_alloc_info+0x40/0x58 [ 21.224939] __kasan_kmalloc+0xd4/0xd8 [ 21.225196] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.225291] kasan_atomics+0xb8/0x2e0 [ 21.225675] kunit_try_run_case+0x170/0x3f0 [ 21.225824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.225925] kthread+0x328/0x630 [ 21.226006] ret_from_fork+0x10/0x20 [ 21.226136] [ 21.226160] The buggy address belongs to the object at fff00000c58ac280 [ 21.226160] which belongs to the cache kmalloc-64 of size 64 [ 21.226571] The buggy address is located 0 bytes to the right of [ 21.226571] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.227044] [ 21.227169] The buggy address belongs to the physical page: [ 21.227477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.227646] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.228196] page_type: f5(slab) [ 21.228539] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.228648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.228703] page dumped because: kasan: bad access detected [ 21.228761] [ 21.228987] Memory state around the buggy address: [ 21.229226] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.229598] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.229753] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.229994] ^ [ 21.230167] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.230290] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.230331] ================================================================== [ 21.062403] ================================================================== [ 21.062723] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 21.063020] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.063145] [ 21.063180] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.063360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.063419] Hardware name: linux,dummy-virt (DT) [ 21.063453] Call trace: [ 21.063479] show_stack+0x20/0x38 (C) [ 21.063548] dump_stack_lvl+0x8c/0xd0 [ 21.063610] print_report+0x118/0x608 [ 21.063885] kasan_report+0xdc/0x128 [ 21.064210] kasan_check_range+0x100/0x1a8 [ 21.064499] __kasan_check_write+0x20/0x30 [ 21.064619] kasan_atomics_helper+0x10c0/0x4858 [ 21.064969] kasan_atomics+0x198/0x2e0 [ 21.065184] kunit_try_run_case+0x170/0x3f0 [ 21.065324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.065608] kthread+0x328/0x630 [ 21.065843] ret_from_fork+0x10/0x20 [ 21.066155] [ 21.066250] Allocated by task 265: [ 21.066422] kasan_save_stack+0x3c/0x68 [ 21.066533] kasan_save_track+0x20/0x40 [ 21.066687] kasan_save_alloc_info+0x40/0x58 [ 21.066922] __kasan_kmalloc+0xd4/0xd8 [ 21.067090] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.067412] kasan_atomics+0xb8/0x2e0 [ 21.067683] kunit_try_run_case+0x170/0x3f0 [ 21.067894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.067943] kthread+0x328/0x630 [ 21.067979] ret_from_fork+0x10/0x20 [ 21.068157] [ 21.068227] The buggy address belongs to the object at fff00000c58ac280 [ 21.068227] which belongs to the cache kmalloc-64 of size 64 [ 21.068383] The buggy address is located 0 bytes to the right of [ 21.068383] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.068454] [ 21.068488] The buggy address belongs to the physical page: [ 21.068537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.068612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.068667] page_type: f5(slab) [ 21.068930] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.069222] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.069313] page dumped because: kasan: bad access detected [ 21.069350] [ 21.069370] Memory state around the buggy address: [ 21.069405] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.069451] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.069760] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.070178] ^ [ 21.070350] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.070477] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.070518] ================================================================== [ 21.145432] ================================================================== [ 21.145486] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 21.145535] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.145597] [ 21.145629] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.146103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.146373] Hardware name: linux,dummy-virt (DT) [ 21.146417] Call trace: [ 21.146443] show_stack+0x20/0x38 (C) [ 21.146496] dump_stack_lvl+0x8c/0xd0 [ 21.146626] print_report+0x118/0x608 [ 21.146678] kasan_report+0xdc/0x128 [ 21.146731] kasan_check_range+0x100/0x1a8 [ 21.147121] __kasan_check_write+0x20/0x30 [ 21.147470] kasan_atomics_helper+0x147c/0x4858 [ 21.147627] kasan_atomics+0x198/0x2e0 [ 21.147682] kunit_try_run_case+0x170/0x3f0 [ 21.147759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.147867] kthread+0x328/0x630 [ 21.147915] ret_from_fork+0x10/0x20 [ 21.147979] [ 21.148010] Allocated by task 265: [ 21.148293] kasan_save_stack+0x3c/0x68 [ 21.148359] kasan_save_track+0x20/0x40 [ 21.148484] kasan_save_alloc_info+0x40/0x58 [ 21.148538] __kasan_kmalloc+0xd4/0xd8 [ 21.148716] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.148929] kasan_atomics+0xb8/0x2e0 [ 21.149045] kunit_try_run_case+0x170/0x3f0 [ 21.149098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.149151] kthread+0x328/0x630 [ 21.149340] ret_from_fork+0x10/0x20 [ 21.149572] [ 21.150006] The buggy address belongs to the object at fff00000c58ac280 [ 21.150006] which belongs to the cache kmalloc-64 of size 64 [ 21.150160] The buggy address is located 0 bytes to the right of [ 21.150160] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.150514] [ 21.150731] The buggy address belongs to the physical page: [ 21.151013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.151356] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.151773] page_type: f5(slab) [ 21.151848] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.152058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.152220] page dumped because: kasan: bad access detected [ 21.152560] [ 21.152690] Memory state around the buggy address: [ 21.152749] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.152818] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.153027] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.153271] ^ [ 21.153316] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.153362] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.153400] ================================================================== [ 21.018222] ================================================================== [ 21.018490] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 21.018757] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.018833] [ 21.019382] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.019603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.019646] Hardware name: linux,dummy-virt (DT) [ 21.019704] Call trace: [ 21.019832] show_stack+0x20/0x38 (C) [ 21.019890] dump_stack_lvl+0x8c/0xd0 [ 21.019937] print_report+0x118/0x608 [ 21.020015] kasan_report+0xdc/0x128 [ 21.020080] kasan_check_range+0x100/0x1a8 [ 21.020539] __kasan_check_write+0x20/0x30 [ 21.020634] kasan_atomics_helper+0xeb8/0x4858 [ 21.020724] kasan_atomics+0x198/0x2e0 [ 21.020794] kunit_try_run_case+0x170/0x3f0 [ 21.020890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.021049] kthread+0x328/0x630 [ 21.021119] ret_from_fork+0x10/0x20 [ 21.021414] [ 21.021513] Allocated by task 265: [ 21.021967] kasan_save_stack+0x3c/0x68 [ 21.022059] kasan_save_track+0x20/0x40 [ 21.022194] kasan_save_alloc_info+0x40/0x58 [ 21.022259] __kasan_kmalloc+0xd4/0xd8 [ 21.022559] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.022682] kasan_atomics+0xb8/0x2e0 [ 21.022723] kunit_try_run_case+0x170/0x3f0 [ 21.022927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.022977] kthread+0x328/0x630 [ 21.023013] ret_from_fork+0x10/0x20 [ 21.023052] [ 21.023075] The buggy address belongs to the object at fff00000c58ac280 [ 21.023075] which belongs to the cache kmalloc-64 of size 64 [ 21.023146] The buggy address is located 0 bytes to the right of [ 21.023146] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.023217] [ 21.023241] The buggy address belongs to the physical page: [ 21.023303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.023366] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.023416] page_type: f5(slab) [ 21.023456] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.023513] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.023556] page dumped because: kasan: bad access detected [ 21.023633] [ 21.023688] Memory state around the buggy address: [ 21.023766] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.023848] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.024447] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.024797] ^ [ 21.025078] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.025298] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.025640] ================================================================== [ 21.127055] ================================================================== [ 21.127230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 21.127290] Read of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.127364] [ 21.127396] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.127488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.127520] Hardware name: linux,dummy-virt (DT) [ 21.127554] Call trace: [ 21.127591] show_stack+0x20/0x38 (C) [ 21.127643] dump_stack_lvl+0x8c/0xd0 [ 21.127695] print_report+0x118/0x608 [ 21.127741] kasan_report+0xdc/0x128 [ 21.127790] __asan_report_load8_noabort+0x20/0x30 [ 21.127847] kasan_atomics_helper+0x3f04/0x4858 [ 21.127898] kasan_atomics+0x198/0x2e0 [ 21.127946] kunit_try_run_case+0x170/0x3f0 [ 21.127993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.128057] kthread+0x328/0x630 [ 21.128107] ret_from_fork+0x10/0x20 [ 21.128163] [ 21.128184] Allocated by task 265: [ 21.128223] kasan_save_stack+0x3c/0x68 [ 21.128265] kasan_save_track+0x20/0x40 [ 21.128305] kasan_save_alloc_info+0x40/0x58 [ 21.128345] __kasan_kmalloc+0xd4/0xd8 [ 21.128383] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.128433] kasan_atomics+0xb8/0x2e0 [ 21.128470] kunit_try_run_case+0x170/0x3f0 [ 21.128518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.128563] kthread+0x328/0x630 [ 21.128605] ret_from_fork+0x10/0x20 [ 21.128666] [ 21.128688] The buggy address belongs to the object at fff00000c58ac280 [ 21.128688] which belongs to the cache kmalloc-64 of size 64 [ 21.129004] The buggy address is located 0 bytes to the right of [ 21.129004] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.129446] [ 21.129604] The buggy address belongs to the physical page: [ 21.130279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.130371] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.130445] page_type: f5(slab) [ 21.130864] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.131077] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.131442] page dumped because: kasan: bad access detected [ 21.131518] [ 21.132028] Memory state around the buggy address: [ 21.132500] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.132555] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.132746] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.132861] ^ [ 21.133068] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.133288] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.133487] ================================================================== [ 20.976078] ================================================================== [ 20.976152] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 20.976213] Read of size 4 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.976355] [ 20.976390] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.976474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.976509] Hardware name: linux,dummy-virt (DT) [ 20.976679] Call trace: [ 20.976715] show_stack+0x20/0x38 (C) [ 20.976769] dump_stack_lvl+0x8c/0xd0 [ 20.976819] print_report+0x118/0x608 [ 20.976866] kasan_report+0xdc/0x128 [ 20.976914] __asan_report_load4_noabort+0x20/0x30 [ 20.977107] kasan_atomics_helper+0x3e04/0x4858 [ 20.977176] kasan_atomics+0x198/0x2e0 [ 20.977223] kunit_try_run_case+0x170/0x3f0 [ 20.977273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.977327] kthread+0x328/0x630 [ 20.977370] ret_from_fork+0x10/0x20 [ 20.977421] [ 20.977451] Allocated by task 265: [ 20.977481] kasan_save_stack+0x3c/0x68 [ 20.977522] kasan_save_track+0x20/0x40 [ 20.977562] kasan_save_alloc_info+0x40/0x58 [ 20.978276] __kasan_kmalloc+0xd4/0xd8 [ 20.978380] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.978469] kasan_atomics+0xb8/0x2e0 [ 20.978690] kunit_try_run_case+0x170/0x3f0 [ 20.978822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.978979] kthread+0x328/0x630 [ 20.979228] ret_from_fork+0x10/0x20 [ 20.979429] [ 20.979457] The buggy address belongs to the object at fff00000c58ac280 [ 20.979457] which belongs to the cache kmalloc-64 of size 64 [ 20.979720] The buggy address is located 0 bytes to the right of [ 20.979720] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.980016] [ 20.980146] The buggy address belongs to the physical page: [ 20.980246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.980321] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.980572] page_type: f5(slab) [ 20.980809] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.981025] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.981128] page dumped because: kasan: bad access detected [ 20.981346] [ 20.981415] Memory state around the buggy address: [ 20.981629] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.981735] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.981809] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.981952] ^ [ 20.982008] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.982086] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.982232] ================================================================== [ 20.966545] ================================================================== [ 20.966743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 20.966807] Write of size 4 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.967159] [ 20.967212] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.967310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.967714] Hardware name: linux,dummy-virt (DT) [ 20.967767] Call trace: [ 20.967876] show_stack+0x20/0x38 (C) [ 20.968013] dump_stack_lvl+0x8c/0xd0 [ 20.968081] print_report+0x118/0x608 [ 20.968129] kasan_report+0xdc/0x128 [ 20.968364] kasan_check_range+0x100/0x1a8 [ 20.968591] __kasan_check_write+0x20/0x30 [ 20.968877] kasan_atomics_helper+0xd3c/0x4858 [ 20.969099] kasan_atomics+0x198/0x2e0 [ 20.969180] kunit_try_run_case+0x170/0x3f0 [ 20.969322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.969380] kthread+0x328/0x630 [ 20.969426] ret_from_fork+0x10/0x20 [ 20.969481] [ 20.969501] Allocated by task 265: [ 20.969695] kasan_save_stack+0x3c/0x68 [ 20.969843] kasan_save_track+0x20/0x40 [ 20.970010] kasan_save_alloc_info+0x40/0x58 [ 20.970234] __kasan_kmalloc+0xd4/0xd8 [ 20.970404] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.970699] kasan_atomics+0xb8/0x2e0 [ 20.971091] kunit_try_run_case+0x170/0x3f0 [ 20.971310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.971444] kthread+0x328/0x630 [ 20.971714] ret_from_fork+0x10/0x20 [ 20.971802] [ 20.972005] The buggy address belongs to the object at fff00000c58ac280 [ 20.972005] which belongs to the cache kmalloc-64 of size 64 [ 20.972125] The buggy address is located 0 bytes to the right of [ 20.972125] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.972441] [ 20.972735] The buggy address belongs to the physical page: [ 20.972782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.973021] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.973247] page_type: f5(slab) [ 20.973303] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.973423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.973515] page dumped because: kasan: bad access detected [ 20.973653] [ 20.973675] Memory state around the buggy address: [ 20.973709] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.973754] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.973990] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.974074] ^ [ 20.974348] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.974609] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.975136] ================================================================== [ 21.154540] ================================================================== [ 21.154695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 21.154750] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.154803] [ 21.154837] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.155228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.155272] Hardware name: linux,dummy-virt (DT) [ 21.155451] Call trace: [ 21.155488] show_stack+0x20/0x38 (C) [ 21.155542] dump_stack_lvl+0x8c/0xd0 [ 21.155784] print_report+0x118/0x608 [ 21.155900] kasan_report+0xdc/0x128 [ 21.155984] kasan_check_range+0x100/0x1a8 [ 21.156034] __kasan_check_write+0x20/0x30 [ 21.156088] kasan_atomics_helper+0x14e4/0x4858 [ 21.156339] kasan_atomics+0x198/0x2e0 [ 21.156592] kunit_try_run_case+0x170/0x3f0 [ 21.156645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.156923] kthread+0x328/0x630 [ 21.156989] ret_from_fork+0x10/0x20 [ 21.157374] [ 21.157694] Allocated by task 265: [ 21.157846] kasan_save_stack+0x3c/0x68 [ 21.157944] kasan_save_track+0x20/0x40 [ 21.158071] kasan_save_alloc_info+0x40/0x58 [ 21.158119] __kasan_kmalloc+0xd4/0xd8 [ 21.158167] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.158215] kasan_atomics+0xb8/0x2e0 [ 21.158282] kunit_try_run_case+0x170/0x3f0 [ 21.158325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.158372] kthread+0x328/0x630 [ 21.158407] ret_from_fork+0x10/0x20 [ 21.158445] [ 21.158478] The buggy address belongs to the object at fff00000c58ac280 [ 21.158478] which belongs to the cache kmalloc-64 of size 64 [ 21.158540] The buggy address is located 0 bytes to the right of [ 21.158540] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.158618] [ 21.158657] The buggy address belongs to the physical page: [ 21.158723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.158799] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.158852] page_type: f5(slab) [ 21.158894] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.158953] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.158996] page dumped because: kasan: bad access detected [ 21.159036] [ 21.159065] Memory state around the buggy address: [ 21.159098] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.159145] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.159190] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.159235] ^ [ 21.159271] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.159326] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.159365] ================================================================== [ 21.230952] ================================================================== [ 21.231281] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 21.231450] Read of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.231512] [ 21.231545] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.231803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.231837] Hardware name: linux,dummy-virt (DT) [ 21.232012] Call trace: [ 21.232059] show_stack+0x20/0x38 (C) [ 21.232113] dump_stack_lvl+0x8c/0xd0 [ 21.232223] print_report+0x118/0x608 [ 21.232290] kasan_report+0xdc/0x128 [ 21.232346] __asan_report_load8_noabort+0x20/0x30 [ 21.232525] kasan_atomics_helper+0x3e20/0x4858 [ 21.232605] kasan_atomics+0x198/0x2e0 [ 21.232826] kunit_try_run_case+0x170/0x3f0 [ 21.233202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.233296] kthread+0x328/0x630 [ 21.233427] ret_from_fork+0x10/0x20 [ 21.233661] [ 21.233695] Allocated by task 265: [ 21.233726] kasan_save_stack+0x3c/0x68 [ 21.233772] kasan_save_track+0x20/0x40 [ 21.233919] kasan_save_alloc_info+0x40/0x58 [ 21.234103] __kasan_kmalloc+0xd4/0xd8 [ 21.234200] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.234596] kasan_atomics+0xb8/0x2e0 [ 21.234735] kunit_try_run_case+0x170/0x3f0 [ 21.234877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.234955] kthread+0x328/0x630 [ 21.235000] ret_from_fork+0x10/0x20 [ 21.235046] [ 21.235210] The buggy address belongs to the object at fff00000c58ac280 [ 21.235210] which belongs to the cache kmalloc-64 of size 64 [ 21.235609] The buggy address is located 0 bytes to the right of [ 21.235609] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.235769] [ 21.235837] The buggy address belongs to the physical page: [ 21.235879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.236056] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.236453] page_type: f5(slab) [ 21.236663] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.236742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.236793] page dumped because: kasan: bad access detected [ 21.236828] [ 21.236847] Memory state around the buggy address: [ 21.237080] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.237302] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.237484] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.237530] ^ [ 21.237566] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.237624] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.237792] ================================================================== [ 21.080055] ================================================================== [ 21.080126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 21.080177] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.080521] [ 21.080596] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.080777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.081301] Hardware name: linux,dummy-virt (DT) [ 21.081421] Call trace: [ 21.081511] show_stack+0x20/0x38 (C) [ 21.082104] dump_stack_lvl+0x8c/0xd0 [ 21.082169] print_report+0x118/0x608 [ 21.082414] kasan_report+0xdc/0x128 [ 21.082678] kasan_check_range+0x100/0x1a8 [ 21.082906] __kasan_check_write+0x20/0x30 [ 21.083146] kasan_atomics_helper+0x1190/0x4858 [ 21.083241] kasan_atomics+0x198/0x2e0 [ 21.083494] kunit_try_run_case+0x170/0x3f0 [ 21.083707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.084067] kthread+0x328/0x630 [ 21.084156] ret_from_fork+0x10/0x20 [ 21.084301] [ 21.084325] Allocated by task 265: [ 21.084355] kasan_save_stack+0x3c/0x68 [ 21.084705] kasan_save_track+0x20/0x40 [ 21.085230] kasan_save_alloc_info+0x40/0x58 [ 21.085515] __kasan_kmalloc+0xd4/0xd8 [ 21.085596] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.085639] kasan_atomics+0xb8/0x2e0 [ 21.085684] kunit_try_run_case+0x170/0x3f0 [ 21.085723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.085992] kthread+0x328/0x630 [ 21.086275] ret_from_fork+0x10/0x20 [ 21.086453] [ 21.086634] The buggy address belongs to the object at fff00000c58ac280 [ 21.086634] which belongs to the cache kmalloc-64 of size 64 [ 21.087061] The buggy address is located 0 bytes to the right of [ 21.087061] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.087139] [ 21.087342] The buggy address belongs to the physical page: [ 21.087386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.087754] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.088007] page_type: f5(slab) [ 21.088053] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.088340] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.088518] page dumped because: kasan: bad access detected [ 21.088598] [ 21.088754] Memory state around the buggy address: [ 21.088803] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.088858] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.088904] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.089323] ^ [ 21.089584] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.089675] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.089717] ================================================================== [ 21.238383] ================================================================== [ 21.238435] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 21.238487] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.238539] [ 21.238611] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.238696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.238725] Hardware name: linux,dummy-virt (DT) [ 21.238761] Call trace: [ 21.238794] show_stack+0x20/0x38 (C) [ 21.238855] dump_stack_lvl+0x8c/0xd0 [ 21.238902] print_report+0x118/0x608 [ 21.238951] kasan_report+0xdc/0x128 [ 21.238997] kasan_check_range+0x100/0x1a8 [ 21.239056] __kasan_check_write+0x20/0x30 [ 21.239103] kasan_atomics_helper+0x17ec/0x4858 [ 21.239158] kasan_atomics+0x198/0x2e0 [ 21.239204] kunit_try_run_case+0x170/0x3f0 [ 21.239252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.239304] kthread+0x328/0x630 [ 21.239347] ret_from_fork+0x10/0x20 [ 21.239404] [ 21.239425] Allocated by task 265: [ 21.239452] kasan_save_stack+0x3c/0x68 [ 21.239494] kasan_save_track+0x20/0x40 [ 21.239532] kasan_save_alloc_info+0x40/0x58 [ 21.239656] __kasan_kmalloc+0xd4/0xd8 [ 21.239915] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.240882] kasan_atomics+0xb8/0x2e0 [ 21.240975] kunit_try_run_case+0x170/0x3f0 [ 21.241063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.241149] kthread+0x328/0x630 [ 21.241201] ret_from_fork+0x10/0x20 [ 21.241278] [ 21.241466] The buggy address belongs to the object at fff00000c58ac280 [ 21.241466] which belongs to the cache kmalloc-64 of size 64 [ 21.241550] The buggy address is located 0 bytes to the right of [ 21.241550] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.242244] [ 21.242288] The buggy address belongs to the physical page: [ 21.242497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.242821] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.243220] page_type: f5(slab) [ 21.243345] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.243405] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.243650] page dumped because: kasan: bad access detected [ 21.244084] [ 21.244318] Memory state around the buggy address: [ 21.244455] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.244878] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.245030] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.245077] ^ [ 21.245140] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.245193] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.245558] ================================================================== [ 21.135237] ================================================================== [ 21.135292] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 21.135342] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.135790] [ 21.136110] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.136226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.136254] Hardware name: linux,dummy-virt (DT) [ 21.136289] Call trace: [ 21.136681] show_stack+0x20/0x38 (C) [ 21.136846] dump_stack_lvl+0x8c/0xd0 [ 21.137045] print_report+0x118/0x608 [ 21.137098] kasan_report+0xdc/0x128 [ 21.137439] kasan_check_range+0x100/0x1a8 [ 21.137690] __kasan_check_write+0x20/0x30 [ 21.137881] kasan_atomics_helper+0x1414/0x4858 [ 21.138026] kasan_atomics+0x198/0x2e0 [ 21.138132] kunit_try_run_case+0x170/0x3f0 [ 21.138279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.138522] kthread+0x328/0x630 [ 21.138657] ret_from_fork+0x10/0x20 [ 21.139031] [ 21.139169] Allocated by task 265: [ 21.139270] kasan_save_stack+0x3c/0x68 [ 21.139368] kasan_save_track+0x20/0x40 [ 21.139554] kasan_save_alloc_info+0x40/0x58 [ 21.139609] __kasan_kmalloc+0xd4/0xd8 [ 21.139794] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.140014] kasan_atomics+0xb8/0x2e0 [ 21.140215] kunit_try_run_case+0x170/0x3f0 [ 21.140327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.140595] kthread+0x328/0x630 [ 21.140741] ret_from_fork+0x10/0x20 [ 21.140820] [ 21.140858] The buggy address belongs to the object at fff00000c58ac280 [ 21.140858] which belongs to the cache kmalloc-64 of size 64 [ 21.140926] The buggy address is located 0 bytes to the right of [ 21.140926] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.141174] [ 21.141557] The buggy address belongs to the physical page: [ 21.141693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.141824] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.141902] page_type: f5(slab) [ 21.141943] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.142124] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.142332] page dumped because: kasan: bad access detected [ 21.142557] [ 21.142716] Memory state around the buggy address: [ 21.142756] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.143120] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.143360] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.143563] ^ [ 21.143816] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.143983] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.144181] ================================================================== [ 20.903464] ================================================================== [ 20.903528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 20.903709] Read of size 4 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.903940] [ 20.903983] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.904316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.905417] kasan_report+0xdc/0x128 [ 20.907344] kasan_save_stack+0x3c/0x68 [ 20.909944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.914506] kunit_try_run_case+0x170/0x3f0 [ 20.916813] kthread+0x328/0x630 [ 20.917696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.923837] Call trace: [ 20.926172] kasan_save_track+0x20/0x40 [ 20.928445] [ 20.929767] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.931442] Hardware name: linux,dummy-virt (DT) [ 20.933645] kthread+0x328/0x630 [ 20.935256] kasan_atomics+0xb8/0x2e0 [ 20.936589] The buggy address is located 0 bytes to the right of [ 20.936589] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.938978] ^ [ 20.943130] kasan_atomics+0x198/0x2e0 [ 20.943931] kthread+0x328/0x630 [ 20.944100] The buggy address is located 0 bytes to the right of [ 20.944100] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.945331] ^ [ 20.947547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 20.951313] kasan_atomics+0xb8/0x2e0 [ 20.951933] kthread+0x328/0x630 [ 20.952028] ret_from_fork+0x10/0x20 [ 20.952178] [ 20.952203] The buggy address belongs to the object at fff00000c58ac280 [ 20.952203] which belongs to the cache kmalloc-64 of size 64 [ 20.952295] The buggy address is located 0 bytes to the right of [ 20.952295] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.952726] [ 20.952772] The buggy address belongs to the physical page: [ 20.953117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.953173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.953356] page_type: f5(slab) [ 20.953462] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.953873] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.954093] page dumped because: kasan: bad access detected [ 20.954622] [ 20.954918] Memory state around the buggy address: [ 20.955019] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.955102] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.955185] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.955338] ^ [ 20.955595] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.955816] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.956062] ================================================================== [ 21.108122] ================================================================== [ 21.108182] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 21.108274] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.108542] [ 21.108594] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.108827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.109183] Hardware name: linux,dummy-virt (DT) [ 21.109304] Call trace: [ 21.109438] show_stack+0x20/0x38 (C) [ 21.109614] dump_stack_lvl+0x8c/0xd0 [ 21.109718] print_report+0x118/0x608 [ 21.109887] kasan_report+0xdc/0x128 [ 21.109935] kasan_check_range+0x100/0x1a8 [ 21.109992] __kasan_check_write+0x20/0x30 [ 21.110038] kasan_atomics_helper+0x12d8/0x4858 [ 21.110467] kasan_atomics+0x198/0x2e0 [ 21.110705] kunit_try_run_case+0x170/0x3f0 [ 21.110963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.111138] kthread+0x328/0x630 [ 21.111263] ret_from_fork+0x10/0x20 [ 21.111315] [ 21.111723] Allocated by task 265: [ 21.111785] kasan_save_stack+0x3c/0x68 [ 21.112188] kasan_save_track+0x20/0x40 [ 21.112336] kasan_save_alloc_info+0x40/0x58 [ 21.112414] __kasan_kmalloc+0xd4/0xd8 [ 21.112516] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.112561] kasan_atomics+0xb8/0x2e0 [ 21.112785] kunit_try_run_case+0x170/0x3f0 [ 21.113205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.113538] kthread+0x328/0x630 [ 21.113736] ret_from_fork+0x10/0x20 [ 21.113811] [ 21.113865] The buggy address belongs to the object at fff00000c58ac280 [ 21.113865] which belongs to the cache kmalloc-64 of size 64 [ 21.114134] The buggy address is located 0 bytes to the right of [ 21.114134] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.114533] [ 21.114599] The buggy address belongs to the physical page: [ 21.114869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.114963] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.115214] page_type: f5(slab) [ 21.115263] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.115316] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.115587] page dumped because: kasan: bad access detected [ 21.115678] [ 21.115712] Memory state around the buggy address: [ 21.115774] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.115822] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.115868] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.115909] ^ [ 21.115946] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.115989] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.116029] ================================================================== [ 20.983262] ================================================================== [ 20.983479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 20.983610] Read of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.983705] [ 20.983740] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.983954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.984046] Hardware name: linux,dummy-virt (DT) [ 20.984081] Call trace: [ 20.984214] show_stack+0x20/0x38 (C) [ 20.984375] dump_stack_lvl+0x8c/0xd0 [ 20.984468] print_report+0x118/0x608 [ 20.984689] kasan_report+0xdc/0x128 [ 20.984758] kasan_check_range+0x100/0x1a8 [ 20.985040] __kasan_check_read+0x20/0x30 [ 20.985187] kasan_atomics_helper+0xdd4/0x4858 [ 20.985316] kasan_atomics+0x198/0x2e0 [ 20.985442] kunit_try_run_case+0x170/0x3f0 [ 20.985517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.985586] kthread+0x328/0x630 [ 20.985632] ret_from_fork+0x10/0x20 [ 20.985681] [ 20.985701] Allocated by task 265: [ 20.985733] kasan_save_stack+0x3c/0x68 [ 20.985774] kasan_save_track+0x20/0x40 [ 20.985813] kasan_save_alloc_info+0x40/0x58 [ 20.985855] __kasan_kmalloc+0xd4/0xd8 [ 20.985893] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.987025] kasan_atomics+0xb8/0x2e0 [ 20.987130] kunit_try_run_case+0x170/0x3f0 [ 20.987191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.987260] kthread+0x328/0x630 [ 20.987296] ret_from_fork+0x10/0x20 [ 20.987669] [ 20.987709] The buggy address belongs to the object at fff00000c58ac280 [ 20.987709] which belongs to the cache kmalloc-64 of size 64 [ 20.988215] The buggy address is located 0 bytes to the right of [ 20.988215] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.988302] [ 20.988325] The buggy address belongs to the physical page: [ 20.988359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.988549] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.988872] page_type: f5(slab) [ 20.988918] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.989196] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.989362] page dumped because: kasan: bad access detected [ 20.989583] [ 20.989683] Memory state around the buggy address: [ 20.989759] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.989813] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.990021] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.990350] ^ [ 20.990668] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.990780] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.990867] ================================================================== [ 21.027374] ================================================================== [ 21.027558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 21.027629] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.027688] [ 21.027721] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.027810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.028288] Hardware name: linux,dummy-virt (DT) [ 21.028341] Call trace: [ 21.028492] show_stack+0x20/0x38 (C) [ 21.028572] dump_stack_lvl+0x8c/0xd0 [ 21.028972] print_report+0x118/0x608 [ 21.029077] kasan_report+0xdc/0x128 [ 21.029257] kasan_check_range+0x100/0x1a8 [ 21.029492] __kasan_check_write+0x20/0x30 [ 21.029623] kasan_atomics_helper+0xf20/0x4858 [ 21.029771] kasan_atomics+0x198/0x2e0 [ 21.029946] kunit_try_run_case+0x170/0x3f0 [ 21.030188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.030375] kthread+0x328/0x630 [ 21.030453] ret_from_fork+0x10/0x20 [ 21.030770] [ 21.030907] Allocated by task 265: [ 21.030985] kasan_save_stack+0x3c/0x68 [ 21.031066] kasan_save_track+0x20/0x40 [ 21.031207] kasan_save_alloc_info+0x40/0x58 [ 21.031251] __kasan_kmalloc+0xd4/0xd8 [ 21.031464] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.031602] kasan_atomics+0xb8/0x2e0 [ 21.031883] kunit_try_run_case+0x170/0x3f0 [ 21.032878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.032979] kthread+0x328/0x630 [ 21.033041] ret_from_fork+0x10/0x20 [ 21.033115] [ 21.033157] The buggy address belongs to the object at fff00000c58ac280 [ 21.033157] which belongs to the cache kmalloc-64 of size 64 [ 21.033253] The buggy address is located 0 bytes to the right of [ 21.033253] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.033626] [ 21.033735] The buggy address belongs to the physical page: [ 21.033846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.034316] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.034730] page_type: f5(slab) [ 21.034785] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.035087] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.035139] page dumped because: kasan: bad access detected [ 21.035450] [ 21.035518] Memory state around the buggy address: [ 21.035784] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.036071] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.036343] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.036533] ^ [ 21.036685] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.036824] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.036993] ================================================================== [ 21.096631] ================================================================== [ 21.097213] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 21.097300] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.097351] [ 21.097654] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.097895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.098151] Hardware name: linux,dummy-virt (DT) [ 21.098280] Call trace: [ 21.098435] show_stack+0x20/0x38 (C) [ 21.098705] dump_stack_lvl+0x8c/0xd0 [ 21.099002] print_report+0x118/0x608 [ 21.099184] kasan_report+0xdc/0x128 [ 21.099378] kasan_check_range+0x100/0x1a8 [ 21.099476] __kasan_check_write+0x20/0x30 [ 21.099560] kasan_atomics_helper+0x126c/0x4858 [ 21.099912] kasan_atomics+0x198/0x2e0 [ 21.100110] kunit_try_run_case+0x170/0x3f0 [ 21.100194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.100365] kthread+0x328/0x630 [ 21.100483] ret_from_fork+0x10/0x20 [ 21.100771] [ 21.100929] Allocated by task 265: [ 21.101176] kasan_save_stack+0x3c/0x68 [ 21.101417] kasan_save_track+0x20/0x40 [ 21.101601] kasan_save_alloc_info+0x40/0x58 [ 21.101691] __kasan_kmalloc+0xd4/0xd8 [ 21.101907] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.102100] kasan_atomics+0xb8/0x2e0 [ 21.102403] kunit_try_run_case+0x170/0x3f0 [ 21.102590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.102743] kthread+0x328/0x630 [ 21.102824] ret_from_fork+0x10/0x20 [ 21.103017] [ 21.103089] The buggy address belongs to the object at fff00000c58ac280 [ 21.103089] which belongs to the cache kmalloc-64 of size 64 [ 21.103162] The buggy address is located 0 bytes to the right of [ 21.103162] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.103431] [ 21.103549] The buggy address belongs to the physical page: [ 21.103637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.103995] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.104176] page_type: f5(slab) [ 21.104619] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.104841] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.105020] page dumped because: kasan: bad access detected [ 21.105365] [ 21.105653] Memory state around the buggy address: [ 21.105760] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.105918] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.105973] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.106315] ^ [ 21.106566] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.106901] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.107136] ================================================================== [ 21.197560] ================================================================== [ 21.197924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 21.197994] Read of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.198079] [ 21.198114] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.198312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.198354] Hardware name: linux,dummy-virt (DT) [ 21.198389] Call trace: [ 21.198500] show_stack+0x20/0x38 (C) [ 21.198563] dump_stack_lvl+0x8c/0xd0 [ 21.198758] print_report+0x118/0x608 [ 21.198821] kasan_report+0xdc/0x128 [ 21.198872] __asan_report_load8_noabort+0x20/0x30 [ 21.198922] kasan_atomics_helper+0x3df4/0x4858 [ 21.199374] kasan_atomics+0x198/0x2e0 [ 21.199446] kunit_try_run_case+0x170/0x3f0 [ 21.199499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.199773] kthread+0x328/0x630 [ 21.199836] ret_from_fork+0x10/0x20 [ 21.200116] [ 21.200151] Allocated by task 265: [ 21.200335] kasan_save_stack+0x3c/0x68 [ 21.200414] kasan_save_track+0x20/0x40 [ 21.200554] kasan_save_alloc_info+0x40/0x58 [ 21.200614] __kasan_kmalloc+0xd4/0xd8 [ 21.200652] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.200844] kasan_atomics+0xb8/0x2e0 [ 21.201262] kunit_try_run_case+0x170/0x3f0 [ 21.201449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.201604] kthread+0x328/0x630 [ 21.201699] ret_from_fork+0x10/0x20 [ 21.201796] [ 21.201931] The buggy address belongs to the object at fff00000c58ac280 [ 21.201931] which belongs to the cache kmalloc-64 of size 64 [ 21.202135] The buggy address is located 0 bytes to the right of [ 21.202135] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.202617] [ 21.202838] The buggy address belongs to the physical page: [ 21.203067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.203263] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.203344] page_type: f5(slab) [ 21.203781] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.204046] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.204153] page dumped because: kasan: bad access detected [ 21.204446] [ 21.204525] Memory state around the buggy address: [ 21.204564] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.205147] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.205291] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.205731] ^ [ 21.205789] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.205846] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.206073] ================================================================== [ 21.008178] ================================================================== [ 21.008238] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 21.008290] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.008361] [ 21.008395] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.008477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.008691] Hardware name: linux,dummy-virt (DT) [ 21.008745] Call trace: [ 21.008771] show_stack+0x20/0x38 (C) [ 21.009068] dump_stack_lvl+0x8c/0xd0 [ 21.009138] print_report+0x118/0x608 [ 21.009373] kasan_report+0xdc/0x128 [ 21.009466] __asan_report_store8_noabort+0x20/0x30 [ 21.009650] kasan_atomics_helper+0x3e5c/0x4858 [ 21.009731] kasan_atomics+0x198/0x2e0 [ 21.009780] kunit_try_run_case+0x170/0x3f0 [ 21.009829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.010493] kthread+0x328/0x630 [ 21.010658] ret_from_fork+0x10/0x20 [ 21.010775] [ 21.010953] Allocated by task 265: [ 21.011036] kasan_save_stack+0x3c/0x68 [ 21.011224] kasan_save_track+0x20/0x40 [ 21.011507] kasan_save_alloc_info+0x40/0x58 [ 21.011809] __kasan_kmalloc+0xd4/0xd8 [ 21.012029] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.012477] kasan_atomics+0xb8/0x2e0 [ 21.012527] kunit_try_run_case+0x170/0x3f0 [ 21.012991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.013095] kthread+0x328/0x630 [ 21.013159] ret_from_fork+0x10/0x20 [ 21.013198] [ 21.013219] The buggy address belongs to the object at fff00000c58ac280 [ 21.013219] which belongs to the cache kmalloc-64 of size 64 [ 21.013864] The buggy address is located 0 bytes to the right of [ 21.013864] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.014085] [ 21.014229] The buggy address belongs to the physical page: [ 21.014453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.014791] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.015073] page_type: f5(slab) [ 21.015504] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.015615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.015815] page dumped because: kasan: bad access detected [ 21.015857] [ 21.015877] Memory state around the buggy address: [ 21.015925] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.016321] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.016491] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.016867] ^ [ 21.016914] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.016960] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.017002] ================================================================== [ 21.117919] ================================================================== [ 21.118327] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 21.118401] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.118616] [ 21.118834] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.118931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.118959] Hardware name: linux,dummy-virt (DT) [ 21.118992] Call trace: [ 21.119134] show_stack+0x20/0x38 (C) [ 21.119238] dump_stack_lvl+0x8c/0xd0 [ 21.119474] print_report+0x118/0x608 [ 21.119536] kasan_report+0xdc/0x128 [ 21.119597] kasan_check_range+0x100/0x1a8 [ 21.119648] __kasan_check_write+0x20/0x30 [ 21.119693] kasan_atomics_helper+0x1384/0x4858 [ 21.120148] kasan_atomics+0x198/0x2e0 [ 21.120255] kunit_try_run_case+0x170/0x3f0 [ 21.120308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.120363] kthread+0x328/0x630 [ 21.120587] ret_from_fork+0x10/0x20 [ 21.120789] [ 21.120823] Allocated by task 265: [ 21.120914] kasan_save_stack+0x3c/0x68 [ 21.121282] kasan_save_track+0x20/0x40 [ 21.121359] kasan_save_alloc_info+0x40/0x58 [ 21.121476] __kasan_kmalloc+0xd4/0xd8 [ 21.121535] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.121672] kasan_atomics+0xb8/0x2e0 [ 21.121712] kunit_try_run_case+0x170/0x3f0 [ 21.121752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.121798] kthread+0x328/0x630 [ 21.122275] ret_from_fork+0x10/0x20 [ 21.122440] [ 21.122561] The buggy address belongs to the object at fff00000c58ac280 [ 21.122561] which belongs to the cache kmalloc-64 of size 64 [ 21.122649] The buggy address is located 0 bytes to the right of [ 21.122649] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.122891] [ 21.123003] The buggy address belongs to the physical page: [ 21.123158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.123428] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.123623] page_type: f5(slab) [ 21.123812] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.123993] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.124602] page dumped because: kasan: bad access detected [ 21.125118] [ 21.125147] Memory state around the buggy address: [ 21.125186] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.125233] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.125432] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.125565] ^ [ 21.125993] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.126137] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.126250] ================================================================== [ 20.847487] ================================================================== [ 20.847535] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 20.848009] Read of size 4 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.848362] [ 20.848411] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.848496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.848526] Hardware name: linux,dummy-virt (DT) [ 20.848559] Call trace: [ 20.848595] show_stack+0x20/0x38 (C) [ 20.848961] dump_stack_lvl+0x8c/0xd0 [ 20.849101] print_report+0x118/0x608 [ 20.849301] kasan_report+0xdc/0x128 [ 20.849374] __asan_report_load4_noabort+0x20/0x30 [ 20.849450] kasan_atomics_helper+0x42d8/0x4858 [ 20.849531] kasan_atomics+0x198/0x2e0 [ 20.849714] kunit_try_run_case+0x170/0x3f0 [ 20.850076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.850312] kthread+0x328/0x630 [ 20.850615] ret_from_fork+0x10/0x20 [ 20.850895] [ 20.850924] Allocated by task 265: [ 20.850990] kasan_save_stack+0x3c/0x68 [ 20.851223] kasan_save_track+0x20/0x40 [ 20.851496] kasan_save_alloc_info+0x40/0x58 [ 20.851664] __kasan_kmalloc+0xd4/0xd8 [ 20.851760] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.851808] kasan_atomics+0xb8/0x2e0 [ 20.852104] kunit_try_run_case+0x170/0x3f0 [ 20.852287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.852409] kthread+0x328/0x630 [ 20.852487] ret_from_fork+0x10/0x20 [ 20.852606] [ 20.852674] The buggy address belongs to the object at fff00000c58ac280 [ 20.852674] which belongs to the cache kmalloc-64 of size 64 [ 20.852935] The buggy address is located 0 bytes to the right of [ 20.852935] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.853937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.856169] ================================================================== [ 20.883644] ================================================================== [ 20.883697] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 20.883747] Write of size 4 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.884151] [ 20.884204] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.884291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.884725] Hardware name: linux,dummy-virt (DT) [ 20.884761] Call trace: [ 20.884786] show_stack+0x20/0x38 (C) [ 20.884914] dump_stack_lvl+0x8c/0xd0 [ 20.885011] print_report+0x118/0x608 [ 20.885094] kasan_report+0xdc/0x128 [ 20.885218] kasan_check_range+0x100/0x1a8 [ 20.885272] __kasan_check_write+0x20/0x30 [ 20.885319] kasan_atomics_helper+0xa6c/0x4858 [ 20.885594] kasan_atomics+0x198/0x2e0 [ 20.885811] kunit_try_run_case+0x170/0x3f0 [ 20.885918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.886078] kthread+0x328/0x630 [ 20.886186] ret_from_fork+0x10/0x20 [ 20.886259] [ 20.886282] Allocated by task 265: [ 20.886642] kasan_save_stack+0x3c/0x68 [ 20.886767] kasan_save_track+0x20/0x40 [ 20.886858] kasan_save_alloc_info+0x40/0x58 [ 20.887056] __kasan_kmalloc+0xd4/0xd8 [ 20.887146] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.887504] kasan_atomics+0xb8/0x2e0 [ 20.888194] kunit_try_run_case+0x170/0x3f0 [ 20.888279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.888379] kthread+0x328/0x630 [ 20.888650] ret_from_fork+0x10/0x20 [ 20.888828] [ 20.888883] The buggy address belongs to the object at fff00000c58ac280 [ 20.888883] which belongs to the cache kmalloc-64 of size 64 [ 20.889503] The buggy address is located 0 bytes to the right of [ 20.889503] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.889754] [ 20.889834] The buggy address belongs to the physical page: [ 20.889967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.890177] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.890420] page_type: f5(slab) [ 20.890485] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.890721] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.890970] page dumped because: kasan: bad access detected [ 20.891055] [ 20.891123] Memory state around the buggy address: [ 20.891241] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.891287] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.891342] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.891382] ^ [ 20.891417] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.891471] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.891520] ================================================================== [ 21.001404] ================================================================== [ 21.001543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 21.001626] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.001731] [ 21.001767] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.001850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.002219] Hardware name: linux,dummy-virt (DT) [ 21.002275] Call trace: [ 21.002456] show_stack+0x20/0x38 (C) [ 21.002520] dump_stack_lvl+0x8c/0xd0 [ 21.002749] print_report+0x118/0x608 [ 21.002890] kasan_report+0xdc/0x128 [ 21.003001] kasan_check_range+0x100/0x1a8 [ 21.003053] __kasan_check_write+0x20/0x30 [ 21.003410] kasan_atomics_helper+0xe44/0x4858 [ 21.003660] kasan_atomics+0x198/0x2e0 [ 21.003758] kunit_try_run_case+0x170/0x3f0 [ 21.003948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.004067] kthread+0x328/0x630 [ 21.004143] ret_from_fork+0x10/0x20 [ 21.004192] [ 21.004382] Allocated by task 265: [ 21.004535] kasan_save_stack+0x3c/0x68 [ 21.004602] kasan_save_track+0x20/0x40 [ 21.004881] kasan_save_alloc_info+0x40/0x58 [ 21.005092] __kasan_kmalloc+0xd4/0xd8 [ 21.005168] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.005465] kasan_atomics+0xb8/0x2e0 [ 21.005694] kunit_try_run_case+0x170/0x3f0 [ 21.005752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.005998] kthread+0x328/0x630 [ 21.006044] ret_from_fork+0x10/0x20 [ 21.006275] [ 21.006304] The buggy address belongs to the object at fff00000c58ac280 [ 21.006304] which belongs to the cache kmalloc-64 of size 64 [ 21.006387] The buggy address is located 0 bytes to the right of [ 21.006387] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.006453] [ 21.006474] The buggy address belongs to the physical page: [ 21.006517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.006572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.006643] page_type: f5(slab) [ 21.006696] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.006764] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.006807] page dumped because: kasan: bad access detected [ 21.006847] [ 21.006869] Memory state around the buggy address: [ 21.006902] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.006957] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.007004] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.007043] ^ [ 21.007080] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.007132] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.007187] ================================================================== [ 21.054013] ================================================================== [ 21.054073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 21.054193] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.054251] [ 21.054284] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.054536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.055006] Hardware name: linux,dummy-virt (DT) [ 21.055059] Call trace: [ 21.055234] show_stack+0x20/0x38 (C) [ 21.055318] dump_stack_lvl+0x8c/0xd0 [ 21.055368] print_report+0x118/0x608 [ 21.055571] kasan_report+0xdc/0x128 [ 21.055633] kasan_check_range+0x100/0x1a8 [ 21.055912] __kasan_check_write+0x20/0x30 [ 21.055982] kasan_atomics_helper+0x1058/0x4858 [ 21.056246] kasan_atomics+0x198/0x2e0 [ 21.056336] kunit_try_run_case+0x170/0x3f0 [ 21.056435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.056551] kthread+0x328/0x630 [ 21.056612] ret_from_fork+0x10/0x20 [ 21.056661] [ 21.056682] Allocated by task 265: [ 21.056730] kasan_save_stack+0x3c/0x68 [ 21.056929] kasan_save_track+0x20/0x40 [ 21.057268] kasan_save_alloc_info+0x40/0x58 [ 21.057504] __kasan_kmalloc+0xd4/0xd8 [ 21.057699] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.057805] kasan_atomics+0xb8/0x2e0 [ 21.057862] kunit_try_run_case+0x170/0x3f0 [ 21.057902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.057946] kthread+0x328/0x630 [ 21.057981] ret_from_fork+0x10/0x20 [ 21.058527] [ 21.058758] The buggy address belongs to the object at fff00000c58ac280 [ 21.058758] which belongs to the cache kmalloc-64 of size 64 [ 21.058991] The buggy address is located 0 bytes to the right of [ 21.058991] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.059267] [ 21.059307] The buggy address belongs to the physical page: [ 21.059714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.059949] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.060276] page_type: f5(slab) [ 21.060509] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.060681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.060773] page dumped because: kasan: bad access detected [ 21.060809] [ 21.060829] Memory state around the buggy address: [ 21.060867] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.061091] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.061333] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.061381] ^ [ 21.061433] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.061482] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.061521] ================================================================== [ 20.957926] ================================================================== [ 20.958121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 20.958180] Read of size 4 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.958487] [ 20.958595] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.958944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.958992] Hardware name: linux,dummy-virt (DT) [ 20.959253] Call trace: [ 20.959295] show_stack+0x20/0x38 (C) [ 20.959350] dump_stack_lvl+0x8c/0xd0 [ 20.959401] print_report+0x118/0x608 [ 20.959450] kasan_report+0xdc/0x128 [ 20.959799] __asan_report_load4_noabort+0x20/0x30 [ 20.960100] kasan_atomics_helper+0x3dd8/0x4858 [ 20.960233] kasan_atomics+0x198/0x2e0 [ 20.960287] kunit_try_run_case+0x170/0x3f0 [ 20.960345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.960643] kthread+0x328/0x630 [ 20.960804] ret_from_fork+0x10/0x20 [ 20.961026] [ 20.961053] Allocated by task 265: [ 20.961084] kasan_save_stack+0x3c/0x68 [ 20.961132] kasan_save_track+0x20/0x40 [ 20.961180] kasan_save_alloc_info+0x40/0x58 [ 20.961398] __kasan_kmalloc+0xd4/0xd8 [ 20.961493] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.961590] kasan_atomics+0xb8/0x2e0 [ 20.961633] kunit_try_run_case+0x170/0x3f0 [ 20.961673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.961732] kthread+0x328/0x630 [ 20.961776] ret_from_fork+0x10/0x20 [ 20.961814] [ 20.961851] The buggy address belongs to the object at fff00000c58ac280 [ 20.961851] which belongs to the cache kmalloc-64 of size 64 [ 20.961922] The buggy address is located 0 bytes to the right of [ 20.961922] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.961991] [ 20.962012] The buggy address belongs to the physical page: [ 20.962055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.962119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.962169] page_type: f5(slab) [ 20.962218] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.962271] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.962324] page dumped because: kasan: bad access detected [ 20.962367] [ 20.962387] Memory state around the buggy address: [ 20.962420] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.962469] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.962515] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.962555] ^ [ 20.962611] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.963040] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.963101] ================================================================== [ 21.090878] ================================================================== [ 21.090931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 21.091106] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.091274] [ 21.091312] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.091796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.091841] Hardware name: linux,dummy-virt (DT) [ 21.091877] Call trace: [ 21.091994] show_stack+0x20/0x38 (C) [ 21.092056] dump_stack_lvl+0x8c/0xd0 [ 21.092299] print_report+0x118/0x608 [ 21.092410] kasan_report+0xdc/0x128 [ 21.092497] kasan_check_range+0x100/0x1a8 [ 21.092551] __kasan_check_write+0x20/0x30 [ 21.093002] kasan_atomics_helper+0x11f8/0x4858 [ 21.093193] kasan_atomics+0x198/0x2e0 [ 21.093301] kunit_try_run_case+0x170/0x3f0 [ 21.093588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.093836] kthread+0x328/0x630 [ 21.093947] ret_from_fork+0x10/0x20 [ 21.094101] [ 21.094126] Allocated by task 265: [ 21.094158] kasan_save_stack+0x3c/0x68 [ 21.094281] kasan_save_track+0x20/0x40 [ 21.094346] kasan_save_alloc_info+0x40/0x58 [ 21.094390] __kasan_kmalloc+0xd4/0xd8 [ 21.094432] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.094473] kasan_atomics+0xb8/0x2e0 [ 21.094511] kunit_try_run_case+0x170/0x3f0 [ 21.094550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.094608] kthread+0x328/0x630 [ 21.094642] ret_from_fork+0x10/0x20 [ 21.094680] [ 21.094711] The buggy address belongs to the object at fff00000c58ac280 [ 21.094711] which belongs to the cache kmalloc-64 of size 64 [ 21.094771] The buggy address is located 0 bytes to the right of [ 21.094771] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.094851] [ 21.094872] The buggy address belongs to the physical page: [ 21.094929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.094982] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.095041] page_type: f5(slab) [ 21.095081] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.095148] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.095191] page dumped because: kasan: bad access detected [ 21.095235] [ 21.095268] Memory state around the buggy address: [ 21.095302] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.095348] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.095392] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.095434] ^ [ 21.095479] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.095529] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.095569] ================================================================== [ 21.160634] ================================================================== [ 21.160725] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 21.161039] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.161348] [ 21.161482] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.162149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.162293] Hardware name: linux,dummy-virt (DT) [ 21.162450] Call trace: [ 21.162709] show_stack+0x20/0x38 (C) [ 21.162807] dump_stack_lvl+0x8c/0xd0 [ 21.163044] print_report+0x118/0x608 [ 21.163308] kasan_report+0xdc/0x128 [ 21.163856] kasan_check_range+0x100/0x1a8 [ 21.164083] __kasan_check_write+0x20/0x30 [ 21.164275] kasan_atomics_helper+0x154c/0x4858 [ 21.164528] kasan_atomics+0x198/0x2e0 [ 21.164657] kunit_try_run_case+0x170/0x3f0 [ 21.164757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.164847] kthread+0x328/0x630 [ 21.164949] ret_from_fork+0x10/0x20 [ 21.165000] [ 21.165021] Allocated by task 265: [ 21.165342] kasan_save_stack+0x3c/0x68 [ 21.165772] kasan_save_track+0x20/0x40 [ 21.165873] kasan_save_alloc_info+0x40/0x58 [ 21.166005] __kasan_kmalloc+0xd4/0xd8 [ 21.166094] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.166325] kasan_atomics+0xb8/0x2e0 [ 21.166446] kunit_try_run_case+0x170/0x3f0 [ 21.166717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.166770] kthread+0x328/0x630 [ 21.166806] ret_from_fork+0x10/0x20 [ 21.167108] [ 21.167561] The buggy address belongs to the object at fff00000c58ac280 [ 21.167561] which belongs to the cache kmalloc-64 of size 64 [ 21.167740] The buggy address is located 0 bytes to the right of [ 21.167740] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.168293] [ 21.168364] The buggy address belongs to the physical page: [ 21.168511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.168784] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.168986] page_type: f5(slab) [ 21.169050] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.169289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.169368] page dumped because: kasan: bad access detected [ 21.169660] [ 21.169968] Memory state around the buggy address: [ 21.170151] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.170203] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.170394] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.170441] ^ [ 21.170488] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.170732] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.171053] ================================================================== [ 21.210592] ================================================================== [ 21.210672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 21.210724] Read of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.210884] [ 21.211459] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.211568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.211611] Hardware name: linux,dummy-virt (DT) [ 21.212211] Call trace: [ 21.212276] show_stack+0x20/0x38 (C) [ 21.212559] dump_stack_lvl+0x8c/0xd0 [ 21.212643] print_report+0x118/0x608 [ 21.213025] kasan_report+0xdc/0x128 [ 21.213242] __asan_report_load8_noabort+0x20/0x30 [ 21.213744] kasan_atomics_helper+0x3e10/0x4858 [ 21.213854] kasan_atomics+0x198/0x2e0 [ 21.213942] kunit_try_run_case+0x170/0x3f0 [ 21.214089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.214149] kthread+0x328/0x630 [ 21.214315] ret_from_fork+0x10/0x20 [ 21.214568] [ 21.214623] Allocated by task 265: [ 21.214882] kasan_save_stack+0x3c/0x68 [ 21.215122] kasan_save_track+0x20/0x40 [ 21.215203] kasan_save_alloc_info+0x40/0x58 [ 21.215289] __kasan_kmalloc+0xd4/0xd8 [ 21.215425] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.215488] kasan_atomics+0xb8/0x2e0 [ 21.215747] kunit_try_run_case+0x170/0x3f0 [ 21.216130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.216308] kthread+0x328/0x630 [ 21.216425] ret_from_fork+0x10/0x20 [ 21.216539] [ 21.216628] The buggy address belongs to the object at fff00000c58ac280 [ 21.216628] which belongs to the cache kmalloc-64 of size 64 [ 21.216829] The buggy address is located 0 bytes to the right of [ 21.216829] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.217078] [ 21.217154] The buggy address belongs to the physical page: [ 21.217260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.217355] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.217677] page_type: f5(slab) [ 21.217731] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.218129] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.218334] page dumped because: kasan: bad access detected [ 21.218484] [ 21.218644] Memory state around the buggy address: [ 21.218812] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.218870] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.219277] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.219454] ^ [ 21.219557] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.219621] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.219822] ================================================================== [ 21.190193] ================================================================== [ 21.190426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 21.190598] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.190652] [ 21.190687] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.190894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.190953] Hardware name: linux,dummy-virt (DT) [ 21.190988] Call trace: [ 21.191028] show_stack+0x20/0x38 (C) [ 21.191161] dump_stack_lvl+0x8c/0xd0 [ 21.191210] print_report+0x118/0x608 [ 21.191259] kasan_report+0xdc/0x128 [ 21.191476] kasan_check_range+0x100/0x1a8 [ 21.191606] __kasan_check_write+0x20/0x30 [ 21.191762] kasan_atomics_helper+0x1644/0x4858 [ 21.191816] kasan_atomics+0x198/0x2e0 [ 21.191863] kunit_try_run_case+0x170/0x3f0 [ 21.191911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.191965] kthread+0x328/0x630 [ 21.192010] ret_from_fork+0x10/0x20 [ 21.192058] [ 21.192078] Allocated by task 265: [ 21.192123] kasan_save_stack+0x3c/0x68 [ 21.192166] kasan_save_track+0x20/0x40 [ 21.192214] kasan_save_alloc_info+0x40/0x58 [ 21.192263] __kasan_kmalloc+0xd4/0xd8 [ 21.192302] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.192344] kasan_atomics+0xb8/0x2e0 [ 21.192380] kunit_try_run_case+0x170/0x3f0 [ 21.192428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.192483] kthread+0x328/0x630 [ 21.192517] ret_from_fork+0x10/0x20 [ 21.192555] [ 21.192955] The buggy address belongs to the object at fff00000c58ac280 [ 21.192955] which belongs to the cache kmalloc-64 of size 64 [ 21.193272] The buggy address is located 0 bytes to the right of [ 21.193272] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.193568] [ 21.193605] The buggy address belongs to the physical page: [ 21.194031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.194363] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.194500] page_type: f5(slab) [ 21.194549] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.195433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.195543] page dumped because: kasan: bad access detected [ 21.195790] [ 21.195828] Memory state around the buggy address: [ 21.195950] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.196022] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.196373] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.196515] ^ [ 21.196558] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.196779] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.196960] ================================================================== [ 20.894366] ================================================================== [ 20.894837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 20.895058] Write of size 4 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.895323] [ 20.895374] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.895466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.895496] Hardware name: linux,dummy-virt (DT) [ 20.895688] Call trace: [ 20.895752] show_stack+0x20/0x38 (C) [ 20.895941] dump_stack_lvl+0x8c/0xd0 [ 20.896004] print_report+0x118/0x608 [ 20.896052] kasan_report+0xdc/0x128 [ 20.896100] kasan_check_range+0x100/0x1a8 [ 20.896160] __kasan_check_write+0x20/0x30 [ 20.896208] kasan_atomics_helper+0xad4/0x4858 [ 20.896258] kasan_atomics+0x198/0x2e0 [ 20.896305] kunit_try_run_case+0x170/0x3f0 [ 20.896358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.896423] kthread+0x328/0x630 [ 20.896468] ret_from_fork+0x10/0x20 [ 20.896518] [ 20.896541] Allocated by task 265: [ 20.896571] kasan_save_stack+0x3c/0x68 [ 20.896627] kasan_save_track+0x20/0x40 [ 20.896665] kasan_save_alloc_info+0x40/0x58 [ 20.896708] __kasan_kmalloc+0xd4/0xd8 [ 20.896745] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.897005] kasan_atomics+0xb8/0x2e0 [ 20.897325] kunit_try_run_case+0x170/0x3f0 [ 20.897522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.897699] kthread+0x328/0x630 [ 20.897771] ret_from_fork+0x10/0x20 [ 20.898168] [ 20.898357] The buggy address belongs to the object at fff00000c58ac280 [ 20.898357] which belongs to the cache kmalloc-64 of size 64 [ 20.898470] The buggy address is located 0 bytes to the right of [ 20.898470] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.898920] [ 20.898949] The buggy address belongs to the physical page: [ 20.899177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.899392] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.899617] page_type: f5(slab) [ 20.900041] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.900233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.900441] page dumped because: kasan: bad access detected [ 20.900510] [ 20.900530] Memory state around the buggy address: [ 20.900756] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.900966] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.901029] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.901069] ^ [ 20.901105] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.901316] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.901422] ================================================================== [ 20.866608] ================================================================== [ 20.866665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 20.866938] Write of size 4 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 20.867467] [ 20.867736] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.868006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.868041] Hardware name: linux,dummy-virt (DT) [ 20.868326] Call trace: [ 20.868543] show_stack+0x20/0x38 (C) [ 20.868632] dump_stack_lvl+0x8c/0xd0 [ 20.868688] print_report+0x118/0x608 [ 20.869149] kasan_report+0xdc/0x128 [ 20.869226] kasan_check_range+0x100/0x1a8 [ 20.869307] __kasan_check_write+0x20/0x30 [ 20.869418] kasan_atomics_helper+0x99c/0x4858 [ 20.869471] kasan_atomics+0x198/0x2e0 [ 20.869697] kunit_try_run_case+0x170/0x3f0 [ 20.869918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.870163] kthread+0x328/0x630 [ 20.870339] ret_from_fork+0x10/0x20 [ 20.870508] [ 20.870533] Allocated by task 265: [ 20.870608] kasan_save_stack+0x3c/0x68 [ 20.870767] kasan_save_track+0x20/0x40 [ 20.870969] kasan_save_alloc_info+0x40/0x58 [ 20.871073] __kasan_kmalloc+0xd4/0xd8 [ 20.871135] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.871178] kasan_atomics+0xb8/0x2e0 [ 20.871215] kunit_try_run_case+0x170/0x3f0 [ 20.871276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.871323] kthread+0x328/0x630 [ 20.871364] ret_from_fork+0x10/0x20 [ 20.871412] [ 20.871448] The buggy address belongs to the object at fff00000c58ac280 [ 20.871448] which belongs to the cache kmalloc-64 of size 64 [ 20.871511] The buggy address is located 0 bytes to the right of [ 20.871511] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 20.871587] [ 20.871642] The buggy address belongs to the physical page: [ 20.871676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 20.872310] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.872406] page_type: f5(slab) [ 20.872496] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.873086] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.873178] page dumped because: kasan: bad access detected [ 20.873230] [ 20.873253] Memory state around the buggy address: [ 20.873288] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.873685] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.873738] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.873902] ^ [ 20.873989] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.874376] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.874445] ================================================================== [ 21.071648] ================================================================== [ 21.071800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 21.071854] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.071906] [ 21.071936] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.072416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.072619] Hardware name: linux,dummy-virt (DT) [ 21.072738] Call trace: [ 21.072836] show_stack+0x20/0x38 (C) [ 21.072928] dump_stack_lvl+0x8c/0xd0 [ 21.073072] print_report+0x118/0x608 [ 21.073189] kasan_report+0xdc/0x128 [ 21.073237] kasan_check_range+0x100/0x1a8 [ 21.073292] __kasan_check_write+0x20/0x30 [ 21.073565] kasan_atomics_helper+0x1128/0x4858 [ 21.073784] kasan_atomics+0x198/0x2e0 [ 21.073990] kunit_try_run_case+0x170/0x3f0 [ 21.074226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.074330] kthread+0x328/0x630 [ 21.074621] ret_from_fork+0x10/0x20 [ 21.075114] [ 21.075440] Allocated by task 265: [ 21.075553] kasan_save_stack+0x3c/0x68 [ 21.075659] kasan_save_track+0x20/0x40 [ 21.075813] kasan_save_alloc_info+0x40/0x58 [ 21.076005] __kasan_kmalloc+0xd4/0xd8 [ 21.076221] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.076454] kasan_atomics+0xb8/0x2e0 [ 21.076546] kunit_try_run_case+0x170/0x3f0 [ 21.076850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.076901] kthread+0x328/0x630 [ 21.076952] ret_from_fork+0x10/0x20 [ 21.077109] [ 21.077174] The buggy address belongs to the object at fff00000c58ac280 [ 21.077174] which belongs to the cache kmalloc-64 of size 64 [ 21.077378] The buggy address is located 0 bytes to the right of [ 21.077378] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.077508] [ 21.077879] The buggy address belongs to the physical page: [ 21.077929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.077984] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.078446] page_type: f5(slab) [ 21.078667] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.078783] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.078955] page dumped because: kasan: bad access detected [ 21.079212] [ 21.079300] Memory state around the buggy address: [ 21.079342] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.079543] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.079601] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.079642] ^ [ 21.079686] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.079741] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.079792] ================================================================== [ 21.171873] ================================================================== [ 21.171926] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 21.172149] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.172343] [ 21.172601] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.173009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.173104] Hardware name: linux,dummy-virt (DT) [ 21.173174] Call trace: [ 21.173238] show_stack+0x20/0x38 (C) [ 21.173388] dump_stack_lvl+0x8c/0xd0 [ 21.173478] print_report+0x118/0x608 [ 21.173691] kasan_report+0xdc/0x128 [ 21.173749] kasan_check_range+0x100/0x1a8 [ 21.173866] __kasan_check_write+0x20/0x30 [ 21.174106] kasan_atomics_helper+0x15b4/0x4858 [ 21.174471] kasan_atomics+0x198/0x2e0 [ 21.174636] kunit_try_run_case+0x170/0x3f0 [ 21.174732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.174826] kthread+0x328/0x630 [ 21.174965] ret_from_fork+0x10/0x20 [ 21.175016] [ 21.175221] Allocated by task 265: [ 21.175397] kasan_save_stack+0x3c/0x68 [ 21.175654] kasan_save_track+0x20/0x40 [ 21.175879] kasan_save_alloc_info+0x40/0x58 [ 21.175976] __kasan_kmalloc+0xd4/0xd8 [ 21.176217] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.176357] kasan_atomics+0xb8/0x2e0 [ 21.176684] kunit_try_run_case+0x170/0x3f0 [ 21.176778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.177031] kthread+0x328/0x630 [ 21.177142] ret_from_fork+0x10/0x20 [ 21.177240] [ 21.177425] The buggy address belongs to the object at fff00000c58ac280 [ 21.177425] which belongs to the cache kmalloc-64 of size 64 [ 21.177591] The buggy address is located 0 bytes to the right of [ 21.177591] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.177730] [ 21.177820] The buggy address belongs to the physical page: [ 21.177855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.177909] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.177980] page_type: f5(slab) [ 21.178020] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.178079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.178122] page dumped because: kasan: bad access detected [ 21.178162] [ 21.178191] Memory state around the buggy address: [ 21.178226] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.178274] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.178321] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.178371] ^ [ 21.178429] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.178494] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.178539] ================================================================== [ 21.206507] ================================================================== [ 21.206559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 21.206636] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.206689] [ 21.206720] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.206803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.206848] Hardware name: linux,dummy-virt (DT) [ 21.206880] Call trace: [ 21.206909] show_stack+0x20/0x38 (C) [ 21.206959] dump_stack_lvl+0x8c/0xd0 [ 21.207007] print_report+0x118/0x608 [ 21.207064] kasan_report+0xdc/0x128 [ 21.207112] kasan_check_range+0x100/0x1a8 [ 21.207160] __kasan_check_write+0x20/0x30 [ 21.207207] kasan_atomics_helper+0x16d0/0x4858 [ 21.207257] kasan_atomics+0x198/0x2e0 [ 21.207303] kunit_try_run_case+0x170/0x3f0 [ 21.207361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.207416] kthread+0x328/0x630 [ 21.207466] ret_from_fork+0x10/0x20 [ 21.207515] [ 21.207534] Allocated by task 265: [ 21.207589] kasan_save_stack+0x3c/0x68 [ 21.207636] kasan_save_track+0x20/0x40 [ 21.207684] kasan_save_alloc_info+0x40/0x58 [ 21.207728] __kasan_kmalloc+0xd4/0xd8 [ 21.207766] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.207812] kasan_atomics+0xb8/0x2e0 [ 21.207860] kunit_try_run_case+0x170/0x3f0 [ 21.207899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.207945] kthread+0x328/0x630 [ 21.207978] ret_from_fork+0x10/0x20 [ 21.208015] [ 21.208045] The buggy address belongs to the object at fff00000c58ac280 [ 21.208045] which belongs to the cache kmalloc-64 of size 64 [ 21.208113] The buggy address is located 0 bytes to the right of [ 21.208113] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.208181] [ 21.208209] The buggy address belongs to the physical page: [ 21.208242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.208295] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.208344] page_type: f5(slab) [ 21.208383] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.208434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.208477] page dumped because: kasan: bad access detected [ 21.208511] [ 21.208531] Memory state around the buggy address: [ 21.208563] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.208617] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.209130] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.209185] ^ [ 21.209223] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.209400] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.209969] ================================================================== [ 21.043938] ================================================================== [ 21.043993] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 21.044204] Write of size 8 at addr fff00000c58ac2b0 by task kunit_try_catch/265 [ 21.044297] [ 21.044334] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.044589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.044791] Hardware name: linux,dummy-virt (DT) [ 21.045124] Call trace: [ 21.045193] show_stack+0x20/0x38 (C) [ 21.045411] dump_stack_lvl+0x8c/0xd0 [ 21.045603] print_report+0x118/0x608 [ 21.045833] kasan_report+0xdc/0x128 [ 21.045960] kasan_check_range+0x100/0x1a8 [ 21.046074] __kasan_check_write+0x20/0x30 [ 21.046269] kasan_atomics_helper+0xff0/0x4858 [ 21.046539] kasan_atomics+0x198/0x2e0 [ 21.046663] kunit_try_run_case+0x170/0x3f0 [ 21.046755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.046834] kthread+0x328/0x630 [ 21.046878] ret_from_fork+0x10/0x20 [ 21.047107] [ 21.047517] Allocated by task 265: [ 21.047609] kasan_save_stack+0x3c/0x68 [ 21.047763] kasan_save_track+0x20/0x40 [ 21.047860] kasan_save_alloc_info+0x40/0x58 [ 21.048001] __kasan_kmalloc+0xd4/0xd8 [ 21.048052] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.048095] kasan_atomics+0xb8/0x2e0 [ 21.048318] kunit_try_run_case+0x170/0x3f0 [ 21.048732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.048950] kthread+0x328/0x630 [ 21.048994] ret_from_fork+0x10/0x20 [ 21.049034] [ 21.049058] The buggy address belongs to the object at fff00000c58ac280 [ 21.049058] which belongs to the cache kmalloc-64 of size 64 [ 21.049334] The buggy address is located 0 bytes to the right of [ 21.049334] allocated 48-byte region [fff00000c58ac280, fff00000c58ac2b0) [ 21.049530] [ 21.049597] The buggy address belongs to the physical page: [ 21.049650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.049965] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.050030] page_type: f5(slab) [ 21.050269] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.050341] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.050583] page dumped because: kasan: bad access detected [ 21.050624] [ 21.051167] Memory state around the buggy address: [ 21.051433] fff00000c58ac180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.051496] fff00000c58ac200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.051825] >fff00000c58ac280: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.052136] ^ [ 21.052296] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.052688] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.053052] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.471315] ================================================================== [ 20.471385] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.472100] Write of size 8 at addr fff00000c3f3eca8 by task kunit_try_catch/261 [ 20.472270] [ 20.472390] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.472510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.472618] Hardware name: linux,dummy-virt (DT) [ 20.472853] Call trace: [ 20.472949] show_stack+0x20/0x38 (C) [ 20.473056] dump_stack_lvl+0x8c/0xd0 [ 20.473229] print_report+0x118/0x608 [ 20.473333] kasan_report+0xdc/0x128 [ 20.473476] kasan_check_range+0x100/0x1a8 [ 20.473560] __kasan_check_write+0x20/0x30 [ 20.473623] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.473676] kasan_bitops_generic+0x110/0x1c8 [ 20.473724] kunit_try_run_case+0x170/0x3f0 [ 20.474142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.474303] kthread+0x328/0x630 [ 20.474422] ret_from_fork+0x10/0x20 [ 20.474703] [ 20.474857] Allocated by task 261: [ 20.474988] kasan_save_stack+0x3c/0x68 [ 20.475056] kasan_save_track+0x20/0x40 [ 20.475198] kasan_save_alloc_info+0x40/0x58 [ 20.475284] __kasan_kmalloc+0xd4/0xd8 [ 20.475513] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.475688] kasan_bitops_generic+0xa0/0x1c8 [ 20.475833] kunit_try_run_case+0x170/0x3f0 [ 20.475984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.476113] kthread+0x328/0x630 [ 20.476199] ret_from_fork+0x10/0x20 [ 20.476433] [ 20.476703] The buggy address belongs to the object at fff00000c3f3eca0 [ 20.476703] which belongs to the cache kmalloc-16 of size 16 [ 20.476874] The buggy address is located 8 bytes inside of [ 20.476874] allocated 9-byte region [fff00000c3f3eca0, fff00000c3f3eca9) [ 20.476979] [ 20.477047] The buggy address belongs to the physical page: [ 20.477146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 20.477207] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.477439] page_type: f5(slab) [ 20.477676] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.477791] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.477936] page dumped because: kasan: bad access detected [ 20.477984] [ 20.478051] Memory state around the buggy address: [ 20.478522] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.479302] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.479382] >fff00000c3f3ec80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.479454] ^ [ 20.479556] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.479630] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.480010] ================================================================== [ 20.501875] ================================================================== [ 20.501995] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.502079] Read of size 8 at addr fff00000c3f3eca8 by task kunit_try_catch/261 [ 20.502214] [ 20.502250] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.502663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.502723] Hardware name: linux,dummy-virt (DT) [ 20.502759] Call trace: [ 20.502867] show_stack+0x20/0x38 (C) [ 20.502928] dump_stack_lvl+0x8c/0xd0 [ 20.502994] print_report+0x118/0x608 [ 20.503099] kasan_report+0xdc/0x128 [ 20.503164] __asan_report_load8_noabort+0x20/0x30 [ 20.503231] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.503436] kasan_bitops_generic+0x110/0x1c8 [ 20.503630] kunit_try_run_case+0x170/0x3f0 [ 20.503751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.503871] kthread+0x328/0x630 [ 20.503947] ret_from_fork+0x10/0x20 [ 20.503999] [ 20.504026] Allocated by task 261: [ 20.504057] kasan_save_stack+0x3c/0x68 [ 20.504225] kasan_save_track+0x20/0x40 [ 20.504278] kasan_save_alloc_info+0x40/0x58 [ 20.504448] __kasan_kmalloc+0xd4/0xd8 [ 20.504501] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.504541] kasan_bitops_generic+0xa0/0x1c8 [ 20.505294] kunit_try_run_case+0x170/0x3f0 [ 20.505373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.505443] kthread+0x328/0x630 [ 20.505501] ret_from_fork+0x10/0x20 [ 20.505550] [ 20.505598] The buggy address belongs to the object at fff00000c3f3eca0 [ 20.505598] which belongs to the cache kmalloc-16 of size 16 [ 20.505674] The buggy address is located 8 bytes inside of [ 20.505674] allocated 9-byte region [fff00000c3f3eca0, fff00000c3f3eca9) [ 20.505739] [ 20.505769] The buggy address belongs to the physical page: [ 20.505819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 20.505888] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.505940] page_type: f5(slab) [ 20.505989] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.506042] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.506244] page dumped because: kasan: bad access detected [ 20.506330] [ 20.506634] Memory state around the buggy address: [ 20.506686] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.507081] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.507149] >fff00000c3f3ec80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.507280] ^ [ 20.507346] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.507475] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.507541] ================================================================== [ 20.508466] ================================================================== [ 20.508549] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 20.508830] Write of size 8 at addr fff00000c3f3eca8 by task kunit_try_catch/261 [ 20.508956] [ 20.509036] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.509286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.509469] Hardware name: linux,dummy-virt (DT) [ 20.509684] Call trace: [ 20.509774] show_stack+0x20/0x38 (C) [ 20.509994] dump_stack_lvl+0x8c/0xd0 [ 20.510105] print_report+0x118/0x608 [ 20.510242] kasan_report+0xdc/0x128 [ 20.510377] kasan_check_range+0x100/0x1a8 [ 20.510512] __kasan_check_write+0x20/0x30 [ 20.510621] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 20.510703] kasan_bitops_generic+0x110/0x1c8 [ 20.510933] kunit_try_run_case+0x170/0x3f0 [ 20.511160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.511559] kthread+0x328/0x630 [ 20.511704] ret_from_fork+0x10/0x20 [ 20.511804] [ 20.511852] Allocated by task 261: [ 20.511883] kasan_save_stack+0x3c/0x68 [ 20.512161] kasan_save_track+0x20/0x40 [ 20.512218] kasan_save_alloc_info+0x40/0x58 [ 20.512747] __kasan_kmalloc+0xd4/0xd8 [ 20.512802] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.512846] kasan_bitops_generic+0xa0/0x1c8 [ 20.513210] kunit_try_run_case+0x170/0x3f0 [ 20.513612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.513677] kthread+0x328/0x630 [ 20.513715] ret_from_fork+0x10/0x20 [ 20.513753] [ 20.513801] The buggy address belongs to the object at fff00000c3f3eca0 [ 20.513801] which belongs to the cache kmalloc-16 of size 16 [ 20.513867] The buggy address is located 8 bytes inside of [ 20.513867] allocated 9-byte region [fff00000c3f3eca0, fff00000c3f3eca9) [ 20.513931] [ 20.513978] The buggy address belongs to the physical page: [ 20.514014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 20.514079] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.514148] page_type: f5(slab) [ 20.514195] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.514247] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.514295] page dumped because: kasan: bad access detected [ 20.514340] [ 20.514369] Memory state around the buggy address: [ 20.514409] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.514465] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.514510] >fff00000c3f3ec80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.514560] ^ [ 20.514607] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.514663] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.514705] ================================================================== [ 20.493966] ================================================================== [ 20.494101] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.494203] Write of size 8 at addr fff00000c3f3eca8 by task kunit_try_catch/261 [ 20.494276] [ 20.494310] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.494529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.494725] Hardware name: linux,dummy-virt (DT) [ 20.494774] Call trace: [ 20.494852] show_stack+0x20/0x38 (C) [ 20.494929] dump_stack_lvl+0x8c/0xd0 [ 20.494985] print_report+0x118/0x608 [ 20.495110] kasan_report+0xdc/0x128 [ 20.495162] kasan_check_range+0x100/0x1a8 [ 20.495214] __kasan_check_write+0x20/0x30 [ 20.495445] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.495703] kasan_bitops_generic+0x110/0x1c8 [ 20.495776] kunit_try_run_case+0x170/0x3f0 [ 20.495875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.495961] kthread+0x328/0x630 [ 20.496068] ret_from_fork+0x10/0x20 [ 20.496124] [ 20.496145] Allocated by task 261: [ 20.496176] kasan_save_stack+0x3c/0x68 [ 20.496236] kasan_save_track+0x20/0x40 [ 20.496423] kasan_save_alloc_info+0x40/0x58 [ 20.496707] __kasan_kmalloc+0xd4/0xd8 [ 20.496879] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.496936] kasan_bitops_generic+0xa0/0x1c8 [ 20.496996] kunit_try_run_case+0x170/0x3f0 [ 20.497185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.497239] kthread+0x328/0x630 [ 20.497408] ret_from_fork+0x10/0x20 [ 20.497635] [ 20.497810] The buggy address belongs to the object at fff00000c3f3eca0 [ 20.497810] which belongs to the cache kmalloc-16 of size 16 [ 20.498202] The buggy address is located 8 bytes inside of [ 20.498202] allocated 9-byte region [fff00000c3f3eca0, fff00000c3f3eca9) [ 20.498346] [ 20.498425] The buggy address belongs to the physical page: [ 20.498503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 20.498672] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.498726] page_type: f5(slab) [ 20.498812] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.499069] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.499146] page dumped because: kasan: bad access detected [ 20.499447] [ 20.499494] Memory state around the buggy address: [ 20.499569] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.499973] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.500099] >fff00000c3f3ec80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.500226] ^ [ 20.500323] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.500475] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.500530] ================================================================== [ 20.515527] ================================================================== [ 20.515597] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 20.516523] Write of size 8 at addr fff00000c3f3eca8 by task kunit_try_catch/261 [ 20.516766] [ 20.516862] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.516956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.516987] Hardware name: linux,dummy-virt (DT) [ 20.517391] Call trace: [ 20.517446] show_stack+0x20/0x38 (C) [ 20.517532] dump_stack_lvl+0x8c/0xd0 [ 20.517870] print_report+0x118/0x608 [ 20.518196] kasan_report+0xdc/0x128 [ 20.518357] kasan_check_range+0x100/0x1a8 [ 20.518598] __kasan_check_write+0x20/0x30 [ 20.518827] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 20.518932] kasan_bitops_generic+0x110/0x1c8 [ 20.518995] kunit_try_run_case+0x170/0x3f0 [ 20.519264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.519455] kthread+0x328/0x630 [ 20.519509] ret_from_fork+0x10/0x20 [ 20.519931] [ 20.520036] Allocated by task 261: [ 20.520081] kasan_save_stack+0x3c/0x68 [ 20.520313] kasan_save_track+0x20/0x40 [ 20.520704] kasan_save_alloc_info+0x40/0x58 [ 20.521057] __kasan_kmalloc+0xd4/0xd8 [ 20.521143] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.521214] kasan_bitops_generic+0xa0/0x1c8 [ 20.521254] kunit_try_run_case+0x170/0x3f0 [ 20.521295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.521743] kthread+0x328/0x630 [ 20.521914] ret_from_fork+0x10/0x20 [ 20.521987] [ 20.522012] The buggy address belongs to the object at fff00000c3f3eca0 [ 20.522012] which belongs to the cache kmalloc-16 of size 16 [ 20.522311] The buggy address is located 8 bytes inside of [ 20.522311] allocated 9-byte region [fff00000c3f3eca0, fff00000c3f3eca9) [ 20.522601] [ 20.523024] The buggy address belongs to the physical page: [ 20.523104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 20.523430] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.523755] page_type: f5(slab) [ 20.523845] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.523959] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.524027] page dumped because: kasan: bad access detected [ 20.524210] [ 20.524311] Memory state around the buggy address: [ 20.524473] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.524593] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.524842] >fff00000c3f3ec80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.525040] ^ [ 20.525142] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.525258] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.525338] ================================================================== [ 20.542502] ================================================================== [ 20.542554] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 20.542624] Write of size 8 at addr fff00000c3f3eca8 by task kunit_try_catch/261 [ 20.542676] [ 20.542709] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.542794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.542822] Hardware name: linux,dummy-virt (DT) [ 20.543169] Call trace: [ 20.543212] show_stack+0x20/0x38 (C) [ 20.543268] dump_stack_lvl+0x8c/0xd0 [ 20.543318] print_report+0x118/0x608 [ 20.543368] kasan_report+0xdc/0x128 [ 20.543415] kasan_check_range+0x100/0x1a8 [ 20.543467] __kasan_check_write+0x20/0x30 [ 20.543514] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 20.543567] kasan_bitops_generic+0x110/0x1c8 [ 20.543630] kunit_try_run_case+0x170/0x3f0 [ 20.543680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.543749] kthread+0x328/0x630 [ 20.543795] ret_from_fork+0x10/0x20 [ 20.543847] [ 20.543878] Allocated by task 261: [ 20.543909] kasan_save_stack+0x3c/0x68 [ 20.543961] kasan_save_track+0x20/0x40 [ 20.544003] kasan_save_alloc_info+0x40/0x58 [ 20.544047] __kasan_kmalloc+0xd4/0xd8 [ 20.544092] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.544134] kasan_bitops_generic+0xa0/0x1c8 [ 20.544174] kunit_try_run_case+0x170/0x3f0 [ 20.544213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.544259] kthread+0x328/0x630 [ 20.544301] ret_from_fork+0x10/0x20 [ 20.544340] [ 20.544366] The buggy address belongs to the object at fff00000c3f3eca0 [ 20.544366] which belongs to the cache kmalloc-16 of size 16 [ 20.544426] The buggy address is located 8 bytes inside of [ 20.544426] allocated 9-byte region [fff00000c3f3eca0, fff00000c3f3eca9) [ 20.544490] [ 20.544520] The buggy address belongs to the physical page: [ 20.544554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 20.545352] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.545920] page_type: f5(slab) [ 20.546215] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.546540] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.546640] page dumped because: kasan: bad access detected [ 20.546773] [ 20.546826] Memory state around the buggy address: [ 20.546961] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.547046] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.547129] >fff00000c3f3ec80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.547205] ^ [ 20.547270] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.547688] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.547878] ================================================================== [ 20.534196] ================================================================== [ 20.534322] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 20.534398] Write of size 8 at addr fff00000c3f3eca8 by task kunit_try_catch/261 [ 20.534451] [ 20.534490] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.534717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.534800] Hardware name: linux,dummy-virt (DT) [ 20.534966] Call trace: [ 20.535000] show_stack+0x20/0x38 (C) [ 20.535055] dump_stack_lvl+0x8c/0xd0 [ 20.535156] print_report+0x118/0x608 [ 20.535208] kasan_report+0xdc/0x128 [ 20.535285] kasan_check_range+0x100/0x1a8 [ 20.535480] __kasan_check_write+0x20/0x30 [ 20.535736] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 20.535866] kasan_bitops_generic+0x110/0x1c8 [ 20.535944] kunit_try_run_case+0x170/0x3f0 [ 20.536259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.536338] kthread+0x328/0x630 [ 20.536385] ret_from_fork+0x10/0x20 [ 20.536436] [ 20.536456] Allocated by task 261: [ 20.536604] kasan_save_stack+0x3c/0x68 [ 20.536677] kasan_save_track+0x20/0x40 [ 20.536731] kasan_save_alloc_info+0x40/0x58 [ 20.537164] __kasan_kmalloc+0xd4/0xd8 [ 20.537313] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.537420] kasan_bitops_generic+0xa0/0x1c8 [ 20.537583] kunit_try_run_case+0x170/0x3f0 [ 20.537670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.537879] kthread+0x328/0x630 [ 20.538160] ret_from_fork+0x10/0x20 [ 20.538280] [ 20.538361] The buggy address belongs to the object at fff00000c3f3eca0 [ 20.538361] which belongs to the cache kmalloc-16 of size 16 [ 20.538543] The buggy address is located 8 bytes inside of [ 20.538543] allocated 9-byte region [fff00000c3f3eca0, fff00000c3f3eca9) [ 20.538942] [ 20.539104] The buggy address belongs to the physical page: [ 20.539281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 20.539863] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.540206] page_type: f5(slab) [ 20.540263] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.540347] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.540626] page dumped because: kasan: bad access detected [ 20.540670] [ 20.540707] Memory state around the buggy address: [ 20.540814] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.541012] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.541066] >fff00000c3f3ec80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.541154] ^ [ 20.541466] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.541658] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.541733] ================================================================== [ 20.483546] ================================================================== [ 20.484114] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.484455] Read of size 8 at addr fff00000c3f3eca8 by task kunit_try_catch/261 [ 20.484626] [ 20.484681] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.484800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.484831] Hardware name: linux,dummy-virt (DT) [ 20.485027] Call trace: [ 20.485236] show_stack+0x20/0x38 (C) [ 20.485299] dump_stack_lvl+0x8c/0xd0 [ 20.485523] print_report+0x118/0x608 [ 20.485888] kasan_report+0xdc/0x128 [ 20.486094] __asan_report_load8_noabort+0x20/0x30 [ 20.486288] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.486606] kasan_bitops_generic+0x110/0x1c8 [ 20.486859] kunit_try_run_case+0x170/0x3f0 [ 20.487222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.487362] kthread+0x328/0x630 [ 20.487458] ret_from_fork+0x10/0x20 [ 20.487529] [ 20.487681] Allocated by task 261: [ 20.487879] kasan_save_stack+0x3c/0x68 [ 20.488071] kasan_save_track+0x20/0x40 [ 20.488180] kasan_save_alloc_info+0x40/0x58 [ 20.488550] __kasan_kmalloc+0xd4/0xd8 [ 20.488654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.488699] kasan_bitops_generic+0xa0/0x1c8 [ 20.489139] kunit_try_run_case+0x170/0x3f0 [ 20.489198] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.489252] kthread+0x328/0x630 [ 20.489512] ret_from_fork+0x10/0x20 [ 20.489681] [ 20.489931] The buggy address belongs to the object at fff00000c3f3eca0 [ 20.489931] which belongs to the cache kmalloc-16 of size 16 [ 20.490121] The buggy address is located 8 bytes inside of [ 20.490121] allocated 9-byte region [fff00000c3f3eca0, fff00000c3f3eca9) [ 20.490226] [ 20.490350] The buggy address belongs to the physical page: [ 20.490403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 20.490601] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.490835] page_type: f5(slab) [ 20.490894] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.490992] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.491037] page dumped because: kasan: bad access detected [ 20.491094] [ 20.491124] Memory state around the buggy address: [ 20.491173] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.491222] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.491268] >fff00000c3f3ec80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.491311] ^ [ 20.491346] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.491399] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.491441] ================================================================== [ 20.526420] ================================================================== [ 20.526473] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 20.526781] Read of size 8 at addr fff00000c3f3eca8 by task kunit_try_catch/261 [ 20.527054] [ 20.527101] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.527197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.527497] Hardware name: linux,dummy-virt (DT) [ 20.527586] Call trace: [ 20.527615] show_stack+0x20/0x38 (C) [ 20.527718] dump_stack_lvl+0x8c/0xd0 [ 20.527837] print_report+0x118/0x608 [ 20.527903] kasan_report+0xdc/0x128 [ 20.528040] __asan_report_load8_noabort+0x20/0x30 [ 20.528114] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 20.528305] kasan_bitops_generic+0x110/0x1c8 [ 20.528565] kunit_try_run_case+0x170/0x3f0 [ 20.528645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.528752] kthread+0x328/0x630 [ 20.528839] ret_from_fork+0x10/0x20 [ 20.528993] [ 20.529122] Allocated by task 261: [ 20.529372] kasan_save_stack+0x3c/0x68 [ 20.529545] kasan_save_track+0x20/0x40 [ 20.529647] kasan_save_alloc_info+0x40/0x58 [ 20.529870] __kasan_kmalloc+0xd4/0xd8 [ 20.530176] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.530313] kasan_bitops_generic+0xa0/0x1c8 [ 20.530410] kunit_try_run_case+0x170/0x3f0 [ 20.530543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.530934] kthread+0x328/0x630 [ 20.531066] ret_from_fork+0x10/0x20 [ 20.531238] [ 20.531318] The buggy address belongs to the object at fff00000c3f3eca0 [ 20.531318] which belongs to the cache kmalloc-16 of size 16 [ 20.531415] The buggy address is located 8 bytes inside of [ 20.531415] allocated 9-byte region [fff00000c3f3eca0, fff00000c3f3eca9) [ 20.531492] [ 20.531513] The buggy address belongs to the physical page: [ 20.531892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 20.532063] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.532161] page_type: f5(slab) [ 20.532254] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.532329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.532380] page dumped because: kasan: bad access detected [ 20.532423] [ 20.532453] Memory state around the buggy address: [ 20.532487] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.532533] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.532607] >fff00000c3f3ec80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.532656] ^ [ 20.532692] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.532745] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.532785] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 17.947034] ================================================================== [ 17.947123] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 17.947186] Free of addr fff00000c786c001 by task kunit_try_catch/150 [ 17.947230] [ 17.947264] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.947345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.948460] Hardware name: linux,dummy-virt (DT) [ 17.948553] Call trace: [ 17.948586] show_stack+0x20/0x38 (C) [ 17.948637] dump_stack_lvl+0x8c/0xd0 [ 17.949074] print_report+0x118/0x608 [ 17.949135] kasan_report_invalid_free+0xc0/0xe8 [ 17.949309] __kasan_kfree_large+0x5c/0xa8 [ 17.949509] free_large_kmalloc+0x64/0x190 [ 17.949915] kfree+0x270/0x3c8 [ 17.950248] kmalloc_large_invalid_free+0x108/0x270 [ 17.950822] kunit_try_run_case+0x170/0x3f0 [ 17.951164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.951615] kthread+0x328/0x630 [ 17.951923] ret_from_fork+0x10/0x20 [ 17.952106] [ 17.952163] The buggy address belongs to the physical page: [ 17.952195] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786c [ 17.952646] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.952841] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.952961] page_type: f8(unknown) [ 17.953105] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.953422] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.953605] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.953835] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.954079] head: 0bfffe0000000002 ffffc1ffc31e1b01 00000000ffffffff 00000000ffffffff [ 17.954489] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.954864] page dumped because: kasan: bad access detected [ 17.955091] [ 17.955306] Memory state around the buggy address: [ 17.955412] fff00000c786bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.955665] fff00000c786bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.955953] >fff00000c786c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.955994] ^ [ 17.956022] fff00000c786c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.956062] fff00000c786c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.956183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 20.450393] ================================================================== [ 20.450447] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 20.450494] Read of size 1 at addr fff00000c58a9390 by task kunit_try_catch/259 [ 20.450547] [ 20.450592] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.451030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.451080] Hardware name: linux,dummy-virt (DT) [ 20.451209] Call trace: [ 20.451237] show_stack+0x20/0x38 (C) [ 20.451291] dump_stack_lvl+0x8c/0xd0 [ 20.451342] print_report+0x118/0x608 [ 20.451971] kasan_report+0xdc/0x128 [ 20.452278] __asan_report_load1_noabort+0x20/0x30 [ 20.452677] strnlen+0x80/0x88 [ 20.452913] kasan_strings+0x478/0xb00 [ 20.453510] kunit_try_run_case+0x170/0x3f0 [ 20.453944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.454244] kthread+0x328/0x630 [ 20.454348] ret_from_fork+0x10/0x20 [ 20.454529] [ 20.454609] Allocated by task 259: [ 20.454935] kasan_save_stack+0x3c/0x68 [ 20.455323] kasan_save_track+0x20/0x40 [ 20.455479] kasan_save_alloc_info+0x40/0x58 [ 20.455650] __kasan_kmalloc+0xd4/0xd8 [ 20.455762] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.455852] kasan_strings+0xc8/0xb00 [ 20.455916] kunit_try_run_case+0x170/0x3f0 [ 20.456016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.456266] kthread+0x328/0x630 [ 20.456401] ret_from_fork+0x10/0x20 [ 20.456623] [ 20.456720] Freed by task 259: [ 20.456751] kasan_save_stack+0x3c/0x68 [ 20.456941] kasan_save_track+0x20/0x40 [ 20.457104] kasan_save_free_info+0x4c/0x78 [ 20.457266] __kasan_slab_free+0x6c/0x98 [ 20.457314] kfree+0x214/0x3c8 [ 20.457352] kasan_strings+0x24c/0xb00 [ 20.457390] kunit_try_run_case+0x170/0x3f0 [ 20.457572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.457973] kthread+0x328/0x630 [ 20.458097] ret_from_fork+0x10/0x20 [ 20.458263] [ 20.458450] The buggy address belongs to the object at fff00000c58a9380 [ 20.458450] which belongs to the cache kmalloc-32 of size 32 [ 20.458776] The buggy address is located 16 bytes inside of [ 20.458776] freed 32-byte region [fff00000c58a9380, fff00000c58a93a0) [ 20.459177] [ 20.459268] The buggy address belongs to the physical page: [ 20.459451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a9 [ 20.459564] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.459736] page_type: f5(slab) [ 20.459906] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.460166] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.460283] page dumped because: kasan: bad access detected [ 20.460322] [ 20.460343] Memory state around the buggy address: [ 20.460651] fff00000c58a9280: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.460877] fff00000c58a9300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.460958] >fff00000c58a9380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.461186] ^ [ 20.461451] fff00000c58a9400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.461547] fff00000c58a9480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.461614] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.442728] ================================================================== [ 20.442938] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 20.443018] Read of size 1 at addr fff00000c58a9390 by task kunit_try_catch/259 [ 20.443073] [ 20.443277] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.443452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.443635] Hardware name: linux,dummy-virt (DT) [ 20.443720] Call trace: [ 20.443747] show_stack+0x20/0x38 (C) [ 20.443831] dump_stack_lvl+0x8c/0xd0 [ 20.444018] print_report+0x118/0x608 [ 20.444153] kasan_report+0xdc/0x128 [ 20.444314] __asan_report_load1_noabort+0x20/0x30 [ 20.444481] strlen+0xa8/0xb0 [ 20.444548] kasan_strings+0x418/0xb00 [ 20.444655] kunit_try_run_case+0x170/0x3f0 [ 20.444718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.444923] kthread+0x328/0x630 [ 20.445134] ret_from_fork+0x10/0x20 [ 20.445237] [ 20.445363] Allocated by task 259: [ 20.445433] kasan_save_stack+0x3c/0x68 [ 20.445564] kasan_save_track+0x20/0x40 [ 20.445633] kasan_save_alloc_info+0x40/0x58 [ 20.445862] __kasan_kmalloc+0xd4/0xd8 [ 20.446097] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.446426] kasan_strings+0xc8/0xb00 [ 20.446487] kunit_try_run_case+0x170/0x3f0 [ 20.446755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.446971] kthread+0x328/0x630 [ 20.447075] ret_from_fork+0x10/0x20 [ 20.447152] [ 20.447182] Freed by task 259: [ 20.447271] kasan_save_stack+0x3c/0x68 [ 20.447313] kasan_save_track+0x20/0x40 [ 20.447362] kasan_save_free_info+0x4c/0x78 [ 20.447405] __kasan_slab_free+0x6c/0x98 [ 20.447443] kfree+0x214/0x3c8 [ 20.447487] kasan_strings+0x24c/0xb00 [ 20.447524] kunit_try_run_case+0x170/0x3f0 [ 20.447593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.447647] kthread+0x328/0x630 [ 20.447734] ret_from_fork+0x10/0x20 [ 20.447799] [ 20.447829] The buggy address belongs to the object at fff00000c58a9380 [ 20.447829] which belongs to the cache kmalloc-32 of size 32 [ 20.447890] The buggy address is located 16 bytes inside of [ 20.447890] freed 32-byte region [fff00000c58a9380, fff00000c58a93a0) [ 20.447972] [ 20.448003] The buggy address belongs to the physical page: [ 20.448055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a9 [ 20.448131] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.448208] page_type: f5(slab) [ 20.448256] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.448310] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.448353] page dumped because: kasan: bad access detected [ 20.448396] [ 20.448416] Memory state around the buggy address: [ 20.448450] fff00000c58a9280: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.448507] fff00000c58a9300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.448554] >fff00000c58a9380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.448951] ^ [ 20.449224] fff00000c58a9400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.449343] fff00000c58a9480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.449432] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.433571] ================================================================== [ 20.433678] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 20.433755] Read of size 1 at addr fff00000c58a9390 by task kunit_try_catch/259 [ 20.433942] [ 20.433976] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.434322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.434599] Hardware name: linux,dummy-virt (DT) [ 20.434651] Call trace: [ 20.434783] show_stack+0x20/0x38 (C) [ 20.434849] dump_stack_lvl+0x8c/0xd0 [ 20.434899] print_report+0x118/0x608 [ 20.434947] kasan_report+0xdc/0x128 [ 20.435006] __asan_report_load1_noabort+0x20/0x30 [ 20.435061] kasan_strings+0x95c/0xb00 [ 20.435108] kunit_try_run_case+0x170/0x3f0 [ 20.435162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.435217] kthread+0x328/0x630 [ 20.435262] ret_from_fork+0x10/0x20 [ 20.435313] [ 20.435345] Allocated by task 259: [ 20.435376] kasan_save_stack+0x3c/0x68 [ 20.435418] kasan_save_track+0x20/0x40 [ 20.435458] kasan_save_alloc_info+0x40/0x58 [ 20.435498] __kasan_kmalloc+0xd4/0xd8 [ 20.435536] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.435591] kasan_strings+0xc8/0xb00 [ 20.435627] kunit_try_run_case+0x170/0x3f0 [ 20.435667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.436161] kthread+0x328/0x630 [ 20.436223] ret_from_fork+0x10/0x20 [ 20.436482] [ 20.436515] Freed by task 259: [ 20.436548] kasan_save_stack+0x3c/0x68 [ 20.436714] kasan_save_track+0x20/0x40 [ 20.436904] kasan_save_free_info+0x4c/0x78 [ 20.437236] __kasan_slab_free+0x6c/0x98 [ 20.437374] kfree+0x214/0x3c8 [ 20.437557] kasan_strings+0x24c/0xb00 [ 20.437786] kunit_try_run_case+0x170/0x3f0 [ 20.437881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.437932] kthread+0x328/0x630 [ 20.437966] ret_from_fork+0x10/0x20 [ 20.438222] [ 20.438499] The buggy address belongs to the object at fff00000c58a9380 [ 20.438499] which belongs to the cache kmalloc-32 of size 32 [ 20.438626] The buggy address is located 16 bytes inside of [ 20.438626] freed 32-byte region [fff00000c58a9380, fff00000c58a93a0) [ 20.438802] [ 20.438930] The buggy address belongs to the physical page: [ 20.438995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a9 [ 20.439181] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.439324] page_type: f5(slab) [ 20.439591] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.439674] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.439874] page dumped because: kasan: bad access detected [ 20.440080] [ 20.440285] Memory state around the buggy address: [ 20.440465] fff00000c58a9280: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.440556] fff00000c58a9300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.440779] >fff00000c58a9380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.440958] ^ [ 20.441001] fff00000c58a9400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.441269] fff00000c58a9480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.441493] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.421956] ================================================================== [ 20.422317] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 20.422477] Read of size 1 at addr fff00000c58a9390 by task kunit_try_catch/259 [ 20.422536] [ 20.422958] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.423200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.423434] Hardware name: linux,dummy-virt (DT) [ 20.423528] Call trace: [ 20.423567] show_stack+0x20/0x38 (C) [ 20.423661] dump_stack_lvl+0x8c/0xd0 [ 20.423716] print_report+0x118/0x608 [ 20.423767] kasan_report+0xdc/0x128 [ 20.424160] __asan_report_load1_noabort+0x20/0x30 [ 20.424239] strcmp+0xc0/0xc8 [ 20.424284] kasan_strings+0x340/0xb00 [ 20.424707] kunit_try_run_case+0x170/0x3f0 [ 20.424788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.425057] kthread+0x328/0x630 [ 20.425149] ret_from_fork+0x10/0x20 [ 20.425218] [ 20.425475] Allocated by task 259: [ 20.425566] kasan_save_stack+0x3c/0x68 [ 20.425814] kasan_save_track+0x20/0x40 [ 20.425901] kasan_save_alloc_info+0x40/0x58 [ 20.425992] __kasan_kmalloc+0xd4/0xd8 [ 20.426088] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.426133] kasan_strings+0xc8/0xb00 [ 20.426325] kunit_try_run_case+0x170/0x3f0 [ 20.426443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.427026] kthread+0x328/0x630 [ 20.427222] ret_from_fork+0x10/0x20 [ 20.427293] [ 20.427352] Freed by task 259: [ 20.427486] kasan_save_stack+0x3c/0x68 [ 20.427551] kasan_save_track+0x20/0x40 [ 20.427885] kasan_save_free_info+0x4c/0x78 [ 20.428075] __kasan_slab_free+0x6c/0x98 [ 20.428240] kfree+0x214/0x3c8 [ 20.428286] kasan_strings+0x24c/0xb00 [ 20.428380] kunit_try_run_case+0x170/0x3f0 [ 20.428543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.428624] kthread+0x328/0x630 [ 20.428660] ret_from_fork+0x10/0x20 [ 20.428710] [ 20.428755] The buggy address belongs to the object at fff00000c58a9380 [ 20.428755] which belongs to the cache kmalloc-32 of size 32 [ 20.429176] The buggy address is located 16 bytes inside of [ 20.429176] freed 32-byte region [fff00000c58a9380, fff00000c58a93a0) [ 20.429485] [ 20.429724] The buggy address belongs to the physical page: [ 20.429787] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a9 [ 20.430159] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.430239] page_type: f5(slab) [ 20.430513] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.430801] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.430868] page dumped because: kasan: bad access detected [ 20.431038] [ 20.431187] Memory state around the buggy address: [ 20.431285] fff00000c58a9280: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.431639] fff00000c58a9300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.431710] >fff00000c58a9380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.431808] ^ [ 20.431862] fff00000c58a9400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.431926] fff00000c58a9480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.432144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.395235] ================================================================== [ 20.395299] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 20.395357] Read of size 1 at addr fff00000c58a9198 by task kunit_try_catch/257 [ 20.395430] [ 20.395471] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.395569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.396153] Hardware name: linux,dummy-virt (DT) [ 20.396207] Call trace: [ 20.396251] show_stack+0x20/0x38 (C) [ 20.396402] dump_stack_lvl+0x8c/0xd0 [ 20.396906] print_report+0x118/0x608 [ 20.397995] kasan_report+0xdc/0x128 [ 20.398079] __asan_report_load1_noabort+0x20/0x30 [ 20.398183] memcmp+0x198/0x1d8 [ 20.398312] kasan_memcmp+0x16c/0x300 [ 20.398371] kunit_try_run_case+0x170/0x3f0 [ 20.398594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.398794] kthread+0x328/0x630 [ 20.399064] ret_from_fork+0x10/0x20 [ 20.399224] [ 20.399315] Allocated by task 257: [ 20.399390] kasan_save_stack+0x3c/0x68 [ 20.399530] kasan_save_track+0x20/0x40 [ 20.399671] kasan_save_alloc_info+0x40/0x58 [ 20.399748] __kasan_kmalloc+0xd4/0xd8 [ 20.399939] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.400104] kasan_memcmp+0xbc/0x300 [ 20.400257] kunit_try_run_case+0x170/0x3f0 [ 20.400483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.400699] kthread+0x328/0x630 [ 20.400831] ret_from_fork+0x10/0x20 [ 20.401163] [ 20.401294] The buggy address belongs to the object at fff00000c58a9180 [ 20.401294] which belongs to the cache kmalloc-32 of size 32 [ 20.401525] The buggy address is located 0 bytes to the right of [ 20.401525] allocated 24-byte region [fff00000c58a9180, fff00000c58a9198) [ 20.401783] [ 20.401823] The buggy address belongs to the physical page: [ 20.401875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a9 [ 20.402097] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.402274] page_type: f5(slab) [ 20.402590] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.402760] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.402875] page dumped because: kasan: bad access detected [ 20.403134] [ 20.403560] Memory state around the buggy address: [ 20.403763] fff00000c58a9080: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.404007] fff00000c58a9100: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.404180] >fff00000c58a9180: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.404392] ^ [ 20.404643] fff00000c58a9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.404916] fff00000c58a9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.405029] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.372368] ================================================================== [ 20.372437] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 20.372493] Read of size 1 at addr ffff800080a37b4a by task kunit_try_catch/253 [ 20.372718] [ 20.372882] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.373270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.373358] Hardware name: linux,dummy-virt (DT) [ 20.373469] Call trace: [ 20.373508] show_stack+0x20/0x38 (C) [ 20.373563] dump_stack_lvl+0x8c/0xd0 [ 20.373634] print_report+0x310/0x608 [ 20.373685] kasan_report+0xdc/0x128 [ 20.373733] __asan_report_load1_noabort+0x20/0x30 [ 20.373796] kasan_alloca_oob_right+0x2dc/0x340 [ 20.373852] kunit_try_run_case+0x170/0x3f0 [ 20.373903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.373965] kthread+0x328/0x630 [ 20.374007] ret_from_fork+0x10/0x20 [ 20.374059] [ 20.374104] The buggy address belongs to stack of task kunit_try_catch/253 [ 20.374176] [ 20.374209] The buggy address belongs to the virtual mapping at [ 20.374209] [ffff800080a30000, ffff800080a39000) created by: [ 20.374209] kernel_clone+0x150/0x7a8 [ 20.374287] [ 20.374328] The buggy address belongs to the physical page: [ 20.374365] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107095 [ 20.374428] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.374506] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.374567] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.374639] page dumped because: kasan: bad access detected [ 20.374683] [ 20.374710] Memory state around the buggy address: [ 20.374759] ffff800080a37a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.374805] ffff800080a37a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.374855] >ffff800080a37b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.374895] ^ [ 20.374944] ffff800080a37b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.374994] ffff800080a37c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.375036] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.351606] ================================================================== [ 20.351686] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 20.352183] Read of size 1 at addr ffff800080a37b5f by task kunit_try_catch/251 [ 20.352346] [ 20.352410] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.352505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.352772] Hardware name: linux,dummy-virt (DT) [ 20.352823] Call trace: [ 20.352954] show_stack+0x20/0x38 (C) [ 20.353189] dump_stack_lvl+0x8c/0xd0 [ 20.353398] print_report+0x310/0x608 [ 20.353700] kasan_report+0xdc/0x128 [ 20.354007] __asan_report_load1_noabort+0x20/0x30 [ 20.354129] kasan_alloca_oob_left+0x2b8/0x310 [ 20.354181] kunit_try_run_case+0x170/0x3f0 [ 20.354238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.354296] kthread+0x328/0x630 [ 20.354542] ret_from_fork+0x10/0x20 [ 20.354838] [ 20.354971] The buggy address belongs to stack of task kunit_try_catch/251 [ 20.355185] [ 20.355506] The buggy address belongs to the virtual mapping at [ 20.355506] [ffff800080a30000, ffff800080a39000) created by: [ 20.355506] kernel_clone+0x150/0x7a8 [ 20.355871] [ 20.355939] The buggy address belongs to the physical page: [ 20.356299] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107095 [ 20.356461] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.356616] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.357038] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.357178] page dumped because: kasan: bad access detected [ 20.357336] [ 20.357404] Memory state around the buggy address: [ 20.357484] ffff800080a37a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.357568] ffff800080a37a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.357955] >ffff800080a37b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 20.358044] ^ [ 20.358242] ffff800080a37b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.358314] ffff800080a37c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.358465] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.330641] ================================================================== [ 20.330728] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 20.330793] Read of size 1 at addr ffff800080a37c2a by task kunit_try_catch/249 [ 20.331230] [ 20.331290] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.331386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.331413] Hardware name: linux,dummy-virt (DT) [ 20.331512] Call trace: [ 20.331558] show_stack+0x20/0x38 (C) [ 20.331639] dump_stack_lvl+0x8c/0xd0 [ 20.332006] print_report+0x310/0x608 [ 20.332140] kasan_report+0xdc/0x128 [ 20.332191] __asan_report_load1_noabort+0x20/0x30 [ 20.332406] kasan_stack_oob+0x238/0x270 [ 20.332723] kunit_try_run_case+0x170/0x3f0 [ 20.333051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.333249] kthread+0x328/0x630 [ 20.333491] ret_from_fork+0x10/0x20 [ 20.333702] [ 20.333886] The buggy address belongs to stack of task kunit_try_catch/249 [ 20.334563] and is located at offset 138 in frame: [ 20.335166] kasan_stack_oob+0x0/0x270 [ 20.336004] [ 20.336251] This frame has 4 objects: [ 20.337286] [48, 49) '__assertion' [ 20.337429] [64, 72) 'array' [ 20.337626] [96, 112) '__assertion' [ 20.337922] [128, 138) 'stack_array' [ 20.338068] [ 20.338305] The buggy address belongs to the virtual mapping at [ 20.338305] [ffff800080a30000, ffff800080a39000) created by: [ 20.338305] kernel_clone+0x150/0x7a8 [ 20.338606] [ 20.338732] The buggy address belongs to the physical page: [ 20.338773] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107095 [ 20.339025] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.339282] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.339701] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.339964] page dumped because: kasan: bad access detected [ 20.340171] [ 20.340430] Memory state around the buggy address: [ 20.340600] ffff800080a37b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.340676] ffff800080a37b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 20.340870] >ffff800080a37c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 20.341095] ^ [ 20.341172] ffff800080a37c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 20.341226] ffff800080a37d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.341268] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.295723] ================================================================== [ 20.295835] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 20.295895] Read of size 1 at addr ffff9689b754f5cd by task kunit_try_catch/245 [ 20.295946] [ 20.295992] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.296079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.296107] Hardware name: linux,dummy-virt (DT) [ 20.296141] Call trace: [ 20.296666] show_stack+0x20/0x38 (C) [ 20.296929] dump_stack_lvl+0x8c/0xd0 [ 20.297107] print_report+0x310/0x608 [ 20.297268] kasan_report+0xdc/0x128 [ 20.297319] __asan_report_load1_noabort+0x20/0x30 [ 20.297607] kasan_global_oob_right+0x230/0x270 [ 20.297811] kunit_try_run_case+0x170/0x3f0 [ 20.297945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.298114] kthread+0x328/0x630 [ 20.298209] ret_from_fork+0x10/0x20 [ 20.298697] [ 20.298950] The buggy address belongs to the variable: [ 20.299188] global_array+0xd/0x40 [ 20.299341] [ 20.299901] The buggy address belongs to the virtual mapping at [ 20.299901] [ffff9689b5700000, ffff9689b7601000) created by: [ 20.299901] paging_init+0x66c/0x7d0 [ 20.300170] [ 20.300565] The buggy address belongs to the physical page: [ 20.300769] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 20.300917] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 20.301114] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 20.301298] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.301341] page dumped because: kasan: bad access detected [ 20.301383] [ 20.301402] Memory state around the buggy address: [ 20.301657] ffff9689b754f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.301850] ffff9689b754f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.301997] >ffff9689b754f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 20.302083] ^ [ 20.302260] ffff9689b754f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.302339] ffff9689b754f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.302378] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.276503] ================================================================== [ 20.276591] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.276722] Free of addr fff00000c793c001 by task kunit_try_catch/243 [ 20.276895] [ 20.276960] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.277069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.277099] Hardware name: linux,dummy-virt (DT) [ 20.277418] Call trace: [ 20.277471] show_stack+0x20/0x38 (C) [ 20.277651] dump_stack_lvl+0x8c/0xd0 [ 20.277875] print_report+0x118/0x608 [ 20.278064] kasan_report_invalid_free+0xc0/0xe8 [ 20.278123] __kasan_mempool_poison_object+0xfc/0x150 [ 20.278474] mempool_free+0x28c/0x328 [ 20.278681] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.278853] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 20.278955] kunit_try_run_case+0x170/0x3f0 [ 20.279022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.279247] kthread+0x328/0x630 [ 20.279473] ret_from_fork+0x10/0x20 [ 20.279676] [ 20.280045] The buggy address belongs to the physical page: [ 20.280310] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793c [ 20.280422] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.280501] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.280912] page_type: f8(unknown) [ 20.281363] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.281498] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.281857] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.281936] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.282043] head: 0bfffe0000000002 ffffc1ffc31e4f01 00000000ffffffff 00000000ffffffff [ 20.282139] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.282195] page dumped because: kasan: bad access detected [ 20.282237] [ 20.282277] Memory state around the buggy address: [ 20.282311] fff00000c793bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.282365] fff00000c793bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.282430] >fff00000c793c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.282478] ^ [ 20.282517] fff00000c793c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.282570] fff00000c793c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.282735] ================================================================== [ 20.251700] ================================================================== [ 20.251766] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.251829] Free of addr fff00000c7041401 by task kunit_try_catch/241 [ 20.251872] [ 20.251910] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.251995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.252023] Hardware name: linux,dummy-virt (DT) [ 20.252058] Call trace: [ 20.252100] show_stack+0x20/0x38 (C) [ 20.252173] dump_stack_lvl+0x8c/0xd0 [ 20.252224] print_report+0x118/0x608 [ 20.252271] kasan_report_invalid_free+0xc0/0xe8 [ 20.252320] check_slab_allocation+0xfc/0x108 [ 20.252377] __kasan_mempool_poison_object+0x78/0x150 [ 20.252438] mempool_free+0x28c/0x328 [ 20.252491] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.252545] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.252900] kunit_try_run_case+0x170/0x3f0 [ 20.253190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.253788] kthread+0x328/0x630 [ 20.253853] ret_from_fork+0x10/0x20 [ 20.254442] [ 20.254507] Allocated by task 241: [ 20.254664] kasan_save_stack+0x3c/0x68 [ 20.254986] kasan_save_track+0x20/0x40 [ 20.255478] kasan_save_alloc_info+0x40/0x58 [ 20.255591] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.255849] remove_element+0x130/0x1f8 [ 20.255910] mempool_alloc_preallocated+0x58/0xc0 [ 20.256276] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 20.256610] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.256671] kunit_try_run_case+0x170/0x3f0 [ 20.257027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.257174] kthread+0x328/0x630 [ 20.257312] ret_from_fork+0x10/0x20 [ 20.257493] [ 20.257517] The buggy address belongs to the object at fff00000c7041400 [ 20.257517] which belongs to the cache kmalloc-128 of size 128 [ 20.257731] The buggy address is located 1 bytes inside of [ 20.257731] 128-byte region [fff00000c7041400, fff00000c7041480) [ 20.257910] [ 20.257933] The buggy address belongs to the physical page: [ 20.258169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 20.258270] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.258565] page_type: f5(slab) [ 20.258635] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.259017] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.259350] page dumped because: kasan: bad access detected [ 20.259470] [ 20.259866] Memory state around the buggy address: [ 20.259921] fff00000c7041300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.260291] fff00000c7041380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.260564] >fff00000c7041400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.260640] ^ [ 20.260867] fff00000c7041480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.261086] fff00000c7041500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.261179] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.235206] ================================================================== [ 20.235283] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.235350] Free of addr fff00000c7938000 by task kunit_try_catch/239 [ 20.235659] [ 20.235703] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.235790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.235818] Hardware name: linux,dummy-virt (DT) [ 20.235852] Call trace: [ 20.236051] show_stack+0x20/0x38 (C) [ 20.236121] dump_stack_lvl+0x8c/0xd0 [ 20.236326] print_report+0x118/0x608 [ 20.236538] kasan_report_invalid_free+0xc0/0xe8 [ 20.236790] __kasan_mempool_poison_pages+0xe0/0xe8 [ 20.236972] mempool_free+0x24c/0x328 [ 20.237116] mempool_double_free_helper+0x150/0x2e8 [ 20.237288] mempool_page_alloc_double_free+0xbc/0x118 [ 20.237402] kunit_try_run_case+0x170/0x3f0 [ 20.237460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.237513] kthread+0x328/0x630 [ 20.237730] ret_from_fork+0x10/0x20 [ 20.238098] [ 20.238169] The buggy address belongs to the physical page: [ 20.238234] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107938 [ 20.238308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.238418] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.238506] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.238754] page dumped because: kasan: bad access detected [ 20.239047] [ 20.239202] Memory state around the buggy address: [ 20.239295] fff00000c7937f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.239346] fff00000c7937f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.239746] >fff00000c7938000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.239861] ^ [ 20.239902] fff00000c7938080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.240448] fff00000c7938100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.240767] ================================================================== [ 20.192231] ================================================================== [ 20.192601] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.192686] Free of addr fff00000c7041000 by task kunit_try_catch/235 [ 20.192743] [ 20.192804] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.193293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.193381] Hardware name: linux,dummy-virt (DT) [ 20.193437] Call trace: [ 20.193462] show_stack+0x20/0x38 (C) [ 20.193833] dump_stack_lvl+0x8c/0xd0 [ 20.193979] print_report+0x118/0x608 [ 20.194231] kasan_report_invalid_free+0xc0/0xe8 [ 20.194478] check_slab_allocation+0xd4/0x108 [ 20.194673] __kasan_mempool_poison_object+0x78/0x150 [ 20.194875] mempool_free+0x28c/0x328 [ 20.194965] mempool_double_free_helper+0x150/0x2e8 [ 20.195018] mempool_kmalloc_double_free+0xc0/0x118 [ 20.195240] kunit_try_run_case+0x170/0x3f0 [ 20.195560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.195643] kthread+0x328/0x630 [ 20.196077] ret_from_fork+0x10/0x20 [ 20.196474] [ 20.196960] Allocated by task 235: [ 20.197029] kasan_save_stack+0x3c/0x68 [ 20.197205] kasan_save_track+0x20/0x40 [ 20.197267] kasan_save_alloc_info+0x40/0x58 [ 20.197314] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.197595] remove_element+0x130/0x1f8 [ 20.197841] mempool_alloc_preallocated+0x58/0xc0 [ 20.198080] mempool_double_free_helper+0x94/0x2e8 [ 20.198181] mempool_kmalloc_double_free+0xc0/0x118 [ 20.198427] kunit_try_run_case+0x170/0x3f0 [ 20.198475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.198564] kthread+0x328/0x630 [ 20.198799] ret_from_fork+0x10/0x20 [ 20.199190] [ 20.199318] Freed by task 235: [ 20.199420] kasan_save_stack+0x3c/0x68 [ 20.199527] kasan_save_track+0x20/0x40 [ 20.199743] kasan_save_free_info+0x4c/0x78 [ 20.199889] __kasan_mempool_poison_object+0xc0/0x150 [ 20.200047] mempool_free+0x28c/0x328 [ 20.200102] mempool_double_free_helper+0x100/0x2e8 [ 20.200466] mempool_kmalloc_double_free+0xc0/0x118 [ 20.200550] kunit_try_run_case+0x170/0x3f0 [ 20.200721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.200769] kthread+0x328/0x630 [ 20.200802] ret_from_fork+0x10/0x20 [ 20.201009] [ 20.201209] The buggy address belongs to the object at fff00000c7041000 [ 20.201209] which belongs to the cache kmalloc-128 of size 128 [ 20.201497] The buggy address is located 0 bytes inside of [ 20.201497] 128-byte region [fff00000c7041000, fff00000c7041080) [ 20.201698] [ 20.201760] The buggy address belongs to the physical page: [ 20.201793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107041 [ 20.202023] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.202286] page_type: f5(slab) [ 20.202664] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.202779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.203007] page dumped because: kasan: bad access detected [ 20.203219] [ 20.203274] Memory state around the buggy address: [ 20.203380] fff00000c7040f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.203465] fff00000c7040f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.203509] >fff00000c7041000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.203620] ^ [ 20.203659] fff00000c7041080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.203708] fff00000c7041100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.203753] ================================================================== [ 20.216147] ================================================================== [ 20.216523] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.217362] Free of addr fff00000c7938000 by task kunit_try_catch/237 [ 20.217429] [ 20.217469] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.217554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.217833] Hardware name: linux,dummy-virt (DT) [ 20.217891] Call trace: [ 20.218303] show_stack+0x20/0x38 (C) [ 20.218901] dump_stack_lvl+0x8c/0xd0 [ 20.219042] print_report+0x118/0x608 [ 20.219172] kasan_report_invalid_free+0xc0/0xe8 [ 20.219294] __kasan_mempool_poison_object+0x14c/0x150 [ 20.219501] mempool_free+0x28c/0x328 [ 20.219728] mempool_double_free_helper+0x150/0x2e8 [ 20.220039] mempool_kmalloc_large_double_free+0xc0/0x118 [ 20.220161] kunit_try_run_case+0x170/0x3f0 [ 20.220401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.220562] kthread+0x328/0x630 [ 20.220687] ret_from_fork+0x10/0x20 [ 20.220741] [ 20.220763] The buggy address belongs to the physical page: [ 20.220806] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107938 [ 20.221039] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.221345] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.221771] page_type: f8(unknown) [ 20.221941] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.222028] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.222265] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.222360] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.222663] head: 0bfffe0000000002 ffffc1ffc31e4e01 00000000ffffffff 00000000ffffffff [ 20.222747] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.222813] page dumped because: kasan: bad access detected [ 20.223148] [ 20.223690] Memory state around the buggy address: [ 20.223766] fff00000c7937f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.223813] fff00000c7937f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.224106] >fff00000c7938000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.224503] ^ [ 20.224763] fff00000c7938080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.224863] fff00000c7938100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.224903] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.176672] ================================================================== [ 20.176766] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.176912] Read of size 1 at addr fff00000c7938000 by task kunit_try_catch/233 [ 20.176972] [ 20.177013] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.177376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.177459] Hardware name: linux,dummy-virt (DT) [ 20.177593] Call trace: [ 20.177648] show_stack+0x20/0x38 (C) [ 20.177977] dump_stack_lvl+0x8c/0xd0 [ 20.178147] print_report+0x118/0x608 [ 20.178251] kasan_report+0xdc/0x128 [ 20.178398] __asan_report_load1_noabort+0x20/0x30 [ 20.178529] mempool_uaf_helper+0x314/0x340 [ 20.178737] mempool_page_alloc_uaf+0xc0/0x118 [ 20.178929] kunit_try_run_case+0x170/0x3f0 [ 20.179087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.179184] kthread+0x328/0x630 [ 20.179760] ret_from_fork+0x10/0x20 [ 20.179870] [ 20.179921] The buggy address belongs to the physical page: [ 20.179986] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107938 [ 20.180122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.180237] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.180296] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.180344] page dumped because: kasan: bad access detected [ 20.180384] [ 20.180403] Memory state around the buggy address: [ 20.180447] fff00000c7937f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180496] fff00000c7937f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180542] >fff00000c7938000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180591] ^ [ 20.180627] fff00000c7938080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180679] fff00000c7938100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.180989] ================================================================== [ 20.117497] ================================================================== [ 20.117730] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.117917] Read of size 1 at addr fff00000c7934000 by task kunit_try_catch/229 [ 20.117970] [ 20.118007] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.118100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.118128] Hardware name: linux,dummy-virt (DT) [ 20.118444] Call trace: [ 20.118564] show_stack+0x20/0x38 (C) [ 20.118654] dump_stack_lvl+0x8c/0xd0 [ 20.118714] print_report+0x118/0x608 [ 20.118761] kasan_report+0xdc/0x128 [ 20.119076] __asan_report_load1_noabort+0x20/0x30 [ 20.119153] mempool_uaf_helper+0x314/0x340 [ 20.119447] mempool_kmalloc_large_uaf+0xc4/0x120 [ 20.119599] kunit_try_run_case+0x170/0x3f0 [ 20.119653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.119713] kthread+0x328/0x630 [ 20.119757] ret_from_fork+0x10/0x20 [ 20.120033] [ 20.120193] The buggy address belongs to the physical page: [ 20.120239] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107934 [ 20.120487] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.120558] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.120627] page_type: f8(unknown) [ 20.120886] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.121153] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.121227] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.121439] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.121535] head: 0bfffe0000000002 ffffc1ffc31e4d01 00000000ffffffff 00000000ffffffff [ 20.121718] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.121988] page dumped because: kasan: bad access detected [ 20.122174] [ 20.122249] Memory state around the buggy address: [ 20.122285] fff00000c7933f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.122330] fff00000c7933f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.122374] >fff00000c7934000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.122413] ^ [ 20.122452] fff00000c7934080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.122494] fff00000c7934100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.122543] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.135380] ================================================================== [ 20.135444] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.135497] Read of size 1 at addr fff00000c704e240 by task kunit_try_catch/231 [ 20.135546] [ 20.136749] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.137354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.137443] Hardware name: linux,dummy-virt (DT) [ 20.137814] Call trace: [ 20.137962] show_stack+0x20/0x38 (C) [ 20.138048] dump_stack_lvl+0x8c/0xd0 [ 20.138231] print_report+0x118/0x608 [ 20.138339] kasan_report+0xdc/0x128 [ 20.138530] __asan_report_load1_noabort+0x20/0x30 [ 20.138597] mempool_uaf_helper+0x314/0x340 [ 20.138923] mempool_slab_uaf+0xc0/0x118 [ 20.139324] kunit_try_run_case+0x170/0x3f0 [ 20.139586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.139682] kthread+0x328/0x630 [ 20.139886] ret_from_fork+0x10/0x20 [ 20.139958] [ 20.139977] Allocated by task 231: [ 20.140450] kasan_save_stack+0x3c/0x68 [ 20.140602] kasan_save_track+0x20/0x40 [ 20.140790] kasan_save_alloc_info+0x40/0x58 [ 20.140873] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.140960] remove_element+0x16c/0x1f8 [ 20.141008] mempool_alloc_preallocated+0x58/0xc0 [ 20.141265] mempool_uaf_helper+0xa4/0x340 [ 20.141538] mempool_slab_uaf+0xc0/0x118 [ 20.141716] kunit_try_run_case+0x170/0x3f0 [ 20.141771] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.141953] kthread+0x328/0x630 [ 20.142264] ret_from_fork+0x10/0x20 [ 20.142313] [ 20.142515] Freed by task 231: [ 20.142585] kasan_save_stack+0x3c/0x68 [ 20.142636] kasan_save_track+0x20/0x40 [ 20.142695] kasan_save_free_info+0x4c/0x78 [ 20.142737] __kasan_mempool_poison_object+0xc0/0x150 [ 20.142780] mempool_free+0x28c/0x328 [ 20.142824] mempool_uaf_helper+0x104/0x340 [ 20.142876] mempool_slab_uaf+0xc0/0x118 [ 20.142914] kunit_try_run_case+0x170/0x3f0 [ 20.142961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.143006] kthread+0x328/0x630 [ 20.143054] ret_from_fork+0x10/0x20 [ 20.143095] [ 20.143124] The buggy address belongs to the object at fff00000c704e240 [ 20.143124] which belongs to the cache test_cache of size 123 [ 20.143186] The buggy address is located 0 bytes inside of [ 20.143186] freed 123-byte region [fff00000c704e240, fff00000c704e2bb) [ 20.143257] [ 20.143280] The buggy address belongs to the physical page: [ 20.143319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10704e [ 20.143373] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.143432] page_type: f5(slab) [ 20.143471] raw: 0bfffe0000000000 fff00000c70453c0 dead000000000122 0000000000000000 [ 20.143521] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.143571] page dumped because: kasan: bad access detected [ 20.143644] [ 20.143691] Memory state around the buggy address: [ 20.144525] fff00000c704e100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.144621] fff00000c704e180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.144734] >fff00000c704e200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.145178] ^ [ 20.145269] fff00000c704e280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.145346] fff00000c704e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.145515] ================================================================== [ 20.097741] ================================================================== [ 20.098262] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.098349] Read of size 1 at addr fff00000c706fc00 by task kunit_try_catch/227 [ 20.098417] [ 20.098459] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.098629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.098675] Hardware name: linux,dummy-virt (DT) [ 20.098711] Call trace: [ 20.098736] show_stack+0x20/0x38 (C) [ 20.099085] dump_stack_lvl+0x8c/0xd0 [ 20.099155] print_report+0x118/0x608 [ 20.099238] kasan_report+0xdc/0x128 [ 20.099323] __asan_report_load1_noabort+0x20/0x30 [ 20.099377] mempool_uaf_helper+0x314/0x340 [ 20.099597] mempool_kmalloc_uaf+0xc4/0x120 [ 20.099825] kunit_try_run_case+0x170/0x3f0 [ 20.099893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.100085] kthread+0x328/0x630 [ 20.100283] ret_from_fork+0x10/0x20 [ 20.100405] [ 20.100507] Allocated by task 227: [ 20.100611] kasan_save_stack+0x3c/0x68 [ 20.100687] kasan_save_track+0x20/0x40 [ 20.100821] kasan_save_alloc_info+0x40/0x58 [ 20.101157] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.101260] remove_element+0x130/0x1f8 [ 20.101387] mempool_alloc_preallocated+0x58/0xc0 [ 20.101482] mempool_uaf_helper+0xa4/0x340 [ 20.101624] mempool_kmalloc_uaf+0xc4/0x120 [ 20.101710] kunit_try_run_case+0x170/0x3f0 [ 20.101795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.101840] kthread+0x328/0x630 [ 20.101874] ret_from_fork+0x10/0x20 [ 20.102304] [ 20.102395] Freed by task 227: [ 20.102453] kasan_save_stack+0x3c/0x68 [ 20.102532] kasan_save_track+0x20/0x40 [ 20.102605] kasan_save_free_info+0x4c/0x78 [ 20.102818] __kasan_mempool_poison_object+0xc0/0x150 [ 20.103162] mempool_free+0x28c/0x328 [ 20.103601] mempool_uaf_helper+0x104/0x340 [ 20.103776] mempool_kmalloc_uaf+0xc4/0x120 [ 20.103912] kunit_try_run_case+0x170/0x3f0 [ 20.104059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.104187] kthread+0x328/0x630 [ 20.104258] ret_from_fork+0x10/0x20 [ 20.104472] [ 20.104541] The buggy address belongs to the object at fff00000c706fc00 [ 20.104541] which belongs to the cache kmalloc-128 of size 128 [ 20.104754] The buggy address is located 0 bytes inside of [ 20.104754] freed 128-byte region [fff00000c706fc00, fff00000c706fc80) [ 20.104916] [ 20.104981] The buggy address belongs to the physical page: [ 20.105187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 20.105421] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.105597] page_type: f5(slab) [ 20.105762] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.105871] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.105976] page dumped because: kasan: bad access detected [ 20.106027] [ 20.106218] Memory state around the buggy address: [ 20.106641] fff00000c706fb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.106733] fff00000c706fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.106980] >fff00000c706fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.107084] ^ [ 20.107315] fff00000c706fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.107398] fff00000c706fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.107437] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.060711] ================================================================== [ 20.060780] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.061219] Read of size 1 at addr fff00000c704f2bb by task kunit_try_catch/225 [ 20.061618] [ 20.061861] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.062209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.062263] Hardware name: linux,dummy-virt (DT) [ 20.062604] Call trace: [ 20.062637] show_stack+0x20/0x38 (C) [ 20.062928] dump_stack_lvl+0x8c/0xd0 [ 20.062980] print_report+0x118/0x608 [ 20.063028] kasan_report+0xdc/0x128 [ 20.063073] __asan_report_load1_noabort+0x20/0x30 [ 20.063916] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.063987] mempool_slab_oob_right+0xc0/0x118 [ 20.064402] kunit_try_run_case+0x170/0x3f0 [ 20.064640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.064921] kthread+0x328/0x630 [ 20.065076] ret_from_fork+0x10/0x20 [ 20.065289] [ 20.065310] Allocated by task 225: [ 20.065340] kasan_save_stack+0x3c/0x68 [ 20.065384] kasan_save_track+0x20/0x40 [ 20.065786] kasan_save_alloc_info+0x40/0x58 [ 20.065864] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.065968] remove_element+0x16c/0x1f8 [ 20.066169] mempool_alloc_preallocated+0x58/0xc0 [ 20.066208] mempool_oob_right_helper+0x98/0x2f0 [ 20.066246] mempool_slab_oob_right+0xc0/0x118 [ 20.066721] kunit_try_run_case+0x170/0x3f0 [ 20.067028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.067085] kthread+0x328/0x630 [ 20.067117] ret_from_fork+0x10/0x20 [ 20.067155] [ 20.067237] The buggy address belongs to the object at fff00000c704f240 [ 20.067237] which belongs to the cache test_cache of size 123 [ 20.067704] The buggy address is located 0 bytes to the right of [ 20.067704] allocated 123-byte region [fff00000c704f240, fff00000c704f2bb) [ 20.068171] [ 20.068202] The buggy address belongs to the physical page: [ 20.068234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10704f [ 20.068734] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.068793] page_type: f5(slab) [ 20.068853] raw: 0bfffe0000000000 fff00000c7045280 dead000000000122 0000000000000000 [ 20.069036] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.069079] page dumped because: kasan: bad access detected [ 20.069116] [ 20.069286] Memory state around the buggy address: [ 20.069390] fff00000c704f180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.069466] fff00000c704f200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.069537] >fff00000c704f280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.069624] ^ [ 20.069670] fff00000c704f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.069712] fff00000c704f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.069751] ================================================================== [ 20.020362] ================================================================== [ 20.020440] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.020513] Read of size 1 at addr fff00000c706f873 by task kunit_try_catch/221 [ 20.020562] [ 20.020620] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.020806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.020840] Hardware name: linux,dummy-virt (DT) [ 20.020873] Call trace: [ 20.020900] show_stack+0x20/0x38 (C) [ 20.020954] dump_stack_lvl+0x8c/0xd0 [ 20.021006] print_report+0x118/0x608 [ 20.021053] kasan_report+0xdc/0x128 [ 20.021101] __asan_report_load1_noabort+0x20/0x30 [ 20.021157] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.021208] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.021256] kunit_try_run_case+0x170/0x3f0 [ 20.021305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.021357] kthread+0x328/0x630 [ 20.021400] ret_from_fork+0x10/0x20 [ 20.021449] [ 20.021467] Allocated by task 221: [ 20.021499] kasan_save_stack+0x3c/0x68 [ 20.021540] kasan_save_track+0x20/0x40 [ 20.021594] kasan_save_alloc_info+0x40/0x58 [ 20.021635] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.021679] remove_element+0x130/0x1f8 [ 20.021716] mempool_alloc_preallocated+0x58/0xc0 [ 20.021757] mempool_oob_right_helper+0x98/0x2f0 [ 20.021798] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.021836] kunit_try_run_case+0x170/0x3f0 [ 20.021875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.021919] kthread+0x328/0x630 [ 20.021951] ret_from_fork+0x10/0x20 [ 20.021988] [ 20.022008] The buggy address belongs to the object at fff00000c706f800 [ 20.022008] which belongs to the cache kmalloc-128 of size 128 [ 20.022066] The buggy address is located 0 bytes to the right of [ 20.022066] allocated 115-byte region [fff00000c706f800, fff00000c706f873) [ 20.022129] [ 20.022150] The buggy address belongs to the physical page: [ 20.022184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 20.022241] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.022295] page_type: f5(slab) [ 20.022336] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.022385] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.022426] page dumped because: kasan: bad access detected [ 20.022456] [ 20.022474] Memory state around the buggy address: [ 20.022509] fff00000c706f700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.022553] fff00000c706f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.022606] >fff00000c706f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.022645] ^ [ 20.022684] fff00000c706f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.022727] fff00000c706f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.022765] ================================================================== [ 20.031058] ================================================================== [ 20.031119] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.031172] Read of size 1 at addr fff00000c7932001 by task kunit_try_catch/223 [ 20.031559] [ 20.031612] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.031696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.031962] Hardware name: linux,dummy-virt (DT) [ 20.032021] Call trace: [ 20.032046] show_stack+0x20/0x38 (C) [ 20.032105] dump_stack_lvl+0x8c/0xd0 [ 20.032316] print_report+0x118/0x608 [ 20.032374] kasan_report+0xdc/0x128 [ 20.032420] __asan_report_load1_noabort+0x20/0x30 [ 20.032471] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.032519] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 20.032569] kunit_try_run_case+0x170/0x3f0 [ 20.032627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.032686] kthread+0x328/0x630 [ 20.032727] ret_from_fork+0x10/0x20 [ 20.032774] [ 20.032797] The buggy address belongs to the physical page: [ 20.033076] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107930 [ 20.033186] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.033468] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.033664] page_type: f8(unknown) [ 20.033941] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.034356] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.034531] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.034667] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.034719] head: 0bfffe0000000002 ffffc1ffc31e4c01 00000000ffffffff 00000000ffffffff [ 20.034772] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.034812] page dumped because: kasan: bad access detected [ 20.034850] [ 20.034868] Memory state around the buggy address: [ 20.034949] fff00000c7931f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.035083] fff00000c7931f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.035181] >fff00000c7932000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.035341] ^ [ 20.035406] fff00000c7932080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.035478] fff00000c7932100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.035846] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.455712] ================================================================== [ 19.455799] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 19.455871] Read of size 1 at addr fff00000c5834dc0 by task kunit_try_catch/215 [ 19.455924] [ 19.455964] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.456050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.456079] Hardware name: linux,dummy-virt (DT) [ 19.456115] Call trace: [ 19.456138] show_stack+0x20/0x38 (C) [ 19.456192] dump_stack_lvl+0x8c/0xd0 [ 19.456242] print_report+0x118/0x608 [ 19.456287] kasan_report+0xdc/0x128 [ 19.456334] __kasan_check_byte+0x54/0x70 [ 19.456380] kmem_cache_destroy+0x34/0x218 [ 19.456426] kmem_cache_double_destroy+0x174/0x300 [ 19.456476] kunit_try_run_case+0x170/0x3f0 [ 19.456525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.456590] kthread+0x328/0x630 [ 19.456634] ret_from_fork+0x10/0x20 [ 19.456683] [ 19.456715] Allocated by task 215: [ 19.456746] kasan_save_stack+0x3c/0x68 [ 19.456786] kasan_save_track+0x20/0x40 [ 19.456824] kasan_save_alloc_info+0x40/0x58 [ 19.456864] __kasan_slab_alloc+0xa8/0xb0 [ 19.456900] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.456941] __kmem_cache_create_args+0x178/0x280 [ 19.456979] kmem_cache_double_destroy+0xc0/0x300 [ 19.457017] kunit_try_run_case+0x170/0x3f0 [ 19.457054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.457096] kthread+0x328/0x630 [ 19.457128] ret_from_fork+0x10/0x20 [ 19.457163] [ 19.457182] Freed by task 215: [ 19.457208] kasan_save_stack+0x3c/0x68 [ 19.457247] kasan_save_track+0x20/0x40 [ 19.457283] kasan_save_free_info+0x4c/0x78 [ 19.457323] __kasan_slab_free+0x6c/0x98 [ 19.457360] kmem_cache_free+0x260/0x468 [ 19.457397] slab_kmem_cache_release+0x38/0x50 [ 19.457436] kmem_cache_release+0x1c/0x30 [ 19.457471] kobject_put+0x17c/0x420 [ 19.457507] sysfs_slab_release+0x1c/0x30 [ 19.457542] kmem_cache_destroy+0x118/0x218 [ 19.457590] kmem_cache_double_destroy+0x128/0x300 [ 19.457629] kunit_try_run_case+0x170/0x3f0 [ 19.457665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.457708] kthread+0x328/0x630 [ 19.457739] ret_from_fork+0x10/0x20 [ 19.457775] [ 19.457794] The buggy address belongs to the object at fff00000c5834dc0 [ 19.457794] which belongs to the cache kmem_cache of size 208 [ 19.457851] The buggy address is located 0 bytes inside of [ 19.457851] freed 208-byte region [fff00000c5834dc0, fff00000c5834e90) [ 19.457913] [ 19.457938] The buggy address belongs to the physical page: [ 19.457971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105834 [ 19.458025] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.458077] page_type: f5(slab) [ 19.458120] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 19.458170] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.458212] page dumped because: kasan: bad access detected [ 19.458243] [ 19.458262] Memory state around the buggy address: [ 19.458295] fff00000c5834c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.458338] fff00000c5834d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 19.458382] >fff00000c5834d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.458420] ^ [ 19.458455] fff00000c5834e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.458497] fff00000c5834e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.458535] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.369120] ================================================================== [ 19.369223] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 19.369297] Read of size 1 at addr fff00000c589b000 by task kunit_try_catch/213 [ 19.369350] [ 19.369390] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.369474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.369502] Hardware name: linux,dummy-virt (DT) [ 19.369537] Call trace: [ 19.369560] show_stack+0x20/0x38 (C) [ 19.369636] dump_stack_lvl+0x8c/0xd0 [ 19.369683] print_report+0x118/0x608 [ 19.369731] kasan_report+0xdc/0x128 [ 19.369776] __asan_report_load1_noabort+0x20/0x30 [ 19.369827] kmem_cache_rcu_uaf+0x388/0x468 [ 19.369874] kunit_try_run_case+0x170/0x3f0 [ 19.369921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.369975] kthread+0x328/0x630 [ 19.370017] ret_from_fork+0x10/0x20 [ 19.370066] [ 19.370085] Allocated by task 213: [ 19.370116] kasan_save_stack+0x3c/0x68 [ 19.370157] kasan_save_track+0x20/0x40 [ 19.370194] kasan_save_alloc_info+0x40/0x58 [ 19.370235] __kasan_slab_alloc+0xa8/0xb0 [ 19.370272] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.370313] kmem_cache_rcu_uaf+0x12c/0x468 [ 19.370350] kunit_try_run_case+0x170/0x3f0 [ 19.370387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.370430] kthread+0x328/0x630 [ 19.370463] ret_from_fork+0x10/0x20 [ 19.370497] [ 19.370517] Freed by task 0: [ 19.370545] kasan_save_stack+0x3c/0x68 [ 19.370593] kasan_save_track+0x20/0x40 [ 19.370630] kasan_save_free_info+0x4c/0x78 [ 19.370669] __kasan_slab_free+0x6c/0x98 [ 19.370704] slab_free_after_rcu_debug+0xd4/0x2f8 [ 19.370744] rcu_core+0x9f4/0x1e20 [ 19.370781] rcu_core_si+0x18/0x30 [ 19.370816] handle_softirqs+0x374/0xb28 [ 19.370858] __do_softirq+0x1c/0x28 [ 19.370890] [ 19.370909] Last potentially related work creation: [ 19.370935] kasan_save_stack+0x3c/0x68 [ 19.370972] kasan_record_aux_stack+0xb4/0xc8 [ 19.371012] kmem_cache_free+0x120/0x468 [ 19.371049] kmem_cache_rcu_uaf+0x16c/0x468 [ 19.371086] kunit_try_run_case+0x170/0x3f0 [ 19.371123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.371166] kthread+0x328/0x630 [ 19.371197] ret_from_fork+0x10/0x20 [ 19.371233] [ 19.371252] The buggy address belongs to the object at fff00000c589b000 [ 19.371252] which belongs to the cache test_cache of size 200 [ 19.371310] The buggy address is located 0 bytes inside of [ 19.371310] freed 200-byte region [fff00000c589b000, fff00000c589b0c8) [ 19.371371] [ 19.371394] The buggy address belongs to the physical page: [ 19.371425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10589b [ 19.371483] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.371535] page_type: f5(slab) [ 19.371586] raw: 0bfffe0000000000 fff00000c3de5b40 dead000000000122 0000000000000000 [ 19.371636] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.371677] page dumped because: kasan: bad access detected [ 19.371708] [ 19.371725] Memory state around the buggy address: [ 19.371758] fff00000c589af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.371803] fff00000c589af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.371847] >fff00000c589b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.371887] ^ [ 19.371915] fff00000c589b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.371958] fff00000c589b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.371997] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.951433] ================================================================== [ 18.951505] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 18.951601] Free of addr fff00000c707c001 by task kunit_try_catch/211 [ 18.951647] [ 18.951688] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.951775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.951812] Hardware name: linux,dummy-virt (DT) [ 18.951854] Call trace: [ 18.951879] show_stack+0x20/0x38 (C) [ 18.951934] dump_stack_lvl+0x8c/0xd0 [ 18.951986] print_report+0x118/0x608 [ 18.952034] kasan_report_invalid_free+0xc0/0xe8 [ 18.952085] check_slab_allocation+0xfc/0x108 [ 18.952132] __kasan_slab_pre_free+0x2c/0x48 [ 18.952181] kmem_cache_free+0xf0/0x468 [ 18.952229] kmem_cache_invalid_free+0x184/0x3c8 [ 18.952277] kunit_try_run_case+0x170/0x3f0 [ 18.952326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.952388] kthread+0x328/0x630 [ 18.952433] ret_from_fork+0x10/0x20 [ 18.952483] [ 18.952501] Allocated by task 211: [ 18.952542] kasan_save_stack+0x3c/0x68 [ 18.952593] kasan_save_track+0x20/0x40 [ 18.952630] kasan_save_alloc_info+0x40/0x58 [ 18.952670] __kasan_slab_alloc+0xa8/0xb0 [ 18.953404] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.953590] kmem_cache_invalid_free+0x12c/0x3c8 [ 18.953727] kunit_try_run_case+0x170/0x3f0 [ 18.953771] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.953826] kthread+0x328/0x630 [ 18.954217] ret_from_fork+0x10/0x20 [ 18.954287] [ 18.954367] The buggy address belongs to the object at fff00000c707c000 [ 18.954367] which belongs to the cache test_cache of size 200 [ 18.954616] The buggy address is located 1 bytes inside of [ 18.954616] 200-byte region [fff00000c707c000, fff00000c707c0c8) [ 18.954869] [ 18.954978] The buggy address belongs to the physical page: [ 18.955055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10707c [ 18.955319] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.955462] page_type: f5(slab) [ 18.955551] raw: 0bfffe0000000000 fff00000c5834c80 dead000000000122 0000000000000000 [ 18.955681] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.955743] page dumped because: kasan: bad access detected [ 18.956102] [ 18.956164] Memory state around the buggy address: [ 18.956351] fff00000c707bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.956463] fff00000c707bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.956604] >fff00000c707c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.956872] ^ [ 18.956939] fff00000c707c080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.957030] fff00000c707c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.957073] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.926782] ================================================================== [ 18.926859] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 18.926961] Free of addr fff00000c7080000 by task kunit_try_catch/209 [ 18.927006] [ 18.927049] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.927162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.927234] Hardware name: linux,dummy-virt (DT) [ 18.927270] Call trace: [ 18.927320] show_stack+0x20/0x38 (C) [ 18.927429] dump_stack_lvl+0x8c/0xd0 [ 18.927482] print_report+0x118/0x608 [ 18.927532] kasan_report_invalid_free+0xc0/0xe8 [ 18.927828] check_slab_allocation+0xd4/0x108 [ 18.927881] __kasan_slab_pre_free+0x2c/0x48 [ 18.927947] kmem_cache_free+0xf0/0x468 [ 18.928027] kmem_cache_double_free+0x190/0x3c8 [ 18.928122] kunit_try_run_case+0x170/0x3f0 [ 18.928221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.928306] kthread+0x328/0x630 [ 18.928452] ret_from_fork+0x10/0x20 [ 18.928514] [ 18.928533] Allocated by task 209: [ 18.928623] kasan_save_stack+0x3c/0x68 [ 18.928666] kasan_save_track+0x20/0x40 [ 18.928921] kasan_save_alloc_info+0x40/0x58 [ 18.928963] __kasan_slab_alloc+0xa8/0xb0 [ 18.929002] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.929042] kmem_cache_double_free+0x12c/0x3c8 [ 18.929081] kunit_try_run_case+0x170/0x3f0 [ 18.929134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.929263] kthread+0x328/0x630 [ 18.929345] ret_from_fork+0x10/0x20 [ 18.929382] [ 18.929425] Freed by task 209: [ 18.929523] kasan_save_stack+0x3c/0x68 [ 18.929695] kasan_save_track+0x20/0x40 [ 18.929800] kasan_save_free_info+0x4c/0x78 [ 18.929927] __kasan_slab_free+0x6c/0x98 [ 18.930041] kmem_cache_free+0x260/0x468 [ 18.930138] kmem_cache_double_free+0x140/0x3c8 [ 18.930215] kunit_try_run_case+0x170/0x3f0 [ 18.930253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.930306] kthread+0x328/0x630 [ 18.930343] ret_from_fork+0x10/0x20 [ 18.930385] [ 18.930404] The buggy address belongs to the object at fff00000c7080000 [ 18.930404] which belongs to the cache test_cache of size 200 [ 18.930472] The buggy address is located 0 bytes inside of [ 18.930472] 200-byte region [fff00000c7080000, fff00000c70800c8) [ 18.930555] [ 18.930600] The buggy address belongs to the physical page: [ 18.930635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107080 [ 18.930691] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.930767] page_type: f5(slab) [ 18.930808] raw: 0bfffe0000000000 fff00000c5834b40 dead000000000122 0000000000000000 [ 18.930863] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.930964] page dumped because: kasan: bad access detected [ 18.930996] [ 18.931014] Memory state around the buggy address: [ 18.931085] fff00000c707ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.931129] fff00000c707ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.931172] >fff00000c7080000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.931230] ^ [ 18.931258] fff00000c7080080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.931302] fff00000c7080100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.931350] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.708743] ================================================================== [ 18.708813] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 18.709766] Read of size 1 at addr fff00000c70820c8 by task kunit_try_catch/207 [ 18.710106] [ 18.710149] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.711003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.711069] Hardware name: linux,dummy-virt (DT) [ 18.711331] Call trace: [ 18.711362] show_stack+0x20/0x38 (C) [ 18.711834] dump_stack_lvl+0x8c/0xd0 [ 18.712095] print_report+0x118/0x608 [ 18.712182] kasan_report+0xdc/0x128 [ 18.712380] __asan_report_load1_noabort+0x20/0x30 [ 18.712431] kmem_cache_oob+0x344/0x430 [ 18.712477] kunit_try_run_case+0x170/0x3f0 [ 18.713078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.713453] kthread+0x328/0x630 [ 18.713520] ret_from_fork+0x10/0x20 [ 18.713572] [ 18.713965] Allocated by task 207: [ 18.714120] kasan_save_stack+0x3c/0x68 [ 18.714296] kasan_save_track+0x20/0x40 [ 18.714380] kasan_save_alloc_info+0x40/0x58 [ 18.714418] __kasan_slab_alloc+0xa8/0xb0 [ 18.714456] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.714958] kmem_cache_oob+0x12c/0x430 [ 18.715097] kunit_try_run_case+0x170/0x3f0 [ 18.715403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.715467] kthread+0x328/0x630 [ 18.715509] ret_from_fork+0x10/0x20 [ 18.715545] [ 18.715565] The buggy address belongs to the object at fff00000c7082000 [ 18.715565] which belongs to the cache test_cache of size 200 [ 18.715635] The buggy address is located 0 bytes to the right of [ 18.715635] allocated 200-byte region [fff00000c7082000, fff00000c70820c8) [ 18.716462] [ 18.716490] The buggy address belongs to the physical page: [ 18.716658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107082 [ 18.716721] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.716774] page_type: f5(slab) [ 18.716816] raw: 0bfffe0000000000 fff00000ffe7af00 dead000000000122 0000000000000000 [ 18.716866] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.716905] page dumped because: kasan: bad access detected [ 18.716937] [ 18.716955] Memory state around the buggy address: [ 18.717842] fff00000c7081f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.718094] fff00000c7082000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.718141] >fff00000c7082080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.718657] ^ [ 18.718704] fff00000c7082100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.718748] fff00000c7082180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.718787] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.676856] ================================================================== [ 18.677071] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 18.677135] Read of size 8 at addr fff00000c706cac0 by task kunit_try_catch/200 [ 18.677443] [ 18.677925] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.678023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.678252] Hardware name: linux,dummy-virt (DT) [ 18.678389] Call trace: [ 18.678487] show_stack+0x20/0x38 (C) [ 18.678616] dump_stack_lvl+0x8c/0xd0 [ 18.678739] print_report+0x118/0x608 [ 18.678810] kasan_report+0xdc/0x128 [ 18.678888] __asan_report_load8_noabort+0x20/0x30 [ 18.678943] workqueue_uaf+0x480/0x4a8 [ 18.678990] kunit_try_run_case+0x170/0x3f0 [ 18.679048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.679109] kthread+0x328/0x630 [ 18.679168] ret_from_fork+0x10/0x20 [ 18.679226] [ 18.679245] Allocated by task 200: [ 18.679274] kasan_save_stack+0x3c/0x68 [ 18.679326] kasan_save_track+0x20/0x40 [ 18.679379] kasan_save_alloc_info+0x40/0x58 [ 18.679419] __kasan_kmalloc+0xd4/0xd8 [ 18.679465] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.679515] workqueue_uaf+0x13c/0x4a8 [ 18.679552] kunit_try_run_case+0x170/0x3f0 [ 18.679601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.679654] kthread+0x328/0x630 [ 18.679687] ret_from_fork+0x10/0x20 [ 18.679738] [ 18.679764] Freed by task 11: [ 18.679800] kasan_save_stack+0x3c/0x68 [ 18.679837] kasan_save_track+0x20/0x40 [ 18.679885] kasan_save_free_info+0x4c/0x78 [ 18.679923] __kasan_slab_free+0x6c/0x98 [ 18.679960] kfree+0x214/0x3c8 [ 18.680002] workqueue_uaf_work+0x18/0x30 [ 18.680036] process_one_work+0x530/0xf98 [ 18.680073] worker_thread+0x618/0xf38 [ 18.680107] kthread+0x328/0x630 [ 18.680149] ret_from_fork+0x10/0x20 [ 18.680185] [ 18.680225] Last potentially related work creation: [ 18.680261] kasan_save_stack+0x3c/0x68 [ 18.680309] kasan_record_aux_stack+0xb4/0xc8 [ 18.680357] __queue_work+0x65c/0x1008 [ 18.680393] queue_work_on+0xbc/0xf8 [ 18.680437] workqueue_uaf+0x210/0x4a8 [ 18.680486] kunit_try_run_case+0x170/0x3f0 [ 18.680523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.680566] kthread+0x328/0x630 [ 18.680745] ret_from_fork+0x10/0x20 [ 18.680799] [ 18.680946] The buggy address belongs to the object at fff00000c706cac0 [ 18.680946] which belongs to the cache kmalloc-32 of size 32 [ 18.681365] The buggy address is located 0 bytes inside of [ 18.681365] freed 32-byte region [fff00000c706cac0, fff00000c706cae0) [ 18.681662] [ 18.681691] The buggy address belongs to the physical page: [ 18.681723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706c [ 18.681779] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.681943] page_type: f5(slab) [ 18.682136] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.682297] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.682371] page dumped because: kasan: bad access detected [ 18.682519] [ 18.682584] Memory state around the buggy address: [ 18.682620] fff00000c706c980: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.682893] fff00000c706ca00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.682998] >fff00000c706ca80: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 18.683040] ^ [ 18.683077] fff00000c706cb00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.683138] fff00000c706cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.683286] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.651102] ================================================================== [ 18.652400] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 18.653168] Read of size 4 at addr fff00000c706c8c0 by task swapper/0/0 [ 18.653736] [ 18.653802] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.654234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.654266] Hardware name: linux,dummy-virt (DT) [ 18.654592] Call trace: [ 18.655172] show_stack+0x20/0x38 (C) [ 18.655525] dump_stack_lvl+0x8c/0xd0 [ 18.656038] print_report+0x118/0x608 [ 18.656230] kasan_report+0xdc/0x128 [ 18.656306] __asan_report_load4_noabort+0x20/0x30 [ 18.656621] rcu_uaf_reclaim+0x64/0x70 [ 18.656678] rcu_core+0x9f4/0x1e20 [ 18.656733] rcu_core_si+0x18/0x30 [ 18.656780] handle_softirqs+0x374/0xb28 [ 18.656829] __do_softirq+0x1c/0x28 [ 18.657689] ____do_softirq+0x18/0x30 [ 18.658075] call_on_irq_stack+0x24/0x30 [ 18.658123] do_softirq_own_stack+0x24/0x38 [ 18.658199] __irq_exit_rcu+0x1fc/0x318 [ 18.658245] irq_exit_rcu+0x1c/0x80 [ 18.658289] el1_interrupt+0x38/0x58 [ 18.658447] el1h_64_irq_handler+0x18/0x28 [ 18.658496] el1h_64_irq+0x6c/0x70 [ 18.658616] arch_local_irq_enable+0x4/0x8 (P) [ 18.658669] do_idle+0x384/0x4e8 [ 18.658713] cpu_startup_entry+0x64/0x80 [ 18.658757] rest_init+0x160/0x188 [ 18.658800] start_kernel+0x30c/0x3d0 [ 18.658856] __primary_switched+0x8c/0xa0 [ 18.658907] [ 18.658927] Allocated by task 198: [ 18.658956] kasan_save_stack+0x3c/0x68 [ 18.658997] kasan_save_track+0x20/0x40 [ 18.659035] kasan_save_alloc_info+0x40/0x58 [ 18.659075] __kasan_kmalloc+0xd4/0xd8 [ 18.659112] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.659151] rcu_uaf+0xb0/0x2d8 [ 18.659183] kunit_try_run_case+0x170/0x3f0 [ 18.659223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.659267] kthread+0x328/0x630 [ 18.659301] ret_from_fork+0x10/0x20 [ 18.659337] [ 18.659355] Freed by task 0: [ 18.659381] kasan_save_stack+0x3c/0x68 [ 18.659418] kasan_save_track+0x20/0x40 [ 18.659456] kasan_save_free_info+0x4c/0x78 [ 18.659496] __kasan_slab_free+0x6c/0x98 [ 18.659531] kfree+0x214/0x3c8 [ 18.659565] rcu_uaf_reclaim+0x28/0x70 [ 18.659609] rcu_core+0x9f4/0x1e20 [ 18.659665] rcu_core_si+0x18/0x30 [ 18.659700] handle_softirqs+0x374/0xb28 [ 18.659826] __do_softirq+0x1c/0x28 [ 18.659939] [ 18.660016] Last potentially related work creation: [ 18.660054] kasan_save_stack+0x3c/0x68 [ 18.660106] kasan_record_aux_stack+0xb4/0xc8 [ 18.660147] __call_rcu_common.constprop.0+0x74/0x8c8 [ 18.660188] call_rcu+0x18/0x30 [ 18.660220] rcu_uaf+0x14c/0x2d8 [ 18.660269] kunit_try_run_case+0x170/0x3f0 [ 18.660307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.660360] kthread+0x328/0x630 [ 18.660392] ret_from_fork+0x10/0x20 [ 18.660433] [ 18.660465] The buggy address belongs to the object at fff00000c706c8c0 [ 18.660465] which belongs to the cache kmalloc-32 of size 32 [ 18.660543] The buggy address is located 0 bytes inside of [ 18.660543] freed 32-byte region [fff00000c706c8c0, fff00000c706c8e0) [ 18.660623] [ 18.660653] The buggy address belongs to the physical page: [ 18.661030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706c [ 18.661142] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.661264] page_type: f5(slab) [ 18.661362] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.661535] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.661588] page dumped because: kasan: bad access detected [ 18.661629] [ 18.661941] Memory state around the buggy address: [ 18.662043] fff00000c706c780: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 18.662128] fff00000c706c800: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.662239] >fff00000c706c880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.662340] ^ [ 18.662458] fff00000c706c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.662557] fff00000c706c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.662758] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.403348] ================================================================== [ 18.403593] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 18.403654] Read of size 1 at addr fff00000c706f500 by task kunit_try_catch/196 [ 18.404116] [ 18.404192] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.404276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.404303] Hardware name: linux,dummy-virt (DT) [ 18.404473] Call trace: [ 18.404517] show_stack+0x20/0x38 (C) [ 18.404571] dump_stack_lvl+0x8c/0xd0 [ 18.404635] print_report+0x118/0x608 [ 18.404681] kasan_report+0xdc/0x128 [ 18.405072] __asan_report_load1_noabort+0x20/0x30 [ 18.405183] ksize_uaf+0x598/0x5f8 [ 18.405288] kunit_try_run_case+0x170/0x3f0 [ 18.405426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.405527] kthread+0x328/0x630 [ 18.405704] ret_from_fork+0x10/0x20 [ 18.405916] [ 18.405960] Allocated by task 196: [ 18.406127] kasan_save_stack+0x3c/0x68 [ 18.406197] kasan_save_track+0x20/0x40 [ 18.406509] kasan_save_alloc_info+0x40/0x58 [ 18.406648] __kasan_kmalloc+0xd4/0xd8 [ 18.406745] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.406799] ksize_uaf+0xb8/0x5f8 [ 18.406837] kunit_try_run_case+0x170/0x3f0 [ 18.407168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.407301] kthread+0x328/0x630 [ 18.407378] ret_from_fork+0x10/0x20 [ 18.407608] [ 18.407729] Freed by task 196: [ 18.407797] kasan_save_stack+0x3c/0x68 [ 18.407957] kasan_save_track+0x20/0x40 [ 18.408117] kasan_save_free_info+0x4c/0x78 [ 18.408160] __kasan_slab_free+0x6c/0x98 [ 18.408292] kfree+0x214/0x3c8 [ 18.408334] ksize_uaf+0x11c/0x5f8 [ 18.408367] kunit_try_run_case+0x170/0x3f0 [ 18.408405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.408465] kthread+0x328/0x630 [ 18.408525] ret_from_fork+0x10/0x20 [ 18.408569] [ 18.408600] The buggy address belongs to the object at fff00000c706f500 [ 18.408600] which belongs to the cache kmalloc-128 of size 128 [ 18.408658] The buggy address is located 0 bytes inside of [ 18.408658] freed 128-byte region [fff00000c706f500, fff00000c706f580) [ 18.408719] [ 18.408745] The buggy address belongs to the physical page: [ 18.408794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.408861] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.408918] page_type: f5(slab) [ 18.408960] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.409010] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.409059] page dumped because: kasan: bad access detected [ 18.409092] [ 18.409119] Memory state around the buggy address: [ 18.409156] fff00000c706f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.409199] fff00000c706f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.409251] >fff00000c706f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.409298] ^ [ 18.409325] fff00000c706f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.409368] fff00000c706f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.409415] ================================================================== [ 18.392479] ================================================================== [ 18.392538] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 18.392604] Read of size 1 at addr fff00000c706f500 by task kunit_try_catch/196 [ 18.392654] [ 18.392686] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.393172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.393310] Hardware name: linux,dummy-virt (DT) [ 18.393416] Call trace: [ 18.393477] show_stack+0x20/0x38 (C) [ 18.393560] dump_stack_lvl+0x8c/0xd0 [ 18.393617] print_report+0x118/0x608 [ 18.393663] kasan_report+0xdc/0x128 [ 18.394109] __kasan_check_byte+0x54/0x70 [ 18.394208] ksize+0x30/0x88 [ 18.394307] ksize_uaf+0x168/0x5f8 [ 18.394559] kunit_try_run_case+0x170/0x3f0 [ 18.394645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.395028] kthread+0x328/0x630 [ 18.395108] ret_from_fork+0x10/0x20 [ 18.395194] [ 18.395289] Allocated by task 196: [ 18.395369] kasan_save_stack+0x3c/0x68 [ 18.395457] kasan_save_track+0x20/0x40 [ 18.395506] kasan_save_alloc_info+0x40/0x58 [ 18.395544] __kasan_kmalloc+0xd4/0xd8 [ 18.395807] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.395983] ksize_uaf+0xb8/0x5f8 [ 18.396188] kunit_try_run_case+0x170/0x3f0 [ 18.396385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.396433] kthread+0x328/0x630 [ 18.396465] ret_from_fork+0x10/0x20 [ 18.396536] [ 18.396593] Freed by task 196: [ 18.397315] kasan_save_stack+0x3c/0x68 [ 18.397693] kasan_save_track+0x20/0x40 [ 18.397775] kasan_save_free_info+0x4c/0x78 [ 18.397856] __kasan_slab_free+0x6c/0x98 [ 18.397968] kfree+0x214/0x3c8 [ 18.398063] ksize_uaf+0x11c/0x5f8 [ 18.398115] kunit_try_run_case+0x170/0x3f0 [ 18.398190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.398284] kthread+0x328/0x630 [ 18.398635] ret_from_fork+0x10/0x20 [ 18.398703] [ 18.398770] The buggy address belongs to the object at fff00000c706f500 [ 18.398770] which belongs to the cache kmalloc-128 of size 128 [ 18.399252] The buggy address is located 0 bytes inside of [ 18.399252] freed 128-byte region [fff00000c706f500, fff00000c706f580) [ 18.399613] [ 18.399764] The buggy address belongs to the physical page: [ 18.399870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.399969] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.400061] page_type: f5(slab) [ 18.400102] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.400151] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.400193] page dumped because: kasan: bad access detected [ 18.400225] [ 18.400242] Memory state around the buggy address: [ 18.400283] fff00000c706f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.400343] fff00000c706f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.400396] >fff00000c706f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.400443] ^ [ 18.400491] fff00000c706f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.400552] fff00000c706f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.400599] ================================================================== [ 18.410465] ================================================================== [ 18.410781] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 18.410996] Read of size 1 at addr fff00000c706f578 by task kunit_try_catch/196 [ 18.411057] [ 18.411094] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.411182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.411209] Hardware name: linux,dummy-virt (DT) [ 18.411412] Call trace: [ 18.411483] show_stack+0x20/0x38 (C) [ 18.411537] dump_stack_lvl+0x8c/0xd0 [ 18.411702] print_report+0x118/0x608 [ 18.411765] kasan_report+0xdc/0x128 [ 18.411810] __asan_report_load1_noabort+0x20/0x30 [ 18.411867] ksize_uaf+0x544/0x5f8 [ 18.411911] kunit_try_run_case+0x170/0x3f0 [ 18.411956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.412009] kthread+0x328/0x630 [ 18.412589] ret_from_fork+0x10/0x20 [ 18.412673] [ 18.412725] Allocated by task 196: [ 18.412878] kasan_save_stack+0x3c/0x68 [ 18.412977] kasan_save_track+0x20/0x40 [ 18.413129] kasan_save_alloc_info+0x40/0x58 [ 18.413236] __kasan_kmalloc+0xd4/0xd8 [ 18.413276] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.413461] ksize_uaf+0xb8/0x5f8 [ 18.413636] kunit_try_run_case+0x170/0x3f0 [ 18.413785] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.413883] kthread+0x328/0x630 [ 18.413984] ret_from_fork+0x10/0x20 [ 18.414125] [ 18.414298] Freed by task 196: [ 18.414354] kasan_save_stack+0x3c/0x68 [ 18.414724] kasan_save_track+0x20/0x40 [ 18.414808] kasan_save_free_info+0x4c/0x78 [ 18.414968] __kasan_slab_free+0x6c/0x98 [ 18.415072] kfree+0x214/0x3c8 [ 18.415213] ksize_uaf+0x11c/0x5f8 [ 18.415311] kunit_try_run_case+0x170/0x3f0 [ 18.415368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.415419] kthread+0x328/0x630 [ 18.415816] ret_from_fork+0x10/0x20 [ 18.415878] [ 18.415988] The buggy address belongs to the object at fff00000c706f500 [ 18.415988] which belongs to the cache kmalloc-128 of size 128 [ 18.416103] The buggy address is located 120 bytes inside of [ 18.416103] freed 128-byte region [fff00000c706f500, fff00000c706f580) [ 18.416312] [ 18.416572] The buggy address belongs to the physical page: [ 18.416847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.416981] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.417135] page_type: f5(slab) [ 18.417203] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.417267] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.417372] page dumped because: kasan: bad access detected [ 18.417450] [ 18.417471] Memory state around the buggy address: [ 18.417863] fff00000c706f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.417934] fff00000c706f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.418051] >fff00000c706f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.418160] ^ [ 18.418324] fff00000c706f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.418410] fff00000c706f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.418501] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.378570] ================================================================== [ 18.378632] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 18.379037] Read of size 1 at addr fff00000c706f47f by task kunit_try_catch/194 [ 18.379117] [ 18.379316] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.379551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.379603] Hardware name: linux,dummy-virt (DT) [ 18.379637] Call trace: [ 18.379658] show_stack+0x20/0x38 (C) [ 18.379757] dump_stack_lvl+0x8c/0xd0 [ 18.379805] print_report+0x118/0x608 [ 18.379861] kasan_report+0xdc/0x128 [ 18.379909] __asan_report_load1_noabort+0x20/0x30 [ 18.379968] ksize_unpoisons_memory+0x690/0x740 [ 18.380016] kunit_try_run_case+0x170/0x3f0 [ 18.380069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.380120] kthread+0x328/0x630 [ 18.380161] ret_from_fork+0x10/0x20 [ 18.380210] [ 18.380228] Allocated by task 194: [ 18.380256] kasan_save_stack+0x3c/0x68 [ 18.380295] kasan_save_track+0x20/0x40 [ 18.380330] kasan_save_alloc_info+0x40/0x58 [ 18.380370] __kasan_kmalloc+0xd4/0xd8 [ 18.380406] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.380445] ksize_unpoisons_memory+0xc0/0x740 [ 18.380481] kunit_try_run_case+0x170/0x3f0 [ 18.380518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.380561] kthread+0x328/0x630 [ 18.380602] ret_from_fork+0x10/0x20 [ 18.380637] [ 18.380667] The buggy address belongs to the object at fff00000c706f400 [ 18.380667] which belongs to the cache kmalloc-128 of size 128 [ 18.381258] The buggy address is located 12 bytes to the right of [ 18.381258] allocated 115-byte region [fff00000c706f400, fff00000c706f473) [ 18.381346] [ 18.381429] The buggy address belongs to the physical page: [ 18.381566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.381875] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.382017] page_type: f5(slab) [ 18.382064] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.382123] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.382469] page dumped because: kasan: bad access detected [ 18.382534] [ 18.382621] Memory state around the buggy address: [ 18.382681] fff00000c706f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.382755] fff00000c706f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.382820] >fff00000c706f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.382974] ^ [ 18.383065] fff00000c706f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.383127] fff00000c706f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.383301] ================================================================== [ 18.369847] ================================================================== [ 18.369991] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 18.370065] Read of size 1 at addr fff00000c706f478 by task kunit_try_catch/194 [ 18.370293] [ 18.370341] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.370827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.370895] Hardware name: linux,dummy-virt (DT) [ 18.370929] Call trace: [ 18.370997] show_stack+0x20/0x38 (C) [ 18.371062] dump_stack_lvl+0x8c/0xd0 [ 18.371110] print_report+0x118/0x608 [ 18.371164] kasan_report+0xdc/0x128 [ 18.371359] __asan_report_load1_noabort+0x20/0x30 [ 18.371453] ksize_unpoisons_memory+0x618/0x740 [ 18.371693] kunit_try_run_case+0x170/0x3f0 [ 18.371975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.372064] kthread+0x328/0x630 [ 18.372113] ret_from_fork+0x10/0x20 [ 18.372161] [ 18.372179] Allocated by task 194: [ 18.372344] kasan_save_stack+0x3c/0x68 [ 18.372502] kasan_save_track+0x20/0x40 [ 18.372847] kasan_save_alloc_info+0x40/0x58 [ 18.372962] __kasan_kmalloc+0xd4/0xd8 [ 18.373071] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.373384] ksize_unpoisons_memory+0xc0/0x740 [ 18.373478] kunit_try_run_case+0x170/0x3f0 [ 18.373628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.373780] kthread+0x328/0x630 [ 18.373817] ret_from_fork+0x10/0x20 [ 18.374154] [ 18.374224] The buggy address belongs to the object at fff00000c706f400 [ 18.374224] which belongs to the cache kmalloc-128 of size 128 [ 18.374310] The buggy address is located 5 bytes to the right of [ 18.374310] allocated 115-byte region [fff00000c706f400, fff00000c706f473) [ 18.374619] [ 18.374697] The buggy address belongs to the physical page: [ 18.374807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.374967] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.375238] page_type: f5(slab) [ 18.375409] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.375513] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.375937] page dumped because: kasan: bad access detected [ 18.376084] [ 18.376202] Memory state around the buggy address: [ 18.376238] fff00000c706f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.376612] fff00000c706f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.376737] >fff00000c706f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.376800] ^ [ 18.376843] fff00000c706f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.376900] fff00000c706f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.377243] ================================================================== [ 18.362420] ================================================================== [ 18.362506] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 18.362562] Read of size 1 at addr fff00000c706f473 by task kunit_try_catch/194 [ 18.362634] [ 18.362668] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.362760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.362789] Hardware name: linux,dummy-virt (DT) [ 18.362821] Call trace: [ 18.362850] show_stack+0x20/0x38 (C) [ 18.362900] dump_stack_lvl+0x8c/0xd0 [ 18.362947] print_report+0x118/0x608 [ 18.362993] kasan_report+0xdc/0x128 [ 18.363037] __asan_report_load1_noabort+0x20/0x30 [ 18.363088] ksize_unpoisons_memory+0x628/0x740 [ 18.363136] kunit_try_run_case+0x170/0x3f0 [ 18.363194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.363248] kthread+0x328/0x630 [ 18.363290] ret_from_fork+0x10/0x20 [ 18.363337] [ 18.363362] Allocated by task 194: [ 18.363389] kasan_save_stack+0x3c/0x68 [ 18.363430] kasan_save_track+0x20/0x40 [ 18.363467] kasan_save_alloc_info+0x40/0x58 [ 18.363508] __kasan_kmalloc+0xd4/0xd8 [ 18.363560] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.364236] ksize_unpoisons_memory+0xc0/0x740 [ 18.364280] kunit_try_run_case+0x170/0x3f0 [ 18.364391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.364486] kthread+0x328/0x630 [ 18.364543] ret_from_fork+0x10/0x20 [ 18.364667] [ 18.364690] The buggy address belongs to the object at fff00000c706f400 [ 18.364690] which belongs to the cache kmalloc-128 of size 128 [ 18.364805] The buggy address is located 0 bytes to the right of [ 18.364805] allocated 115-byte region [fff00000c706f400, fff00000c706f473) [ 18.365098] [ 18.365232] The buggy address belongs to the physical page: [ 18.365286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.365400] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.365611] page_type: f5(slab) [ 18.365757] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.366112] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.366189] page dumped because: kasan: bad access detected [ 18.366242] [ 18.366289] Memory state around the buggy address: [ 18.366353] fff00000c706f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.366456] fff00000c706f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.366561] >fff00000c706f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.366735] ^ [ 18.366808] fff00000c706f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.366870] fff00000c706f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.367213] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.343930] ================================================================== [ 18.344003] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 18.344051] Free of addr fff00000c3f3ec80 by task kunit_try_catch/192 [ 18.344094] [ 18.344168] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.344256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.344282] Hardware name: linux,dummy-virt (DT) [ 18.344333] Call trace: [ 18.344356] show_stack+0x20/0x38 (C) [ 18.344415] dump_stack_lvl+0x8c/0xd0 [ 18.344471] print_report+0x118/0x608 [ 18.344517] kasan_report_invalid_free+0xc0/0xe8 [ 18.344567] check_slab_allocation+0xd4/0x108 [ 18.345568] __kasan_slab_pre_free+0x2c/0x48 [ 18.345753] kfree+0xe8/0x3c8 [ 18.345872] kfree_sensitive+0x3c/0xb0 [ 18.345924] kmalloc_double_kzfree+0x168/0x308 [ 18.346012] kunit_try_run_case+0x170/0x3f0 [ 18.346350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.346421] kthread+0x328/0x630 [ 18.346494] ret_from_fork+0x10/0x20 [ 18.346592] [ 18.346635] Allocated by task 192: [ 18.346693] kasan_save_stack+0x3c/0x68 [ 18.346767] kasan_save_track+0x20/0x40 [ 18.347065] kasan_save_alloc_info+0x40/0x58 [ 18.347142] __kasan_kmalloc+0xd4/0xd8 [ 18.347208] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.347274] kmalloc_double_kzfree+0xb8/0x308 [ 18.347314] kunit_try_run_case+0x170/0x3f0 [ 18.347607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.347694] kthread+0x328/0x630 [ 18.347770] ret_from_fork+0x10/0x20 [ 18.347809] [ 18.348114] Freed by task 192: [ 18.348183] kasan_save_stack+0x3c/0x68 [ 18.348275] kasan_save_track+0x20/0x40 [ 18.348565] kasan_save_free_info+0x4c/0x78 [ 18.348869] __kasan_slab_free+0x6c/0x98 [ 18.348949] kfree+0x214/0x3c8 [ 18.349012] kfree_sensitive+0x80/0xb0 [ 18.349175] kmalloc_double_kzfree+0x11c/0x308 [ 18.349318] kunit_try_run_case+0x170/0x3f0 [ 18.349359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.349403] kthread+0x328/0x630 [ 18.349437] ret_from_fork+0x10/0x20 [ 18.349792] [ 18.349888] The buggy address belongs to the object at fff00000c3f3ec80 [ 18.349888] which belongs to the cache kmalloc-16 of size 16 [ 18.350079] The buggy address is located 0 bytes inside of [ 18.350079] 16-byte region [fff00000c3f3ec80, fff00000c3f3ec90) [ 18.350243] [ 18.350386] The buggy address belongs to the physical page: [ 18.350436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 18.350664] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.350847] page_type: f5(slab) [ 18.350910] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.351131] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.351304] page dumped because: kasan: bad access detected [ 18.351642] [ 18.351779] Memory state around the buggy address: [ 18.351918] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.351994] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.352169] >fff00000c3f3ec80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.352268] ^ [ 18.352300] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.352703] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.352835] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.332435] ================================================================== [ 18.332511] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 18.332570] Read of size 1 at addr fff00000c3f3ec80 by task kunit_try_catch/192 [ 18.332633] [ 18.332672] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.333206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.333299] Hardware name: linux,dummy-virt (DT) [ 18.333408] Call trace: [ 18.333435] show_stack+0x20/0x38 (C) [ 18.333739] dump_stack_lvl+0x8c/0xd0 [ 18.333877] print_report+0x118/0x608 [ 18.333956] kasan_report+0xdc/0x128 [ 18.334042] __kasan_check_byte+0x54/0x70 [ 18.334308] kfree_sensitive+0x30/0xb0 [ 18.334443] kmalloc_double_kzfree+0x168/0x308 [ 18.334495] kunit_try_run_case+0x170/0x3f0 [ 18.334815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.334907] kthread+0x328/0x630 [ 18.334988] ret_from_fork+0x10/0x20 [ 18.335212] [ 18.335356] Allocated by task 192: [ 18.335624] kasan_save_stack+0x3c/0x68 [ 18.335722] kasan_save_track+0x20/0x40 [ 18.335883] kasan_save_alloc_info+0x40/0x58 [ 18.335980] __kasan_kmalloc+0xd4/0xd8 [ 18.336235] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.336300] kmalloc_double_kzfree+0xb8/0x308 [ 18.336739] kunit_try_run_case+0x170/0x3f0 [ 18.337288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.337612] kthread+0x328/0x630 [ 18.337700] ret_from_fork+0x10/0x20 [ 18.337788] [ 18.337844] Freed by task 192: [ 18.337887] kasan_save_stack+0x3c/0x68 [ 18.338285] kasan_save_track+0x20/0x40 [ 18.338603] kasan_save_free_info+0x4c/0x78 [ 18.338796] __kasan_slab_free+0x6c/0x98 [ 18.338891] kfree+0x214/0x3c8 [ 18.338936] kfree_sensitive+0x80/0xb0 [ 18.339087] kmalloc_double_kzfree+0x11c/0x308 [ 18.339553] kunit_try_run_case+0x170/0x3f0 [ 18.339685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.340092] kthread+0x328/0x630 [ 18.340153] ret_from_fork+0x10/0x20 [ 18.340199] [ 18.340560] The buggy address belongs to the object at fff00000c3f3ec80 [ 18.340560] which belongs to the cache kmalloc-16 of size 16 [ 18.340648] The buggy address is located 0 bytes inside of [ 18.340648] freed 16-byte region [fff00000c3f3ec80, fff00000c3f3ec90) [ 18.341072] [ 18.341141] The buggy address belongs to the physical page: [ 18.341224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 18.341323] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.341453] page_type: f5(slab) [ 18.341533] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.341717] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.341889] page dumped because: kasan: bad access detected [ 18.341949] [ 18.341986] Memory state around the buggy address: [ 18.342051] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.342166] fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.342223] >fff00000c3f3ec80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.342274] ^ [ 18.342596] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.342663] fff00000c3f3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.342729] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.300027] ================================================================== [ 18.300193] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 18.300416] Read of size 1 at addr fff00000c706b228 by task kunit_try_catch/188 [ 18.300590] [ 18.300627] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.300797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.300874] Hardware name: linux,dummy-virt (DT) [ 18.300967] Call trace: [ 18.300990] show_stack+0x20/0x38 (C) [ 18.301064] dump_stack_lvl+0x8c/0xd0 [ 18.301119] print_report+0x118/0x608 [ 18.301326] kasan_report+0xdc/0x128 [ 18.301598] __asan_report_load1_noabort+0x20/0x30 [ 18.302037] kmalloc_uaf2+0x3f4/0x468 [ 18.302203] kunit_try_run_case+0x170/0x3f0 [ 18.302321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.302671] kthread+0x328/0x630 [ 18.302734] ret_from_fork+0x10/0x20 [ 18.303009] [ 18.303129] Allocated by task 188: [ 18.303691] kasan_save_stack+0x3c/0x68 [ 18.303747] kasan_save_track+0x20/0x40 [ 18.304001] kasan_save_alloc_info+0x40/0x58 [ 18.304186] __kasan_kmalloc+0xd4/0xd8 [ 18.304232] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.304423] kmalloc_uaf2+0xc4/0x468 [ 18.304637] kunit_try_run_case+0x170/0x3f0 [ 18.304736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.304782] kthread+0x328/0x630 [ 18.305227] ret_from_fork+0x10/0x20 [ 18.305286] [ 18.305424] Freed by task 188: [ 18.305500] kasan_save_stack+0x3c/0x68 [ 18.305542] kasan_save_track+0x20/0x40 [ 18.306011] kasan_save_free_info+0x4c/0x78 [ 18.306162] __kasan_slab_free+0x6c/0x98 [ 18.306203] kfree+0x214/0x3c8 [ 18.306421] kmalloc_uaf2+0x134/0x468 [ 18.306588] kunit_try_run_case+0x170/0x3f0 [ 18.306988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.307190] kthread+0x328/0x630 [ 18.307289] ret_from_fork+0x10/0x20 [ 18.307331] [ 18.307609] The buggy address belongs to the object at fff00000c706b200 [ 18.307609] which belongs to the cache kmalloc-64 of size 64 [ 18.307789] The buggy address is located 40 bytes inside of [ 18.307789] freed 64-byte region [fff00000c706b200, fff00000c706b240) [ 18.307961] [ 18.308013] The buggy address belongs to the physical page: [ 18.308058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706b [ 18.308542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.308951] page_type: f5(slab) [ 18.309056] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.309293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.309453] page dumped because: kasan: bad access detected [ 18.309600] [ 18.309667] Memory state around the buggy address: [ 18.309837] fff00000c706b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.309886] fff00000c706b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.310074] >fff00000c706b200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.310129] ^ [ 18.310161] fff00000c706b280: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.310213] fff00000c706b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310256] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 18.279916] ================================================================== [ 18.280307] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 18.280379] Write of size 33 at addr fff00000c706b080 by task kunit_try_catch/186 [ 18.280715] [ 18.280803] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.280950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.281002] Hardware name: linux,dummy-virt (DT) [ 18.281194] Call trace: [ 18.281255] show_stack+0x20/0x38 (C) [ 18.281434] dump_stack_lvl+0x8c/0xd0 [ 18.281539] print_report+0x118/0x608 [ 18.281598] kasan_report+0xdc/0x128 [ 18.281645] kasan_check_range+0x100/0x1a8 [ 18.281696] __asan_memset+0x34/0x78 [ 18.281741] kmalloc_uaf_memset+0x170/0x310 [ 18.282001] kunit_try_run_case+0x170/0x3f0 [ 18.282266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.282400] kthread+0x328/0x630 [ 18.282481] ret_from_fork+0x10/0x20 [ 18.282673] [ 18.282693] Allocated by task 186: [ 18.282731] kasan_save_stack+0x3c/0x68 [ 18.283233] kasan_save_track+0x20/0x40 [ 18.283383] kasan_save_alloc_info+0x40/0x58 [ 18.283565] __kasan_kmalloc+0xd4/0xd8 [ 18.283636] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.284044] kmalloc_uaf_memset+0xb8/0x310 [ 18.284291] kunit_try_run_case+0x170/0x3f0 [ 18.284499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.284559] kthread+0x328/0x630 [ 18.284604] ret_from_fork+0x10/0x20 [ 18.284642] [ 18.284772] Freed by task 186: [ 18.284803] kasan_save_stack+0x3c/0x68 [ 18.284854] kasan_save_track+0x20/0x40 [ 18.284895] kasan_save_free_info+0x4c/0x78 [ 18.285127] __kasan_slab_free+0x6c/0x98 [ 18.285199] kfree+0x214/0x3c8 [ 18.285401] kmalloc_uaf_memset+0x11c/0x310 [ 18.285616] kunit_try_run_case+0x170/0x3f0 [ 18.285716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.286147] kthread+0x328/0x630 [ 18.286219] ret_from_fork+0x10/0x20 [ 18.286348] [ 18.286404] The buggy address belongs to the object at fff00000c706b080 [ 18.286404] which belongs to the cache kmalloc-64 of size 64 [ 18.286523] The buggy address is located 0 bytes inside of [ 18.286523] freed 64-byte region [fff00000c706b080, fff00000c706b0c0) [ 18.286751] [ 18.287055] The buggy address belongs to the physical page: [ 18.287101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706b [ 18.287214] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.287492] page_type: f5(slab) [ 18.287598] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.287731] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.287775] page dumped because: kasan: bad access detected [ 18.287806] [ 18.287824] Memory state around the buggy address: [ 18.287868] fff00000c706af80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.287911] fff00000c706b000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.287952] >fff00000c706b080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.287993] ^ [ 18.288020] fff00000c706b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288075] fff00000c706b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288114] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 18.255598] ================================================================== [ 18.255662] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 18.256053] Read of size 1 at addr fff00000c3f3ec68 by task kunit_try_catch/184 [ 18.256133] [ 18.256168] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.256676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.256795] Hardware name: linux,dummy-virt (DT) [ 18.257039] Call trace: [ 18.257105] show_stack+0x20/0x38 (C) [ 18.257277] dump_stack_lvl+0x8c/0xd0 [ 18.257366] print_report+0x118/0x608 [ 18.257423] kasan_report+0xdc/0x128 [ 18.257467] __asan_report_load1_noabort+0x20/0x30 [ 18.257520] kmalloc_uaf+0x300/0x338 [ 18.257563] kunit_try_run_case+0x170/0x3f0 [ 18.257874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.258500] kthread+0x328/0x630 [ 18.258627] ret_from_fork+0x10/0x20 [ 18.258953] [ 18.259021] Allocated by task 184: [ 18.259085] kasan_save_stack+0x3c/0x68 [ 18.259725] kasan_save_track+0x20/0x40 [ 18.260006] kasan_save_alloc_info+0x40/0x58 [ 18.260117] __kasan_kmalloc+0xd4/0xd8 [ 18.260303] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.260417] kmalloc_uaf+0xb8/0x338 [ 18.260455] kunit_try_run_case+0x170/0x3f0 [ 18.260537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.260829] kthread+0x328/0x630 [ 18.261041] ret_from_fork+0x10/0x20 [ 18.261103] [ 18.261157] Freed by task 184: [ 18.261301] kasan_save_stack+0x3c/0x68 [ 18.261392] kasan_save_track+0x20/0x40 [ 18.261540] kasan_save_free_info+0x4c/0x78 [ 18.261673] __kasan_slab_free+0x6c/0x98 [ 18.261808] kfree+0x214/0x3c8 [ 18.261876] kmalloc_uaf+0x11c/0x338 [ 18.261964] kunit_try_run_case+0x170/0x3f0 [ 18.262186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.262274] kthread+0x328/0x630 [ 18.262509] ret_from_fork+0x10/0x20 [ 18.262647] [ 18.262671] The buggy address belongs to the object at fff00000c3f3ec60 [ 18.262671] which belongs to the cache kmalloc-16 of size 16 [ 18.263021] The buggy address is located 8 bytes inside of [ 18.263021] freed 16-byte region [fff00000c3f3ec60, fff00000c3f3ec70) [ 18.263219] [ 18.263264] The buggy address belongs to the physical page: [ 18.263421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 18.263925] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.264173] page_type: f5(slab) [ 18.264225] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.264672] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.264727] page dumped because: kasan: bad access detected [ 18.264760] [ 18.264800] Memory state around the buggy address: [ 18.265090] fff00000c3f3eb00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.265284] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.265349] >fff00000c3f3ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.265519] ^ [ 18.265726] fff00000c3f3ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.265838] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.266023] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 18.234872] ================================================================== [ 18.234932] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.234986] Read of size 64 at addr fff00000c707ad84 by task kunit_try_catch/182 [ 18.235037] [ 18.235070] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.235152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.235180] Hardware name: linux,dummy-virt (DT) [ 18.235397] Call trace: [ 18.235434] show_stack+0x20/0x38 (C) [ 18.235486] dump_stack_lvl+0x8c/0xd0 [ 18.235536] print_report+0x118/0x608 [ 18.235593] kasan_report+0xdc/0x128 [ 18.236450] kasan_check_range+0x100/0x1a8 [ 18.236662] __asan_memmove+0x3c/0x98 [ 18.236740] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.236802] kunit_try_run_case+0x170/0x3f0 [ 18.236849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.236902] kthread+0x328/0x630 [ 18.236945] ret_from_fork+0x10/0x20 [ 18.237388] [ 18.237476] Allocated by task 182: [ 18.237699] kasan_save_stack+0x3c/0x68 [ 18.237844] kasan_save_track+0x20/0x40 [ 18.238060] kasan_save_alloc_info+0x40/0x58 [ 18.238372] __kasan_kmalloc+0xd4/0xd8 [ 18.238601] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.238792] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 18.238920] kunit_try_run_case+0x170/0x3f0 [ 18.239161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.239308] kthread+0x328/0x630 [ 18.239540] ret_from_fork+0x10/0x20 [ 18.239657] [ 18.239753] The buggy address belongs to the object at fff00000c707ad80 [ 18.239753] which belongs to the cache kmalloc-64 of size 64 [ 18.240016] The buggy address is located 4 bytes inside of [ 18.240016] allocated 64-byte region [fff00000c707ad80, fff00000c707adc0) [ 18.240228] [ 18.240387] The buggy address belongs to the physical page: [ 18.240487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10707a [ 18.240873] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.240934] page_type: f5(slab) [ 18.241135] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.241218] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.241446] page dumped because: kasan: bad access detected [ 18.241595] [ 18.241634] Memory state around the buggy address: [ 18.241669] fff00000c707ac80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 18.241726] fff00000c707ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.242148] >fff00000c707ad80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.242316] ^ [ 18.242431] fff00000c707ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.242628] fff00000c707ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.242690] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.217881] ================================================================== [ 18.217947] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.217999] Read of size 18446744073709551614 at addr fff00000c707ab84 by task kunit_try_catch/180 [ 18.218078] [ 18.218117] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.218340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.218651] Hardware name: linux,dummy-virt (DT) [ 18.218710] Call trace: [ 18.218959] show_stack+0x20/0x38 (C) [ 18.219111] dump_stack_lvl+0x8c/0xd0 [ 18.219164] print_report+0x118/0x608 [ 18.219209] kasan_report+0xdc/0x128 [ 18.219255] kasan_check_range+0x100/0x1a8 [ 18.219336] __asan_memmove+0x3c/0x98 [ 18.219382] kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.219476] kunit_try_run_case+0x170/0x3f0 [ 18.219744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.219943] kthread+0x328/0x630 [ 18.220351] ret_from_fork+0x10/0x20 [ 18.220677] [ 18.220752] Allocated by task 180: [ 18.220795] kasan_save_stack+0x3c/0x68 [ 18.220849] kasan_save_track+0x20/0x40 [ 18.220885] kasan_save_alloc_info+0x40/0x58 [ 18.221340] __kasan_kmalloc+0xd4/0xd8 [ 18.221397] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.222605] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 18.222694] kunit_try_run_case+0x170/0x3f0 [ 18.223120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.223281] kthread+0x328/0x630 [ 18.223342] ret_from_fork+0x10/0x20 [ 18.223410] [ 18.223515] The buggy address belongs to the object at fff00000c707ab80 [ 18.223515] which belongs to the cache kmalloc-64 of size 64 [ 18.223650] The buggy address is located 4 bytes inside of [ 18.223650] 64-byte region [fff00000c707ab80, fff00000c707abc0) [ 18.223711] [ 18.223731] The buggy address belongs to the physical page: [ 18.223774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10707a [ 18.223834] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.223883] page_type: f5(slab) [ 18.223943] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.223999] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.224041] page dumped because: kasan: bad access detected [ 18.224074] [ 18.224092] Memory state around the buggy address: [ 18.224132] fff00000c707aa80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 18.224193] fff00000c707ab00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.224235] >fff00000c707ab80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.224291] ^ [ 18.224320] fff00000c707ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.224371] fff00000c707ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.224424] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.196174] ================================================================== [ 18.196229] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 18.196288] Write of size 16 at addr fff00000c706f369 by task kunit_try_catch/178 [ 18.196336] [ 18.196367] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.196447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.196472] Hardware name: linux,dummy-virt (DT) [ 18.196501] Call trace: [ 18.196523] show_stack+0x20/0x38 (C) [ 18.197730] dump_stack_lvl+0x8c/0xd0 [ 18.197851] print_report+0x118/0x608 [ 18.198208] kasan_report+0xdc/0x128 [ 18.198628] kasan_check_range+0x100/0x1a8 [ 18.198698] __asan_memset+0x34/0x78 [ 18.199074] kmalloc_oob_memset_16+0x150/0x2f8 [ 18.199178] kunit_try_run_case+0x170/0x3f0 [ 18.199382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.199677] kthread+0x328/0x630 [ 18.199886] ret_from_fork+0x10/0x20 [ 18.200199] [ 18.200246] Allocated by task 178: [ 18.200276] kasan_save_stack+0x3c/0x68 [ 18.200670] kasan_save_track+0x20/0x40 [ 18.200827] kasan_save_alloc_info+0x40/0x58 [ 18.200969] __kasan_kmalloc+0xd4/0xd8 [ 18.201247] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.201458] kmalloc_oob_memset_16+0xb0/0x2f8 [ 18.201605] kunit_try_run_case+0x170/0x3f0 [ 18.201685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.201800] kthread+0x328/0x630 [ 18.201919] ret_from_fork+0x10/0x20 [ 18.201954] [ 18.201974] The buggy address belongs to the object at fff00000c706f300 [ 18.201974] which belongs to the cache kmalloc-128 of size 128 [ 18.202030] The buggy address is located 105 bytes inside of [ 18.202030] allocated 120-byte region [fff00000c706f300, fff00000c706f378) [ 18.202290] [ 18.202646] The buggy address belongs to the physical page: [ 18.202857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.202980] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.203029] page_type: f5(slab) [ 18.203223] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.203327] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.203495] page dumped because: kasan: bad access detected [ 18.203558] [ 18.203674] Memory state around the buggy address: [ 18.203761] fff00000c706f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.203842] fff00000c706f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.203967] >fff00000c706f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.204004] ^ [ 18.204402] fff00000c706f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.204517] fff00000c706f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.204664] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.179694] ================================================================== [ 18.179928] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 18.179989] Write of size 8 at addr fff00000c706f271 by task kunit_try_catch/176 [ 18.180073] [ 18.180360] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.180521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.180693] Hardware name: linux,dummy-virt (DT) [ 18.180727] Call trace: [ 18.180776] show_stack+0x20/0x38 (C) [ 18.180828] dump_stack_lvl+0x8c/0xd0 [ 18.180911] print_report+0x118/0x608 [ 18.180956] kasan_report+0xdc/0x128 [ 18.181410] kasan_check_range+0x100/0x1a8 [ 18.181504] __asan_memset+0x34/0x78 [ 18.182001] kmalloc_oob_memset_8+0x150/0x2f8 [ 18.182418] kunit_try_run_case+0x170/0x3f0 [ 18.182509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.182584] kthread+0x328/0x630 [ 18.182666] ret_from_fork+0x10/0x20 [ 18.182785] [ 18.183018] Allocated by task 176: [ 18.183143] kasan_save_stack+0x3c/0x68 [ 18.183458] kasan_save_track+0x20/0x40 [ 18.183667] kasan_save_alloc_info+0x40/0x58 [ 18.183848] __kasan_kmalloc+0xd4/0xd8 [ 18.184201] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.184306] kmalloc_oob_memset_8+0xb0/0x2f8 [ 18.184637] kunit_try_run_case+0x170/0x3f0 [ 18.184775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.184887] kthread+0x328/0x630 [ 18.184958] ret_from_fork+0x10/0x20 [ 18.185100] [ 18.185152] The buggy address belongs to the object at fff00000c706f200 [ 18.185152] which belongs to the cache kmalloc-128 of size 128 [ 18.185267] The buggy address is located 113 bytes inside of [ 18.185267] allocated 120-byte region [fff00000c706f200, fff00000c706f278) [ 18.185356] [ 18.185377] The buggy address belongs to the physical page: [ 18.185421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.185478] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.185718] page_type: f5(slab) [ 18.185963] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.186017] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.186192] page dumped because: kasan: bad access detected [ 18.186568] [ 18.186654] Memory state around the buggy address: [ 18.186698] fff00000c706f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.186944] fff00000c706f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.187028] >fff00000c706f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.187217] ^ [ 18.187276] fff00000c706f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.187496] fff00000c706f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.187539] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.166012] ================================================================== [ 18.166075] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 18.166139] Write of size 4 at addr fff00000c706f175 by task kunit_try_catch/174 [ 18.166515] [ 18.166560] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.166726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.166803] Hardware name: linux,dummy-virt (DT) [ 18.166847] Call trace: [ 18.166929] show_stack+0x20/0x38 (C) [ 18.166985] dump_stack_lvl+0x8c/0xd0 [ 18.167069] print_report+0x118/0x608 [ 18.167124] kasan_report+0xdc/0x128 [ 18.167169] kasan_check_range+0x100/0x1a8 [ 18.167220] __asan_memset+0x34/0x78 [ 18.167634] kmalloc_oob_memset_4+0x150/0x300 [ 18.167704] kunit_try_run_case+0x170/0x3f0 [ 18.167770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.167863] kthread+0x328/0x630 [ 18.168070] ret_from_fork+0x10/0x20 [ 18.168132] [ 18.168151] Allocated by task 174: [ 18.168178] kasan_save_stack+0x3c/0x68 [ 18.168373] kasan_save_track+0x20/0x40 [ 18.168423] kasan_save_alloc_info+0x40/0x58 [ 18.168462] __kasan_kmalloc+0xd4/0xd8 [ 18.168500] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.168538] kmalloc_oob_memset_4+0xb0/0x300 [ 18.168585] kunit_try_run_case+0x170/0x3f0 [ 18.168621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.168665] kthread+0x328/0x630 [ 18.168696] ret_from_fork+0x10/0x20 [ 18.169274] [ 18.169320] The buggy address belongs to the object at fff00000c706f100 [ 18.169320] which belongs to the cache kmalloc-128 of size 128 [ 18.169428] The buggy address is located 117 bytes inside of [ 18.169428] allocated 120-byte region [fff00000c706f100, fff00000c706f178) [ 18.169612] [ 18.169640] The buggy address belongs to the physical page: [ 18.169740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.169849] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.169914] page_type: f5(slab) [ 18.169952] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.170152] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.170328] page dumped because: kasan: bad access detected [ 18.170400] [ 18.170497] Memory state around the buggy address: [ 18.170594] fff00000c706f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.170671] fff00000c706f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.170806] >fff00000c706f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.170886] ^ [ 18.170931] fff00000c706f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.171168] fff00000c706f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.171367] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.154451] ================================================================== [ 18.154515] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 18.154567] Write of size 2 at addr fff00000c706f077 by task kunit_try_catch/172 [ 18.154649] [ 18.154683] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.154762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.154788] Hardware name: linux,dummy-virt (DT) [ 18.154915] Call trace: [ 18.155079] show_stack+0x20/0x38 (C) [ 18.155140] dump_stack_lvl+0x8c/0xd0 [ 18.155187] print_report+0x118/0x608 [ 18.155276] kasan_report+0xdc/0x128 [ 18.155321] kasan_check_range+0x100/0x1a8 [ 18.155404] __asan_memset+0x34/0x78 [ 18.155446] kmalloc_oob_memset_2+0x150/0x2f8 [ 18.155598] kunit_try_run_case+0x170/0x3f0 [ 18.155750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.155856] kthread+0x328/0x630 [ 18.155900] ret_from_fork+0x10/0x20 [ 18.155965] [ 18.156010] Allocated by task 172: [ 18.156038] kasan_save_stack+0x3c/0x68 [ 18.156124] kasan_save_track+0x20/0x40 [ 18.156161] kasan_save_alloc_info+0x40/0x58 [ 18.156200] __kasan_kmalloc+0xd4/0xd8 [ 18.156251] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.156430] kmalloc_oob_memset_2+0xb0/0x2f8 [ 18.156473] kunit_try_run_case+0x170/0x3f0 [ 18.156509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.156671] kthread+0x328/0x630 [ 18.156749] ret_from_fork+0x10/0x20 [ 18.156858] [ 18.156960] The buggy address belongs to the object at fff00000c706f000 [ 18.156960] which belongs to the cache kmalloc-128 of size 128 [ 18.157035] The buggy address is located 119 bytes inside of [ 18.157035] allocated 120-byte region [fff00000c706f000, fff00000c706f078) [ 18.157096] [ 18.157145] The buggy address belongs to the physical page: [ 18.157175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706f [ 18.157225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.157407] page_type: f5(slab) [ 18.157457] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.157539] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.157647] page dumped because: kasan: bad access detected [ 18.157736] [ 18.157772] Memory state around the buggy address: [ 18.157918] fff00000c706ef00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.157960] fff00000c706ef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.158199] >fff00000c706f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.158385] ^ [ 18.158517] fff00000c706f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.158652] fff00000c706f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.158722] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 17.923845] ================================================================== [ 17.924362] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 17.924448] Read of size 1 at addr fff00000c786c000 by task kunit_try_catch/148 [ 17.924502] [ 17.924536] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.924626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.925268] Hardware name: linux,dummy-virt (DT) [ 17.925515] Call trace: [ 17.925546] show_stack+0x20/0x38 (C) [ 17.925685] dump_stack_lvl+0x8c/0xd0 [ 17.925734] print_report+0x118/0x608 [ 17.926050] kasan_report+0xdc/0x128 [ 17.926097] __asan_report_load1_noabort+0x20/0x30 [ 17.926498] kmalloc_large_uaf+0x2cc/0x2f8 [ 17.926797] kunit_try_run_case+0x170/0x3f0 [ 17.927121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.927584] kthread+0x328/0x630 [ 17.927653] ret_from_fork+0x10/0x20 [ 17.927869] [ 17.928082] The buggy address belongs to the physical page: [ 17.928173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786c [ 17.928402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.928848] raw: 0bfffe0000000000 ffffc1ffc31e1c08 fff00000da478c40 0000000000000000 [ 17.928900] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 17.928940] page dumped because: kasan: bad access detected [ 17.928970] [ 17.928988] Memory state around the buggy address: [ 17.929019] fff00000c786bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.929060] fff00000c786bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.929330] >fff00000c786c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.929384] ^ [ 17.929412] fff00000c786c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.929888] fff00000c786c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.929928] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.144205] ================================================================== [ 18.144263] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 18.144377] Write of size 128 at addr fff00000c583ff00 by task kunit_try_catch/170 [ 18.144433] [ 18.144519] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.144618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.144644] Hardware name: linux,dummy-virt (DT) [ 18.144673] Call trace: [ 18.144694] show_stack+0x20/0x38 (C) [ 18.144789] dump_stack_lvl+0x8c/0xd0 [ 18.144837] print_report+0x118/0x608 [ 18.144904] kasan_report+0xdc/0x128 [ 18.144948] kasan_check_range+0x100/0x1a8 [ 18.144994] __asan_memset+0x34/0x78 [ 18.145056] kmalloc_oob_in_memset+0x144/0x2d0 [ 18.145103] kunit_try_run_case+0x170/0x3f0 [ 18.145148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.145198] kthread+0x328/0x630 [ 18.145316] ret_from_fork+0x10/0x20 [ 18.145407] [ 18.145425] Allocated by task 170: [ 18.145470] kasan_save_stack+0x3c/0x68 [ 18.145518] kasan_save_track+0x20/0x40 [ 18.145559] kasan_save_alloc_info+0x40/0x58 [ 18.145627] __kasan_kmalloc+0xd4/0xd8 [ 18.145683] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.145756] kmalloc_oob_in_memset+0xb0/0x2d0 [ 18.145793] kunit_try_run_case+0x170/0x3f0 [ 18.145829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.145871] kthread+0x328/0x630 [ 18.145921] ret_from_fork+0x10/0x20 [ 18.145956] [ 18.145975] The buggy address belongs to the object at fff00000c583ff00 [ 18.145975] which belongs to the cache kmalloc-128 of size 128 [ 18.146030] The buggy address is located 0 bytes inside of [ 18.146030] allocated 120-byte region [fff00000c583ff00, fff00000c583ff78) [ 18.146106] [ 18.146165] The buggy address belongs to the physical page: [ 18.146203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10583f [ 18.146310] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.146423] page_type: f5(slab) [ 18.146486] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.146753] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.146865] page dumped because: kasan: bad access detected [ 18.146916] [ 18.146933] Memory state around the buggy address: [ 18.147061] fff00000c583fe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.147194] fff00000c583fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.147256] >fff00000c583ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.147292] ^ [ 18.147384] fff00000c583ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.147426] fff00000c5840000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.147463] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.136508] ================================================================== [ 18.136568] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 18.136634] Read of size 16 at addr fff00000c3f3ec40 by task kunit_try_catch/168 [ 18.136683] [ 18.136715] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.136793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.136819] Hardware name: linux,dummy-virt (DT) [ 18.136849] Call trace: [ 18.136870] show_stack+0x20/0x38 (C) [ 18.136922] dump_stack_lvl+0x8c/0xd0 [ 18.136969] print_report+0x118/0x608 [ 18.137051] kasan_report+0xdc/0x128 [ 18.137105] __asan_report_load16_noabort+0x20/0x30 [ 18.137151] kmalloc_uaf_16+0x3bc/0x438 [ 18.137195] kunit_try_run_case+0x170/0x3f0 [ 18.137241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.137292] kthread+0x328/0x630 [ 18.137333] ret_from_fork+0x10/0x20 [ 18.137381] [ 18.137398] Allocated by task 168: [ 18.137424] kasan_save_stack+0x3c/0x68 [ 18.137463] kasan_save_track+0x20/0x40 [ 18.137499] kasan_save_alloc_info+0x40/0x58 [ 18.137538] __kasan_kmalloc+0xd4/0xd8 [ 18.137583] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.137621] kmalloc_uaf_16+0x140/0x438 [ 18.137655] kunit_try_run_case+0x170/0x3f0 [ 18.137691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.137739] kthread+0x328/0x630 [ 18.138014] ret_from_fork+0x10/0x20 [ 18.138059] [ 18.138078] Freed by task 168: [ 18.138104] kasan_save_stack+0x3c/0x68 [ 18.138139] kasan_save_track+0x20/0x40 [ 18.138176] kasan_save_free_info+0x4c/0x78 [ 18.138213] __kasan_slab_free+0x6c/0x98 [ 18.138249] kfree+0x214/0x3c8 [ 18.138282] kmalloc_uaf_16+0x190/0x438 [ 18.138316] kunit_try_run_case+0x170/0x3f0 [ 18.138351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.138393] kthread+0x328/0x630 [ 18.138424] ret_from_fork+0x10/0x20 [ 18.138458] [ 18.138476] The buggy address belongs to the object at fff00000c3f3ec40 [ 18.138476] which belongs to the cache kmalloc-16 of size 16 [ 18.138562] The buggy address is located 0 bytes inside of [ 18.138562] freed 16-byte region [fff00000c3f3ec40, fff00000c3f3ec50) [ 18.138633] [ 18.138783] The buggy address belongs to the physical page: [ 18.138812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 18.138870] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.138917] page_type: f5(slab) [ 18.139074] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.139123] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.139238] page dumped because: kasan: bad access detected [ 18.139297] [ 18.139357] Memory state around the buggy address: [ 18.139388] fff00000c3f3eb00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.139431] fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.139490] >fff00000c3f3ec00: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 18.139607] ^ [ 18.139695] fff00000c3f3ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.139767] fff00000c3f3ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.139810] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.126252] ================================================================== [ 18.126324] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 18.126433] Write of size 16 at addr fff00000c3f3ebe0 by task kunit_try_catch/166 [ 18.126519] [ 18.126555] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.126647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.126754] Hardware name: linux,dummy-virt (DT) [ 18.126821] Call trace: [ 18.126860] show_stack+0x20/0x38 (C) [ 18.126926] dump_stack_lvl+0x8c/0xd0 [ 18.126983] print_report+0x118/0x608 [ 18.127057] kasan_report+0xdc/0x128 [ 18.127137] __asan_report_store16_noabort+0x20/0x30 [ 18.127256] kmalloc_oob_16+0x3a0/0x3f8 [ 18.127301] kunit_try_run_case+0x170/0x3f0 [ 18.127346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.127397] kthread+0x328/0x630 [ 18.127438] ret_from_fork+0x10/0x20 [ 18.127484] [ 18.127510] Allocated by task 166: [ 18.127538] kasan_save_stack+0x3c/0x68 [ 18.127585] kasan_save_track+0x20/0x40 [ 18.127621] kasan_save_alloc_info+0x40/0x58 [ 18.127659] __kasan_kmalloc+0xd4/0xd8 [ 18.127694] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.127732] kmalloc_oob_16+0xb4/0x3f8 [ 18.127765] kunit_try_run_case+0x170/0x3f0 [ 18.127801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.127842] kthread+0x328/0x630 [ 18.127873] ret_from_fork+0x10/0x20 [ 18.127906] [ 18.127924] The buggy address belongs to the object at fff00000c3f3ebe0 [ 18.127924] which belongs to the cache kmalloc-16 of size 16 [ 18.127992] The buggy address is located 0 bytes inside of [ 18.127992] allocated 13-byte region [fff00000c3f3ebe0, fff00000c3f3ebed) [ 18.128060] [ 18.128080] The buggy address belongs to the physical page: [ 18.128117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f3e [ 18.128168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.128214] page_type: f5(slab) [ 18.128251] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.128308] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.128356] page dumped because: kasan: bad access detected [ 18.128385] [ 18.128402] Memory state around the buggy address: [ 18.128443] fff00000c3f3ea80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.128485] fff00000c3f3eb00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.128531] >fff00000c3f3eb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 18.128567] ^ [ 18.128613] fff00000c3f3ec00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.128653] fff00000c3f3ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.128689] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 18.114272] ================================================================== [ 18.114348] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 18.114405] Read of size 1 at addr fff00000c17aa800 by task kunit_try_catch/164 [ 18.114470] [ 18.114527] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.114638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.114664] Hardware name: linux,dummy-virt (DT) [ 18.114712] Call trace: [ 18.114751] show_stack+0x20/0x38 (C) [ 18.114807] dump_stack_lvl+0x8c/0xd0 [ 18.114875] print_report+0x118/0x608 [ 18.114940] kasan_report+0xdc/0x128 [ 18.114997] __asan_report_load1_noabort+0x20/0x30 [ 18.115073] krealloc_uaf+0x4c8/0x520 [ 18.115118] kunit_try_run_case+0x170/0x3f0 [ 18.115164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.115215] kthread+0x328/0x630 [ 18.115255] ret_from_fork+0x10/0x20 [ 18.115301] [ 18.115318] Allocated by task 164: [ 18.115343] kasan_save_stack+0x3c/0x68 [ 18.115381] kasan_save_track+0x20/0x40 [ 18.115416] kasan_save_alloc_info+0x40/0x58 [ 18.115454] __kasan_kmalloc+0xd4/0xd8 [ 18.115488] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.115544] krealloc_uaf+0xc8/0x520 [ 18.115588] kunit_try_run_case+0x170/0x3f0 [ 18.115652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.115694] kthread+0x328/0x630 [ 18.115730] ret_from_fork+0x10/0x20 [ 18.115818] [ 18.115836] Freed by task 164: [ 18.115860] kasan_save_stack+0x3c/0x68 [ 18.115896] kasan_save_track+0x20/0x40 [ 18.115947] kasan_save_free_info+0x4c/0x78 [ 18.116012] __kasan_slab_free+0x6c/0x98 [ 18.116048] kfree+0x214/0x3c8 [ 18.116116] krealloc_uaf+0x12c/0x520 [ 18.116150] kunit_try_run_case+0x170/0x3f0 [ 18.116208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.116276] kthread+0x328/0x630 [ 18.116324] ret_from_fork+0x10/0x20 [ 18.116408] [ 18.116426] The buggy address belongs to the object at fff00000c17aa800 [ 18.116426] which belongs to the cache kmalloc-256 of size 256 [ 18.116488] The buggy address is located 0 bytes inside of [ 18.116488] freed 256-byte region [fff00000c17aa800, fff00000c17aa900) [ 18.116546] [ 18.116564] The buggy address belongs to the physical page: [ 18.116602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017aa [ 18.116868] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.117054] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.117170] page_type: f5(slab) [ 18.117275] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.117352] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.117411] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.117459] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.117778] head: 0bfffe0000000001 ffffc1ffc305ea81 00000000ffffffff 00000000ffffffff [ 18.117894] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.117973] page dumped because: kasan: bad access detected [ 18.118059] [ 18.118163] Memory state around the buggy address: [ 18.118262] fff00000c17aa700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.118351] fff00000c17aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.118455] >fff00000c17aa800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.118512] ^ [ 18.118552] fff00000c17aa880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.118644] fff00000c17aa900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.118695] ================================================================== [ 18.110344] ================================================================== [ 18.110441] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 18.110497] Read of size 1 at addr fff00000c17aa800 by task kunit_try_catch/164 [ 18.110544] [ 18.110594] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.110678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.110705] Hardware name: linux,dummy-virt (DT) [ 18.110736] Call trace: [ 18.110758] show_stack+0x20/0x38 (C) [ 18.110888] dump_stack_lvl+0x8c/0xd0 [ 18.110966] print_report+0x118/0x608 [ 18.111022] kasan_report+0xdc/0x128 [ 18.111075] __kasan_check_byte+0x54/0x70 [ 18.111121] krealloc_noprof+0x44/0x360 [ 18.111175] krealloc_uaf+0x180/0x520 [ 18.111243] kunit_try_run_case+0x170/0x3f0 [ 18.111290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.111342] kthread+0x328/0x630 [ 18.111384] ret_from_fork+0x10/0x20 [ 18.111431] [ 18.111449] Allocated by task 164: [ 18.111495] kasan_save_stack+0x3c/0x68 [ 18.111553] kasan_save_track+0x20/0x40 [ 18.111600] kasan_save_alloc_info+0x40/0x58 [ 18.111650] __kasan_kmalloc+0xd4/0xd8 [ 18.111685] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.111736] krealloc_uaf+0xc8/0x520 [ 18.111778] kunit_try_run_case+0x170/0x3f0 [ 18.111815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.111878] kthread+0x328/0x630 [ 18.111910] ret_from_fork+0x10/0x20 [ 18.111950] [ 18.111993] Freed by task 164: [ 18.112045] kasan_save_stack+0x3c/0x68 [ 18.112092] kasan_save_track+0x20/0x40 [ 18.112129] kasan_save_free_info+0x4c/0x78 [ 18.112173] __kasan_slab_free+0x6c/0x98 [ 18.112209] kfree+0x214/0x3c8 [ 18.112258] krealloc_uaf+0x12c/0x520 [ 18.112292] kunit_try_run_case+0x170/0x3f0 [ 18.112328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.112370] kthread+0x328/0x630 [ 18.112404] ret_from_fork+0x10/0x20 [ 18.112464] [ 18.112502] The buggy address belongs to the object at fff00000c17aa800 [ 18.112502] which belongs to the cache kmalloc-256 of size 256 [ 18.112611] The buggy address is located 0 bytes inside of [ 18.112611] freed 256-byte region [fff00000c17aa800, fff00000c17aa900) [ 18.112672] [ 18.112699] The buggy address belongs to the physical page: [ 18.112733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017aa [ 18.112783] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.112827] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.112877] page_type: f5(slab) [ 18.112915] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.112962] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.113009] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.113056] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.113102] head: 0bfffe0000000001 ffffc1ffc305ea81 00000000ffffffff 00000000ffffffff [ 18.113149] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.113187] page dumped because: kasan: bad access detected [ 18.113386] [ 18.113404] Memory state around the buggy address: [ 18.113484] fff00000c17aa700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.113526] fff00000c17aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.113566] >fff00000c17aa800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.113612] ^ [ 18.113639] fff00000c17aa880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.113678] fff00000c17aa900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.113715] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 18.032672] ================================================================== [ 18.032778] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.032858] Write of size 1 at addr fff00000c17aa6c9 by task kunit_try_catch/158 [ 18.033120] [ 18.033229] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.033355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.033399] Hardware name: linux,dummy-virt (DT) [ 18.033429] Call trace: [ 18.033450] show_stack+0x20/0x38 (C) [ 18.033499] dump_stack_lvl+0x8c/0xd0 [ 18.033545] print_report+0x118/0x608 [ 18.033600] kasan_report+0xdc/0x128 [ 18.033671] __asan_report_store1_noabort+0x20/0x30 [ 18.033855] krealloc_less_oob_helper+0xa48/0xc50 [ 18.033976] krealloc_less_oob+0x20/0x38 [ 18.034101] kunit_try_run_case+0x170/0x3f0 [ 18.034193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.034293] kthread+0x328/0x630 [ 18.034391] ret_from_fork+0x10/0x20 [ 18.034527] [ 18.034625] Allocated by task 158: [ 18.034727] kasan_save_stack+0x3c/0x68 [ 18.034767] kasan_save_track+0x20/0x40 [ 18.034864] kasan_save_alloc_info+0x40/0x58 [ 18.035036] __kasan_krealloc+0x118/0x178 [ 18.035153] krealloc_noprof+0x128/0x360 [ 18.035238] krealloc_less_oob_helper+0x168/0xc50 [ 18.035318] krealloc_less_oob+0x20/0x38 [ 18.035366] kunit_try_run_case+0x170/0x3f0 [ 18.035485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.035650] kthread+0x328/0x630 [ 18.035752] ret_from_fork+0x10/0x20 [ 18.035819] [ 18.035940] The buggy address belongs to the object at fff00000c17aa600 [ 18.035940] which belongs to the cache kmalloc-256 of size 256 [ 18.036015] The buggy address is located 0 bytes to the right of [ 18.036015] allocated 201-byte region [fff00000c17aa600, fff00000c17aa6c9) [ 18.036075] [ 18.036094] The buggy address belongs to the physical page: [ 18.036124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017aa [ 18.036174] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.036334] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.036434] page_type: f5(slab) [ 18.037007] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.037109] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.038169] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.038236] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.038284] head: 0bfffe0000000001 ffffc1ffc305ea81 00000000ffffffff 00000000ffffffff [ 18.038330] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.038368] page dumped because: kasan: bad access detected [ 18.038397] [ 18.038414] Memory state around the buggy address: [ 18.038448] fff00000c17aa580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.038489] fff00000c17aa600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.038529] >fff00000c17aa680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.038565] ^ [ 18.038610] fff00000c17aa700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.038655] fff00000c17aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.038693] ================================================================== [ 18.044318] ================================================================== [ 18.044363] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.044428] Write of size 1 at addr fff00000c17aa6da by task kunit_try_catch/158 [ 18.044482] [ 18.044529] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.044620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.044646] Hardware name: linux,dummy-virt (DT) [ 18.044676] Call trace: [ 18.044729] show_stack+0x20/0x38 (C) [ 18.044991] dump_stack_lvl+0x8c/0xd0 [ 18.045102] print_report+0x118/0x608 [ 18.045170] kasan_report+0xdc/0x128 [ 18.045250] __asan_report_store1_noabort+0x20/0x30 [ 18.045376] krealloc_less_oob_helper+0xa80/0xc50 [ 18.045445] krealloc_less_oob+0x20/0x38 [ 18.045489] kunit_try_run_case+0x170/0x3f0 [ 18.045712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.045769] kthread+0x328/0x630 [ 18.045857] ret_from_fork+0x10/0x20 [ 18.045959] [ 18.045977] Allocated by task 158: [ 18.046046] kasan_save_stack+0x3c/0x68 [ 18.046132] kasan_save_track+0x20/0x40 [ 18.046243] kasan_save_alloc_info+0x40/0x58 [ 18.046310] __kasan_krealloc+0x118/0x178 [ 18.046347] krealloc_noprof+0x128/0x360 [ 18.046383] krealloc_less_oob_helper+0x168/0xc50 [ 18.046420] krealloc_less_oob+0x20/0x38 [ 18.046455] kunit_try_run_case+0x170/0x3f0 [ 18.046490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.046531] kthread+0x328/0x630 [ 18.046685] ret_from_fork+0x10/0x20 [ 18.046735] [ 18.046753] The buggy address belongs to the object at fff00000c17aa600 [ 18.046753] which belongs to the cache kmalloc-256 of size 256 [ 18.046854] The buggy address is located 17 bytes to the right of [ 18.046854] allocated 201-byte region [fff00000c17aa600, fff00000c17aa6c9) [ 18.047009] [ 18.047056] The buggy address belongs to the physical page: [ 18.047102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017aa [ 18.047169] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.047254] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.047302] page_type: f5(slab) [ 18.047337] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.047384] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.047566] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.047665] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.047733] head: 0bfffe0000000001 ffffc1ffc305ea81 00000000ffffffff 00000000ffffffff [ 18.047831] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.047923] page dumped because: kasan: bad access detected [ 18.048003] [ 18.048091] Memory state around the buggy address: [ 18.048150] fff00000c17aa580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.048209] fff00000c17aa600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.048251] >fff00000c17aa680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.048287] ^ [ 18.048321] fff00000c17aa700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.048360] fff00000c17aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.048396] ================================================================== [ 18.093791] ================================================================== [ 18.094257] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.094315] Write of size 1 at addr fff00000c65a20eb by task kunit_try_catch/162 [ 18.094395] [ 18.094452] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.094530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.094557] Hardware name: linux,dummy-virt (DT) [ 18.094614] Call trace: [ 18.094653] show_stack+0x20/0x38 (C) [ 18.094718] dump_stack_lvl+0x8c/0xd0 [ 18.094783] print_report+0x118/0x608 [ 18.094836] kasan_report+0xdc/0x128 [ 18.094950] __asan_report_store1_noabort+0x20/0x30 [ 18.095023] krealloc_less_oob_helper+0xa58/0xc50 [ 18.095072] krealloc_large_less_oob+0x20/0x38 [ 18.095130] kunit_try_run_case+0x170/0x3f0 [ 18.095276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.095338] kthread+0x328/0x630 [ 18.095379] ret_from_fork+0x10/0x20 [ 18.095445] [ 18.095464] The buggy address belongs to the physical page: [ 18.095527] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a0 [ 18.095595] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.095781] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.095848] page_type: f8(unknown) [ 18.095885] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.095932] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.095979] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.096025] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.096072] head: 0bfffe0000000002 ffffc1ffc3196801 00000000ffffffff 00000000ffffffff [ 18.096119] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.096156] page dumped because: kasan: bad access detected [ 18.096191] [ 18.096277] Memory state around the buggy address: [ 18.096417] fff00000c65a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.096492] fff00000c65a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.096595] >fff00000c65a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.096630] ^ [ 18.096666] fff00000c65a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.096749] fff00000c65a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.097050] ================================================================== [ 18.084289] ================================================================== [ 18.084505] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.084567] Write of size 1 at addr fff00000c65a20da by task kunit_try_catch/162 [ 18.084676] [ 18.084705] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.084816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.084900] Hardware name: linux,dummy-virt (DT) [ 18.085045] Call trace: [ 18.085099] show_stack+0x20/0x38 (C) [ 18.085264] dump_stack_lvl+0x8c/0xd0 [ 18.085350] print_report+0x118/0x608 [ 18.085395] kasan_report+0xdc/0x128 [ 18.085439] __asan_report_store1_noabort+0x20/0x30 [ 18.085507] krealloc_less_oob_helper+0xa80/0xc50 [ 18.085590] krealloc_large_less_oob+0x20/0x38 [ 18.085745] kunit_try_run_case+0x170/0x3f0 [ 18.085798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.085860] kthread+0x328/0x630 [ 18.085900] ret_from_fork+0x10/0x20 [ 18.085955] [ 18.085975] The buggy address belongs to the physical page: [ 18.086009] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a0 [ 18.086064] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.086108] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.086160] page_type: f8(unknown) [ 18.086205] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.086261] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.086308] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.086354] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.086401] head: 0bfffe0000000002 ffffc1ffc3196801 00000000ffffffff 00000000ffffffff [ 18.086447] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.086496] page dumped because: kasan: bad access detected [ 18.086524] [ 18.086541] Memory state around the buggy address: [ 18.086773] fff00000c65a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.087031] fff00000c65a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.087148] >fff00000c65a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.087185] ^ [ 18.087269] fff00000c65a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.087347] fff00000c65a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.087383] ================================================================== [ 18.049528] ================================================================== [ 18.049586] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.049632] Write of size 1 at addr fff00000c17aa6ea by task kunit_try_catch/158 [ 18.049680] [ 18.049707] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.049783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.049808] Hardware name: linux,dummy-virt (DT) [ 18.049837] Call trace: [ 18.049857] show_stack+0x20/0x38 (C) [ 18.049902] dump_stack_lvl+0x8c/0xd0 [ 18.049947] print_report+0x118/0x608 [ 18.049991] kasan_report+0xdc/0x128 [ 18.050035] __asan_report_store1_noabort+0x20/0x30 [ 18.050081] krealloc_less_oob_helper+0xae4/0xc50 [ 18.050128] krealloc_less_oob+0x20/0x38 [ 18.050172] kunit_try_run_case+0x170/0x3f0 [ 18.050217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.050269] kthread+0x328/0x630 [ 18.050313] ret_from_fork+0x10/0x20 [ 18.050360] [ 18.050377] Allocated by task 158: [ 18.050403] kasan_save_stack+0x3c/0x68 [ 18.050442] kasan_save_track+0x20/0x40 [ 18.050477] kasan_save_alloc_info+0x40/0x58 [ 18.050514] __kasan_krealloc+0x118/0x178 [ 18.050550] krealloc_noprof+0x128/0x360 [ 18.050595] krealloc_less_oob_helper+0x168/0xc50 [ 18.050632] krealloc_less_oob+0x20/0x38 [ 18.050666] kunit_try_run_case+0x170/0x3f0 [ 18.050701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.050742] kthread+0x328/0x630 [ 18.050772] ret_from_fork+0x10/0x20 [ 18.050806] [ 18.050824] The buggy address belongs to the object at fff00000c17aa600 [ 18.050824] which belongs to the cache kmalloc-256 of size 256 [ 18.050885] The buggy address is located 33 bytes to the right of [ 18.050885] allocated 201-byte region [fff00000c17aa600, fff00000c17aa6c9) [ 18.050946] [ 18.050964] The buggy address belongs to the physical page: [ 18.050993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017aa [ 18.051041] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.051086] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.051133] page_type: f5(slab) [ 18.051168] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.051216] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.051264] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.051310] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.051357] head: 0bfffe0000000001 ffffc1ffc305ea81 00000000ffffffff 00000000ffffffff [ 18.051403] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.051440] page dumped because: kasan: bad access detected [ 18.051469] [ 18.051486] Memory state around the buggy address: [ 18.051514] fff00000c17aa580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.051554] fff00000c17aa600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.051668] >fff00000c17aa680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.051712] ^ [ 18.053052] fff00000c17aa700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.053104] fff00000c17aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.053142] ================================================================== [ 18.088001] ================================================================== [ 18.088043] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.088087] Write of size 1 at addr fff00000c65a20ea by task kunit_try_catch/162 [ 18.088212] [ 18.088257] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.088336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.088437] Hardware name: linux,dummy-virt (DT) [ 18.088470] Call trace: [ 18.088490] show_stack+0x20/0x38 (C) [ 18.088552] dump_stack_lvl+0x8c/0xd0 [ 18.088608] print_report+0x118/0x608 [ 18.088653] kasan_report+0xdc/0x128 [ 18.088696] __asan_report_store1_noabort+0x20/0x30 [ 18.088750] krealloc_less_oob_helper+0xae4/0xc50 [ 18.088809] krealloc_large_less_oob+0x20/0x38 [ 18.088970] kunit_try_run_case+0x170/0x3f0 [ 18.089077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.089151] kthread+0x328/0x630 [ 18.089267] ret_from_fork+0x10/0x20 [ 18.089332] [ 18.089350] The buggy address belongs to the physical page: [ 18.089744] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a0 [ 18.089855] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.090027] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.090174] page_type: f8(unknown) [ 18.090229] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.090333] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.090432] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.090598] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.090667] head: 0bfffe0000000002 ffffc1ffc3196801 00000000ffffffff 00000000ffffffff [ 18.090713] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.090789] page dumped because: kasan: bad access detected [ 18.091265] [ 18.091418] Memory state around the buggy address: [ 18.091513] fff00000c65a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.091674] fff00000c65a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.091718] >fff00000c65a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.091803] ^ [ 18.091876] fff00000c65a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.091915] fff00000c65a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.092249] ================================================================== [ 18.075049] ================================================================== [ 18.075109] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.075185] Write of size 1 at addr fff00000c65a20c9 by task kunit_try_catch/162 [ 18.075235] [ 18.075266] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.075345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.075420] Hardware name: linux,dummy-virt (DT) [ 18.075525] Call trace: [ 18.075550] show_stack+0x20/0x38 (C) [ 18.075683] dump_stack_lvl+0x8c/0xd0 [ 18.075741] print_report+0x118/0x608 [ 18.075787] kasan_report+0xdc/0x128 [ 18.075838] __asan_report_store1_noabort+0x20/0x30 [ 18.075902] krealloc_less_oob_helper+0xa48/0xc50 [ 18.075990] krealloc_large_less_oob+0x20/0x38 [ 18.076036] kunit_try_run_case+0x170/0x3f0 [ 18.076082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.076152] kthread+0x328/0x630 [ 18.076242] ret_from_fork+0x10/0x20 [ 18.076318] [ 18.076366] The buggy address belongs to the physical page: [ 18.076412] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a0 [ 18.076500] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.076565] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.076626] page_type: f8(unknown) [ 18.076683] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.077037] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.077137] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.077307] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.077410] head: 0bfffe0000000002 ffffc1ffc3196801 00000000ffffffff 00000000ffffffff [ 18.077531] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.077638] page dumped because: kasan: bad access detected [ 18.077746] [ 18.077819] Memory state around the buggy address: [ 18.077886] fff00000c65a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.077952] fff00000c65a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.078165] >fff00000c65a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.078204] ^ [ 18.078244] fff00000c65a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.078284] fff00000c65a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.078494] ================================================================== [ 18.039926] ================================================================== [ 18.039975] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.040042] Write of size 1 at addr fff00000c17aa6d0 by task kunit_try_catch/158 [ 18.040097] [ 18.040133] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.040210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.040235] Hardware name: linux,dummy-virt (DT) [ 18.040270] Call trace: [ 18.040291] show_stack+0x20/0x38 (C) [ 18.040346] dump_stack_lvl+0x8c/0xd0 [ 18.040392] print_report+0x118/0x608 [ 18.040444] kasan_report+0xdc/0x128 [ 18.040488] __asan_report_store1_noabort+0x20/0x30 [ 18.040536] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.040594] krealloc_less_oob+0x20/0x38 [ 18.040638] kunit_try_run_case+0x170/0x3f0 [ 18.040684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.040734] kthread+0x328/0x630 [ 18.040775] ret_from_fork+0x10/0x20 [ 18.040820] [ 18.040844] Allocated by task 158: [ 18.041411] kasan_save_stack+0x3c/0x68 [ 18.041486] kasan_save_track+0x20/0x40 [ 18.041523] kasan_save_alloc_info+0x40/0x58 [ 18.041561] __kasan_krealloc+0x118/0x178 [ 18.041607] krealloc_noprof+0x128/0x360 [ 18.041655] krealloc_less_oob_helper+0x168/0xc50 [ 18.041693] krealloc_less_oob+0x20/0x38 [ 18.041728] kunit_try_run_case+0x170/0x3f0 [ 18.041895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.041983] kthread+0x328/0x630 [ 18.042095] ret_from_fork+0x10/0x20 [ 18.042184] [ 18.042214] The buggy address belongs to the object at fff00000c17aa600 [ 18.042214] which belongs to the cache kmalloc-256 of size 256 [ 18.042317] The buggy address is located 7 bytes to the right of [ 18.042317] allocated 201-byte region [fff00000c17aa600, fff00000c17aa6c9) [ 18.042430] [ 18.042496] The buggy address belongs to the physical page: [ 18.042526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017aa [ 18.042587] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.042631] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.042680] page_type: f5(slab) [ 18.042726] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.042896] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.043020] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.043092] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.043139] head: 0bfffe0000000001 ffffc1ffc305ea81 00000000ffffffff 00000000ffffffff [ 18.043185] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.043223] page dumped because: kasan: bad access detected [ 18.043252] [ 18.043269] Memory state around the buggy address: [ 18.043299] fff00000c17aa580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.043431] fff00000c17aa600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.043490] >fff00000c17aa680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.043607] ^ [ 18.043711] fff00000c17aa700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.043818] fff00000c17aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.043866] ================================================================== [ 18.079382] ================================================================== [ 18.079428] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.079500] Write of size 1 at addr fff00000c65a20d0 by task kunit_try_catch/162 [ 18.079547] [ 18.079606] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.079684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.079833] Hardware name: linux,dummy-virt (DT) [ 18.079897] Call trace: [ 18.080204] show_stack+0x20/0x38 (C) [ 18.080267] dump_stack_lvl+0x8c/0xd0 [ 18.080312] print_report+0x118/0x608 [ 18.080375] kasan_report+0xdc/0x128 [ 18.080467] __asan_report_store1_noabort+0x20/0x30 [ 18.080542] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.080629] krealloc_large_less_oob+0x20/0x38 [ 18.080701] kunit_try_run_case+0x170/0x3f0 [ 18.080806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.080877] kthread+0x328/0x630 [ 18.080919] ret_from_fork+0x10/0x20 [ 18.080965] [ 18.080984] The buggy address belongs to the physical page: [ 18.081192] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a0 [ 18.081338] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.081410] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.081463] page_type: f8(unknown) [ 18.081508] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.081556] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.081615] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.081661] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.081762] head: 0bfffe0000000002 ffffc1ffc3196801 00000000ffffffff 00000000ffffffff [ 18.082013] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.082237] page dumped because: kasan: bad access detected [ 18.082327] [ 18.082394] Memory state around the buggy address: [ 18.082542] fff00000c65a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.082626] fff00000c65a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.082721] >fff00000c65a2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.082783] ^ [ 18.082818] fff00000c65a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.082885] fff00000c65a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.083088] ================================================================== [ 18.053322] ================================================================== [ 18.053362] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.053405] Write of size 1 at addr fff00000c17aa6eb by task kunit_try_catch/158 [ 18.053451] [ 18.053477] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.053553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.053610] Hardware name: linux,dummy-virt (DT) [ 18.053651] Call trace: [ 18.053690] show_stack+0x20/0x38 (C) [ 18.053736] dump_stack_lvl+0x8c/0xd0 [ 18.053781] print_report+0x118/0x608 [ 18.053826] kasan_report+0xdc/0x128 [ 18.053870] __asan_report_store1_noabort+0x20/0x30 [ 18.053917] krealloc_less_oob_helper+0xa58/0xc50 [ 18.053964] krealloc_less_oob+0x20/0x38 [ 18.054008] kunit_try_run_case+0x170/0x3f0 [ 18.054064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.054116] kthread+0x328/0x630 [ 18.054159] ret_from_fork+0x10/0x20 [ 18.054207] [ 18.054229] Allocated by task 158: [ 18.054256] kasan_save_stack+0x3c/0x68 [ 18.054303] kasan_save_track+0x20/0x40 [ 18.054339] kasan_save_alloc_info+0x40/0x58 [ 18.054377] __kasan_krealloc+0x118/0x178 [ 18.054413] krealloc_noprof+0x128/0x360 [ 18.054449] krealloc_less_oob_helper+0x168/0xc50 [ 18.054486] krealloc_less_oob+0x20/0x38 [ 18.054520] kunit_try_run_case+0x170/0x3f0 [ 18.054556] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.054606] kthread+0x328/0x630 [ 18.054637] ret_from_fork+0x10/0x20 [ 18.054689] [ 18.054707] The buggy address belongs to the object at fff00000c17aa600 [ 18.054707] which belongs to the cache kmalloc-256 of size 256 [ 18.054762] The buggy address is located 34 bytes to the right of [ 18.054762] allocated 201-byte region [fff00000c17aa600, fff00000c17aa6c9) [ 18.054822] [ 18.054844] The buggy address belongs to the physical page: [ 18.054881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017aa [ 18.054944] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.054995] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.055043] page_type: f5(slab) [ 18.055078] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.055135] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.055191] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.055238] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.055285] head: 0bfffe0000000001 ffffc1ffc305ea81 00000000ffffffff 00000000ffffffff [ 18.055331] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.055368] page dumped because: kasan: bad access detected [ 18.055397] [ 18.055420] Memory state around the buggy address: [ 18.055462] fff00000c17aa580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.055511] fff00000c17aa600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.055552] >fff00000c17aa680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.055596] ^ [ 18.055632] fff00000c17aa700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.055672] fff00000c17aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.055708] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 18.017899] ================================================================== [ 18.017973] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 18.018026] Write of size 1 at addr fff00000c17aa4f0 by task kunit_try_catch/156 [ 18.018100] [ 18.018129] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.018502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.018558] Hardware name: linux,dummy-virt (DT) [ 18.018611] Call trace: [ 18.018639] show_stack+0x20/0x38 (C) [ 18.018715] dump_stack_lvl+0x8c/0xd0 [ 18.018787] print_report+0x118/0x608 [ 18.018855] kasan_report+0xdc/0x128 [ 18.018965] __asan_report_store1_noabort+0x20/0x30 [ 18.019020] krealloc_more_oob_helper+0x5c0/0x678 [ 18.019068] krealloc_more_oob+0x20/0x38 [ 18.019113] kunit_try_run_case+0x170/0x3f0 [ 18.019158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.019362] kthread+0x328/0x630 [ 18.019446] ret_from_fork+0x10/0x20 [ 18.019493] [ 18.019511] Allocated by task 156: [ 18.019537] kasan_save_stack+0x3c/0x68 [ 18.019588] kasan_save_track+0x20/0x40 [ 18.019625] kasan_save_alloc_info+0x40/0x58 [ 18.019662] __kasan_krealloc+0x118/0x178 [ 18.019698] krealloc_noprof+0x128/0x360 [ 18.019733] krealloc_more_oob_helper+0x168/0x678 [ 18.019770] krealloc_more_oob+0x20/0x38 [ 18.019805] kunit_try_run_case+0x170/0x3f0 [ 18.019841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.019883] kthread+0x328/0x630 [ 18.020038] ret_from_fork+0x10/0x20 [ 18.020120] [ 18.020152] The buggy address belongs to the object at fff00000c17aa400 [ 18.020152] which belongs to the cache kmalloc-256 of size 256 [ 18.020224] The buggy address is located 5 bytes to the right of [ 18.020224] allocated 235-byte region [fff00000c17aa400, fff00000c17aa4eb) [ 18.020286] [ 18.020304] The buggy address belongs to the physical page: [ 18.020538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017aa [ 18.020612] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.020656] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.020734] page_type: f5(slab) [ 18.020772] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.020974] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.021070] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.021159] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.021274] head: 0bfffe0000000001 ffffc1ffc305ea81 00000000ffffffff 00000000ffffffff [ 18.021390] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.021503] page dumped because: kasan: bad access detected [ 18.021541] [ 18.021558] Memory state around the buggy address: [ 18.021599] fff00000c17aa380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.021640] fff00000c17aa400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.021723] >fff00000c17aa480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.021761] ^ [ 18.021909] fff00000c17aa500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.021973] fff00000c17aa580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.022096] ================================================================== [ 18.013253] ================================================================== [ 18.013427] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 18.013500] Write of size 1 at addr fff00000c17aa4eb by task kunit_try_catch/156 [ 18.013550] [ 18.013612] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.013691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.013717] Hardware name: linux,dummy-virt (DT) [ 18.013747] Call trace: [ 18.013767] show_stack+0x20/0x38 (C) [ 18.013986] dump_stack_lvl+0x8c/0xd0 [ 18.014073] print_report+0x118/0x608 [ 18.014135] kasan_report+0xdc/0x128 [ 18.014181] __asan_report_store1_noabort+0x20/0x30 [ 18.014245] krealloc_more_oob_helper+0x60c/0x678 [ 18.014305] krealloc_more_oob+0x20/0x38 [ 18.014357] kunit_try_run_case+0x170/0x3f0 [ 18.014404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.014644] kthread+0x328/0x630 [ 18.014699] ret_from_fork+0x10/0x20 [ 18.014809] [ 18.014896] Allocated by task 156: [ 18.014963] kasan_save_stack+0x3c/0x68 [ 18.015006] kasan_save_track+0x20/0x40 [ 18.015042] kasan_save_alloc_info+0x40/0x58 [ 18.015080] __kasan_krealloc+0x118/0x178 [ 18.015115] krealloc_noprof+0x128/0x360 [ 18.015152] krealloc_more_oob_helper+0x168/0x678 [ 18.015324] krealloc_more_oob+0x20/0x38 [ 18.015402] kunit_try_run_case+0x170/0x3f0 [ 18.015481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.015525] kthread+0x328/0x630 [ 18.015612] ret_from_fork+0x10/0x20 [ 18.015648] [ 18.015685] The buggy address belongs to the object at fff00000c17aa400 [ 18.015685] which belongs to the cache kmalloc-256 of size 256 [ 18.015748] The buggy address is located 0 bytes to the right of [ 18.015748] allocated 235-byte region [fff00000c17aa400, fff00000c17aa4eb) [ 18.015809] [ 18.015828] The buggy address belongs to the physical page: [ 18.015973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017aa [ 18.016028] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.016073] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.016126] page_type: f5(slab) [ 18.016221] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.016318] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.016368] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.016414] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.016476] head: 0bfffe0000000001 ffffc1ffc305ea81 00000000ffffffff 00000000ffffffff [ 18.016523] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.016561] page dumped because: kasan: bad access detected [ 18.016601] [ 18.016640] Memory state around the buggy address: [ 18.016670] fff00000c17aa380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.016874] fff00000c17aa400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.016948] >fff00000c17aa480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.017010] ^ [ 18.017092] fff00000c17aa500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.017138] fff00000c17aa580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.017203] ================================================================== [ 18.059966] ================================================================== [ 18.060016] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 18.060063] Write of size 1 at addr fff00000c65a20eb by task kunit_try_catch/160 [ 18.060110] [ 18.060139] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.060216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.060242] Hardware name: linux,dummy-virt (DT) [ 18.060271] Call trace: [ 18.060309] show_stack+0x20/0x38 (C) [ 18.060385] dump_stack_lvl+0x8c/0xd0 [ 18.060469] print_report+0x118/0x608 [ 18.060569] kasan_report+0xdc/0x128 [ 18.060627] __asan_report_store1_noabort+0x20/0x30 [ 18.060680] krealloc_more_oob_helper+0x60c/0x678 [ 18.060973] krealloc_large_more_oob+0x20/0x38 [ 18.061057] kunit_try_run_case+0x170/0x3f0 [ 18.061115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.061249] kthread+0x328/0x630 [ 18.061375] ret_from_fork+0x10/0x20 [ 18.061485] [ 18.061505] The buggy address belongs to the physical page: [ 18.061536] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a0 [ 18.061594] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.061640] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.061689] page_type: f8(unknown) [ 18.061867] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.061956] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.062067] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.062208] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.062273] head: 0bfffe0000000002 ffffc1ffc3196801 00000000ffffffff 00000000ffffffff [ 18.062680] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.062849] page dumped because: kasan: bad access detected [ 18.063005] [ 18.063073] Memory state around the buggy address: [ 18.063138] fff00000c65a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.063233] fff00000c65a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.063305] >fff00000c65a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.063361] ^ [ 18.063474] fff00000c65a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.063563] fff00000c65a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.063738] ================================================================== [ 18.065080] ================================================================== [ 18.065124] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 18.065168] Write of size 1 at addr fff00000c65a20f0 by task kunit_try_catch/160 [ 18.065215] [ 18.065244] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.065320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.065346] Hardware name: linux,dummy-virt (DT) [ 18.065374] Call trace: [ 18.065395] show_stack+0x20/0x38 (C) [ 18.065441] dump_stack_lvl+0x8c/0xd0 [ 18.065485] print_report+0x118/0x608 [ 18.065530] kasan_report+0xdc/0x128 [ 18.065590] __asan_report_store1_noabort+0x20/0x30 [ 18.065687] krealloc_more_oob_helper+0x5c0/0x678 [ 18.065742] krealloc_large_more_oob+0x20/0x38 [ 18.065789] kunit_try_run_case+0x170/0x3f0 [ 18.065851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.065901] kthread+0x328/0x630 [ 18.065959] ret_from_fork+0x10/0x20 [ 18.066021] [ 18.066183] The buggy address belongs to the physical page: [ 18.066213] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a0 [ 18.066262] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.066343] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.066435] page_type: f8(unknown) [ 18.066471] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.066557] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.066658] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.066743] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.066825] head: 0bfffe0000000002 ffffc1ffc3196801 00000000ffffffff 00000000ffffffff [ 18.066913] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.066997] page dumped because: kasan: bad access detected [ 18.067033] [ 18.067050] Memory state around the buggy address: [ 18.067079] fff00000c65a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.067118] fff00000c65a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.067159] >fff00000c65a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.067194] ^ [ 18.067230] fff00000c65a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.067269] fff00000c65a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.067304] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 18.003842] ================================================================== [ 18.003927] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 18.004000] Read of size 1 at addr fff00000c7890000 by task kunit_try_catch/154 [ 18.004049] [ 18.004091] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.004173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.004199] Hardware name: linux,dummy-virt (DT) [ 18.004232] Call trace: [ 18.004256] show_stack+0x20/0x38 (C) [ 18.004308] dump_stack_lvl+0x8c/0xd0 [ 18.004359] print_report+0x118/0x608 [ 18.004405] kasan_report+0xdc/0x128 [ 18.004450] __asan_report_load1_noabort+0x20/0x30 [ 18.004500] page_alloc_uaf+0x328/0x350 [ 18.004545] kunit_try_run_case+0x170/0x3f0 [ 18.004608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.004660] kthread+0x328/0x630 [ 18.004745] ret_from_fork+0x10/0x20 [ 18.004819] [ 18.004842] The buggy address belongs to the physical page: [ 18.004873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 18.004927] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.004979] page_type: f0(buddy) [ 18.005021] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 18.005069] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 18.005108] page dumped because: kasan: bad access detected [ 18.005138] [ 18.005156] Memory state around the buggy address: [ 18.005188] fff00000c788ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.005229] fff00000c788ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.005270] >fff00000c7890000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.005306] ^ [ 18.005334] fff00000c7890080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.005374] fff00000c7890100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.005411] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 17.902073] ================================================================== [ 17.902463] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 17.902925] Write of size 1 at addr fff00000c786e00a by task kunit_try_catch/146 [ 17.903166] [ 17.903475] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.903922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.903962] Hardware name: linux,dummy-virt (DT) [ 17.904127] Call trace: [ 17.904361] show_stack+0x20/0x38 (C) [ 17.904425] dump_stack_lvl+0x8c/0xd0 [ 17.904470] print_report+0x118/0x608 [ 17.905024] kasan_report+0xdc/0x128 [ 17.905105] __asan_report_store1_noabort+0x20/0x30 [ 17.905154] kmalloc_large_oob_right+0x278/0x2b8 [ 17.905200] kunit_try_run_case+0x170/0x3f0 [ 17.905457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.905508] kthread+0x328/0x630 [ 17.906124] ret_from_fork+0x10/0x20 [ 17.906183] [ 17.906406] The buggy address belongs to the physical page: [ 17.906440] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786c [ 17.906901] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.906996] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.907096] page_type: f8(unknown) [ 17.907136] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.907714] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.907775] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.908086] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.908360] head: 0bfffe0000000002 ffffc1ffc31e1b01 00000000ffffffff 00000000ffffffff [ 17.908865] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.909084] page dumped because: kasan: bad access detected [ 17.909146] [ 17.909190] Memory state around the buggy address: [ 17.909590] fff00000c786df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.909763] fff00000c786df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.910005] >fff00000c786e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.910043] ^ [ 17.910072] fff00000c786e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.910112] fff00000c786e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.910149] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 17.863784] ================================================================== [ 17.863849] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.863900] Write of size 1 at addr fff00000c6585f00 by task kunit_try_catch/144 [ 17.864706] [ 17.864784] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.864885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.865070] Hardware name: linux,dummy-virt (DT) [ 17.865398] Call trace: [ 17.865428] show_stack+0x20/0x38 (C) [ 17.865480] dump_stack_lvl+0x8c/0xd0 [ 17.865526] print_report+0x118/0x608 [ 17.866281] kasan_report+0xdc/0x128 [ 17.866447] __asan_report_store1_noabort+0x20/0x30 [ 17.866529] kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.866586] kunit_try_run_case+0x170/0x3f0 [ 17.866704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.867214] kthread+0x328/0x630 [ 17.867328] ret_from_fork+0x10/0x20 [ 17.867545] [ 17.867598] Allocated by task 144: [ 17.867627] kasan_save_stack+0x3c/0x68 [ 17.867996] kasan_save_track+0x20/0x40 [ 17.868043] kasan_save_alloc_info+0x40/0x58 [ 17.868083] __kasan_kmalloc+0xd4/0xd8 [ 17.868256] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.868632] kmalloc_big_oob_right+0xb8/0x2f0 [ 17.868822] kunit_try_run_case+0x170/0x3f0 [ 17.868882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.868926] kthread+0x328/0x630 [ 17.868958] ret_from_fork+0x10/0x20 [ 17.869150] [ 17.869184] The buggy address belongs to the object at fff00000c6584000 [ 17.869184] which belongs to the cache kmalloc-8k of size 8192 [ 17.869477] The buggy address is located 0 bytes to the right of [ 17.869477] allocated 7936-byte region [fff00000c6584000, fff00000c6585f00) [ 17.869540] [ 17.869561] The buggy address belongs to the physical page: [ 17.870032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106580 [ 17.870094] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.870139] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.870192] page_type: f5(slab) [ 17.870726] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.870909] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.872414] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.872471] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.872518] head: 0bfffe0000000003 ffffc1ffc3196001 00000000ffffffff 00000000ffffffff [ 17.872565] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.872986] page dumped because: kasan: bad access detected [ 17.873021] [ 17.873248] Memory state around the buggy address: [ 17.873335] fff00000c6585e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.873394] fff00000c6585e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.873544] >fff00000c6585f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.873719] ^ [ 17.873907] fff00000c6585f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.874082] fff00000c6586000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.874314] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 17.830248] ================================================================== [ 17.830304] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 17.830367] Write of size 1 at addr fff00000c650ea78 by task kunit_try_catch/142 [ 17.830860] [ 17.830898] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.830985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.831012] Hardware name: linux,dummy-virt (DT) [ 17.831483] Call trace: [ 17.831516] show_stack+0x20/0x38 (C) [ 17.831605] dump_stack_lvl+0x8c/0xd0 [ 17.831794] print_report+0x118/0x608 [ 17.832000] kasan_report+0xdc/0x128 [ 17.832054] __asan_report_store1_noabort+0x20/0x30 [ 17.832477] kmalloc_track_caller_oob_right+0x418/0x488 [ 17.832600] kunit_try_run_case+0x170/0x3f0 [ 17.832750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.832930] kthread+0x328/0x630 [ 17.832981] ret_from_fork+0x10/0x20 [ 17.833028] [ 17.833046] Allocated by task 142: [ 17.833436] kasan_save_stack+0x3c/0x68 [ 17.833741] kasan_save_track+0x20/0x40 [ 17.833812] kasan_save_alloc_info+0x40/0x58 [ 17.834211] __kasan_kmalloc+0xd4/0xd8 [ 17.834536] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.834759] kmalloc_track_caller_oob_right+0x184/0x488 [ 17.835048] kunit_try_run_case+0x170/0x3f0 [ 17.835341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.835542] kthread+0x328/0x630 [ 17.835823] ret_from_fork+0x10/0x20 [ 17.835862] [ 17.835992] The buggy address belongs to the object at fff00000c650ea00 [ 17.835992] which belongs to the cache kmalloc-128 of size 128 [ 17.836057] The buggy address is located 0 bytes to the right of [ 17.836057] allocated 120-byte region [fff00000c650ea00, fff00000c650ea78) [ 17.836265] [ 17.836284] The buggy address belongs to the physical page: [ 17.836461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10650e [ 17.836515] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.836929] page_type: f5(slab) [ 17.836985] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.837179] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.837417] page dumped because: kasan: bad access detected [ 17.837452] [ 17.837469] Memory state around the buggy address: [ 17.837817] fff00000c650e900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.837861] fff00000c650e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.837902] >fff00000c650ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.838108] ^ [ 17.838174] fff00000c650ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.838393] fff00000c650eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.838701] ================================================================== [ 17.820503] ================================================================== [ 17.820558] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.820627] Write of size 1 at addr fff00000c650e978 by task kunit_try_catch/142 [ 17.820675] [ 17.821159] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.822424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.822633] Hardware name: linux,dummy-virt (DT) [ 17.822667] Call trace: [ 17.822746] show_stack+0x20/0x38 (C) [ 17.822805] dump_stack_lvl+0x8c/0xd0 [ 17.822860] print_report+0x118/0x608 [ 17.822914] kasan_report+0xdc/0x128 [ 17.823067] __asan_report_store1_noabort+0x20/0x30 [ 17.823123] kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.823172] kunit_try_run_case+0x170/0x3f0 [ 17.823402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.823522] kthread+0x328/0x630 [ 17.823581] ret_from_fork+0x10/0x20 [ 17.823630] [ 17.823793] Allocated by task 142: [ 17.823823] kasan_save_stack+0x3c/0x68 [ 17.824257] kasan_save_track+0x20/0x40 [ 17.824300] kasan_save_alloc_info+0x40/0x58 [ 17.824417] __kasan_kmalloc+0xd4/0xd8 [ 17.824456] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.824906] kmalloc_track_caller_oob_right+0xa8/0x488 [ 17.824955] kunit_try_run_case+0x170/0x3f0 [ 17.825003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.825073] kthread+0x328/0x630 [ 17.825116] ret_from_fork+0x10/0x20 [ 17.825163] [ 17.825447] The buggy address belongs to the object at fff00000c650e900 [ 17.825447] which belongs to the cache kmalloc-128 of size 128 [ 17.825773] The buggy address is located 0 bytes to the right of [ 17.825773] allocated 120-byte region [fff00000c650e900, fff00000c650e978) [ 17.825842] [ 17.825868] The buggy address belongs to the physical page: [ 17.825954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10650e [ 17.826242] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.826295] page_type: f5(slab) [ 17.826334] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.826777] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.826955] page dumped because: kasan: bad access detected [ 17.826992] [ 17.827009] Memory state around the buggy address: [ 17.827279] fff00000c650e800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.827333] fff00000c650e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.827377] >fff00000c650e900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.827415] ^ [ 17.828496] fff00000c650e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.828560] fff00000c650ea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.829008] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 17.795023] ================================================================== [ 17.795092] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 17.795148] Read of size 1 at addr fff00000c653f000 by task kunit_try_catch/140 [ 17.795260] [ 17.795631] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.796123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.796160] Hardware name: linux,dummy-virt (DT) [ 17.796198] Call trace: [ 17.796220] show_stack+0x20/0x38 (C) [ 17.796598] dump_stack_lvl+0x8c/0xd0 [ 17.796953] print_report+0x118/0x608 [ 17.797000] kasan_report+0xdc/0x128 [ 17.797077] __asan_report_load1_noabort+0x20/0x30 [ 17.797140] kmalloc_node_oob_right+0x2f4/0x330 [ 17.797417] kunit_try_run_case+0x170/0x3f0 [ 17.797469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.797521] kthread+0x328/0x630 [ 17.797562] ret_from_fork+0x10/0x20 [ 17.797620] [ 17.798102] Allocated by task 140: [ 17.798205] kasan_save_stack+0x3c/0x68 [ 17.798361] kasan_save_track+0x20/0x40 [ 17.798412] kasan_save_alloc_info+0x40/0x58 [ 17.798595] __kasan_kmalloc+0xd4/0xd8 [ 17.798790] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 17.798861] kmalloc_node_oob_right+0xbc/0x330 [ 17.799214] kunit_try_run_case+0x170/0x3f0 [ 17.799254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.799295] kthread+0x328/0x630 [ 17.799758] ret_from_fork+0x10/0x20 [ 17.800283] [ 17.800307] The buggy address belongs to the object at fff00000c653e000 [ 17.800307] which belongs to the cache kmalloc-4k of size 4096 [ 17.800661] The buggy address is located 0 bytes to the right of [ 17.800661] allocated 4096-byte region [fff00000c653e000, fff00000c653f000) [ 17.800848] [ 17.800869] The buggy address belongs to the physical page: [ 17.800942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106538 [ 17.802220] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.802478] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.802724] page_type: f5(slab) [ 17.802777] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.802838] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.802898] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.803174] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.803224] head: 0bfffe0000000003 ffffc1ffc3194e01 00000000ffffffff 00000000ffffffff [ 17.803688] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.803886] page dumped because: kasan: bad access detected [ 17.803921] [ 17.804211] Memory state around the buggy address: [ 17.804439] fff00000c653ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.804738] fff00000c653ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.804785] >fff00000c653f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.805205] ^ [ 17.805241] fff00000c653f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.805284] fff00000c653f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.805554] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.765930] ================================================================== [ 17.765990] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 17.766042] Read of size 1 at addr fff00000c3fc675f by task kunit_try_catch/138 [ 17.766734] [ 17.766786] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.767362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.767393] Hardware name: linux,dummy-virt (DT) [ 17.767436] Call trace: [ 17.767519] show_stack+0x20/0x38 (C) [ 17.767586] dump_stack_lvl+0x8c/0xd0 [ 17.767701] print_report+0x118/0x608 [ 17.767804] kasan_report+0xdc/0x128 [ 17.769800] __asan_report_load1_noabort+0x20/0x30 [ 17.769879] kmalloc_oob_left+0x2ec/0x320 [ 17.769925] kunit_try_run_case+0x170/0x3f0 [ 17.770010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.770326] kthread+0x328/0x630 [ 17.770409] ret_from_fork+0x10/0x20 [ 17.770479] [ 17.770595] Allocated by task 24: [ 17.771090] kasan_save_stack+0x3c/0x68 [ 17.771329] kasan_save_track+0x20/0x40 [ 17.771549] kasan_save_alloc_info+0x40/0x58 [ 17.771698] __kasan_kmalloc+0xd4/0xd8 [ 17.771941] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.772130] kvasprintf+0xe0/0x180 [ 17.772320] __kthread_create_on_node+0x16c/0x350 [ 17.772602] kthread_create_on_node+0xe4/0x130 [ 17.772646] create_worker+0x380/0x6b8 [ 17.772680] worker_thread+0x808/0xf38 [ 17.772762] kthread+0x328/0x630 [ 17.772807] ret_from_fork+0x10/0x20 [ 17.773016] [ 17.773039] The buggy address belongs to the object at fff00000c3fc6740 [ 17.773039] which belongs to the cache kmalloc-16 of size 16 [ 17.773129] The buggy address is located 19 bytes to the right of [ 17.773129] allocated 12-byte region [fff00000c3fc6740, fff00000c3fc674c) [ 17.773316] [ 17.773338] The buggy address belongs to the physical page: [ 17.773731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.773792] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.774258] page_type: f5(slab) [ 17.774446] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.774896] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.774940] page dumped because: kasan: bad access detected [ 17.774970] [ 17.774987] Memory state around the buggy address: [ 17.775019] fff00000c3fc6600: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 17.775060] fff00000c3fc6680: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.775101] >fff00000c3fc6700: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 17.775507] ^ [ 17.775993] fff00000c3fc6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.776239] fff00000c3fc6800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.776430] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 17.743654] ================================================================== [ 17.744263] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.744885] Read of size 1 at addr fff00000c650e880 by task kunit_try_catch/136 [ 17.744949] [ 17.745275] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.745364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.746120] Hardware name: linux,dummy-virt (DT) [ 17.746518] Call trace: [ 17.746718] show_stack+0x20/0x38 (C) [ 17.746870] dump_stack_lvl+0x8c/0xd0 [ 17.747354] print_report+0x118/0x608 [ 17.747899] kasan_report+0xdc/0x128 [ 17.747958] __asan_report_load1_noabort+0x20/0x30 [ 17.748489] kmalloc_oob_right+0x5d0/0x660 [ 17.748952] kunit_try_run_case+0x170/0x3f0 [ 17.749013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.749815] kthread+0x328/0x630 [ 17.750324] ret_from_fork+0x10/0x20 [ 17.750549] [ 17.750907] Allocated by task 136: [ 17.751000] kasan_save_stack+0x3c/0x68 [ 17.751046] kasan_save_track+0x20/0x40 [ 17.751082] kasan_save_alloc_info+0x40/0x58 [ 17.751557] __kasan_kmalloc+0xd4/0xd8 [ 17.751691] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.751881] kmalloc_oob_right+0xb0/0x660 [ 17.751916] kunit_try_run_case+0x170/0x3f0 [ 17.751953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.752253] kthread+0x328/0x630 [ 17.752340] ret_from_fork+0x10/0x20 [ 17.752381] [ 17.752401] The buggy address belongs to the object at fff00000c650e800 [ 17.752401] which belongs to the cache kmalloc-128 of size 128 [ 17.752736] The buggy address is located 13 bytes to the right of [ 17.752736] allocated 115-byte region [fff00000c650e800, fff00000c650e873) [ 17.752988] [ 17.753013] The buggy address belongs to the physical page: [ 17.753044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10650e [ 17.753301] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.753352] page_type: f5(slab) [ 17.753742] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.754060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.754102] page dumped because: kasan: bad access detected [ 17.754132] [ 17.754497] Memory state around the buggy address: [ 17.754557] fff00000c650e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.754613] fff00000c650e800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.754764] >fff00000c650e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.755237] ^ [ 17.755390] fff00000c650e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.755632] fff00000c650e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.755720] ================================================================== [ 17.727535] ================================================================== [ 17.727586] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.727636] Write of size 1 at addr fff00000c650e878 by task kunit_try_catch/136 [ 17.727684] [ 17.727721] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.728217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.728257] Hardware name: linux,dummy-virt (DT) [ 17.728301] Call trace: [ 17.728647] show_stack+0x20/0x38 (C) [ 17.729146] dump_stack_lvl+0x8c/0xd0 [ 17.729203] print_report+0x118/0x608 [ 17.729280] kasan_report+0xdc/0x128 [ 17.729325] __asan_report_store1_noabort+0x20/0x30 [ 17.729712] kmalloc_oob_right+0x538/0x660 [ 17.729852] kunit_try_run_case+0x170/0x3f0 [ 17.730109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.730332] kthread+0x328/0x630 [ 17.730663] ret_from_fork+0x10/0x20 [ 17.730740] [ 17.731058] Allocated by task 136: [ 17.731646] kasan_save_stack+0x3c/0x68 [ 17.731719] kasan_save_track+0x20/0x40 [ 17.732035] kasan_save_alloc_info+0x40/0x58 [ 17.732110] __kasan_kmalloc+0xd4/0xd8 [ 17.732147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.732185] kmalloc_oob_right+0xb0/0x660 [ 17.732220] kunit_try_run_case+0x170/0x3f0 [ 17.732256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.732297] kthread+0x328/0x630 [ 17.732329] ret_from_fork+0x10/0x20 [ 17.732363] [ 17.732832] The buggy address belongs to the object at fff00000c650e800 [ 17.732832] which belongs to the cache kmalloc-128 of size 128 [ 17.732918] The buggy address is located 5 bytes to the right of [ 17.732918] allocated 115-byte region [fff00000c650e800, fff00000c650e873) [ 17.732985] [ 17.733263] The buggy address belongs to the physical page: [ 17.733380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10650e [ 17.733668] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.733719] page_type: f5(slab) [ 17.734143] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.734350] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.734394] page dumped because: kasan: bad access detected [ 17.734861] [ 17.734883] Memory state around the buggy address: [ 17.735217] fff00000c650e700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.735749] fff00000c650e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.735833] >fff00000c650e800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.736516] ^ [ 17.737106] fff00000c650e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.737209] fff00000c650e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.737247] ================================================================== [ 17.702650] ================================================================== [ 17.702987] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.703812] Write of size 1 at addr fff00000c650e873 by task kunit_try_catch/136 [ 17.703967] [ 17.704797] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 17.704942] Tainted: [N]=TEST [ 17.704975] Hardware name: linux,dummy-virt (DT) [ 17.705193] Call trace: [ 17.706335] show_stack+0x20/0x38 (C) [ 17.706775] dump_stack_lvl+0x8c/0xd0 [ 17.706849] print_report+0x118/0x608 [ 17.706926] kasan_report+0xdc/0x128 [ 17.706971] __asan_report_store1_noabort+0x20/0x30 [ 17.707018] kmalloc_oob_right+0x5a4/0x660 [ 17.707063] kunit_try_run_case+0x170/0x3f0 [ 17.707113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.707173] kthread+0x328/0x630 [ 17.707217] ret_from_fork+0x10/0x20 [ 17.707471] [ 17.707512] Allocated by task 136: [ 17.708476] kasan_save_stack+0x3c/0x68 [ 17.708750] kasan_save_track+0x20/0x40 [ 17.708795] kasan_save_alloc_info+0x40/0x58 [ 17.708833] __kasan_kmalloc+0xd4/0xd8 [ 17.708880] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.708921] kmalloc_oob_right+0xb0/0x660 [ 17.708955] kunit_try_run_case+0x170/0x3f0 [ 17.709008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.709213] kthread+0x328/0x630 [ 17.709255] ret_from_fork+0x10/0x20 [ 17.709324] [ 17.710041] The buggy address belongs to the object at fff00000c650e800 [ 17.710041] which belongs to the cache kmalloc-128 of size 128 [ 17.710713] The buggy address is located 0 bytes to the right of [ 17.710713] allocated 115-byte region [fff00000c650e800, fff00000c650e873) [ 17.711172] [ 17.711549] The buggy address belongs to the physical page: [ 17.713035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10650e [ 17.714220] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.715342] page_type: f5(slab) [ 17.717215] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.717331] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.717714] page dumped because: kasan: bad access detected [ 17.717768] [ 17.718178] Memory state around the buggy address: [ 17.719198] fff00000c650e700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.719551] fff00000c650e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.719645] >fff00000c650e800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.719976] ^ [ 17.720434] fff00000c650e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.720757] fff00000c650e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.720878] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.019978] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.020836] Modules linked in: [ 95.021590] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 95.022376] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.022880] Hardware name: linux,dummy-virt (DT) [ 95.023333] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.023629] pc : intlog10+0x38/0x48 [ 95.023815] lr : intlog10_test+0xe4/0x200 [ 95.024003] sp : ffff800082357c10 [ 95.024158] x29: ffff800082357c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.024509] x26: 1ffe000018b122c1 x25: 0000000000000000 x24: ffff800082357ce0 [ 95.025350] x23: ffff800082357d00 x22: 0000000000000000 x21: 1ffff0001046af82 [ 95.026378] x20: ffff9689b3689840 x19: ffff800080087990 x18: 000000005773af38 [ 95.027268] x17: 000000005536b93a x16: fff00000c097583c x15: 000000009aee9aca [ 95.028020] x14: 00000000bcb2757f x13: 1ffe00001b48e9cd x12: ffff72d136ea3381 [ 95.028790] x11: 1ffff2d136ea3380 x10: ffff72d136ea3380 x9 : ffff9689b0c3749c [ 95.029680] x8 : ffff9689b7519c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.030422] x5 : ffff70001046af82 x4 : 1ffff00010010f3a x3 : 1ffff2d1366d1308 [ 95.031186] x2 : 1ffff2d1366d1308 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.031916] Call trace: [ 95.032192] intlog10+0x38/0x48 (P) [ 95.032602] kunit_try_run_case+0x170/0x3f0 [ 95.033114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.033928] kthread+0x328/0x630 [ 95.034301] ret_from_fork+0x10/0x20 [ 95.034718] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 94.971298] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 94.974939] Modules linked in: [ 94.975717] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 94.976115] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 94.976320] Hardware name: linux,dummy-virt (DT) [ 94.976623] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.976982] pc : intlog2+0xd8/0xf8 [ 94.977259] lr : intlog2_test+0xe4/0x200 [ 94.977506] sp : ffff8000822f7c10 [ 94.977728] x29: ffff8000822f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 94.978207] x26: 1ffe000018f8e321 x25: 0000000000000000 x24: ffff8000822f7ce0 [ 94.978550] x23: ffff8000822f7d00 x22: 0000000000000000 x21: 1ffff0001045ef82 [ 94.979048] x20: ffff9689b3689740 x19: ffff800080087990 x18: 000000001a60d7de [ 94.979494] x17: 00000000025e0369 x16: fff00000c097583c x15: 0000000029bec09f [ 94.979964] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e9cd x12: ffff72d136ea3381 [ 94.980396] x11: 1ffff2d136ea3380 x10: ffff72d136ea3380 x9 : ffff9689b0c3769c [ 94.980911] x8 : ffff9689b7519c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 94.981326] x5 : ffff70001045ef82 x4 : 1ffff00010010f3a x3 : 1ffff2d1366d12e8 [ 94.981832] x2 : 1ffff2d1366d12e8 x1 : 0000000000000003 x0 : 0000000000000000 [ 94.982224] Call trace: [ 94.982363] intlog2+0xd8/0xf8 (P) [ 94.982603] kunit_try_run_case+0x170/0x3f0 [ 94.982881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.983224] kthread+0x328/0x630 [ 94.983487] ret_from_fork+0x10/0x20 [ 94.983811] ---[ end trace 0000000000000000 ]---