Date
July 10, 2025, 11:10 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.536271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 18.576527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 18.459571] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 93.527511] Internal error: Oops: 0000000096000005 [#1] SMP [ 93.535613] Modules linked in: [ 93.536030] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 93.536586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 93.536851] Hardware name: linux,dummy-virt (DT) [ 93.537264] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.537699] pc : kunit_test_null_dereference+0x70/0x170 [ 93.538288] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.538835] sp : ffff800080f67d30 [ 93.539144] x29: ffff800080f67d90 x28: 0000000000000000 x27: 0000000000000000 [ 93.539849] x26: 1ffe0000192b6a81 x25: 0000000000000000 x24: 0000000000000004 [ 93.540294] x23: fff00000c95b540c x22: ffff92ec27023e38 x21: fff00000c120bf88 [ 93.540659] x20: 1ffff000101ecfa6 x19: ffff800080087990 x18: 00000000c9e10bfa [ 93.541064] x17: fff06d14aeab6000 x16: ffff800080000000 x15: 00000000bd414278 [ 93.541528] x14: 000000003e61b30f x13: 1ffe00001b48a589 x12: fffd800018ea48b4 [ 93.541970] x11: 1ffe000018ea48b3 x10: fffd800018ea48b3 x9 : ffff92ec2701b2a0 [ 93.542461] x8 : ffff800080f67c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 93.543049] x5 : ffff7000101ecfa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 93.544186] x2 : dfff800000000000 x1 : fff00000c7523cc0 x0 : ffff800080087990 [ 93.545139] Call trace: [ 93.545325] kunit_test_null_dereference+0x70/0x170 (P) [ 93.545580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.545828] kthread+0x328/0x630 [ 93.546010] ret_from_fork+0x10/0x20 [ 93.546960] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 93.548200] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.067022] ================================================================== [ 49.067129] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 49.067129] [ 49.067227] Use-after-free read at 0x00000000c3e6c6ca (in kfence-#144): [ 49.067280] test_krealloc+0x51c/0x830 [ 49.067328] kunit_try_run_case+0x170/0x3f0 [ 49.067375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.067421] kthread+0x328/0x630 [ 49.067463] ret_from_fork+0x10/0x20 [ 49.067505] [ 49.067529] kfence-#144: 0x00000000c3e6c6ca-0x00000000ef86631b, size=32, cache=kmalloc-32 [ 49.067529] [ 49.067584] allocated by task 337 on cpu 0 at 49.066380s (0.001200s ago): [ 49.067656] test_alloc+0x29c/0x628 [ 49.067699] test_krealloc+0xc0/0x830 [ 49.067739] kunit_try_run_case+0x170/0x3f0 [ 49.067781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.067827] kthread+0x328/0x630 [ 49.067865] ret_from_fork+0x10/0x20 [ 49.067906] [ 49.067929] freed by task 337 on cpu 0 at 49.066615s (0.001310s ago): [ 49.067990] krealloc_noprof+0x148/0x360 [ 49.068031] test_krealloc+0x1dc/0x830 [ 49.068072] kunit_try_run_case+0x170/0x3f0 [ 49.068123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.068169] kthread+0x328/0x630 [ 49.068205] ret_from_fork+0x10/0x20 [ 49.068246] [ 49.068295] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 49.068375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.068406] Hardware name: linux,dummy-virt (DT) [ 49.068442] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.978820] ================================================================== [ 48.978921] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.978921] [ 48.979022] Use-after-free read at 0x0000000068ceb3cd (in kfence-#143): [ 48.979075] test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.979148] kunit_try_run_case+0x170/0x3f0 [ 48.979199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.979245] kthread+0x328/0x630 [ 48.979284] ret_from_fork+0x10/0x20 [ 48.979326] [ 48.979350] kfence-#143: 0x0000000068ceb3cd-0x000000007c30d94b, size=32, cache=test [ 48.979350] [ 48.979400] allocated by task 335 on cpu 0 at 48.970262s (0.009134s ago): [ 48.979471] test_alloc+0x230/0x628 [ 48.979512] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 48.979555] kunit_try_run_case+0x170/0x3f0 [ 48.979596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.979641] kthread+0x328/0x630 [ 48.979678] ret_from_fork+0x10/0x20 [ 48.979717] [ 48.979739] freed by task 335 on cpu 0 at 48.970378s (0.009357s ago): [ 48.979795] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 48.979839] kunit_try_run_case+0x170/0x3f0 [ 48.979879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.979924] kthread+0x328/0x630 [ 48.979960] ret_from_fork+0x10/0x20 [ 48.979999] [ 48.980045] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 48.980138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.980166] Hardware name: linux,dummy-virt (DT) [ 48.980202] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.890453] ================================================================== [ 25.890608] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 25.890608] [ 25.890738] Invalid read at 0x000000002d2811aa: [ 25.890831] test_invalid_access+0xdc/0x1f0 [ 25.890918] kunit_try_run_case+0x170/0x3f0 [ 25.890995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.891073] kthread+0x328/0x630 [ 25.891168] ret_from_fork+0x10/0x20 [ 25.891247] [ 25.891324] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.891440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.891499] Hardware name: linux,dummy-virt (DT) [ 25.891562] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.658511] ================================================================== [ 25.658603] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.658603] [ 25.658669] Corrupted memory at 0x0000000003922afd [ ! . . . . . . . . . . . . . . . ] (in kfence-#139): [ 25.658982] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.659034] kunit_try_run_case+0x170/0x3f0 [ 25.659090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.659137] kthread+0x328/0x630 [ 25.659174] ret_from_fork+0x10/0x20 [ 25.659216] [ 25.659239] kfence-#139: 0x000000007c23b283-0x00000000842810ec, size=73, cache=kmalloc-96 [ 25.659239] [ 25.659295] allocated by task 325 on cpu 1 at 25.658248s (0.001043s ago): [ 25.659357] test_alloc+0x29c/0x628 [ 25.659399] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 25.659442] kunit_try_run_case+0x170/0x3f0 [ 25.659484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.659530] kthread+0x328/0x630 [ 25.659566] ret_from_fork+0x10/0x20 [ 25.659607] [ 25.659631] freed by task 325 on cpu 1 at 25.658419s (0.001208s ago): [ 25.659692] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.659737] kunit_try_run_case+0x170/0x3f0 [ 25.659778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.659824] kthread+0x328/0x630 [ 25.659860] ret_from_fork+0x10/0x20 [ 25.659901] [ 25.659942] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.660021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.660051] Hardware name: linux,dummy-virt (DT) [ 25.660093] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.554458] ================================================================== [ 25.554557] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.554557] [ 25.554662] Out-of-bounds read at 0x00000000e7b51808 (105B right of kfence-#138): [ 25.554723] test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.554774] kunit_try_run_case+0x170/0x3f0 [ 25.554820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.554866] kthread+0x328/0x630 [ 25.554906] ret_from_fork+0x10/0x20 [ 25.554947] [ 25.554973] kfence-#138: 0x0000000013442be4-0x00000000de368938, size=73, cache=kmalloc-96 [ 25.554973] [ 25.555026] allocated by task 323 on cpu 1 at 25.554179s (0.000843s ago): [ 25.555114] test_alloc+0x29c/0x628 [ 25.555158] test_kmalloc_aligned_oob_read+0x100/0x468 [ 25.555203] kunit_try_run_case+0x170/0x3f0 [ 25.555246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.555293] kthread+0x328/0x630 [ 25.555333] ret_from_fork+0x10/0x20 [ 25.555374] [ 25.555425] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.555511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.555541] Hardware name: linux,dummy-virt (DT) [ 25.555577] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 21.394507] ================================================================== [ 21.394616] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 21.394616] [ 21.394685] Corrupted memory at 0x000000003371c9b0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#98): [ 21.395805] test_corruption+0x278/0x378 [ 21.395862] kunit_try_run_case+0x170/0x3f0 [ 21.395910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.395958] kthread+0x328/0x630 [ 21.395999] ret_from_fork+0x10/0x20 [ 21.396040] [ 21.396063] kfence-#98: 0x000000002d09bd75-0x00000000a1365b4d, size=32, cache=kmalloc-32 [ 21.396063] [ 21.396134] allocated by task 311 on cpu 0 at 21.394218s (0.001913s ago): [ 21.396199] test_alloc+0x29c/0x628 [ 21.396241] test_corruption+0xdc/0x378 [ 21.396283] kunit_try_run_case+0x170/0x3f0 [ 21.396326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.396371] kthread+0x328/0x630 [ 21.396408] ret_from_fork+0x10/0x20 [ 21.396448] [ 21.396473] freed by task 311 on cpu 0 at 21.394326s (0.002143s ago): [ 21.396534] test_corruption+0x278/0x378 [ 21.396575] kunit_try_run_case+0x170/0x3f0 [ 21.396617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.396663] kthread+0x328/0x630 [ 21.396700] ret_from_fork+0x10/0x20 [ 21.396741] [ 21.396786] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.396866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.396897] Hardware name: linux,dummy-virt (DT) [ 21.396932] ================================================================== [ 21.706464] ================================================================== [ 21.706573] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 21.706573] [ 21.706641] Corrupted memory at 0x000000004a36495e [ ! ] (in kfence-#101): [ 21.706756] test_corruption+0x1d8/0x378 [ 21.706804] kunit_try_run_case+0x170/0x3f0 [ 21.706847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.706896] kthread+0x328/0x630 [ 21.706937] ret_from_fork+0x10/0x20 [ 21.706977] [ 21.707001] kfence-#101: 0x00000000d6b0e8a2-0x00000000a29901d9, size=32, cache=test [ 21.707001] [ 21.707055] allocated by task 313 on cpu 0 at 21.706308s (0.000743s ago): [ 21.707129] test_alloc+0x230/0x628 [ 21.707171] test_corruption+0x198/0x378 [ 21.707214] kunit_try_run_case+0x170/0x3f0 [ 21.707254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.707300] kthread+0x328/0x630 [ 21.707336] ret_from_fork+0x10/0x20 [ 21.707376] [ 21.707400] freed by task 313 on cpu 0 at 21.706370s (0.001026s ago): [ 21.707461] test_corruption+0x1d8/0x378 [ 21.707503] kunit_try_run_case+0x170/0x3f0 [ 21.707544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.707590] kthread+0x328/0x630 [ 21.707626] ret_from_fork+0x10/0x20 [ 21.707667] [ 21.707711] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.707787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.707817] Hardware name: linux,dummy-virt (DT) [ 21.707851] ================================================================== [ 21.498554] ================================================================== [ 21.498646] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 21.498646] [ 21.498710] Corrupted memory at 0x000000008a91173f [ ! ] (in kfence-#99): [ 21.498835] test_corruption+0x284/0x378 [ 21.498884] kunit_try_run_case+0x170/0x3f0 [ 21.498927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.498974] kthread+0x328/0x630 [ 21.499012] ret_from_fork+0x10/0x20 [ 21.499053] [ 21.499090] kfence-#99: 0x00000000f6e029db-0x000000007ec7476b, size=32, cache=kmalloc-32 [ 21.499090] [ 21.499147] allocated by task 311 on cpu 0 at 21.498272s (0.000871s ago): [ 21.499210] test_alloc+0x29c/0x628 [ 21.499251] test_corruption+0x198/0x378 [ 21.499292] kunit_try_run_case+0x170/0x3f0 [ 21.499332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.499378] kthread+0x328/0x630 [ 21.499416] ret_from_fork+0x10/0x20 [ 21.499454] [ 21.499478] freed by task 311 on cpu 0 at 21.498375s (0.001099s ago): [ 21.499538] test_corruption+0x284/0x378 [ 21.499579] kunit_try_run_case+0x170/0x3f0 [ 21.499620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.499665] kthread+0x328/0x630 [ 21.499702] ret_from_fork+0x10/0x20 [ 21.499740] [ 21.499780] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.499857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.499886] Hardware name: linux,dummy-virt (DT) [ 21.499919] ================================================================== [ 21.602414] ================================================================== [ 21.602507] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 21.602507] [ 21.602574] Corrupted memory at 0x000000009fad8737 [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 21.602887] test_corruption+0x120/0x378 [ 21.602936] kunit_try_run_case+0x170/0x3f0 [ 21.602983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.603030] kthread+0x328/0x630 [ 21.603073] ret_from_fork+0x10/0x20 [ 21.603127] [ 21.603151] kfence-#100: 0x00000000c4044bf7-0x00000000aab69b09, size=32, cache=test [ 21.603151] [ 21.603207] allocated by task 313 on cpu 0 at 21.602251s (0.000952s ago): [ 21.603270] test_alloc+0x230/0x628 [ 21.603312] test_corruption+0xdc/0x378 [ 21.603354] kunit_try_run_case+0x170/0x3f0 [ 21.603397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.603442] kthread+0x328/0x630 [ 21.603480] ret_from_fork+0x10/0x20 [ 21.603520] [ 21.603544] freed by task 313 on cpu 0 at 21.602320s (0.001220s ago): [ 21.603606] test_corruption+0x120/0x378 [ 21.603646] kunit_try_run_case+0x170/0x3f0 [ 21.603688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.603735] kthread+0x328/0x630 [ 21.603772] ret_from_fork+0x10/0x20 [ 21.603812] [ 21.603857] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.603934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.603962] Hardware name: linux,dummy-virt (DT) [ 21.603995] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 21.186439] ================================================================== [ 21.186529] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 21.186529] [ 21.186593] Invalid free of 0x00000000d326cec1 (in kfence-#96): [ 21.186646] test_invalid_addr_free+0x1ac/0x238 [ 21.186696] kunit_try_run_case+0x170/0x3f0 [ 21.186741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.186786] kthread+0x328/0x630 [ 21.186825] ret_from_fork+0x10/0x20 [ 21.186867] [ 21.186892] kfence-#96: 0x000000002127649c-0x00000000f2ba484c, size=32, cache=kmalloc-32 [ 21.186892] [ 21.186949] allocated by task 307 on cpu 1 at 21.186288s (0.000657s ago): [ 21.187012] test_alloc+0x29c/0x628 [ 21.187054] test_invalid_addr_free+0xd4/0x238 [ 21.187110] kunit_try_run_case+0x170/0x3f0 [ 21.187152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.187197] kthread+0x328/0x630 [ 21.187235] ret_from_fork+0x10/0x20 [ 21.187276] [ 21.187325] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.187406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.187437] Hardware name: linux,dummy-virt (DT) [ 21.187473] ================================================================== [ 21.290303] ================================================================== [ 21.290398] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 21.290398] [ 21.290459] Invalid free of 0x00000000056a22be (in kfence-#97): [ 21.290512] test_invalid_addr_free+0xec/0x238 [ 21.290557] kunit_try_run_case+0x170/0x3f0 [ 21.290599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.290646] kthread+0x328/0x630 [ 21.290685] ret_from_fork+0x10/0x20 [ 21.290726] [ 21.290749] kfence-#97: 0x00000000826b87e5-0x000000005648e750, size=32, cache=test [ 21.290749] [ 21.290803] allocated by task 309 on cpu 1 at 21.290177s (0.000622s ago): [ 21.290867] test_alloc+0x230/0x628 [ 21.290907] test_invalid_addr_free+0xd4/0x238 [ 21.290951] kunit_try_run_case+0x170/0x3f0 [ 21.290991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.291036] kthread+0x328/0x630 [ 21.291072] ret_from_fork+0x10/0x20 [ 21.291130] [ 21.291171] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.291253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.291280] Hardware name: linux,dummy-virt (DT) [ 21.291314] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.082459] ================================================================== [ 21.082560] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 21.082560] [ 21.082624] Invalid free of 0x00000000545c2738 (in kfence-#95): [ 21.082677] test_double_free+0x100/0x238 [ 21.082726] kunit_try_run_case+0x170/0x3f0 [ 21.082770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.082814] kthread+0x328/0x630 [ 21.082857] ret_from_fork+0x10/0x20 [ 21.082897] [ 21.082920] kfence-#95: 0x00000000545c2738-0x000000004e88df87, size=32, cache=test [ 21.082920] [ 21.082975] allocated by task 305 on cpu 0 at 21.082250s (0.000722s ago): [ 21.083038] test_alloc+0x230/0x628 [ 21.083094] test_double_free+0xd4/0x238 [ 21.083137] kunit_try_run_case+0x170/0x3f0 [ 21.083177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.083223] kthread+0x328/0x630 [ 21.083259] ret_from_fork+0x10/0x20 [ 21.083301] [ 21.083324] freed by task 305 on cpu 0 at 21.082317s (0.001003s ago): [ 21.083387] test_double_free+0xf0/0x238 [ 21.083427] kunit_try_run_case+0x170/0x3f0 [ 21.083470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.083516] kthread+0x328/0x630 [ 21.083552] ret_from_fork+0x10/0x20 [ 21.083594] [ 21.083638] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.083721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.083750] Hardware name: linux,dummy-virt (DT) [ 21.083785] ================================================================== [ 20.978709] ================================================================== [ 20.978836] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 20.978836] [ 20.978905] Invalid free of 0x00000000816e788b (in kfence-#94): [ 20.978969] test_double_free+0x1bc/0x238 [ 20.979017] kunit_try_run_case+0x170/0x3f0 [ 20.979064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.979125] kthread+0x328/0x630 [ 20.979167] ret_from_fork+0x10/0x20 [ 20.979207] [ 20.979232] kfence-#94: 0x00000000816e788b-0x000000007abc61d6, size=32, cache=kmalloc-32 [ 20.979232] [ 20.979289] allocated by task 303 on cpu 0 at 20.978403s (0.000883s ago): [ 20.979351] test_alloc+0x29c/0x628 [ 20.979393] test_double_free+0xd4/0x238 [ 20.979433] kunit_try_run_case+0x170/0x3f0 [ 20.979476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.979521] kthread+0x328/0x630 [ 20.979559] ret_from_fork+0x10/0x20 [ 20.979599] [ 20.979624] freed by task 303 on cpu 0 at 20.978485s (0.001136s ago): [ 20.979687] test_double_free+0x1ac/0x238 [ 20.979729] kunit_try_run_case+0x170/0x3f0 [ 20.979770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.979816] kthread+0x328/0x630 [ 20.979853] ret_from_fork+0x10/0x20 [ 20.979894] [ 20.979941] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.980025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.980052] Hardware name: linux,dummy-virt (DT) [ 20.980098] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 20.667088] ================================================================== [ 20.667164] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.667164] [ 20.667249] Use-after-free read at 0x0000000022771073 (in kfence-#91): [ 20.667300] test_use_after_free_read+0x114/0x248 [ 20.667520] kunit_try_run_case+0x170/0x3f0 [ 20.667649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.667720] kthread+0x328/0x630 [ 20.667777] ret_from_fork+0x10/0x20 [ 20.667819] [ 20.667881] kfence-#91: 0x0000000022771073-0x0000000066df7540, size=32, cache=test [ 20.667881] [ 20.668011] allocated by task 297 on cpu 0 at 20.666846s (0.001136s ago): [ 20.668226] test_alloc+0x230/0x628 [ 20.668297] test_use_after_free_read+0xd0/0x248 [ 20.668369] kunit_try_run_case+0x170/0x3f0 [ 20.668426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.668472] kthread+0x328/0x630 [ 20.668595] ret_from_fork+0x10/0x20 [ 20.668636] [ 20.668894] freed by task 297 on cpu 0 at 20.666941s (0.001740s ago): [ 20.669029] test_use_after_free_read+0xf0/0x248 [ 20.669114] kunit_try_run_case+0x170/0x3f0 [ 20.669159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.669210] kthread+0x328/0x630 [ 20.669333] ret_from_fork+0x10/0x20 [ 20.669373] [ 20.669419] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.669507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.669535] Hardware name: linux,dummy-virt (DT) [ 20.669585] ================================================================== [ 20.567642] ================================================================== [ 20.568725] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.568725] [ 20.569775] Use-after-free read at 0x0000000012bec72f (in kfence-#90): [ 20.570135] test_use_after_free_read+0x114/0x248 [ 20.570355] kunit_try_run_case+0x170/0x3f0 [ 20.571234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.571600] kthread+0x328/0x630 [ 20.572358] ret_from_fork+0x10/0x20 [ 20.572521] [ 20.573361] kfence-#90: 0x0000000012bec72f-0x0000000040966d38, size=32, cache=kmalloc-32 [ 20.573361] [ 20.573534] allocated by task 295 on cpu 0 at 20.564765s (0.008765s ago): [ 20.573973] test_alloc+0x29c/0x628 [ 20.574190] test_use_after_free_read+0xd0/0x248 [ 20.575075] kunit_try_run_case+0x170/0x3f0 [ 20.575471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.575783] kthread+0x328/0x630 [ 20.575909] ret_from_fork+0x10/0x20 [ 20.576241] [ 20.577931] freed by task 295 on cpu 0 at 20.564855s (0.011969s ago): [ 20.578768] test_use_after_free_read+0x1c0/0x248 [ 20.579116] kunit_try_run_case+0x170/0x3f0 [ 20.579279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.579700] kthread+0x328/0x630 [ 20.580193] ret_from_fork+0x10/0x20 [ 20.580331] [ 20.580483] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.581428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.581473] Hardware name: linux,dummy-virt (DT) [ 20.581510] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 20.460106] ================================================================== [ 20.460274] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.460274] [ 20.460383] Out-of-bounds write at 0x00000000a337e88a (1B left of kfence-#89): [ 20.460460] test_out_of_bounds_write+0x100/0x240 [ 20.460580] kunit_try_run_case+0x170/0x3f0 [ 20.460633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.460679] kthread+0x328/0x630 [ 20.460873] ret_from_fork+0x10/0x20 [ 20.461032] [ 20.461164] kfence-#89: 0x00000000f1233262-0x000000005ff964f9, size=32, cache=test [ 20.461164] [ 20.461275] allocated by task 293 on cpu 0 at 20.459901s (0.001353s ago): [ 20.461358] test_alloc+0x230/0x628 [ 20.461459] test_out_of_bounds_write+0xc8/0x240 [ 20.461513] kunit_try_run_case+0x170/0x3f0 [ 20.461555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.461809] kthread+0x328/0x630 [ 20.461957] ret_from_fork+0x10/0x20 [ 20.462189] [ 20.462253] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.462444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.462503] Hardware name: linux,dummy-virt (DT) [ 20.462537] ================================================================== [ 20.355794] ================================================================== [ 20.355873] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.355873] [ 20.355963] Out-of-bounds write at 0x00000000cdc10de9 (1B left of kfence-#88): [ 20.356016] test_out_of_bounds_write+0x100/0x240 [ 20.356066] kunit_try_run_case+0x170/0x3f0 [ 20.356129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.356221] kthread+0x328/0x630 [ 20.356269] ret_from_fork+0x10/0x20 [ 20.356309] [ 20.356334] kfence-#88: 0x00000000bf2155d8-0x0000000057e7227b, size=32, cache=kmalloc-32 [ 20.356334] [ 20.356399] allocated by task 291 on cpu 0 at 20.355366s (0.001028s ago): [ 20.356469] test_alloc+0x29c/0x628 [ 20.356510] test_out_of_bounds_write+0xc8/0x240 [ 20.356562] kunit_try_run_case+0x170/0x3f0 [ 20.356603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.356649] kthread+0x328/0x630 [ 20.356687] ret_from_fork+0x10/0x20 [ 20.356726] [ 20.356772] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.356853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.356883] Hardware name: linux,dummy-virt (DT) [ 20.356916] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 19.312511] ================================================================== [ 19.312630] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.312630] [ 19.312763] Out-of-bounds read at 0x000000003711257b (1B left of kfence-#78): [ 19.312991] test_out_of_bounds_read+0x114/0x3e0 [ 19.313047] kunit_try_run_case+0x170/0x3f0 [ 19.313428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.313503] kthread+0x328/0x630 [ 19.314015] ret_from_fork+0x10/0x20 [ 19.314357] [ 19.315223] kfence-#78: 0x0000000010fc7023-0x00000000d0b23213, size=32, cache=kmalloc-32 [ 19.315223] [ 19.315872] allocated by task 287 on cpu 0 at 19.311106s (0.004640s ago): [ 19.319521] test_alloc+0x29c/0x628 [ 19.319979] test_out_of_bounds_read+0xdc/0x3e0 [ 19.320410] kunit_try_run_case+0x170/0x3f0 [ 19.320916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.321104] kthread+0x328/0x630 [ 19.321176] ret_from_fork+0x10/0x20 [ 19.322271] [ 19.323210] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.324357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.325601] Hardware name: linux,dummy-virt (DT) [ 19.326387] ================================================================== [ 20.251402] ================================================================== [ 20.251507] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.251507] [ 20.251596] Out-of-bounds read at 0x00000000cf5cad82 (32B right of kfence-#87): [ 20.251651] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.251710] kunit_try_run_case+0x170/0x3f0 [ 20.251768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.251824] kthread+0x328/0x630 [ 20.251865] ret_from_fork+0x10/0x20 [ 20.251906] [ 20.252228] kfence-#87: 0x000000003acb640b-0x00000000a170654a, size=32, cache=test [ 20.252228] [ 20.252457] allocated by task 289 on cpu 0 at 20.251021s (0.001349s ago): [ 20.252551] test_alloc+0x230/0x628 [ 20.252662] test_out_of_bounds_read+0x198/0x3e0 [ 20.252727] kunit_try_run_case+0x170/0x3f0 [ 20.252892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.253154] kthread+0x328/0x630 [ 20.253227] ret_from_fork+0x10/0x20 [ 20.253272] [ 20.253317] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.253662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.253718] Hardware name: linux,dummy-virt (DT) [ 20.253839] ================================================================== [ 19.835913] ================================================================== [ 19.835998] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.835998] [ 19.836105] Out-of-bounds read at 0x000000003038da34 (1B left of kfence-#83): [ 19.836162] test_out_of_bounds_read+0x114/0x3e0 [ 19.836546] kunit_try_run_case+0x170/0x3f0 [ 19.836619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.836665] kthread+0x328/0x630 [ 19.836824] ret_from_fork+0x10/0x20 [ 19.837012] [ 19.837038] kfence-#83: 0x0000000062187039-0x000000001709604e, size=32, cache=test [ 19.837038] [ 19.837268] allocated by task 289 on cpu 0 at 19.835681s (0.001419s ago): [ 19.837636] test_alloc+0x230/0x628 [ 19.837702] test_out_of_bounds_read+0xdc/0x3e0 [ 19.838037] kunit_try_run_case+0x170/0x3f0 [ 19.838186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.838273] kthread+0x328/0x630 [ 19.838328] ret_from_fork+0x10/0x20 [ 19.838370] [ 19.838555] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.838674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.838704] Hardware name: linux,dummy-virt (DT) [ 19.838764] ================================================================== [ 19.415312] ================================================================== [ 19.415391] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.415391] [ 19.415502] Out-of-bounds read at 0x000000006021d771 (32B right of kfence-#79): [ 19.415579] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.415646] kunit_try_run_case+0x170/0x3f0 [ 19.415693] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.415740] kthread+0x328/0x630 [ 19.415790] ret_from_fork+0x10/0x20 [ 19.415836] [ 19.415887] kfence-#79: 0x0000000022045e81-0x00000000991a5d76, size=32, cache=kmalloc-32 [ 19.415887] [ 19.415954] allocated by task 287 on cpu 0 at 19.414610s (0.001333s ago): [ 19.416029] test_alloc+0x29c/0x628 [ 19.416097] test_out_of_bounds_read+0x198/0x3e0 [ 19.416142] kunit_try_run_case+0x170/0x3f0 [ 19.416197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.416243] kthread+0x328/0x630 [ 19.416376] ret_from_fork+0x10/0x20 [ 19.416541] [ 19.416603] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.416694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.416732] Hardware name: linux,dummy-virt (DT) [ 19.416790] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.108942] ================================================================== [ 19.109002] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 19.109145] Write of size 1 at addr fff00000c6454978 by task kunit_try_catch/285 [ 19.109236] [ 19.109432] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.109563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.109611] Hardware name: linux,dummy-virt (DT) [ 19.109668] Call trace: [ 19.109693] show_stack+0x20/0x38 (C) [ 19.109744] dump_stack_lvl+0x8c/0xd0 [ 19.109795] print_report+0x118/0x608 [ 19.109927] kasan_report+0xdc/0x128 [ 19.110191] __asan_report_store1_noabort+0x20/0x30 [ 19.110283] strncpy_from_user+0x270/0x2a0 [ 19.110540] copy_user_test_oob+0x5c0/0xec8 [ 19.110666] kunit_try_run_case+0x170/0x3f0 [ 19.110722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.110969] kthread+0x328/0x630 [ 19.111066] ret_from_fork+0x10/0x20 [ 19.111199] [ 19.111260] Allocated by task 285: [ 19.111315] kasan_save_stack+0x3c/0x68 [ 19.111426] kasan_save_track+0x20/0x40 [ 19.111513] kasan_save_alloc_info+0x40/0x58 [ 19.111705] __kasan_kmalloc+0xd4/0xd8 [ 19.111879] __kmalloc_noprof+0x198/0x4c8 [ 19.111964] kunit_kmalloc_array+0x34/0x88 [ 19.112056] copy_user_test_oob+0xac/0xec8 [ 19.112149] kunit_try_run_case+0x170/0x3f0 [ 19.112252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.112340] kthread+0x328/0x630 [ 19.112417] ret_from_fork+0x10/0x20 [ 19.112523] [ 19.112563] The buggy address belongs to the object at fff00000c6454900 [ 19.112563] which belongs to the cache kmalloc-128 of size 128 [ 19.112622] The buggy address is located 0 bytes to the right of [ 19.112622] allocated 120-byte region [fff00000c6454900, fff00000c6454978) [ 19.112884] [ 19.112920] The buggy address belongs to the physical page: [ 19.112955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 19.113029] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.113093] page_type: f5(slab) [ 19.113131] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.113193] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.113243] page dumped because: kasan: bad access detected [ 19.113283] [ 19.113312] Memory state around the buggy address: [ 19.113355] fff00000c6454800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.113401] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.113448] >fff00000c6454900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.113498] ^ [ 19.113540] fff00000c6454980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.113585] fff00000c6454a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.113626] ================================================================== [ 19.101589] ================================================================== [ 19.101791] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 19.101874] Write of size 121 at addr fff00000c6454900 by task kunit_try_catch/285 [ 19.101980] [ 19.102050] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.102356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.102453] Hardware name: linux,dummy-virt (DT) [ 19.102552] Call trace: [ 19.102614] show_stack+0x20/0x38 (C) [ 19.102745] dump_stack_lvl+0x8c/0xd0 [ 19.102832] print_report+0x118/0x608 [ 19.103092] kasan_report+0xdc/0x128 [ 19.103155] kasan_check_range+0x100/0x1a8 [ 19.103449] __kasan_check_write+0x20/0x30 [ 19.103568] strncpy_from_user+0x3c/0x2a0 [ 19.103645] copy_user_test_oob+0x5c0/0xec8 [ 19.103909] kunit_try_run_case+0x170/0x3f0 [ 19.104031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.104140] kthread+0x328/0x630 [ 19.104188] ret_from_fork+0x10/0x20 [ 19.104502] [ 19.104601] Allocated by task 285: [ 19.104674] kasan_save_stack+0x3c/0x68 [ 19.104776] kasan_save_track+0x20/0x40 [ 19.105031] kasan_save_alloc_info+0x40/0x58 [ 19.105147] __kasan_kmalloc+0xd4/0xd8 [ 19.105235] __kmalloc_noprof+0x198/0x4c8 [ 19.105319] kunit_kmalloc_array+0x34/0x88 [ 19.105393] copy_user_test_oob+0xac/0xec8 [ 19.105471] kunit_try_run_case+0x170/0x3f0 [ 19.105511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.105830] kthread+0x328/0x630 [ 19.105949] ret_from_fork+0x10/0x20 [ 19.106016] [ 19.106048] The buggy address belongs to the object at fff00000c6454900 [ 19.106048] which belongs to the cache kmalloc-128 of size 128 [ 19.106150] The buggy address is located 0 bytes inside of [ 19.106150] allocated 120-byte region [fff00000c6454900, fff00000c6454978) [ 19.106253] [ 19.106535] The buggy address belongs to the physical page: [ 19.106601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 19.106697] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.106777] page_type: f5(slab) [ 19.106890] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.106977] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.107039] page dumped because: kasan: bad access detected [ 19.107142] [ 19.107175] Memory state around the buggy address: [ 19.107209] fff00000c6454800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.107275] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.107326] >fff00000c6454900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.107368] ^ [ 19.107582] fff00000c6454980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.107784] fff00000c6454a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.107879] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.090634] ================================================================== [ 19.090727] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.090781] Read of size 121 at addr fff00000c6454900 by task kunit_try_catch/285 [ 19.090849] [ 19.090881] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.090964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.090993] Hardware name: linux,dummy-virt (DT) [ 19.091024] Call trace: [ 19.091048] show_stack+0x20/0x38 (C) [ 19.091108] dump_stack_lvl+0x8c/0xd0 [ 19.091160] print_report+0x118/0x608 [ 19.091207] kasan_report+0xdc/0x128 [ 19.091258] kasan_check_range+0x100/0x1a8 [ 19.091308] __kasan_check_read+0x20/0x30 [ 19.091355] copy_user_test_oob+0x3c8/0xec8 [ 19.091405] kunit_try_run_case+0x170/0x3f0 [ 19.091456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.091513] kthread+0x328/0x630 [ 19.091556] ret_from_fork+0x10/0x20 [ 19.091611] [ 19.091634] Allocated by task 285: [ 19.091662] kasan_save_stack+0x3c/0x68 [ 19.091717] kasan_save_track+0x20/0x40 [ 19.091766] kasan_save_alloc_info+0x40/0x58 [ 19.091819] __kasan_kmalloc+0xd4/0xd8 [ 19.091857] __kmalloc_noprof+0x198/0x4c8 [ 19.091898] kunit_kmalloc_array+0x34/0x88 [ 19.091937] copy_user_test_oob+0xac/0xec8 [ 19.091977] kunit_try_run_case+0x170/0x3f0 [ 19.092027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.092092] kthread+0x328/0x630 [ 19.092127] ret_from_fork+0x10/0x20 [ 19.092164] [ 19.092186] The buggy address belongs to the object at fff00000c6454900 [ 19.092186] which belongs to the cache kmalloc-128 of size 128 [ 19.092243] The buggy address is located 0 bytes inside of [ 19.092243] allocated 120-byte region [fff00000c6454900, fff00000c6454978) [ 19.092306] [ 19.092327] The buggy address belongs to the physical page: [ 19.092360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 19.092412] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.092459] page_type: f5(slab) [ 19.092500] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.092552] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.092594] page dumped because: kasan: bad access detected [ 19.092628] [ 19.092647] Memory state around the buggy address: [ 19.092680] fff00000c6454800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.092726] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.092770] >fff00000c6454900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.092809] ^ [ 19.092851] fff00000c6454980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.092896] fff00000c6454a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.092937] ================================================================== [ 19.093044] ================================================================== [ 19.093098] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.093143] Write of size 121 at addr fff00000c6454900 by task kunit_try_catch/285 [ 19.093194] [ 19.093224] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.093304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.093333] Hardware name: linux,dummy-virt (DT) [ 19.093363] Call trace: [ 19.093386] show_stack+0x20/0x38 (C) [ 19.093435] dump_stack_lvl+0x8c/0xd0 [ 19.093485] print_report+0x118/0x608 [ 19.093534] kasan_report+0xdc/0x128 [ 19.093581] kasan_check_range+0x100/0x1a8 [ 19.093632] __kasan_check_write+0x20/0x30 [ 19.093681] copy_user_test_oob+0x434/0xec8 [ 19.093737] kunit_try_run_case+0x170/0x3f0 [ 19.093786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.093849] kthread+0x328/0x630 [ 19.093892] ret_from_fork+0x10/0x20 [ 19.094337] [ 19.094377] Allocated by task 285: [ 19.094407] kasan_save_stack+0x3c/0x68 [ 19.094452] kasan_save_track+0x20/0x40 [ 19.094493] kasan_save_alloc_info+0x40/0x58 [ 19.094537] __kasan_kmalloc+0xd4/0xd8 [ 19.094578] __kmalloc_noprof+0x198/0x4c8 [ 19.094644] kunit_kmalloc_array+0x34/0x88 [ 19.094737] copy_user_test_oob+0xac/0xec8 [ 19.094789] kunit_try_run_case+0x170/0x3f0 [ 19.094831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.094878] kthread+0x328/0x630 [ 19.094914] ret_from_fork+0x10/0x20 [ 19.094954] [ 19.094975] The buggy address belongs to the object at fff00000c6454900 [ 19.094975] which belongs to the cache kmalloc-128 of size 128 [ 19.095034] The buggy address is located 0 bytes inside of [ 19.095034] allocated 120-byte region [fff00000c6454900, fff00000c6454978) [ 19.095109] [ 19.095130] The buggy address belongs to the physical page: [ 19.095162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 19.095216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.095262] page_type: f5(slab) [ 19.095299] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.095351] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.095394] page dumped because: kasan: bad access detected [ 19.095427] [ 19.095450] Memory state around the buggy address: [ 19.095482] fff00000c6454800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.095528] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.095571] >fff00000c6454900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.095612] ^ [ 19.095655] fff00000c6454980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.095699] fff00000c6454a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.095739] ================================================================== [ 19.076093] ================================================================== [ 19.076153] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.076208] Read of size 121 at addr fff00000c6454900 by task kunit_try_catch/285 [ 19.076262] [ 19.076295] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.076380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.076700] Hardware name: linux,dummy-virt (DT) [ 19.076744] Call trace: [ 19.076789] show_stack+0x20/0x38 (C) [ 19.076864] dump_stack_lvl+0x8c/0xd0 [ 19.076943] print_report+0x118/0x608 [ 19.076996] kasan_report+0xdc/0x128 [ 19.077064] kasan_check_range+0x100/0x1a8 [ 19.077140] __kasan_check_read+0x20/0x30 [ 19.077189] copy_user_test_oob+0x728/0xec8 [ 19.077237] kunit_try_run_case+0x170/0x3f0 [ 19.077287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.077344] kthread+0x328/0x630 [ 19.077558] ret_from_fork+0x10/0x20 [ 19.077623] [ 19.077663] Allocated by task 285: [ 19.077737] kasan_save_stack+0x3c/0x68 [ 19.077832] kasan_save_track+0x20/0x40 [ 19.077956] kasan_save_alloc_info+0x40/0x58 [ 19.078042] __kasan_kmalloc+0xd4/0xd8 [ 19.078172] __kmalloc_noprof+0x198/0x4c8 [ 19.078261] kunit_kmalloc_array+0x34/0x88 [ 19.078357] copy_user_test_oob+0xac/0xec8 [ 19.078443] kunit_try_run_case+0x170/0x3f0 [ 19.078483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.078530] kthread+0x328/0x630 [ 19.078688] ret_from_fork+0x10/0x20 [ 19.078737] [ 19.078762] The buggy address belongs to the object at fff00000c6454900 [ 19.078762] which belongs to the cache kmalloc-128 of size 128 [ 19.078862] The buggy address is located 0 bytes inside of [ 19.078862] allocated 120-byte region [fff00000c6454900, fff00000c6454978) [ 19.078948] [ 19.079056] The buggy address belongs to the physical page: [ 19.079134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 19.079224] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.079324] page_type: f5(slab) [ 19.079413] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.079556] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.079653] page dumped because: kasan: bad access detected [ 19.079717] [ 19.079807] Memory state around the buggy address: [ 19.079863] fff00000c6454800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.079910] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.079996] >fff00000c6454900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.080263] ^ [ 19.080373] fff00000c6454980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.080469] fff00000c6454a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.080592] ================================================================== [ 19.086997] ================================================================== [ 19.087062] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.087133] Write of size 121 at addr fff00000c6454900 by task kunit_try_catch/285 [ 19.087187] [ 19.087221] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.087325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.087354] Hardware name: linux,dummy-virt (DT) [ 19.087385] Call trace: [ 19.087435] show_stack+0x20/0x38 (C) [ 19.087486] dump_stack_lvl+0x8c/0xd0 [ 19.087535] print_report+0x118/0x608 [ 19.087594] kasan_report+0xdc/0x128 [ 19.087649] kasan_check_range+0x100/0x1a8 [ 19.087701] __kasan_check_write+0x20/0x30 [ 19.087747] copy_user_test_oob+0x35c/0xec8 [ 19.087797] kunit_try_run_case+0x170/0x3f0 [ 19.087846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.087909] kthread+0x328/0x630 [ 19.087962] ret_from_fork+0x10/0x20 [ 19.088014] [ 19.088034] Allocated by task 285: [ 19.088069] kasan_save_stack+0x3c/0x68 [ 19.088124] kasan_save_track+0x20/0x40 [ 19.088170] kasan_save_alloc_info+0x40/0x58 [ 19.088215] __kasan_kmalloc+0xd4/0xd8 [ 19.088255] __kmalloc_noprof+0x198/0x4c8 [ 19.088294] kunit_kmalloc_array+0x34/0x88 [ 19.088334] copy_user_test_oob+0xac/0xec8 [ 19.088373] kunit_try_run_case+0x170/0x3f0 [ 19.088413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.088458] kthread+0x328/0x630 [ 19.088500] ret_from_fork+0x10/0x20 [ 19.088540] [ 19.088560] The buggy address belongs to the object at fff00000c6454900 [ 19.088560] which belongs to the cache kmalloc-128 of size 128 [ 19.088620] The buggy address is located 0 bytes inside of [ 19.088620] allocated 120-byte region [fff00000c6454900, fff00000c6454978) [ 19.088686] [ 19.088708] The buggy address belongs to the physical page: [ 19.089150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 19.089249] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.089304] page_type: f5(slab) [ 19.089365] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.089433] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.089478] page dumped because: kasan: bad access detected [ 19.089539] [ 19.089569] Memory state around the buggy address: [ 19.089604] fff00000c6454800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.089649] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.089694] >fff00000c6454900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.089734] ^ [ 19.089992] fff00000c6454980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.090105] fff00000c6454a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.090177] ================================================================== [ 19.096201] ================================================================== [ 19.096276] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 19.096329] Read of size 121 at addr fff00000c6454900 by task kunit_try_catch/285 [ 19.096404] [ 19.096436] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.096518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.096545] Hardware name: linux,dummy-virt (DT) [ 19.096575] Call trace: [ 19.096599] show_stack+0x20/0x38 (C) [ 19.096649] dump_stack_lvl+0x8c/0xd0 [ 19.096849] print_report+0x118/0x608 [ 19.096900] kasan_report+0xdc/0x128 [ 19.096948] kasan_check_range+0x100/0x1a8 [ 19.097019] __kasan_check_read+0x20/0x30 [ 19.097096] copy_user_test_oob+0x4a0/0xec8 [ 19.097179] kunit_try_run_case+0x170/0x3f0 [ 19.097245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.097320] kthread+0x328/0x630 [ 19.097366] ret_from_fork+0x10/0x20 [ 19.097432] [ 19.097471] Allocated by task 285: [ 19.097728] kasan_save_stack+0x3c/0x68 [ 19.097784] kasan_save_track+0x20/0x40 [ 19.097866] kasan_save_alloc_info+0x40/0x58 [ 19.097932] __kasan_kmalloc+0xd4/0xd8 [ 19.097998] __kmalloc_noprof+0x198/0x4c8 [ 19.098115] kunit_kmalloc_array+0x34/0x88 [ 19.098197] copy_user_test_oob+0xac/0xec8 [ 19.098271] kunit_try_run_case+0x170/0x3f0 [ 19.098339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.098424] kthread+0x328/0x630 [ 19.098461] ret_from_fork+0x10/0x20 [ 19.098498] [ 19.098520] The buggy address belongs to the object at fff00000c6454900 [ 19.098520] which belongs to the cache kmalloc-128 of size 128 [ 19.098580] The buggy address is located 0 bytes inside of [ 19.098580] allocated 120-byte region [fff00000c6454900, fff00000c6454978) [ 19.098642] [ 19.098665] The buggy address belongs to the physical page: [ 19.098696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 19.098884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.098983] page_type: f5(slab) [ 19.099061] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.099167] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.099458] page dumped because: kasan: bad access detected [ 19.099518] [ 19.099538] Memory state around the buggy address: [ 19.099575] fff00000c6454800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.099851] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.099939] >fff00000c6454900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.100033] ^ [ 19.100113] fff00000c6454980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.100354] fff00000c6454a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.100458] ================================================================== [ 19.067332] ================================================================== [ 19.067678] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.067799] Write of size 121 at addr fff00000c6454900 by task kunit_try_catch/285 [ 19.067882] [ 19.067935] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.068074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.068140] Hardware name: linux,dummy-virt (DT) [ 19.068197] Call trace: [ 19.068233] show_stack+0x20/0x38 (C) [ 19.068302] dump_stack_lvl+0x8c/0xd0 [ 19.068378] print_report+0x118/0x608 [ 19.068442] kasan_report+0xdc/0x128 [ 19.068490] kasan_check_range+0x100/0x1a8 [ 19.068721] __kasan_check_write+0x20/0x30 [ 19.068785] copy_user_test_oob+0x234/0xec8 [ 19.068835] kunit_try_run_case+0x170/0x3f0 [ 19.069105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.069179] kthread+0x328/0x630 [ 19.069295] ret_from_fork+0x10/0x20 [ 19.069371] [ 19.069410] Allocated by task 285: [ 19.069444] kasan_save_stack+0x3c/0x68 [ 19.069505] kasan_save_track+0x20/0x40 [ 19.069548] kasan_save_alloc_info+0x40/0x58 [ 19.069589] __kasan_kmalloc+0xd4/0xd8 [ 19.069630] __kmalloc_noprof+0x198/0x4c8 [ 19.069673] kunit_kmalloc_array+0x34/0x88 [ 19.069712] copy_user_test_oob+0xac/0xec8 [ 19.069769] kunit_try_run_case+0x170/0x3f0 [ 19.069810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.069861] kthread+0x328/0x630 [ 19.069895] ret_from_fork+0x10/0x20 [ 19.069943] [ 19.069973] The buggy address belongs to the object at fff00000c6454900 [ 19.069973] which belongs to the cache kmalloc-128 of size 128 [ 19.070035] The buggy address is located 0 bytes inside of [ 19.070035] allocated 120-byte region [fff00000c6454900, fff00000c6454978) [ 19.070107] [ 19.070132] The buggy address belongs to the physical page: [ 19.070166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 19.070399] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.070469] page_type: f5(slab) [ 19.070516] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.070567] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.070611] page dumped because: kasan: bad access detected [ 19.070646] [ 19.070666] Memory state around the buggy address: [ 19.070704] fff00000c6454800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.070750] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.070955] >fff00000c6454900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.071029] ^ [ 19.071121] fff00000c6454980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.071211] fff00000c6454a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.071321] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.984374] ================================================================== [ 18.984462] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.984540] Read of size 8 at addr fff00000c6454878 by task kunit_try_catch/281 [ 18.984593] [ 18.984636] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.984725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.984755] Hardware name: linux,dummy-virt (DT) [ 18.984789] Call trace: [ 18.984817] show_stack+0x20/0x38 (C) [ 18.985553] dump_stack_lvl+0x8c/0xd0 [ 18.986399] print_report+0x118/0x608 [ 18.986472] kasan_report+0xdc/0x128 [ 18.986563] __asan_report_load8_noabort+0x20/0x30 [ 18.986744] copy_to_kernel_nofault+0x204/0x250 [ 18.987073] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.987142] kunit_try_run_case+0x170/0x3f0 [ 18.987196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.987566] kthread+0x328/0x630 [ 18.987643] ret_from_fork+0x10/0x20 [ 18.988033] [ 18.988062] Allocated by task 281: [ 18.988126] kasan_save_stack+0x3c/0x68 [ 18.988417] kasan_save_track+0x20/0x40 [ 18.988697] kasan_save_alloc_info+0x40/0x58 [ 18.989044] __kasan_kmalloc+0xd4/0xd8 [ 18.989361] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.989446] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.989841] kunit_try_run_case+0x170/0x3f0 [ 18.989903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.990245] kthread+0x328/0x630 [ 18.990522] ret_from_fork+0x10/0x20 [ 18.990668] [ 18.991020] The buggy address belongs to the object at fff00000c6454800 [ 18.991020] which belongs to the cache kmalloc-128 of size 128 [ 18.991291] The buggy address is located 0 bytes to the right of [ 18.991291] allocated 120-byte region [fff00000c6454800, fff00000c6454878) [ 18.991357] [ 18.991381] The buggy address belongs to the physical page: [ 18.991418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 18.991514] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.992632] page_type: f5(slab) [ 18.992912] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.993072] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.993250] page dumped because: kasan: bad access detected [ 18.993285] [ 18.993311] Memory state around the buggy address: [ 18.993349] fff00000c6454700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.993396] fff00000c6454780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.993443] >fff00000c6454800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.993486] ^ [ 18.993530] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.993575] fff00000c6454900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.993617] ================================================================== [ 18.996953] ================================================================== [ 18.997607] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.997671] Write of size 8 at addr fff00000c6454878 by task kunit_try_catch/281 [ 18.997723] [ 18.997938] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.998099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.998133] Hardware name: linux,dummy-virt (DT) [ 18.998204] Call trace: [ 18.998233] show_stack+0x20/0x38 (C) [ 18.998575] dump_stack_lvl+0x8c/0xd0 [ 18.998937] print_report+0x118/0x608 [ 18.999198] kasan_report+0xdc/0x128 [ 18.999575] kasan_check_range+0x100/0x1a8 [ 18.999856] __kasan_check_write+0x20/0x30 [ 18.999980] copy_to_kernel_nofault+0x8c/0x250 [ 19.000060] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.000489] kunit_try_run_case+0x170/0x3f0 [ 19.000546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.000922] kthread+0x328/0x630 [ 19.000982] ret_from_fork+0x10/0x20 [ 19.001121] [ 19.001143] Allocated by task 281: [ 19.001176] kasan_save_stack+0x3c/0x68 [ 19.001722] kasan_save_track+0x20/0x40 [ 19.001991] kasan_save_alloc_info+0x40/0x58 [ 19.002052] __kasan_kmalloc+0xd4/0xd8 [ 19.002189] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.002629] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.002789] kunit_try_run_case+0x170/0x3f0 [ 19.002835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.003043] kthread+0x328/0x630 [ 19.003419] ret_from_fork+0x10/0x20 [ 19.003721] [ 19.003791] The buggy address belongs to the object at fff00000c6454800 [ 19.003791] which belongs to the cache kmalloc-128 of size 128 [ 19.004001] The buggy address is located 0 bytes to the right of [ 19.004001] allocated 120-byte region [fff00000c6454800, fff00000c6454878) [ 19.004215] [ 19.004252] The buggy address belongs to the physical page: [ 19.004349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 19.004409] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.004463] page_type: f5(slab) [ 19.004505] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.005041] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.005308] page dumped because: kasan: bad access detected [ 19.005358] [ 19.005377] Memory state around the buggy address: [ 19.005486] fff00000c6454700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.005870] fff00000c6454780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.006031] >fff00000c6454800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.006258] ^ [ 19.006325] fff00000c6454880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.006380] fff00000c6454900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.006529] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.922951] ================================================================== [ 18.923027] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.923111] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 18.923164] [ 18.923204] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.923502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.923550] Hardware name: linux,dummy-virt (DT) [ 18.923586] Call trace: [ 18.923613] show_stack+0x20/0x38 (C) [ 18.923676] dump_stack_lvl+0x8c/0xd0 [ 18.923728] print_report+0x310/0x608 [ 18.923785] kasan_report+0xdc/0x128 [ 18.923833] __asan_report_load1_noabort+0x20/0x30 [ 18.923888] vmalloc_oob+0x578/0x5d0 [ 18.923933] kunit_try_run_case+0x170/0x3f0 [ 18.923985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.924043] kthread+0x328/0x630 [ 18.924181] ret_from_fork+0x10/0x20 [ 18.924341] [ 18.924458] The buggy address belongs to the virtual mapping at [ 18.924458] [ffff8000800fe000, ffff800080100000) created by: [ 18.924458] vmalloc_oob+0x98/0x5d0 [ 18.924569] [ 18.924595] The buggy address belongs to the physical page: [ 18.924631] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106406 [ 18.924804] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.924973] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.925099] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.925144] page dumped because: kasan: bad access detected [ 18.925179] [ 18.925891] Memory state around the buggy address: [ 18.925937] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.925984] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.926030] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.926070] ^ [ 18.926123] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.926170] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.926211] ================================================================== [ 18.926454] ================================================================== [ 18.926500] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.926550] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 18.926600] [ 18.926634] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.926717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.926744] Hardware name: linux,dummy-virt (DT) [ 18.926777] Call trace: [ 18.926800] show_stack+0x20/0x38 (C) [ 18.926849] dump_stack_lvl+0x8c/0xd0 [ 18.926898] print_report+0x310/0x608 [ 18.926948] kasan_report+0xdc/0x128 [ 18.926996] __asan_report_load1_noabort+0x20/0x30 [ 18.927050] vmalloc_oob+0x51c/0x5d0 [ 18.927180] kunit_try_run_case+0x170/0x3f0 [ 18.927242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.927298] kthread+0x328/0x630 [ 18.927343] ret_from_fork+0x10/0x20 [ 18.927392] [ 18.927424] The buggy address belongs to the virtual mapping at [ 18.927424] [ffff8000800fe000, ffff800080100000) created by: [ 18.927424] vmalloc_oob+0x98/0x5d0 [ 18.927769] [ 18.927896] The buggy address belongs to the physical page: [ 18.928070] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106406 [ 18.928139] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.928203] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.928285] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.928374] page dumped because: kasan: bad access detected [ 18.928552] [ 18.928595] Memory state around the buggy address: [ 18.928634] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.928784] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.928873] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.928986] ^ [ 18.929027] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.929071] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.929118] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.848911] ================================================================== [ 18.848964] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 18.849103] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.849163] [ 18.849194] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.849286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.849325] Hardware name: linux,dummy-virt (DT) [ 18.849360] Call trace: [ 18.849383] show_stack+0x20/0x38 (C) [ 18.849435] dump_stack_lvl+0x8c/0xd0 [ 18.849482] print_report+0x118/0x608 [ 18.849531] kasan_report+0xdc/0x128 [ 18.849578] kasan_check_range+0x100/0x1a8 [ 18.849629] __kasan_check_write+0x20/0x30 [ 18.849675] kasan_atomics_helper+0x14e4/0x4858 [ 18.849726] kasan_atomics+0x198/0x2e0 [ 18.849775] kunit_try_run_case+0x170/0x3f0 [ 18.849827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.849883] kthread+0x328/0x630 [ 18.849933] ret_from_fork+0x10/0x20 [ 18.849990] [ 18.850011] Allocated by task 265: [ 18.850042] kasan_save_stack+0x3c/0x68 [ 18.850094] kasan_save_track+0x20/0x40 [ 18.850150] kasan_save_alloc_info+0x40/0x58 [ 18.850193] __kasan_kmalloc+0xd4/0xd8 [ 18.850233] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.850273] kasan_atomics+0xb8/0x2e0 [ 18.850313] kunit_try_run_case+0x170/0x3f0 [ 18.850361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.850408] kthread+0x328/0x630 [ 18.850441] ret_from_fork+0x10/0x20 [ 18.850485] [ 18.850508] The buggy address belongs to the object at fff00000c635c500 [ 18.850508] which belongs to the cache kmalloc-64 of size 64 [ 18.850567] The buggy address is located 0 bytes to the right of [ 18.850567] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.850640] [ 18.850662] The buggy address belongs to the physical page: [ 18.850695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.850747] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.850796] page_type: f5(slab) [ 18.850835] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.850897] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.850941] page dumped because: kasan: bad access detected [ 18.850975] [ 18.850996] Memory state around the buggy address: [ 18.851045] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.851474] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.851831] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.851990] ^ [ 18.852114] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.852214] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.852305] ================================================================== [ 18.744358] ================================================================== [ 18.744429] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 18.744483] Read of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.744546] [ 18.744584] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.744676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.744729] Hardware name: linux,dummy-virt (DT) [ 18.744778] Call trace: [ 18.744817] show_stack+0x20/0x38 (C) [ 18.744877] dump_stack_lvl+0x8c/0xd0 [ 18.744936] print_report+0x118/0x608 [ 18.744989] kasan_report+0xdc/0x128 [ 18.745036] __asan_report_load8_noabort+0x20/0x30 [ 18.745103] kasan_atomics_helper+0x3f58/0x4858 [ 18.745193] kasan_atomics+0x198/0x2e0 [ 18.745355] kunit_try_run_case+0x170/0x3f0 [ 18.745418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.745484] kthread+0x328/0x630 [ 18.745539] ret_from_fork+0x10/0x20 [ 18.745597] [ 18.745620] Allocated by task 265: [ 18.745660] kasan_save_stack+0x3c/0x68 [ 18.748121] kasan_save_track+0x20/0x40 [ 18.748763] kasan_save_alloc_info+0x40/0x58 [ 18.749109] __kasan_kmalloc+0xd4/0xd8 [ 18.749248] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.749293] kasan_atomics+0xb8/0x2e0 [ 18.749769] kunit_try_run_case+0x170/0x3f0 [ 18.751099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.751171] kthread+0x328/0x630 [ 18.751208] ret_from_fork+0x10/0x20 [ 18.751246] [ 18.751270] The buggy address belongs to the object at fff00000c635c500 [ 18.751270] which belongs to the cache kmalloc-64 of size 64 [ 18.751381] The buggy address is located 0 bytes to the right of [ 18.751381] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.751928] [ 18.751978] The buggy address belongs to the physical page: [ 18.752012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.752069] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.752159] page_type: f5(slab) [ 18.752202] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.752383] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.752454] page dumped because: kasan: bad access detected [ 18.752521] [ 18.752562] Memory state around the buggy address: [ 18.752653] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.752729] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.752793] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.753055] ^ [ 18.753134] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.753200] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.753303] ================================================================== [ 18.857612] ================================================================== [ 18.857669] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 18.857720] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.857849] [ 18.857988] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.858156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.858226] Hardware name: linux,dummy-virt (DT) [ 18.858309] Call trace: [ 18.858348] show_stack+0x20/0x38 (C) [ 18.858435] dump_stack_lvl+0x8c/0xd0 [ 18.858548] print_report+0x118/0x608 [ 18.858649] kasan_report+0xdc/0x128 [ 18.858709] kasan_check_range+0x100/0x1a8 [ 18.858784] __kasan_check_write+0x20/0x30 [ 18.858842] kasan_atomics_helper+0x15b4/0x4858 [ 18.858894] kasan_atomics+0x198/0x2e0 [ 18.858943] kunit_try_run_case+0x170/0x3f0 [ 18.858991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.859189] kthread+0x328/0x630 [ 18.859417] ret_from_fork+0x10/0x20 [ 18.859505] [ 18.859750] Allocated by task 265: [ 18.859841] kasan_save_stack+0x3c/0x68 [ 18.859933] kasan_save_track+0x20/0x40 [ 18.860033] kasan_save_alloc_info+0x40/0x58 [ 18.860145] __kasan_kmalloc+0xd4/0xd8 [ 18.860234] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.860308] kasan_atomics+0xb8/0x2e0 [ 18.860377] kunit_try_run_case+0x170/0x3f0 [ 18.860473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.860579] kthread+0x328/0x630 [ 18.860632] ret_from_fork+0x10/0x20 [ 18.860671] [ 18.860797] The buggy address belongs to the object at fff00000c635c500 [ 18.860797] which belongs to the cache kmalloc-64 of size 64 [ 18.861058] The buggy address is located 0 bytes to the right of [ 18.861058] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.861163] [ 18.861337] The buggy address belongs to the physical page: [ 18.861497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.861595] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.861645] page_type: f5(slab) [ 18.861691] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.861871] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.862086] page dumped because: kasan: bad access detected [ 18.862197] [ 18.862257] Memory state around the buggy address: [ 18.862533] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.862639] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.862721] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.862764] ^ [ 18.862799] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.862843] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.862881] ================================================================== [ 18.775059] ================================================================== [ 18.775129] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 18.775182] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.775243] [ 18.775287] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.775373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.775400] Hardware name: linux,dummy-virt (DT) [ 18.775434] Call trace: [ 18.775458] show_stack+0x20/0x38 (C) [ 18.775510] dump_stack_lvl+0x8c/0xd0 [ 18.775559] print_report+0x118/0x608 [ 18.775609] kasan_report+0xdc/0x128 [ 18.775656] kasan_check_range+0x100/0x1a8 [ 18.775729] __kasan_check_write+0x20/0x30 [ 18.775779] kasan_atomics_helper+0xf88/0x4858 [ 18.775829] kasan_atomics+0x198/0x2e0 [ 18.775877] kunit_try_run_case+0x170/0x3f0 [ 18.775931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.775989] kthread+0x328/0x630 [ 18.776041] ret_from_fork+0x10/0x20 [ 18.776110] [ 18.776131] Allocated by task 265: [ 18.776160] kasan_save_stack+0x3c/0x68 [ 18.776204] kasan_save_track+0x20/0x40 [ 18.776243] kasan_save_alloc_info+0x40/0x58 [ 18.776297] __kasan_kmalloc+0xd4/0xd8 [ 18.776335] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.776377] kasan_atomics+0xb8/0x2e0 [ 18.776415] kunit_try_run_case+0x170/0x3f0 [ 18.776456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.776503] kthread+0x328/0x630 [ 18.776544] ret_from_fork+0x10/0x20 [ 18.776586] [ 18.776607] The buggy address belongs to the object at fff00000c635c500 [ 18.776607] which belongs to the cache kmalloc-64 of size 64 [ 18.776680] The buggy address is located 0 bytes to the right of [ 18.776680] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.776745] [ 18.776767] The buggy address belongs to the physical page: [ 18.776800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.776864] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.776916] page_type: f5(slab) [ 18.776957] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.777009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.777052] page dumped because: kasan: bad access detected [ 18.777494] [ 18.777529] Memory state around the buggy address: [ 18.777877] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.778241] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.778287] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.778340] ^ [ 18.778374] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.778421] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.778461] ================================================================== [ 18.824467] ================================================================== [ 18.824520] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 18.824592] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.824803] [ 18.824845] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.825052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.825093] Hardware name: linux,dummy-virt (DT) [ 18.825229] Call trace: [ 18.825304] show_stack+0x20/0x38 (C) [ 18.825403] dump_stack_lvl+0x8c/0xd0 [ 18.825465] print_report+0x118/0x608 [ 18.825540] kasan_report+0xdc/0x128 [ 18.828207] kasan_check_range+0x100/0x1a8 [ 18.828670] __kasan_check_write+0x20/0x30 [ 18.828739] kasan_atomics_helper+0x1384/0x4858 [ 18.829014] kasan_atomics+0x198/0x2e0 [ 18.829159] kunit_try_run_case+0x170/0x3f0 [ 18.829216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.829286] kthread+0x328/0x630 [ 18.829330] ret_from_fork+0x10/0x20 [ 18.829418] [ 18.829440] Allocated by task 265: [ 18.829470] kasan_save_stack+0x3c/0x68 [ 18.829515] kasan_save_track+0x20/0x40 [ 18.829714] kasan_save_alloc_info+0x40/0x58 [ 18.829759] __kasan_kmalloc+0xd4/0xd8 [ 18.830216] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.830569] kasan_atomics+0xb8/0x2e0 [ 18.830621] kunit_try_run_case+0x170/0x3f0 [ 18.831185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.831265] kthread+0x328/0x630 [ 18.831542] ret_from_fork+0x10/0x20 [ 18.831590] [ 18.831616] The buggy address belongs to the object at fff00000c635c500 [ 18.831616] which belongs to the cache kmalloc-64 of size 64 [ 18.831678] The buggy address is located 0 bytes to the right of [ 18.831678] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.831898] [ 18.831957] The buggy address belongs to the physical page: [ 18.832028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.832125] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.832212] page_type: f5(slab) [ 18.832275] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.832481] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.832627] page dumped because: kasan: bad access detected [ 18.832704] [ 18.832815] Memory state around the buggy address: [ 18.832891] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.832938] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.832983] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.833190] ^ [ 18.833273] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.833392] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.833532] ================================================================== [ 18.883449] ================================================================== [ 18.883506] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.883560] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.883627] [ 18.883799] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.884098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.884190] Hardware name: linux,dummy-virt (DT) [ 18.884227] Call trace: [ 18.884252] show_stack+0x20/0x38 (C) [ 18.884306] dump_stack_lvl+0x8c/0xd0 [ 18.884372] print_report+0x118/0x608 [ 18.884439] kasan_report+0xdc/0x128 [ 18.884495] kasan_check_range+0x100/0x1a8 [ 18.884709] __kasan_check_write+0x20/0x30 [ 18.884789] kasan_atomics_helper+0x16d0/0x4858 [ 18.884843] kasan_atomics+0x198/0x2e0 [ 18.884899] kunit_try_run_case+0x170/0x3f0 [ 18.884966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.885031] kthread+0x328/0x630 [ 18.885089] ret_from_fork+0x10/0x20 [ 18.885147] [ 18.885176] Allocated by task 265: [ 18.885214] kasan_save_stack+0x3c/0x68 [ 18.885291] kasan_save_track+0x20/0x40 [ 18.885333] kasan_save_alloc_info+0x40/0x58 [ 18.885383] __kasan_kmalloc+0xd4/0xd8 [ 18.885476] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.885519] kasan_atomics+0xb8/0x2e0 [ 18.885558] kunit_try_run_case+0x170/0x3f0 [ 18.885598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.885913] kthread+0x328/0x630 [ 18.885996] ret_from_fork+0x10/0x20 [ 18.886048] [ 18.886092] The buggy address belongs to the object at fff00000c635c500 [ 18.886092] which belongs to the cache kmalloc-64 of size 64 [ 18.886167] The buggy address is located 0 bytes to the right of [ 18.886167] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.886410] [ 18.886441] The buggy address belongs to the physical page: [ 18.886477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.886534] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.886585] page_type: f5(slab) [ 18.886790] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.886877] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.886974] page dumped because: kasan: bad access detected [ 18.887032] [ 18.887366] Memory state around the buggy address: [ 18.887434] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.887500] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.887563] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.887617] ^ [ 18.887654] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.887724] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.887776] ================================================================== [ 18.779317] ================================================================== [ 18.779394] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 18.779449] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.779499] [ 18.779533] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.779616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.779645] Hardware name: linux,dummy-virt (DT) [ 18.779823] Call trace: [ 18.779858] show_stack+0x20/0x38 (C) [ 18.779931] dump_stack_lvl+0x8c/0xd0 [ 18.779983] print_report+0x118/0x608 [ 18.780042] kasan_report+0xdc/0x128 [ 18.780266] kasan_check_range+0x100/0x1a8 [ 18.780333] __kasan_check_write+0x20/0x30 [ 18.780409] kasan_atomics_helper+0xff0/0x4858 [ 18.780461] kasan_atomics+0x198/0x2e0 [ 18.780514] kunit_try_run_case+0x170/0x3f0 [ 18.780570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.780635] kthread+0x328/0x630 [ 18.780687] ret_from_fork+0x10/0x20 [ 18.780739] [ 18.780759] Allocated by task 265: [ 18.780797] kasan_save_stack+0x3c/0x68 [ 18.780849] kasan_save_track+0x20/0x40 [ 18.780896] kasan_save_alloc_info+0x40/0x58 [ 18.780940] __kasan_kmalloc+0xd4/0xd8 [ 18.780989] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.781039] kasan_atomics+0xb8/0x2e0 [ 18.781090] kunit_try_run_case+0x170/0x3f0 [ 18.781131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.781271] kthread+0x328/0x630 [ 18.781310] ret_from_fork+0x10/0x20 [ 18.781457] [ 18.781506] The buggy address belongs to the object at fff00000c635c500 [ 18.781506] which belongs to the cache kmalloc-64 of size 64 [ 18.781592] The buggy address is located 0 bytes to the right of [ 18.781592] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.781658] [ 18.781811] The buggy address belongs to the physical page: [ 18.781870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.781932] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.782049] page_type: f5(slab) [ 18.782099] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.782180] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.782223] page dumped because: kasan: bad access detected [ 18.782257] [ 18.782306] Memory state around the buggy address: [ 18.782340] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.782386] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.782601] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.782679] ^ [ 18.782734] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.782795] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.782837] ================================================================== [ 18.863653] ================================================================== [ 18.866268] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 18.866352] Read of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.867183] [ 18.867788] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.868353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.868437] Hardware name: linux,dummy-virt (DT) [ 18.868482] Call trace: [ 18.868532] show_stack+0x20/0x38 (C) [ 18.868655] dump_stack_lvl+0x8c/0xd0 [ 18.868731] print_report+0x118/0x608 [ 18.868848] kasan_report+0xdc/0x128 [ 18.868935] __asan_report_load8_noabort+0x20/0x30 [ 18.868993] kasan_atomics_helper+0x3db0/0x4858 [ 18.869045] kasan_atomics+0x198/0x2e0 [ 18.869341] kunit_try_run_case+0x170/0x3f0 [ 18.869470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.869568] kthread+0x328/0x630 [ 18.869612] ret_from_fork+0x10/0x20 [ 18.869683] [ 18.869719] Allocated by task 265: [ 18.869749] kasan_save_stack+0x3c/0x68 [ 18.869795] kasan_save_track+0x20/0x40 [ 18.869849] kasan_save_alloc_info+0x40/0x58 [ 18.869892] __kasan_kmalloc+0xd4/0xd8 [ 18.869946] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.869998] kasan_atomics+0xb8/0x2e0 [ 18.870035] kunit_try_run_case+0x170/0x3f0 [ 18.870089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.870135] kthread+0x328/0x630 [ 18.870181] ret_from_fork+0x10/0x20 [ 18.870218] [ 18.870261] The buggy address belongs to the object at fff00000c635c500 [ 18.870261] which belongs to the cache kmalloc-64 of size 64 [ 18.870323] The buggy address is located 0 bytes to the right of [ 18.870323] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.870389] [ 18.870413] The buggy address belongs to the physical page: [ 18.870447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.870512] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.870565] page_type: f5(slab) [ 18.870606] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.870660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.870704] page dumped because: kasan: bad access detected [ 18.870737] [ 18.870767] Memory state around the buggy address: [ 18.870802] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.870854] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.870899] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.870942] ^ [ 18.871006] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.871049] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.871976] ================================================================== [ 18.726659] ================================================================== [ 18.726725] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 18.726782] Write of size 4 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.726834] [ 18.726886] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.726969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.726998] Hardware name: linux,dummy-virt (DT) [ 18.727183] Call trace: [ 18.727304] show_stack+0x20/0x38 (C) [ 18.727419] dump_stack_lvl+0x8c/0xd0 [ 18.727486] print_report+0x118/0x608 [ 18.727540] kasan_report+0xdc/0x128 [ 18.727747] kasan_check_range+0x100/0x1a8 [ 18.727802] __kasan_check_write+0x20/0x30 [ 18.727989] kasan_atomics_helper+0xd3c/0x4858 [ 18.728103] kasan_atomics+0x198/0x2e0 [ 18.728160] kunit_try_run_case+0x170/0x3f0 [ 18.728211] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.728275] kthread+0x328/0x630 [ 18.728331] ret_from_fork+0x10/0x20 [ 18.728388] [ 18.728417] Allocated by task 265: [ 18.728454] kasan_save_stack+0x3c/0x68 [ 18.728499] kasan_save_track+0x20/0x40 [ 18.728555] kasan_save_alloc_info+0x40/0x58 [ 18.728650] __kasan_kmalloc+0xd4/0xd8 [ 18.728692] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.728735] kasan_atomics+0xb8/0x2e0 [ 18.728772] kunit_try_run_case+0x170/0x3f0 [ 18.728813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.728859] kthread+0x328/0x630 [ 18.729110] ret_from_fork+0x10/0x20 [ 18.729262] [ 18.729290] The buggy address belongs to the object at fff00000c635c500 [ 18.729290] which belongs to the cache kmalloc-64 of size 64 [ 18.729707] The buggy address is located 0 bytes to the right of [ 18.729707] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.730054] [ 18.730110] The buggy address belongs to the physical page: [ 18.730153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.730208] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.730285] page_type: f5(slab) [ 18.730327] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.730377] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.730419] page dumped because: kasan: bad access detected [ 18.730768] [ 18.730818] Memory state around the buggy address: [ 18.730875] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.730952] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.731036] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.731076] ^ [ 18.731122] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.731284] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.731328] ================================================================== [ 18.763259] ================================================================== [ 18.763312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 18.763370] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.763456] [ 18.763495] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.763589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.763754] Hardware name: linux,dummy-virt (DT) [ 18.763791] Call trace: [ 18.763920] show_stack+0x20/0x38 (C) [ 18.763996] dump_stack_lvl+0x8c/0xd0 [ 18.764052] print_report+0x118/0x608 [ 18.764132] kasan_report+0xdc/0x128 [ 18.764189] kasan_check_range+0x100/0x1a8 [ 18.764241] __kasan_check_write+0x20/0x30 [ 18.764298] kasan_atomics_helper+0xeb8/0x4858 [ 18.764363] kasan_atomics+0x198/0x2e0 [ 18.764419] kunit_try_run_case+0x170/0x3f0 [ 18.764475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.764538] kthread+0x328/0x630 [ 18.764630] ret_from_fork+0x10/0x20 [ 18.764682] [ 18.764702] Allocated by task 265: [ 18.764731] kasan_save_stack+0x3c/0x68 [ 18.764790] kasan_save_track+0x20/0x40 [ 18.764836] kasan_save_alloc_info+0x40/0x58 [ 18.764994] __kasan_kmalloc+0xd4/0xd8 [ 18.765150] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.765205] kasan_atomics+0xb8/0x2e0 [ 18.765247] kunit_try_run_case+0x170/0x3f0 [ 18.765397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.765537] kthread+0x328/0x630 [ 18.765583] ret_from_fork+0x10/0x20 [ 18.765768] [ 18.765940] The buggy address belongs to the object at fff00000c635c500 [ 18.765940] which belongs to the cache kmalloc-64 of size 64 [ 18.766145] The buggy address is located 0 bytes to the right of [ 18.766145] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.766238] [ 18.766304] The buggy address belongs to the physical page: [ 18.766566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.766693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.766841] page_type: f5(slab) [ 18.766917] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.766969] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.767012] page dumped because: kasan: bad access detected [ 18.767207] [ 18.767237] Memory state around the buggy address: [ 18.767274] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.767536] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.767612] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.767688] ^ [ 18.768015] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.768109] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.768167] ================================================================== [ 18.797830] ================================================================== [ 18.797924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 18.797987] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.798060] [ 18.798401] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.798550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.798630] Hardware name: linux,dummy-virt (DT) [ 18.798723] Call trace: [ 18.798790] show_stack+0x20/0x38 (C) [ 18.798906] dump_stack_lvl+0x8c/0xd0 [ 18.799004] print_report+0x118/0x608 [ 18.799111] kasan_report+0xdc/0x128 [ 18.799195] kasan_check_range+0x100/0x1a8 [ 18.799247] __kasan_check_write+0x20/0x30 [ 18.799295] kasan_atomics_helper+0x1128/0x4858 [ 18.799346] kasan_atomics+0x198/0x2e0 [ 18.799394] kunit_try_run_case+0x170/0x3f0 [ 18.799444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.799657] kthread+0x328/0x630 [ 18.799763] ret_from_fork+0x10/0x20 [ 18.799881] [ 18.800210] Allocated by task 265: [ 18.800276] kasan_save_stack+0x3c/0x68 [ 18.800351] kasan_save_track+0x20/0x40 [ 18.800430] kasan_save_alloc_info+0x40/0x58 [ 18.800525] __kasan_kmalloc+0xd4/0xd8 [ 18.800603] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.800666] kasan_atomics+0xb8/0x2e0 [ 18.800725] kunit_try_run_case+0x170/0x3f0 [ 18.800792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.800865] kthread+0x328/0x630 [ 18.800923] ret_from_fork+0x10/0x20 [ 18.800980] [ 18.801001] The buggy address belongs to the object at fff00000c635c500 [ 18.801001] which belongs to the cache kmalloc-64 of size 64 [ 18.801370] The buggy address is located 0 bytes to the right of [ 18.801370] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.801486] [ 18.801524] The buggy address belongs to the physical page: [ 18.801591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.801960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.802033] page_type: f5(slab) [ 18.802120] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.802238] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.802282] page dumped because: kasan: bad access detected [ 18.802322] [ 18.802342] Memory state around the buggy address: [ 18.802377] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.802423] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.802469] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.802511] ^ [ 18.802686] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.802973] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.803042] ================================================================== [ 18.888223] ================================================================== [ 18.888383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.888448] Read of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.888511] [ 18.888560] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.888651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.888688] Hardware name: linux,dummy-virt (DT) [ 18.888731] Call trace: [ 18.888767] show_stack+0x20/0x38 (C) [ 18.888834] dump_stack_lvl+0x8c/0xd0 [ 18.888885] print_report+0x118/0x608 [ 18.888941] kasan_report+0xdc/0x128 [ 18.889184] __asan_report_load8_noabort+0x20/0x30 [ 18.889263] kasan_atomics_helper+0x3e10/0x4858 [ 18.889331] kasan_atomics+0x198/0x2e0 [ 18.889384] kunit_try_run_case+0x170/0x3f0 [ 18.889452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.889529] kthread+0x328/0x630 [ 18.889575] ret_from_fork+0x10/0x20 [ 18.889627] [ 18.889647] Allocated by task 265: [ 18.889676] kasan_save_stack+0x3c/0x68 [ 18.889742] kasan_save_track+0x20/0x40 [ 18.889837] kasan_save_alloc_info+0x40/0x58 [ 18.889912] __kasan_kmalloc+0xd4/0xd8 [ 18.889951] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.890177] kasan_atomics+0xb8/0x2e0 [ 18.890391] kunit_try_run_case+0x170/0x3f0 [ 18.890437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.890492] kthread+0x328/0x630 [ 18.890541] ret_from_fork+0x10/0x20 [ 18.890579] [ 18.890599] The buggy address belongs to the object at fff00000c635c500 [ 18.890599] which belongs to the cache kmalloc-64 of size 64 [ 18.890660] The buggy address is located 0 bytes to the right of [ 18.890660] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.890736] [ 18.890767] The buggy address belongs to the physical page: [ 18.890813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.890869] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.890924] page_type: f5(slab) [ 18.890963] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.891016] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.891070] page dumped because: kasan: bad access detected [ 18.891130] [ 18.891150] Memory state around the buggy address: [ 18.891183] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.891238] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.891298] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.891338] ^ [ 18.891374] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.891428] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.891466] ================================================================== [ 18.813873] ================================================================== [ 18.814033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 18.814117] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.814224] [ 18.814296] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.814432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.814502] Hardware name: linux,dummy-virt (DT) [ 18.814610] Call trace: [ 18.814669] show_stack+0x20/0x38 (C) [ 18.814720] dump_stack_lvl+0x8c/0xd0 [ 18.814771] print_report+0x118/0x608 [ 18.814922] kasan_report+0xdc/0x128 [ 18.814982] kasan_check_range+0x100/0x1a8 [ 18.815032] __kasan_check_write+0x20/0x30 [ 18.815180] kasan_atomics_helper+0x126c/0x4858 [ 18.815247] kasan_atomics+0x198/0x2e0 [ 18.815329] kunit_try_run_case+0x170/0x3f0 [ 18.815466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.815563] kthread+0x328/0x630 [ 18.815617] ret_from_fork+0x10/0x20 [ 18.815667] [ 18.815687] Allocated by task 265: [ 18.815871] kasan_save_stack+0x3c/0x68 [ 18.815955] kasan_save_track+0x20/0x40 [ 18.816033] kasan_save_alloc_info+0x40/0x58 [ 18.816136] __kasan_kmalloc+0xd4/0xd8 [ 18.816214] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.816333] kasan_atomics+0xb8/0x2e0 [ 18.816411] kunit_try_run_case+0x170/0x3f0 [ 18.816487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.816598] kthread+0x328/0x630 [ 18.816653] ret_from_fork+0x10/0x20 [ 18.816690] [ 18.816954] The buggy address belongs to the object at fff00000c635c500 [ 18.816954] which belongs to the cache kmalloc-64 of size 64 [ 18.817060] The buggy address is located 0 bytes to the right of [ 18.817060] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.817177] [ 18.817258] The buggy address belongs to the physical page: [ 18.817331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.817690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.817794] page_type: f5(slab) [ 18.817867] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.817935] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.818000] page dumped because: kasan: bad access detected [ 18.818033] [ 18.818055] Memory state around the buggy address: [ 18.818343] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.818474] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.818554] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.818641] ^ [ 18.818735] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.818812] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.818871] ================================================================== [ 18.664800] ================================================================== [ 18.664912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 18.665116] Write of size 4 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.665180] [ 18.665968] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.668249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.668477] Hardware name: linux,dummy-virt (DT) [ 18.668646] Call trace: [ 18.668982] show_stack+0x20/0x38 (C) [ 18.669976] dump_stack_lvl+0x8c/0xd0 [ 18.670123] print_report+0x118/0x608 [ 18.670994] kasan_report+0xdc/0x128 [ 18.671154] kasan_check_range+0x100/0x1a8 [ 18.671215] __kasan_check_write+0x20/0x30 [ 18.671264] kasan_atomics_helper+0xa6c/0x4858 [ 18.671524] kasan_atomics+0x198/0x2e0 [ 18.671748] kunit_try_run_case+0x170/0x3f0 [ 18.671898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.672016] kthread+0x328/0x630 [ 18.672141] ret_from_fork+0x10/0x20 [ 18.672274] [ 18.672320] Allocated by task 265: [ 18.672383] kasan_save_stack+0x3c/0x68 [ 18.672555] kasan_save_track+0x20/0x40 [ 18.672693] kasan_save_alloc_info+0x40/0x58 [ 18.672822] __kasan_kmalloc+0xd4/0xd8 [ 18.672900] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.672982] kasan_atomics+0xb8/0x2e0 [ 18.673120] kunit_try_run_case+0x170/0x3f0 [ 18.673273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.673348] kthread+0x328/0x630 [ 18.673396] ret_from_fork+0x10/0x20 [ 18.673576] [ 18.673686] The buggy address belongs to the object at fff00000c635c500 [ 18.673686] which belongs to the cache kmalloc-64 of size 64 [ 18.673876] The buggy address is located 0 bytes to the right of [ 18.673876] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.673975] [ 18.674031] The buggy address belongs to the physical page: [ 18.674094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.674223] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.674312] page_type: f5(slab) [ 18.674501] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.674651] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.674813] page dumped because: kasan: bad access detected [ 18.674863] [ 18.674960] Memory state around the buggy address: [ 18.675014] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.675059] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.675130] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.675286] ^ [ 18.675407] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.675555] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.675634] ================================================================== [ 18.804553] ================================================================== [ 18.804771] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 18.804854] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.804907] [ 18.804945] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.805058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.805117] Hardware name: linux,dummy-virt (DT) [ 18.805151] Call trace: [ 18.805175] show_stack+0x20/0x38 (C) [ 18.805235] dump_stack_lvl+0x8c/0xd0 [ 18.805507] print_report+0x118/0x608 [ 18.805603] kasan_report+0xdc/0x128 [ 18.805653] kasan_check_range+0x100/0x1a8 [ 18.805721] __kasan_check_write+0x20/0x30 [ 18.805859] kasan_atomics_helper+0x1190/0x4858 [ 18.806031] kasan_atomics+0x198/0x2e0 [ 18.806265] kunit_try_run_case+0x170/0x3f0 [ 18.806461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.806563] kthread+0x328/0x630 [ 18.806674] ret_from_fork+0x10/0x20 [ 18.806732] [ 18.806752] Allocated by task 265: [ 18.806813] kasan_save_stack+0x3c/0x68 [ 18.806855] kasan_save_track+0x20/0x40 [ 18.806912] kasan_save_alloc_info+0x40/0x58 [ 18.806954] __kasan_kmalloc+0xd4/0xd8 [ 18.807004] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.807046] kasan_atomics+0xb8/0x2e0 [ 18.807096] kunit_try_run_case+0x170/0x3f0 [ 18.807137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.807411] kthread+0x328/0x630 [ 18.807462] ret_from_fork+0x10/0x20 [ 18.807814] [ 18.807865] The buggy address belongs to the object at fff00000c635c500 [ 18.807865] which belongs to the cache kmalloc-64 of size 64 [ 18.807981] The buggy address is located 0 bytes to the right of [ 18.807981] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.808063] [ 18.808324] The buggy address belongs to the physical page: [ 18.808388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.808451] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.808542] page_type: f5(slab) [ 18.808620] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.808674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.808717] page dumped because: kasan: bad access detected [ 18.808951] [ 18.808978] Memory state around the buggy address: [ 18.809124] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.809207] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.809478] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.809555] ^ [ 18.809643] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.809712] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.809760] ================================================================== [ 18.651502] ================================================================== [ 18.651607] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 18.651680] Write of size 4 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.651736] [ 18.651787] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.652157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.652266] Hardware name: linux,dummy-virt (DT) [ 18.652392] Call trace: [ 18.652418] show_stack+0x20/0x38 (C) [ 18.652523] dump_stack_lvl+0x8c/0xd0 [ 18.652576] print_report+0x118/0x608 [ 18.652681] kasan_report+0xdc/0x128 [ 18.652734] kasan_check_range+0x100/0x1a8 [ 18.652788] __kasan_check_write+0x20/0x30 [ 18.652868] kasan_atomics_helper+0xa04/0x4858 [ 18.652922] kasan_atomics+0x198/0x2e0 [ 18.652990] kunit_try_run_case+0x170/0x3f0 [ 18.653103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.653223] kthread+0x328/0x630 [ 18.653273] ret_from_fork+0x10/0x20 [ 18.653330] [ 18.653358] Allocated by task 265: [ 18.653566] kasan_save_stack+0x3c/0x68 [ 18.653809] kasan_save_track+0x20/0x40 [ 18.653869] kasan_save_alloc_info+0x40/0x58 [ 18.653911] __kasan_kmalloc+0xd4/0xd8 [ 18.654848] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.655074] kasan_atomics+0xb8/0x2e0 [ 18.655301] kunit_try_run_case+0x170/0x3f0 [ 18.655999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.656170] kthread+0x328/0x630 [ 18.656220] ret_from_fork+0x10/0x20 [ 18.656436] [ 18.656570] The buggy address belongs to the object at fff00000c635c500 [ 18.656570] which belongs to the cache kmalloc-64 of size 64 [ 18.656659] The buggy address is located 0 bytes to the right of [ 18.656659] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.656806] [ 18.657271] The buggy address belongs to the physical page: [ 18.657342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.658604] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.660801] page_type: f5(slab) [ 18.661322] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.661780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.661840] page dumped because: kasan: bad access detected [ 18.663072] [ 18.663283] Memory state around the buggy address: [ 18.663327] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.663399] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.663447] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.663496] ^ [ 18.663533] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.663579] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.663621] ================================================================== [ 18.843431] ================================================================== [ 18.843480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 18.843600] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.843753] [ 18.844010] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.844122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.844159] Hardware name: linux,dummy-virt (DT) [ 18.844195] Call trace: [ 18.844224] show_stack+0x20/0x38 (C) [ 18.844286] dump_stack_lvl+0x8c/0xd0 [ 18.844393] print_report+0x118/0x608 [ 18.844552] kasan_report+0xdc/0x128 [ 18.844613] kasan_check_range+0x100/0x1a8 [ 18.844666] __kasan_check_write+0x20/0x30 [ 18.844958] kasan_atomics_helper+0x147c/0x4858 [ 18.845044] kasan_atomics+0x198/0x2e0 [ 18.845107] kunit_try_run_case+0x170/0x3f0 [ 18.845164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.845229] kthread+0x328/0x630 [ 18.845292] ret_from_fork+0x10/0x20 [ 18.845394] [ 18.845562] Allocated by task 265: [ 18.845606] kasan_save_stack+0x3c/0x68 [ 18.845668] kasan_save_track+0x20/0x40 [ 18.845725] kasan_save_alloc_info+0x40/0x58 [ 18.845768] __kasan_kmalloc+0xd4/0xd8 [ 18.845827] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.845905] kasan_atomics+0xb8/0x2e0 [ 18.845945] kunit_try_run_case+0x170/0x3f0 [ 18.845985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.846032] kthread+0x328/0x630 [ 18.846066] ret_from_fork+0x10/0x20 [ 18.846339] [ 18.846423] The buggy address belongs to the object at fff00000c635c500 [ 18.846423] which belongs to the cache kmalloc-64 of size 64 [ 18.846499] The buggy address is located 0 bytes to the right of [ 18.846499] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.846581] [ 18.846635] The buggy address belongs to the physical page: [ 18.846894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.846994] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.847110] page_type: f5(slab) [ 18.847196] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.847295] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.847338] page dumped because: kasan: bad access detected [ 18.847371] [ 18.847393] Memory state around the buggy address: [ 18.847692] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.847796] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.847870] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.847944] ^ [ 18.848242] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.848325] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.848405] ================================================================== [ 18.839108] ================================================================== [ 18.839363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 18.839424] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.839537] [ 18.839592] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.839676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.839703] Hardware name: linux,dummy-virt (DT) [ 18.839753] Call trace: [ 18.839982] show_stack+0x20/0x38 (C) [ 18.840061] dump_stack_lvl+0x8c/0xd0 [ 18.840129] print_report+0x118/0x608 [ 18.840186] kasan_report+0xdc/0x128 [ 18.840242] kasan_check_range+0x100/0x1a8 [ 18.840293] __kasan_check_write+0x20/0x30 [ 18.840342] kasan_atomics_helper+0x1414/0x4858 [ 18.840392] kasan_atomics+0x198/0x2e0 [ 18.840450] kunit_try_run_case+0x170/0x3f0 [ 18.840502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.840558] kthread+0x328/0x630 [ 18.840601] ret_from_fork+0x10/0x20 [ 18.840659] [ 18.840688] Allocated by task 265: [ 18.840717] kasan_save_stack+0x3c/0x68 [ 18.840760] kasan_save_track+0x20/0x40 [ 18.840808] kasan_save_alloc_info+0x40/0x58 [ 18.840852] __kasan_kmalloc+0xd4/0xd8 [ 18.840903] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.840954] kasan_atomics+0xb8/0x2e0 [ 18.840992] kunit_try_run_case+0x170/0x3f0 [ 18.841035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.841344] kthread+0x328/0x630 [ 18.841398] ret_from_fork+0x10/0x20 [ 18.841438] [ 18.841462] The buggy address belongs to the object at fff00000c635c500 [ 18.841462] which belongs to the cache kmalloc-64 of size 64 [ 18.841691] The buggy address is located 0 bytes to the right of [ 18.841691] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.841793] [ 18.841826] The buggy address belongs to the physical page: [ 18.841879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.841933] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.842006] page_type: f5(slab) [ 18.842290] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.842387] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.842455] page dumped because: kasan: bad access detected [ 18.842552] [ 18.842581] Memory state around the buggy address: [ 18.842616] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.842662] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.842708] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.842750] ^ [ 18.842820] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.842866] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.843026] ================================================================== [ 18.682899] ================================================================== [ 18.682953] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 18.683005] Read of size 4 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.683056] [ 18.683101] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.683197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.683485] __asan_report_load4_noabort+0x20/0x30 [ 18.686173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.687435] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.698506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.701109] [ 18.701979] kasan_atomics_helper+0xc08/0x4858 [ 18.703736] kunit_try_run_case+0x170/0x3f0 [ 18.704819] [ 18.705128] page_type: f5(slab) [ 18.705793] Memory state around the buggy address: [ 18.706418] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.712379] kasan_save_track+0x20/0x40 [ 18.713330] kthread+0x328/0x630 [ 18.714347] page_type: f5(slab) [ 18.715014] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.717343] [ 18.717906] print_report+0x118/0x608 [ 18.718919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.719002] ret_from_fork+0x10/0x20 [ 18.719041] [ 18.719086] The buggy address belongs to the object at fff00000c635c500 [ 18.719086] which belongs to the cache kmalloc-64 of size 64 [ 18.719148] The buggy address is located 0 bytes to the right of [ 18.719148] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.719214] [ 18.719261] The buggy address belongs to the physical page: [ 18.719297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.719362] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.719418] page_type: f5(slab) [ 18.719459] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.719511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.719554] page dumped because: kasan: bad access detected [ 18.719587] [ 18.719613] Memory state around the buggy address: [ 18.719645] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.719691] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.719734] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.719774] ^ [ 18.719809] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.719868] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.719918] ================================================================== [ 18.783849] ================================================================== [ 18.783915] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 18.783978] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.784293] [ 18.784350] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.784446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.784483] Hardware name: linux,dummy-virt (DT) [ 18.784517] Call trace: [ 18.784553] show_stack+0x20/0x38 (C) [ 18.784608] dump_stack_lvl+0x8c/0xd0 [ 18.784665] print_report+0x118/0x608 [ 18.784721] kasan_report+0xdc/0x128 [ 18.784802] kasan_check_range+0x100/0x1a8 [ 18.784869] __kasan_check_write+0x20/0x30 [ 18.784916] kasan_atomics_helper+0x1058/0x4858 [ 18.784968] kasan_atomics+0x198/0x2e0 [ 18.785199] kunit_try_run_case+0x170/0x3f0 [ 18.785339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.785421] kthread+0x328/0x630 [ 18.785474] ret_from_fork+0x10/0x20 [ 18.785537] [ 18.785657] Allocated by task 265: [ 18.785804] kasan_save_stack+0x3c/0x68 [ 18.785895] kasan_save_track+0x20/0x40 [ 18.785983] kasan_save_alloc_info+0x40/0x58 [ 18.786096] __kasan_kmalloc+0xd4/0xd8 [ 18.786780] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.786834] kasan_atomics+0xb8/0x2e0 [ 18.786871] kunit_try_run_case+0x170/0x3f0 [ 18.786912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.786960] kthread+0x328/0x630 [ 18.787769] ret_from_fork+0x10/0x20 [ 18.789338] [ 18.789688] The buggy address belongs to the object at fff00000c635c500 [ 18.789688] which belongs to the cache kmalloc-64 of size 64 [ 18.790371] The buggy address is located 0 bytes to the right of [ 18.790371] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.790642] [ 18.790679] The buggy address belongs to the physical page: [ 18.790737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.790815] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.790901] page_type: f5(slab) [ 18.790988] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.791042] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.791266] page dumped because: kasan: bad access detected [ 18.791391] [ 18.791415] Memory state around the buggy address: [ 18.791453] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.791500] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.791598] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.791666] ^ [ 18.791719] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.791789] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.791858] ================================================================== [ 18.732522] ================================================================== [ 18.732602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 18.732656] Read of size 4 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.732713] [ 18.732745] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.732854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.732883] Hardware name: linux,dummy-virt (DT) [ 18.732917] Call trace: [ 18.732940] show_stack+0x20/0x38 (C) [ 18.733238] dump_stack_lvl+0x8c/0xd0 [ 18.733334] print_report+0x118/0x608 [ 18.733388] kasan_report+0xdc/0x128 [ 18.733444] __asan_report_load4_noabort+0x20/0x30 [ 18.733505] kasan_atomics_helper+0x3e04/0x4858 [ 18.733712] kasan_atomics+0x198/0x2e0 [ 18.733936] kunit_try_run_case+0x170/0x3f0 [ 18.734058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.734155] kthread+0x328/0x630 [ 18.734227] ret_from_fork+0x10/0x20 [ 18.734342] [ 18.734390] Allocated by task 265: [ 18.734461] kasan_save_stack+0x3c/0x68 [ 18.734506] kasan_save_track+0x20/0x40 [ 18.734568] kasan_save_alloc_info+0x40/0x58 [ 18.734612] __kasan_kmalloc+0xd4/0xd8 [ 18.734652] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.734922] kasan_atomics+0xb8/0x2e0 [ 18.735042] kunit_try_run_case+0x170/0x3f0 [ 18.735122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.735440] kthread+0x328/0x630 [ 18.735507] ret_from_fork+0x10/0x20 [ 18.735611] [ 18.735681] The buggy address belongs to the object at fff00000c635c500 [ 18.735681] which belongs to the cache kmalloc-64 of size 64 [ 18.735812] The buggy address is located 0 bytes to the right of [ 18.735812] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.735879] [ 18.735902] The buggy address belongs to the physical page: [ 18.736052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.736286] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.736391] page_type: f5(slab) [ 18.736484] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.736729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.736802] page dumped because: kasan: bad access detected [ 18.736895] [ 18.736954] Memory state around the buggy address: [ 18.737007] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.737054] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.737214] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.737434] ^ [ 18.737493] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.737556] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.737733] ================================================================== [ 18.759703] ================================================================== [ 18.759756] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 18.759811] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.759863] [ 18.759897] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.759980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.760009] Hardware name: linux,dummy-virt (DT) [ 18.760041] Call trace: [ 18.760066] show_stack+0x20/0x38 (C) [ 18.760140] dump_stack_lvl+0x8c/0xd0 [ 18.760193] print_report+0x118/0x608 [ 18.760241] kasan_report+0xdc/0x128 [ 18.760290] __asan_report_store8_noabort+0x20/0x30 [ 18.760352] kasan_atomics_helper+0x3e5c/0x4858 [ 18.760405] kasan_atomics+0x198/0x2e0 [ 18.760454] kunit_try_run_case+0x170/0x3f0 [ 18.760506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.760563] kthread+0x328/0x630 [ 18.760608] ret_from_fork+0x10/0x20 [ 18.760659] [ 18.760681] Allocated by task 265: [ 18.760709] kasan_save_stack+0x3c/0x68 [ 18.760751] kasan_save_track+0x20/0x40 [ 18.760791] kasan_save_alloc_info+0x40/0x58 [ 18.760834] __kasan_kmalloc+0xd4/0xd8 [ 18.760882] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.760925] kasan_atomics+0xb8/0x2e0 [ 18.760964] kunit_try_run_case+0x170/0x3f0 [ 18.761004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.761051] kthread+0x328/0x630 [ 18.761098] ret_from_fork+0x10/0x20 [ 18.761136] [ 18.761158] The buggy address belongs to the object at fff00000c635c500 [ 18.761158] which belongs to the cache kmalloc-64 of size 64 [ 18.761252] The buggy address is located 0 bytes to the right of [ 18.761252] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.761319] [ 18.761341] The buggy address belongs to the physical page: [ 18.761374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.761428] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.761478] page_type: f5(slab) [ 18.761519] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.761572] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.761617] page dumped because: kasan: bad access detected [ 18.761651] [ 18.761671] Memory state around the buggy address: [ 18.762100] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.762180] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.762227] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.762411] ^ [ 18.762454] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.762516] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.762556] ================================================================== [ 18.810291] ================================================================== [ 18.810349] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 18.810547] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.810609] [ 18.810643] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.810726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.810753] Hardware name: linux,dummy-virt (DT) [ 18.810786] Call trace: [ 18.810811] show_stack+0x20/0x38 (C) [ 18.810863] dump_stack_lvl+0x8c/0xd0 [ 18.810922] print_report+0x118/0x608 [ 18.810971] kasan_report+0xdc/0x128 [ 18.811028] kasan_check_range+0x100/0x1a8 [ 18.811091] __kasan_check_write+0x20/0x30 [ 18.811140] kasan_atomics_helper+0x11f8/0x4858 [ 18.811201] kasan_atomics+0x198/0x2e0 [ 18.811250] kunit_try_run_case+0x170/0x3f0 [ 18.811302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.811363] kthread+0x328/0x630 [ 18.811416] ret_from_fork+0x10/0x20 [ 18.811466] [ 18.811502] Allocated by task 265: [ 18.811531] kasan_save_stack+0x3c/0x68 [ 18.811574] kasan_save_track+0x20/0x40 [ 18.811613] kasan_save_alloc_info+0x40/0x58 [ 18.811665] __kasan_kmalloc+0xd4/0xd8 [ 18.811704] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.811752] kasan_atomics+0xb8/0x2e0 [ 18.811790] kunit_try_run_case+0x170/0x3f0 [ 18.811832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.811878] kthread+0x328/0x630 [ 18.811913] ret_from_fork+0x10/0x20 [ 18.811950] [ 18.811987] The buggy address belongs to the object at fff00000c635c500 [ 18.811987] which belongs to the cache kmalloc-64 of size 64 [ 18.812046] The buggy address is located 0 bytes to the right of [ 18.812046] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.812359] [ 18.812394] The buggy address belongs to the physical page: [ 18.812590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.812663] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.812850] page_type: f5(slab) [ 18.812897] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.812951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.812995] page dumped because: kasan: bad access detected [ 18.813045] [ 18.813182] Memory state around the buggy address: [ 18.813219] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.813266] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.813348] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.813491] ^ [ 18.813568] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.813613] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.813660] ================================================================== [ 18.852755] ================================================================== [ 18.852811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 18.852862] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.852969] [ 18.853003] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.853100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.853129] Hardware name: linux,dummy-virt (DT) [ 18.853181] Call trace: [ 18.853205] show_stack+0x20/0x38 (C) [ 18.853307] dump_stack_lvl+0x8c/0xd0 [ 18.853361] print_report+0x118/0x608 [ 18.853427] kasan_report+0xdc/0x128 [ 18.853475] kasan_check_range+0x100/0x1a8 [ 18.853526] __kasan_check_write+0x20/0x30 [ 18.853597] kasan_atomics_helper+0x154c/0x4858 [ 18.853650] kasan_atomics+0x198/0x2e0 [ 18.853833] kunit_try_run_case+0x170/0x3f0 [ 18.853908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.853980] kthread+0x328/0x630 [ 18.854026] ret_from_fork+0x10/0x20 [ 18.854237] [ 18.854333] Allocated by task 265: [ 18.854401] kasan_save_stack+0x3c/0x68 [ 18.854471] kasan_save_track+0x20/0x40 [ 18.854512] kasan_save_alloc_info+0x40/0x58 [ 18.854774] __kasan_kmalloc+0xd4/0xd8 [ 18.854843] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.854895] kasan_atomics+0xb8/0x2e0 [ 18.854955] kunit_try_run_case+0x170/0x3f0 [ 18.855045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.855127] kthread+0x328/0x630 [ 18.855186] ret_from_fork+0x10/0x20 [ 18.855299] [ 18.855347] The buggy address belongs to the object at fff00000c635c500 [ 18.855347] which belongs to the cache kmalloc-64 of size 64 [ 18.855436] The buggy address is located 0 bytes to the right of [ 18.855436] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.855540] [ 18.855594] The buggy address belongs to the physical page: [ 18.855627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.855680] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.855866] page_type: f5(slab) [ 18.855910] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.855963] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.856028] page dumped because: kasan: bad access detected [ 18.856061] [ 18.856094] Memory state around the buggy address: [ 18.856128] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.856466] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.856532] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.856611] ^ [ 18.856681] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.857010] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.857122] ================================================================== [ 18.896758] ================================================================== [ 18.896805] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.896921] Read of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.896974] [ 18.897140] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.897241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.897285] Hardware name: linux,dummy-virt (DT) [ 18.897562] Call trace: [ 18.897596] show_stack+0x20/0x38 (C) [ 18.897652] dump_stack_lvl+0x8c/0xd0 [ 18.897764] print_report+0x118/0x608 [ 18.897886] kasan_report+0xdc/0x128 [ 18.898253] __asan_report_load8_noabort+0x20/0x30 [ 18.898438] kasan_atomics_helper+0x3e20/0x4858 [ 18.898552] kasan_atomics+0x198/0x2e0 [ 18.898639] kunit_try_run_case+0x170/0x3f0 [ 18.898702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.898804] kthread+0x328/0x630 [ 18.898882] ret_from_fork+0x10/0x20 [ 18.898951] [ 18.898971] Allocated by task 265: [ 18.899186] kasan_save_stack+0x3c/0x68 [ 18.899367] kasan_save_track+0x20/0x40 [ 18.899452] kasan_save_alloc_info+0x40/0x58 [ 18.899521] __kasan_kmalloc+0xd4/0xd8 [ 18.899586] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.899855] kasan_atomics+0xb8/0x2e0 [ 18.899968] kunit_try_run_case+0x170/0x3f0 [ 18.900098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.900174] kthread+0x328/0x630 [ 18.900259] ret_from_fork+0x10/0x20 [ 18.900347] [ 18.900418] The buggy address belongs to the object at fff00000c635c500 [ 18.900418] which belongs to the cache kmalloc-64 of size 64 [ 18.900501] The buggy address is located 0 bytes to the right of [ 18.900501] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.900641] [ 18.900711] The buggy address belongs to the physical page: [ 18.900743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.900798] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.901076] page_type: f5(slab) [ 18.901628] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.901736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.901815] page dumped because: kasan: bad access detected [ 18.901883] [ 18.902168] Memory state around the buggy address: [ 18.902235] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.902283] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.902444] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.902495] ^ [ 18.902530] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.904965] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.905378] ================================================================== [ 18.739747] ================================================================== [ 18.739819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 18.739903] Read of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.739963] [ 18.740000] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.740105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.740148] Hardware name: linux,dummy-virt (DT) [ 18.740197] Call trace: [ 18.740221] show_stack+0x20/0x38 (C) [ 18.740272] dump_stack_lvl+0x8c/0xd0 [ 18.740328] print_report+0x118/0x608 [ 18.740585] kasan_report+0xdc/0x128 [ 18.740661] kasan_check_range+0x100/0x1a8 [ 18.740733] __kasan_check_read+0x20/0x30 [ 18.740787] kasan_atomics_helper+0xdd4/0x4858 [ 18.740840] kasan_atomics+0x198/0x2e0 [ 18.740896] kunit_try_run_case+0x170/0x3f0 [ 18.741197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.741280] kthread+0x328/0x630 [ 18.741337] ret_from_fork+0x10/0x20 [ 18.741392] [ 18.741417] Allocated by task 265: [ 18.741455] kasan_save_stack+0x3c/0x68 [ 18.741508] kasan_save_track+0x20/0x40 [ 18.741556] kasan_save_alloc_info+0x40/0x58 [ 18.741600] __kasan_kmalloc+0xd4/0xd8 [ 18.741654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.741716] kasan_atomics+0xb8/0x2e0 [ 18.741823] kunit_try_run_case+0x170/0x3f0 [ 18.741867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.741930] kthread+0x328/0x630 [ 18.741967] ret_from_fork+0x10/0x20 [ 18.742335] [ 18.742385] The buggy address belongs to the object at fff00000c635c500 [ 18.742385] which belongs to the cache kmalloc-64 of size 64 [ 18.742507] The buggy address is located 0 bytes to the right of [ 18.742507] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.742853] [ 18.742929] The buggy address belongs to the physical page: [ 18.742990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.743063] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.743146] page_type: f5(slab) [ 18.743192] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.743247] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.743288] page dumped because: kasan: bad access detected [ 18.743331] [ 18.743374] Memory state around the buggy address: [ 18.743409] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.743469] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.743528] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.743577] ^ [ 18.743621] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.743665] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.743720] ================================================================== [ 18.907254] ================================================================== [ 18.907317] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.907376] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.907485] [ 18.907533] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.907719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.907753] Hardware name: linux,dummy-virt (DT) [ 18.907795] Call trace: [ 18.907820] show_stack+0x20/0x38 (C) [ 18.907876] dump_stack_lvl+0x8c/0xd0 [ 18.907930] print_report+0x118/0x608 [ 18.907988] kasan_report+0xdc/0x128 [ 18.908054] kasan_check_range+0x100/0x1a8 [ 18.908119] __kasan_check_write+0x20/0x30 [ 18.908166] kasan_atomics_helper+0x17ec/0x4858 [ 18.908226] kasan_atomics+0x198/0x2e0 [ 18.908273] kunit_try_run_case+0x170/0x3f0 [ 18.908324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.908513] kthread+0x328/0x630 [ 18.908560] ret_from_fork+0x10/0x20 [ 18.908655] [ 18.908683] Allocated by task 265: [ 18.908722] kasan_save_stack+0x3c/0x68 [ 18.908775] kasan_save_track+0x20/0x40 [ 18.908817] kasan_save_alloc_info+0x40/0x58 [ 18.908928] __kasan_kmalloc+0xd4/0xd8 [ 18.909005] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.909075] kasan_atomics+0xb8/0x2e0 [ 18.909223] kunit_try_run_case+0x170/0x3f0 [ 18.909276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.909322] kthread+0x328/0x630 [ 18.909378] ret_from_fork+0x10/0x20 [ 18.909418] [ 18.909440] The buggy address belongs to the object at fff00000c635c500 [ 18.909440] which belongs to the cache kmalloc-64 of size 64 [ 18.909500] The buggy address is located 0 bytes to the right of [ 18.909500] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.909575] [ 18.909599] The buggy address belongs to the physical page: [ 18.909632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.909686] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.909738] page_type: f5(slab) [ 18.909787] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.909842] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.910106] page dumped because: kasan: bad access detected [ 18.910151] [ 18.910177] Memory state around the buggy address: [ 18.910214] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.910387] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.910522] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.910622] ^ [ 18.910668] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.910728] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.910776] ================================================================== [ 18.834159] ================================================================== [ 18.834329] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 18.834417] Read of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.834479] [ 18.834566] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.834656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.834693] Hardware name: linux,dummy-virt (DT) [ 18.834736] Call trace: [ 18.835029] show_stack+0x20/0x38 (C) [ 18.835139] dump_stack_lvl+0x8c/0xd0 [ 18.835206] print_report+0x118/0x608 [ 18.835277] kasan_report+0xdc/0x128 [ 18.835333] __asan_report_load8_noabort+0x20/0x30 [ 18.835399] kasan_atomics_helper+0x3f04/0x4858 [ 18.835450] kasan_atomics+0x198/0x2e0 [ 18.835557] kunit_try_run_case+0x170/0x3f0 [ 18.835624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.835689] kthread+0x328/0x630 [ 18.835742] ret_from_fork+0x10/0x20 [ 18.835827] [ 18.835848] Allocated by task 265: [ 18.835876] kasan_save_stack+0x3c/0x68 [ 18.835920] kasan_save_track+0x20/0x40 [ 18.835959] kasan_save_alloc_info+0x40/0x58 [ 18.836002] __kasan_kmalloc+0xd4/0xd8 [ 18.836192] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.836401] kasan_atomics+0xb8/0x2e0 [ 18.836454] kunit_try_run_case+0x170/0x3f0 [ 18.836498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.836631] kthread+0x328/0x630 [ 18.836670] ret_from_fork+0x10/0x20 [ 18.836763] [ 18.836890] The buggy address belongs to the object at fff00000c635c500 [ 18.836890] which belongs to the cache kmalloc-64 of size 64 [ 18.836982] The buggy address is located 0 bytes to the right of [ 18.836982] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.837056] [ 18.837117] The buggy address belongs to the physical page: [ 18.837151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.837523] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.837598] page_type: f5(slab) [ 18.837642] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.837696] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.837740] page dumped because: kasan: bad access detected [ 18.837780] [ 18.837802] Memory state around the buggy address: [ 18.837844] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.838048] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.838154] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.838232] ^ [ 18.838317] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.838602] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.838700] ================================================================== [ 18.720453] ================================================================== [ 18.721058] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 18.721136] Read of size 4 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.721188] [ 18.721219] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.721302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.721330] Hardware name: linux,dummy-virt (DT) [ 18.721363] Call trace: [ 18.721386] show_stack+0x20/0x38 (C) [ 18.721438] dump_stack_lvl+0x8c/0xd0 [ 18.721488] print_report+0x118/0x608 [ 18.721539] kasan_report+0xdc/0x128 [ 18.721588] __asan_report_load4_noabort+0x20/0x30 [ 18.721645] kasan_atomics_helper+0x3dd8/0x4858 [ 18.721697] kasan_atomics+0x198/0x2e0 [ 18.721753] kunit_try_run_case+0x170/0x3f0 [ 18.721806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.721867] kthread+0x328/0x630 [ 18.721915] ret_from_fork+0x10/0x20 [ 18.721966] [ 18.721985] Allocated by task 265: [ 18.722015] kasan_save_stack+0x3c/0x68 [ 18.722058] kasan_save_track+0x20/0x40 [ 18.722132] kasan_save_alloc_info+0x40/0x58 [ 18.722191] __kasan_kmalloc+0xd4/0xd8 [ 18.722229] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.722294] kasan_atomics+0xb8/0x2e0 [ 18.722333] kunit_try_run_case+0x170/0x3f0 [ 18.722374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.722819] kthread+0x328/0x630 [ 18.722886] ret_from_fork+0x10/0x20 [ 18.723000] [ 18.723072] The buggy address belongs to the object at fff00000c635c500 [ 18.723072] which belongs to the cache kmalloc-64 of size 64 [ 18.723293] The buggy address is located 0 bytes to the right of [ 18.723293] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.723440] [ 18.723590] The buggy address belongs to the physical page: [ 18.723626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.723918] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.724075] page_type: f5(slab) [ 18.724176] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.724258] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.724405] page dumped because: kasan: bad access detected [ 18.724591] [ 18.724651] Memory state around the buggy address: [ 18.724759] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.724831] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.724877] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.724942] ^ [ 18.725241] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.725319] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.725429] ================================================================== [ 18.768679] ================================================================== [ 18.768894] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 18.768948] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.769191] [ 18.769258] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.769350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.769388] Hardware name: linux,dummy-virt (DT) [ 18.769421] Call trace: [ 18.769460] show_stack+0x20/0x38 (C) [ 18.769538] dump_stack_lvl+0x8c/0xd0 [ 18.769594] print_report+0x118/0x608 [ 18.769660] kasan_report+0xdc/0x128 [ 18.769710] kasan_check_range+0x100/0x1a8 [ 18.769763] __kasan_check_write+0x20/0x30 [ 18.769821] kasan_atomics_helper+0xf20/0x4858 [ 18.769880] kasan_atomics+0x198/0x2e0 [ 18.769939] kunit_try_run_case+0x170/0x3f0 [ 18.769995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.770051] kthread+0x328/0x630 [ 18.770411] ret_from_fork+0x10/0x20 [ 18.770644] [ 18.770684] Allocated by task 265: [ 18.770761] kasan_save_stack+0x3c/0x68 [ 18.770973] kasan_save_track+0x20/0x40 [ 18.771201] kasan_save_alloc_info+0x40/0x58 [ 18.771325] __kasan_kmalloc+0xd4/0xd8 [ 18.771404] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.771490] kasan_atomics+0xb8/0x2e0 [ 18.771610] kunit_try_run_case+0x170/0x3f0 [ 18.771677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.771751] kthread+0x328/0x630 [ 18.771786] ret_from_fork+0x10/0x20 [ 18.771825] [ 18.772091] The buggy address belongs to the object at fff00000c635c500 [ 18.772091] which belongs to the cache kmalloc-64 of size 64 [ 18.772235] The buggy address is located 0 bytes to the right of [ 18.772235] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.772332] [ 18.772397] The buggy address belongs to the physical page: [ 18.772719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.772839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.772974] page_type: f5(slab) [ 18.773039] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.773102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.773304] page dumped because: kasan: bad access detected [ 18.773474] [ 18.773535] Memory state around the buggy address: [ 18.773658] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.773731] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.774034] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.774093] ^ [ 18.774166] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.774213] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.774254] ================================================================== [ 18.819495] ================================================================== [ 18.819765] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 18.819826] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.820067] [ 18.820260] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.820376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.820414] Hardware name: linux,dummy-virt (DT) [ 18.820448] Call trace: [ 18.820478] show_stack+0x20/0x38 (C) [ 18.820541] dump_stack_lvl+0x8c/0xd0 [ 18.820616] print_report+0x118/0x608 [ 18.820672] kasan_report+0xdc/0x128 [ 18.820728] kasan_check_range+0x100/0x1a8 [ 18.820778] __kasan_check_write+0x20/0x30 [ 18.820863] kasan_atomics_helper+0x12d8/0x4858 [ 18.820919] kasan_atomics+0x198/0x2e0 [ 18.820975] kunit_try_run_case+0x170/0x3f0 [ 18.821027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.821127] kthread+0x328/0x630 [ 18.821171] ret_from_fork+0x10/0x20 [ 18.821222] [ 18.821249] Allocated by task 265: [ 18.821285] kasan_save_stack+0x3c/0x68 [ 18.821328] kasan_save_track+0x20/0x40 [ 18.821461] kasan_save_alloc_info+0x40/0x58 [ 18.821508] __kasan_kmalloc+0xd4/0xd8 [ 18.821591] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.821742] kasan_atomics+0xb8/0x2e0 [ 18.821883] kunit_try_run_case+0x170/0x3f0 [ 18.822062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.822148] kthread+0x328/0x630 [ 18.822221] ret_from_fork+0x10/0x20 [ 18.822289] [ 18.822356] The buggy address belongs to the object at fff00000c635c500 [ 18.822356] which belongs to the cache kmalloc-64 of size 64 [ 18.822494] The buggy address is located 0 bytes to the right of [ 18.822494] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.822606] [ 18.822715] The buggy address belongs to the physical page: [ 18.822781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.822834] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.822884] page_type: f5(slab) [ 18.823047] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.823112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.823157] page dumped because: kasan: bad access detected [ 18.823378] [ 18.823453] Memory state around the buggy address: [ 18.823518] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.823772] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.823842] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.823897] ^ [ 18.823934] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.823976] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.824016] ================================================================== [ 18.792914] ================================================================== [ 18.792981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 18.793105] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.793170] [ 18.793217] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.793550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.793604] Hardware name: linux,dummy-virt (DT) [ 18.793642] Call trace: [ 18.793678] show_stack+0x20/0x38 (C) [ 18.793733] dump_stack_lvl+0x8c/0xd0 [ 18.793827] print_report+0x118/0x608 [ 18.793918] kasan_report+0xdc/0x128 [ 18.794028] kasan_check_range+0x100/0x1a8 [ 18.794113] __kasan_check_write+0x20/0x30 [ 18.794284] kasan_atomics_helper+0x10c0/0x4858 [ 18.794337] kasan_atomics+0x198/0x2e0 [ 18.794385] kunit_try_run_case+0x170/0x3f0 [ 18.794436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.794492] kthread+0x328/0x630 [ 18.794689] ret_from_fork+0x10/0x20 [ 18.794776] [ 18.794816] Allocated by task 265: [ 18.794919] kasan_save_stack+0x3c/0x68 [ 18.794993] kasan_save_track+0x20/0x40 [ 18.795066] kasan_save_alloc_info+0x40/0x58 [ 18.795317] __kasan_kmalloc+0xd4/0xd8 [ 18.795421] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.795508] kasan_atomics+0xb8/0x2e0 [ 18.795587] kunit_try_run_case+0x170/0x3f0 [ 18.795661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.795749] kthread+0x328/0x630 [ 18.795796] ret_from_fork+0x10/0x20 [ 18.795835] [ 18.795872] The buggy address belongs to the object at fff00000c635c500 [ 18.795872] which belongs to the cache kmalloc-64 of size 64 [ 18.795934] The buggy address is located 0 bytes to the right of [ 18.795934] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.795999] [ 18.796038] The buggy address belongs to the physical page: [ 18.796091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.796146] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.796209] page_type: f5(slab) [ 18.796251] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.796303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.796346] page dumped because: kasan: bad access detected [ 18.796381] [ 18.796415] Memory state around the buggy address: [ 18.796451] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.796497] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.796542] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.796584] ^ [ 18.796617] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.796670] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.796719] ================================================================== [ 18.754504] ================================================================== [ 18.754560] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 18.754613] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.754825] [ 18.755015] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.755243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.755276] Hardware name: linux,dummy-virt (DT) [ 18.755310] Call trace: [ 18.755430] show_stack+0x20/0x38 (C) [ 18.755557] dump_stack_lvl+0x8c/0xd0 [ 18.755621] print_report+0x118/0x608 [ 18.755694] kasan_report+0xdc/0x128 [ 18.755749] kasan_check_range+0x100/0x1a8 [ 18.755952] __kasan_check_write+0x20/0x30 [ 18.756069] kasan_atomics_helper+0xe44/0x4858 [ 18.756143] kasan_atomics+0x198/0x2e0 [ 18.756205] kunit_try_run_case+0x170/0x3f0 [ 18.756272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.756337] kthread+0x328/0x630 [ 18.756385] ret_from_fork+0x10/0x20 [ 18.756455] [ 18.756484] Allocated by task 265: [ 18.756522] kasan_save_stack+0x3c/0x68 [ 18.756566] kasan_save_track+0x20/0x40 [ 18.756623] kasan_save_alloc_info+0x40/0x58 [ 18.756708] __kasan_kmalloc+0xd4/0xd8 [ 18.756755] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.756798] kasan_atomics+0xb8/0x2e0 [ 18.756837] kunit_try_run_case+0x170/0x3f0 [ 18.756878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.757094] kthread+0x328/0x630 [ 18.757139] ret_from_fork+0x10/0x20 [ 18.757271] [ 18.757298] The buggy address belongs to the object at fff00000c635c500 [ 18.757298] which belongs to the cache kmalloc-64 of size 64 [ 18.757370] The buggy address is located 0 bytes to the right of [ 18.757370] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.757442] [ 18.757482] The buggy address belongs to the physical page: [ 18.757526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.757691] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.757745] page_type: f5(slab) [ 18.758005] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.758096] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.758142] page dumped because: kasan: bad access detected [ 18.758176] [ 18.758196] Memory state around the buggy address: [ 18.758459] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.758566] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.758624] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.758717] ^ [ 18.758786] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.758878] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.759105] ================================================================== [ 18.644711] ================================================================== [ 18.644780] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 18.644834] Write of size 4 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.644953] [ 18.645004] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.645196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.645230] Hardware name: linux,dummy-virt (DT) [ 18.645265] Call trace: [ 18.645288] show_stack+0x20/0x38 (C) [ 18.645350] dump_stack_lvl+0x8c/0xd0 [ 18.645544] print_report+0x118/0x608 [ 18.645608] kasan_report+0xdc/0x128 [ 18.645710] kasan_check_range+0x100/0x1a8 [ 18.645962] __kasan_check_write+0x20/0x30 [ 18.646029] kasan_atomics_helper+0x99c/0x4858 [ 18.646215] kasan_atomics+0x198/0x2e0 [ 18.646275] kunit_try_run_case+0x170/0x3f0 [ 18.646327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.646610] kthread+0x328/0x630 [ 18.646781] ret_from_fork+0x10/0x20 [ 18.646946] [ 18.647011] Allocated by task 265: [ 18.647095] kasan_save_stack+0x3c/0x68 [ 18.647268] kasan_save_track+0x20/0x40 [ 18.647345] kasan_save_alloc_info+0x40/0x58 [ 18.647398] __kasan_kmalloc+0xd4/0xd8 [ 18.647589] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.647695] kasan_atomics+0xb8/0x2e0 [ 18.647778] kunit_try_run_case+0x170/0x3f0 [ 18.647962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.648028] kthread+0x328/0x630 [ 18.648251] ret_from_fork+0x10/0x20 [ 18.648399] [ 18.648447] The buggy address belongs to the object at fff00000c635c500 [ 18.648447] which belongs to the cache kmalloc-64 of size 64 [ 18.648612] The buggy address is located 0 bytes to the right of [ 18.648612] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.648706] [ 18.648752] The buggy address belongs to the physical page: [ 18.648915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.648982] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.649033] page_type: f5(slab) [ 18.649324] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.649448] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.649531] page dumped because: kasan: bad access detected [ 18.649888] [ 18.650104] Memory state around the buggy address: [ 18.650143] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.650191] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.650238] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.650279] ^ [ 18.650315] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.650359] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.650402] ================================================================== [ 18.891714] ================================================================== [ 18.891764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.891813] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.891863] [ 18.891893] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.891975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.892003] Hardware name: linux,dummy-virt (DT) [ 18.892046] Call trace: [ 18.892071] show_stack+0x20/0x38 (C) [ 18.892610] dump_stack_lvl+0x8c/0xd0 [ 18.892829] print_report+0x118/0x608 [ 18.892894] kasan_report+0xdc/0x128 [ 18.892975] kasan_check_range+0x100/0x1a8 [ 18.893031] __kasan_check_write+0x20/0x30 [ 18.893127] kasan_atomics_helper+0x175c/0x4858 [ 18.893179] kasan_atomics+0x198/0x2e0 [ 18.893228] kunit_try_run_case+0x170/0x3f0 [ 18.893564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.893648] kthread+0x328/0x630 [ 18.893824] ret_from_fork+0x10/0x20 [ 18.894106] [ 18.894152] Allocated by task 265: [ 18.894181] kasan_save_stack+0x3c/0x68 [ 18.894240] kasan_save_track+0x20/0x40 [ 18.894320] kasan_save_alloc_info+0x40/0x58 [ 18.894390] __kasan_kmalloc+0xd4/0xd8 [ 18.894458] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.894518] kasan_atomics+0xb8/0x2e0 [ 18.894562] kunit_try_run_case+0x170/0x3f0 [ 18.894642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.894708] kthread+0x328/0x630 [ 18.894757] ret_from_fork+0x10/0x20 [ 18.894835] [ 18.894926] The buggy address belongs to the object at fff00000c635c500 [ 18.894926] which belongs to the cache kmalloc-64 of size 64 [ 18.894987] The buggy address is located 0 bytes to the right of [ 18.894987] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.895072] [ 18.895105] The buggy address belongs to the physical page: [ 18.895138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.895191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.895294] page_type: f5(slab) [ 18.895481] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.895559] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.895649] page dumped because: kasan: bad access detected [ 18.895717] [ 18.895771] Memory state around the buggy address: [ 18.896072] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.896169] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.896273] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.896341] ^ [ 18.896427] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.896508] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.896566] ================================================================== [ 18.877471] ================================================================== [ 18.877527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.877581] Read of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.877638] [ 18.877671] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.877752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.877835] Hardware name: linux,dummy-virt (DT) [ 18.878007] Call trace: [ 18.878242] show_stack+0x20/0x38 (C) [ 18.878331] dump_stack_lvl+0x8c/0xd0 [ 18.878425] print_report+0x118/0x608 [ 18.878504] kasan_report+0xdc/0x128 [ 18.878616] __asan_report_load8_noabort+0x20/0x30 [ 18.878712] kasan_atomics_helper+0x3df4/0x4858 [ 18.878765] kasan_atomics+0x198/0x2e0 [ 18.878923] kunit_try_run_case+0x170/0x3f0 [ 18.878975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.879201] kthread+0x328/0x630 [ 18.879279] ret_from_fork+0x10/0x20 [ 18.879352] [ 18.879433] Allocated by task 265: [ 18.879512] kasan_save_stack+0x3c/0x68 [ 18.879785] kasan_save_track+0x20/0x40 [ 18.879920] kasan_save_alloc_info+0x40/0x58 [ 18.879993] __kasan_kmalloc+0xd4/0xd8 [ 18.880059] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.880169] kasan_atomics+0xb8/0x2e0 [ 18.880247] kunit_try_run_case+0x170/0x3f0 [ 18.880312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.880408] kthread+0x328/0x630 [ 18.880454] ret_from_fork+0x10/0x20 [ 18.880493] [ 18.880513] The buggy address belongs to the object at fff00000c635c500 [ 18.880513] which belongs to the cache kmalloc-64 of size 64 [ 18.880735] The buggy address is located 0 bytes to the right of [ 18.880735] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.880917] [ 18.880976] The buggy address belongs to the physical page: [ 18.881052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.881322] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.881399] page_type: f5(slab) [ 18.881482] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.881557] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.881645] page dumped because: kasan: bad access detected [ 18.881679] [ 18.881699] Memory state around the buggy address: [ 18.881732] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.881779] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.881829] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.881871] ^ [ 18.881907] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.882040] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.882222] ================================================================== [ 18.872307] ================================================================== [ 18.872356] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.872408] Write of size 8 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.872506] [ 18.872648] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.872791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.872837] Hardware name: linux,dummy-virt (DT) [ 18.873021] Call trace: [ 18.873090] show_stack+0x20/0x38 (C) [ 18.873166] dump_stack_lvl+0x8c/0xd0 [ 18.873220] print_report+0x118/0x608 [ 18.873282] kasan_report+0xdc/0x128 [ 18.873347] kasan_check_range+0x100/0x1a8 [ 18.873398] __kasan_check_write+0x20/0x30 [ 18.873446] kasan_atomics_helper+0x1644/0x4858 [ 18.873496] kasan_atomics+0x198/0x2e0 [ 18.873566] kunit_try_run_case+0x170/0x3f0 [ 18.873721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.873825] kthread+0x328/0x630 [ 18.873904] ret_from_fork+0x10/0x20 [ 18.873999] [ 18.874261] Allocated by task 265: [ 18.874333] kasan_save_stack+0x3c/0x68 [ 18.874409] kasan_save_track+0x20/0x40 [ 18.874451] kasan_save_alloc_info+0x40/0x58 [ 18.874519] __kasan_kmalloc+0xd4/0xd8 [ 18.874598] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.874669] kasan_atomics+0xb8/0x2e0 [ 18.874731] kunit_try_run_case+0x170/0x3f0 [ 18.874785] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.874859] kthread+0x328/0x630 [ 18.874928] ret_from_fork+0x10/0x20 [ 18.874983] [ 18.875006] The buggy address belongs to the object at fff00000c635c500 [ 18.875006] which belongs to the cache kmalloc-64 of size 64 [ 18.875088] The buggy address is located 0 bytes to the right of [ 18.875088] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.875159] [ 18.875182] The buggy address belongs to the physical page: [ 18.875214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.875267] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.875316] page_type: f5(slab) [ 18.875504] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.875589] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.875654] page dumped because: kasan: bad access detected [ 18.875751] [ 18.875813] Memory state around the buggy address: [ 18.876062] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.876238] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.876285] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.876328] ^ [ 18.876384] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.876725] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.876822] ================================================================== [ 18.676999] ================================================================== [ 18.677061] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 18.677132] Write of size 4 at addr fff00000c635c530 by task kunit_try_catch/265 [ 18.677374] [ 18.677447] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.677537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.677566] Hardware name: linux,dummy-virt (DT) [ 18.677694] Call trace: [ 18.677729] show_stack+0x20/0x38 (C) [ 18.677902] dump_stack_lvl+0x8c/0xd0 [ 18.677955] print_report+0x118/0x608 [ 18.678004] kasan_report+0xdc/0x128 [ 18.678443] kasan_check_range+0x100/0x1a8 [ 18.678605] __kasan_check_write+0x20/0x30 [ 18.678703] kasan_atomics_helper+0xad4/0x4858 [ 18.678790] kasan_atomics+0x198/0x2e0 [ 18.678920] kunit_try_run_case+0x170/0x3f0 [ 18.678984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.679274] kthread+0x328/0x630 [ 18.679380] ret_from_fork+0x10/0x20 [ 18.679543] [ 18.679582] Allocated by task 265: [ 18.679631] kasan_save_stack+0x3c/0x68 [ 18.679709] kasan_save_track+0x20/0x40 [ 18.679807] kasan_save_alloc_info+0x40/0x58 [ 18.679884] __kasan_kmalloc+0xd4/0xd8 [ 18.679962] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.680006] kasan_atomics+0xb8/0x2e0 [ 18.680342] kunit_try_run_case+0x170/0x3f0 [ 18.680478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.680545] kthread+0x328/0x630 [ 18.680604] ret_from_fork+0x10/0x20 [ 18.680748] [ 18.680787] The buggy address belongs to the object at fff00000c635c500 [ 18.680787] which belongs to the cache kmalloc-64 of size 64 [ 18.680925] The buggy address is located 0 bytes to the right of [ 18.680925] allocated 48-byte region [fff00000c635c500, fff00000c635c530) [ 18.681043] [ 18.681288] The buggy address belongs to the physical page: [ 18.681436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635c [ 18.681588] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.681674] page_type: f5(slab) [ 18.681724] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.681851] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.681912] page dumped because: kasan: bad access detected [ 18.681947] [ 18.681967] Memory state around the buggy address: [ 18.682012] fff00000c635c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.682059] fff00000c635c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.682126] >fff00000c635c500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.682167] ^ [ 18.682201] fff00000c635c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.682247] fff00000c635c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.682298] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 18.355755] ================================================================== [ 18.355990] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.356613] Read of size 8 at addr fff00000c43f09c8 by task kunit_try_catch/261 [ 18.356759] [ 18.357074] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.357386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.358636] Hardware name: linux,dummy-virt (DT) [ 18.360983] kasan_bitops_generic+0x110/0x1c8 [ 18.367383] The buggy address belongs to the object at fff00000c43f09c0 [ 18.367383] which belongs to the cache kmalloc-16 of size 16 [ 18.374353] fff00000c43f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.379784] [ 18.382201] dump_stack_lvl+0x8c/0xd0 [ 18.385511] kthread+0x328/0x630 [ 18.389007] [ 18.390645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043f0 [ 18.395230] ^ [ 18.399702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.400118] kasan_bitops_generic+0x110/0x1c8 [ 18.400627] __kasan_kmalloc+0xd4/0xd8 [ 18.401057] [ 18.401365] page dumped because: kasan: bad access detected [ 18.401612] ^ [ 18.401710] fff00000c43f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.401920] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 18.402220] Call trace: [ 18.402243] show_stack+0x20/0x38 (C) [ 18.402291] dump_stack_lvl+0x8c/0xd0 [ 18.402488] kasan_check_range+0x100/0x1a8 [ 18.403237] kthread+0x328/0x630 [ 18.403676] kasan_bitops_generic+0xa0/0x1c8 [ 18.404158] [ 18.404889] page dumped because: kasan: bad access detected [ 18.405210] >fff00000c43f0980: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.406784] [ 18.407016] Call trace: [ 18.407446] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 18.408454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.409340] page dumped because: kasan: bad access detected [ 18.411224] kthread+0x328/0x630 [ 18.411797] kthread+0x328/0x630 [ 18.412387] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.412903] ================================================================== [ 18.320984] ================================================================== [ 18.321069] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.324529] Write of size 8 at addr fff00000c43f09c8 by task kunit_try_catch/261 [ 18.324693] [ 18.325246] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.325343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.326416] Hardware name: linux,dummy-virt (DT) [ 18.326465] Call trace: [ 18.326915] show_stack+0x20/0x38 (C) [ 18.327892] dump_stack_lvl+0x8c/0xd0 [ 18.328145] print_report+0x118/0x608 [ 18.328201] kasan_report+0xdc/0x128 [ 18.328253] kasan_check_range+0x100/0x1a8 [ 18.329615] __kasan_check_write+0x20/0x30 [ 18.329686] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.330396] kasan_bitops_generic+0x110/0x1c8 [ 18.330572] kunit_try_run_case+0x170/0x3f0 [ 18.330628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.331552] kthread+0x328/0x630 [ 18.332187] ret_from_fork+0x10/0x20 [ 18.332759] [ 18.333118] Allocated by task 261: [ 18.333493] kasan_save_stack+0x3c/0x68 [ 18.333949] kasan_save_track+0x20/0x40 [ 18.334982] kasan_save_alloc_info+0x40/0x58 [ 18.335851] __kasan_kmalloc+0xd4/0xd8 [ 18.336017] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.336217] kasan_bitops_generic+0xa0/0x1c8 [ 18.336264] kunit_try_run_case+0x170/0x3f0 [ 18.336306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.336361] kthread+0x328/0x630 [ 18.337631] ret_from_fork+0x10/0x20 [ 18.337748] [ 18.338509] The buggy address belongs to the object at fff00000c43f09c0 [ 18.338509] which belongs to the cache kmalloc-16 of size 16 [ 18.338747] The buggy address is located 8 bytes inside of [ 18.338747] allocated 9-byte region [fff00000c43f09c0, fff00000c43f09c9) [ 18.339075] [ 18.339115] The buggy address belongs to the physical page: [ 18.339347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043f0 [ 18.339677] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.339733] page_type: f5(slab) [ 18.339778] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.339832] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.340870] page dumped because: kasan: bad access detected [ 18.341109] [ 18.341162] Memory state around the buggy address: [ 18.341265] fff00000c43f0880: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 18.341922] fff00000c43f0900: 00 00 fc fc 00 00 fc fc 00 00 fc fc fa fb fc fc [ 18.341975] >fff00000c43f0980: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.342806] ^ [ 18.343050] fff00000c43f0a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.343343] fff00000c43f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.343545] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 18.288893] ================================================================== [ 18.288948] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 18.288998] Read of size 1 at addr fff00000c63569d0 by task kunit_try_catch/259 [ 18.289050] [ 18.289097] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.289793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.290222] Hardware name: linux,dummy-virt (DT) [ 18.290258] Call trace: [ 18.290293] show_stack+0x20/0x38 (C) [ 18.290355] dump_stack_lvl+0x8c/0xd0 [ 18.290661] print_report+0x118/0x608 [ 18.290901] kasan_report+0xdc/0x128 [ 18.291094] __asan_report_load1_noabort+0x20/0x30 [ 18.291157] strnlen+0x80/0x88 [ 18.291499] kasan_strings+0x478/0xb00 [ 18.291686] kunit_try_run_case+0x170/0x3f0 [ 18.292023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.292367] kthread+0x328/0x630 [ 18.292596] ret_from_fork+0x10/0x20 [ 18.293166] [ 18.293228] Allocated by task 259: [ 18.293500] kasan_save_stack+0x3c/0x68 [ 18.293846] kasan_save_track+0x20/0x40 [ 18.293909] kasan_save_alloc_info+0x40/0x58 [ 18.294261] __kasan_kmalloc+0xd4/0xd8 [ 18.294349] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.294464] kasan_strings+0xc8/0xb00 [ 18.294793] kunit_try_run_case+0x170/0x3f0 [ 18.294988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.295144] kthread+0x328/0x630 [ 18.295307] ret_from_fork+0x10/0x20 [ 18.295532] [ 18.295585] Freed by task 259: [ 18.295800] kasan_save_stack+0x3c/0x68 [ 18.295887] kasan_save_track+0x20/0x40 [ 18.296056] kasan_save_free_info+0x4c/0x78 [ 18.296198] __kasan_slab_free+0x6c/0x98 [ 18.296263] kfree+0x214/0x3c8 [ 18.296332] kasan_strings+0x24c/0xb00 [ 18.296631] kunit_try_run_case+0x170/0x3f0 [ 18.296817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.296933] kthread+0x328/0x630 [ 18.297321] ret_from_fork+0x10/0x20 [ 18.297402] [ 18.297528] The buggy address belongs to the object at fff00000c63569c0 [ 18.297528] which belongs to the cache kmalloc-32 of size 32 [ 18.297627] The buggy address is located 16 bytes inside of [ 18.297627] freed 32-byte region [fff00000c63569c0, fff00000c63569e0) [ 18.297853] [ 18.297977] The buggy address belongs to the physical page: [ 18.298113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106356 [ 18.298318] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.298637] page_type: f5(slab) [ 18.298714] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.298781] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.298835] page dumped because: kasan: bad access detected [ 18.298882] [ 18.298911] Memory state around the buggy address: [ 18.298954] fff00000c6356880: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.299010] fff00000c6356900: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.299057] >fff00000c6356980: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.299283] ^ [ 18.299593] fff00000c6356a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.299856] fff00000c6356a80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.300119] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 18.277316] ================================================================== [ 18.277398] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 18.277454] Read of size 1 at addr fff00000c63569d0 by task kunit_try_catch/259 [ 18.278392] [ 18.278436] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.278525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.278555] Hardware name: linux,dummy-virt (DT) [ 18.278590] Call trace: [ 18.278823] show_stack+0x20/0x38 (C) [ 18.279923] dump_stack_lvl+0x8c/0xd0 [ 18.280022] print_report+0x118/0x608 [ 18.280660] kasan_report+0xdc/0x128 [ 18.280823] __asan_report_load1_noabort+0x20/0x30 [ 18.280897] strlen+0xa8/0xb0 [ 18.280990] kasan_strings+0x418/0xb00 [ 18.281364] kunit_try_run_case+0x170/0x3f0 [ 18.281485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.281942] kthread+0x328/0x630 [ 18.282003] ret_from_fork+0x10/0x20 [ 18.282059] [ 18.282090] Allocated by task 259: [ 18.282122] kasan_save_stack+0x3c/0x68 [ 18.282165] kasan_save_track+0x20/0x40 [ 18.282207] kasan_save_alloc_info+0x40/0x58 [ 18.282250] __kasan_kmalloc+0xd4/0xd8 [ 18.282833] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.282989] kasan_strings+0xc8/0xb00 [ 18.283171] kunit_try_run_case+0x170/0x3f0 [ 18.283259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.283397] kthread+0x328/0x630 [ 18.283446] ret_from_fork+0x10/0x20 [ 18.283753] [ 18.283914] Freed by task 259: [ 18.283981] kasan_save_stack+0x3c/0x68 [ 18.284029] kasan_save_track+0x20/0x40 [ 18.284192] kasan_save_free_info+0x4c/0x78 [ 18.284477] __kasan_slab_free+0x6c/0x98 [ 18.284581] kfree+0x214/0x3c8 [ 18.284621] kasan_strings+0x24c/0xb00 [ 18.284703] kunit_try_run_case+0x170/0x3f0 [ 18.284941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.285127] kthread+0x328/0x630 [ 18.285463] ret_from_fork+0x10/0x20 [ 18.285740] [ 18.285915] The buggy address belongs to the object at fff00000c63569c0 [ 18.285915] which belongs to the cache kmalloc-32 of size 32 [ 18.285985] The buggy address is located 16 bytes inside of [ 18.285985] freed 32-byte region [fff00000c63569c0, fff00000c63569e0) [ 18.286060] [ 18.286091] The buggy address belongs to the physical page: [ 18.286130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106356 [ 18.286188] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.286413] page_type: f5(slab) [ 18.286688] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.287023] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.287312] page dumped because: kasan: bad access detected [ 18.287351] [ 18.287391] Memory state around the buggy address: [ 18.287620] fff00000c6356880: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.287885] fff00000c6356900: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.287943] >fff00000c6356980: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.288009] ^ [ 18.288114] fff00000c6356a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.288195] fff00000c6356a80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.288237] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 18.269311] ================================================================== [ 18.269638] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 18.269775] Read of size 1 at addr fff00000c63569d0 by task kunit_try_catch/259 [ 18.269892] [ 18.270019] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.270121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.270151] Hardware name: linux,dummy-virt (DT) [ 18.270186] Call trace: [ 18.270212] show_stack+0x20/0x38 (C) [ 18.270599] dump_stack_lvl+0x8c/0xd0 [ 18.270665] print_report+0x118/0x608 [ 18.270717] kasan_report+0xdc/0x128 [ 18.270768] __asan_report_load1_noabort+0x20/0x30 [ 18.270863] kasan_strings+0x95c/0xb00 [ 18.270914] kunit_try_run_case+0x170/0x3f0 [ 18.270965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.271022] kthread+0x328/0x630 [ 18.271071] ret_from_fork+0x10/0x20 [ 18.271158] [ 18.271180] Allocated by task 259: [ 18.271221] kasan_save_stack+0x3c/0x68 [ 18.271271] kasan_save_track+0x20/0x40 [ 18.271317] kasan_save_alloc_info+0x40/0x58 [ 18.271360] __kasan_kmalloc+0xd4/0xd8 [ 18.271415] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.271461] kasan_strings+0xc8/0xb00 [ 18.271499] kunit_try_run_case+0x170/0x3f0 [ 18.271549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.271596] kthread+0x328/0x630 [ 18.271630] ret_from_fork+0x10/0x20 [ 18.271680] [ 18.271709] Freed by task 259: [ 18.271738] kasan_save_stack+0x3c/0x68 [ 18.271778] kasan_save_track+0x20/0x40 [ 18.271828] kasan_save_free_info+0x4c/0x78 [ 18.271869] __kasan_slab_free+0x6c/0x98 [ 18.271919] kfree+0x214/0x3c8 [ 18.271964] kasan_strings+0x24c/0xb00 [ 18.272019] kunit_try_run_case+0x170/0x3f0 [ 18.272065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.272807] kthread+0x328/0x630 [ 18.272878] ret_from_fork+0x10/0x20 [ 18.272986] [ 18.273047] The buggy address belongs to the object at fff00000c63569c0 [ 18.273047] which belongs to the cache kmalloc-32 of size 32 [ 18.273155] The buggy address is located 16 bytes inside of [ 18.273155] freed 32-byte region [fff00000c63569c0, fff00000c63569e0) [ 18.273231] [ 18.273371] The buggy address belongs to the physical page: [ 18.273657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106356 [ 18.273725] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.274155] page_type: f5(slab) [ 18.274250] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.274383] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.274458] page dumped because: kasan: bad access detected [ 18.274592] [ 18.274652] Memory state around the buggy address: [ 18.274691] fff00000c6356880: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.274738] fff00000c6356900: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.274790] >fff00000c6356980: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.274950] ^ [ 18.275191] fff00000c6356a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.275244] fff00000c6356a80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.275408] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 18.257391] ================================================================== [ 18.257465] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 18.257831] Read of size 1 at addr fff00000c63569d0 by task kunit_try_catch/259 [ 18.258134] [ 18.258506] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.258969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.259096] Hardware name: linux,dummy-virt (DT) [ 18.259158] Call trace: [ 18.259602] show_stack+0x20/0x38 (C) [ 18.259714] dump_stack_lvl+0x8c/0xd0 [ 18.259845] print_report+0x118/0x608 [ 18.259898] kasan_report+0xdc/0x128 [ 18.260145] __asan_report_load1_noabort+0x20/0x30 [ 18.260356] strcmp+0xc0/0xc8 [ 18.260456] kasan_strings+0x340/0xb00 [ 18.260903] kunit_try_run_case+0x170/0x3f0 [ 18.261060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.261148] kthread+0x328/0x630 [ 18.261255] ret_from_fork+0x10/0x20 [ 18.261637] [ 18.261737] Allocated by task 259: [ 18.261793] kasan_save_stack+0x3c/0x68 [ 18.262024] kasan_save_track+0x20/0x40 [ 18.262226] kasan_save_alloc_info+0x40/0x58 [ 18.262336] __kasan_kmalloc+0xd4/0xd8 [ 18.262431] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.262511] kasan_strings+0xc8/0xb00 [ 18.262593] kunit_try_run_case+0x170/0x3f0 [ 18.262771] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.263094] kthread+0x328/0x630 [ 18.263175] ret_from_fork+0x10/0x20 [ 18.263215] [ 18.263237] Freed by task 259: [ 18.263406] kasan_save_stack+0x3c/0x68 [ 18.263565] kasan_save_track+0x20/0x40 [ 18.263717] kasan_save_free_info+0x4c/0x78 [ 18.263814] __kasan_slab_free+0x6c/0x98 [ 18.263928] kfree+0x214/0x3c8 [ 18.264006] kasan_strings+0x24c/0xb00 [ 18.264439] kunit_try_run_case+0x170/0x3f0 [ 18.264535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.264925] kthread+0x328/0x630 [ 18.265220] ret_from_fork+0x10/0x20 [ 18.265463] [ 18.265664] The buggy address belongs to the object at fff00000c63569c0 [ 18.265664] which belongs to the cache kmalloc-32 of size 32 [ 18.265811] The buggy address is located 16 bytes inside of [ 18.265811] freed 32-byte region [fff00000c63569c0, fff00000c63569e0) [ 18.265920] [ 18.265992] The buggy address belongs to the physical page: [ 18.266029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106356 [ 18.266097] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.266487] page_type: f5(slab) [ 18.266589] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.266717] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.266783] page dumped because: kasan: bad access detected [ 18.266852] [ 18.266971] Memory state around the buggy address: [ 18.267058] fff00000c6356880: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.267352] fff00000c6356900: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.267557] >fff00000c6356980: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.267706] ^ [ 18.267796] fff00000c6356a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.267916] fff00000c6356a80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.267985] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 18.236849] ================================================================== [ 18.236914] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 18.237059] Read of size 1 at addr fff00000c6356818 by task kunit_try_catch/257 [ 18.237144] [ 18.237181] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.237401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.237443] Hardware name: linux,dummy-virt (DT) [ 18.237477] Call trace: [ 18.237582] show_stack+0x20/0x38 (C) [ 18.237646] dump_stack_lvl+0x8c/0xd0 [ 18.237708] print_report+0x118/0x608 [ 18.237760] kasan_report+0xdc/0x128 [ 18.237930] __asan_report_load1_noabort+0x20/0x30 [ 18.238071] memcmp+0x198/0x1d8 [ 18.238162] kasan_memcmp+0x16c/0x300 [ 18.238283] kunit_try_run_case+0x170/0x3f0 [ 18.238337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.238400] kthread+0x328/0x630 [ 18.238447] ret_from_fork+0x10/0x20 [ 18.238879] [ 18.238925] Allocated by task 257: [ 18.238998] kasan_save_stack+0x3c/0x68 [ 18.239132] kasan_save_track+0x20/0x40 [ 18.239199] kasan_save_alloc_info+0x40/0x58 [ 18.239337] __kasan_kmalloc+0xd4/0xd8 [ 18.239405] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.239538] kasan_memcmp+0xbc/0x300 [ 18.239580] kunit_try_run_case+0x170/0x3f0 [ 18.239790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.239985] kthread+0x328/0x630 [ 18.240065] ret_from_fork+0x10/0x20 [ 18.240212] [ 18.240273] The buggy address belongs to the object at fff00000c6356800 [ 18.240273] which belongs to the cache kmalloc-32 of size 32 [ 18.240438] The buggy address is located 0 bytes to the right of [ 18.240438] allocated 24-byte region [fff00000c6356800, fff00000c6356818) [ 18.240595] [ 18.240636] The buggy address belongs to the physical page: [ 18.240672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106356 [ 18.240943] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.241116] page_type: f5(slab) [ 18.241182] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.241265] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.241378] page dumped because: kasan: bad access detected [ 18.241452] [ 18.241503] Memory state around the buggy address: [ 18.241628] fff00000c6356700: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 18.241760] fff00000c6356780: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.241808] >fff00000c6356800: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.241853] ^ [ 18.241916] fff00000c6356880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.242101] fff00000c6356900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.242288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.219057] ================================================================== [ 18.219134] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 18.219195] Read of size 1 at addr ffff800080a87b4a by task kunit_try_catch/253 [ 18.219248] [ 18.219285] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.219371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.219401] Hardware name: linux,dummy-virt (DT) [ 18.219434] Call trace: [ 18.219461] show_stack+0x20/0x38 (C) [ 18.219512] dump_stack_lvl+0x8c/0xd0 [ 18.219561] print_report+0x310/0x608 [ 18.219611] kasan_report+0xdc/0x128 [ 18.219660] __asan_report_load1_noabort+0x20/0x30 [ 18.219715] kasan_alloca_oob_right+0x2dc/0x340 [ 18.219766] kunit_try_run_case+0x170/0x3f0 [ 18.219816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.219872] kthread+0x328/0x630 [ 18.219916] ret_from_fork+0x10/0x20 [ 18.219966] [ 18.219988] The buggy address belongs to stack of task kunit_try_catch/253 [ 18.220100] [ 18.220173] The buggy address belongs to the virtual mapping at [ 18.220173] [ffff800080a80000, ffff800080a89000) created by: [ 18.220173] kernel_clone+0x150/0x7a8 [ 18.220464] [ 18.220500] The buggy address belongs to the physical page: [ 18.220536] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106444 [ 18.220633] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.220702] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.220801] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.220885] page dumped because: kasan: bad access detected [ 18.220997] [ 18.221020] Memory state around the buggy address: [ 18.221062] ffff800080a87a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.221299] ffff800080a87a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.221484] >ffff800080a87b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.221609] ^ [ 18.221690] ffff800080a87b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.221902] ffff800080a87c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.221976] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.204239] ================================================================== [ 18.204329] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 18.204592] Read of size 1 at addr ffff800080a87b5f by task kunit_try_catch/251 [ 18.204770] [ 18.204814] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.204972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.205020] Hardware name: linux,dummy-virt (DT) [ 18.205056] Call trace: [ 18.205189] show_stack+0x20/0x38 (C) [ 18.205268] dump_stack_lvl+0x8c/0xd0 [ 18.205331] print_report+0x310/0x608 [ 18.205561] kasan_report+0xdc/0x128 [ 18.205615] __asan_report_load1_noabort+0x20/0x30 [ 18.205671] kasan_alloca_oob_left+0x2b8/0x310 [ 18.205832] kunit_try_run_case+0x170/0x3f0 [ 18.205934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.206136] kthread+0x328/0x630 [ 18.206228] ret_from_fork+0x10/0x20 [ 18.206397] [ 18.206482] The buggy address belongs to stack of task kunit_try_catch/251 [ 18.206561] [ 18.206809] The buggy address belongs to the virtual mapping at [ 18.206809] [ffff800080a80000, ffff800080a89000) created by: [ 18.206809] kernel_clone+0x150/0x7a8 [ 18.207021] [ 18.207089] The buggy address belongs to the physical page: [ 18.207145] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106444 [ 18.207268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.207374] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.207656] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.207832] page dumped because: kasan: bad access detected [ 18.207883] [ 18.207903] Memory state around the buggy address: [ 18.208162] ffff800080a87a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.208342] ffff800080a87a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.208418] >ffff800080a87b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 18.208484] ^ [ 18.208608] ffff800080a87b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.208794] ffff800080a87c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.208842] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.188606] ================================================================== [ 18.188687] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.188751] Read of size 1 at addr ffff800080a87c2a by task kunit_try_catch/249 [ 18.188801] [ 18.188836] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.188921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.188975] Hardware name: linux,dummy-virt (DT) [ 18.189007] Call trace: [ 18.189040] show_stack+0x20/0x38 (C) [ 18.189107] dump_stack_lvl+0x8c/0xd0 [ 18.189160] print_report+0x310/0x608 [ 18.189207] kasan_report+0xdc/0x128 [ 18.189253] __asan_report_load1_noabort+0x20/0x30 [ 18.189306] kasan_stack_oob+0x238/0x270 [ 18.189441] kunit_try_run_case+0x170/0x3f0 [ 18.189493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.189568] kthread+0x328/0x630 [ 18.189614] ret_from_fork+0x10/0x20 [ 18.189844] [ 18.189915] The buggy address belongs to stack of task kunit_try_catch/249 [ 18.190036] and is located at offset 138 in frame: [ 18.190074] kasan_stack_oob+0x0/0x270 [ 18.190215] [ 18.190248] This frame has 4 objects: [ 18.191236] [48, 49) '__assertion' [ 18.191615] [64, 72) 'array' [ 18.191731] [96, 112) '__assertion' [ 18.192098] [128, 138) 'stack_array' [ 18.192237] [ 18.192564] The buggy address belongs to the virtual mapping at [ 18.192564] [ffff800080a80000, ffff800080a89000) created by: [ 18.192564] kernel_clone+0x150/0x7a8 [ 18.192704] [ 18.192784] The buggy address belongs to the physical page: [ 18.192964] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106444 [ 18.193043] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.193495] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.193573] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.193946] page dumped because: kasan: bad access detected [ 18.194060] [ 18.194151] Memory state around the buggy address: [ 18.194285] ffff800080a87b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.194596] ffff800080a87b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.194823] >ffff800080a87c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.194908] ^ [ 18.194943] ffff800080a87c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.195280] ffff800080a87d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.195450] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.162590] ================================================================== [ 18.162656] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 18.163070] Read of size 1 at addr ffff92ec2d94f58d by task kunit_try_catch/245 [ 18.163182] [ 18.163259] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.163392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.163420] Hardware name: linux,dummy-virt (DT) [ 18.163598] Call trace: [ 18.163634] show_stack+0x20/0x38 (C) [ 18.163819] dump_stack_lvl+0x8c/0xd0 [ 18.163872] print_report+0x310/0x608 [ 18.164008] kasan_report+0xdc/0x128 [ 18.164156] __asan_report_load1_noabort+0x20/0x30 [ 18.164231] kasan_global_oob_right+0x230/0x270 [ 18.164283] kunit_try_run_case+0x170/0x3f0 [ 18.164362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.164693] kthread+0x328/0x630 [ 18.164815] ret_from_fork+0x10/0x20 [ 18.164880] [ 18.164955] The buggy address belongs to the variable: [ 18.165057] global_array+0xd/0x40 [ 18.165170] [ 18.165275] The buggy address belongs to the virtual mapping at [ 18.165275] [ffff92ec2bb00000, ffff92ec2da01000) created by: [ 18.165275] paging_init+0x66c/0x7d0 [ 18.165642] [ 18.165733] The buggy address belongs to the physical page: [ 18.166196] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 18.166308] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 18.166457] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 18.166882] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.166971] page dumped because: kasan: bad access detected [ 18.167150] [ 18.167223] Memory state around the buggy address: [ 18.167338] ffff92ec2d94f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.167427] ffff92ec2d94f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 18.167574] >ffff92ec2d94f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 18.167633] ^ [ 18.167662] ffff92ec2d94f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 18.167852] ffff92ec2d94f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.167926] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.121783] ================================================================== [ 18.121948] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.122122] Free of addr fff00000c6454401 by task kunit_try_catch/241 [ 18.122221] [ 18.122257] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.122675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.122768] Hardware name: linux,dummy-virt (DT) [ 18.122873] Call trace: [ 18.122898] show_stack+0x20/0x38 (C) [ 18.122993] dump_stack_lvl+0x8c/0xd0 [ 18.123894] print_report+0x118/0x608 [ 18.124549] kasan_report_invalid_free+0xc0/0xe8 [ 18.124610] check_slab_allocation+0xfc/0x108 [ 18.125018] __kasan_mempool_poison_object+0x78/0x150 [ 18.125161] mempool_free+0x28c/0x328 [ 18.125242] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.125471] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.125647] kunit_try_run_case+0x170/0x3f0 [ 18.126143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.126290] kthread+0x328/0x630 [ 18.126444] ret_from_fork+0x10/0x20 [ 18.126522] [ 18.126542] Allocated by task 241: [ 18.126599] kasan_save_stack+0x3c/0x68 [ 18.126964] kasan_save_track+0x20/0x40 [ 18.127200] kasan_save_alloc_info+0x40/0x58 [ 18.127407] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.127527] remove_element+0x130/0x1f8 [ 18.127590] mempool_alloc_preallocated+0x58/0xc0 [ 18.127684] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.127942] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.128209] kunit_try_run_case+0x170/0x3f0 [ 18.128388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.128486] kthread+0x328/0x630 [ 18.128616] ret_from_fork+0x10/0x20 [ 18.128714] [ 18.129093] The buggy address belongs to the object at fff00000c6454400 [ 18.129093] which belongs to the cache kmalloc-128 of size 128 [ 18.129319] The buggy address is located 1 bytes inside of [ 18.129319] 128-byte region [fff00000c6454400, fff00000c6454480) [ 18.129424] [ 18.129707] The buggy address belongs to the physical page: [ 18.129851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 18.129956] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.130046] page_type: f5(slab) [ 18.130211] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.130288] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.130477] page dumped because: kasan: bad access detected [ 18.130881] [ 18.130903] Memory state around the buggy address: [ 18.130940] fff00000c6454300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.131015] fff00000c6454380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.131279] >fff00000c6454400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.131525] ^ [ 18.131673] fff00000c6454480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.131887] fff00000c6454500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.131973] ================================================================== [ 18.143798] ================================================================== [ 18.143881] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.144394] Free of addr fff00000c78a4001 by task kunit_try_catch/243 [ 18.144740] [ 18.144811] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.144899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.144927] Hardware name: linux,dummy-virt (DT) [ 18.144969] Call trace: [ 18.144996] show_stack+0x20/0x38 (C) [ 18.145181] dump_stack_lvl+0x8c/0xd0 [ 18.145413] print_report+0x118/0x608 [ 18.145477] kasan_report_invalid_free+0xc0/0xe8 [ 18.145529] __kasan_mempool_poison_object+0xfc/0x150 [ 18.145583] mempool_free+0x28c/0x328 [ 18.145629] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.146240] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 18.146389] kunit_try_run_case+0x170/0x3f0 [ 18.146462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.146519] kthread+0x328/0x630 [ 18.146562] ret_from_fork+0x10/0x20 [ 18.146747] [ 18.146960] The buggy address belongs to the physical page: [ 18.147022] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 18.147371] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.147497] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.147601] page_type: f8(unknown) [ 18.147707] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.147786] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.147911] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.147996] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.148144] head: 0bfffe0000000002 ffffc1ffc31e2901 00000000ffffffff 00000000ffffffff [ 18.148367] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.148685] page dumped because: kasan: bad access detected [ 18.148763] [ 18.148844] Memory state around the buggy address: [ 18.148883] fff00000c78a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.149153] fff00000c78a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.149317] >fff00000c78a4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.149434] ^ [ 18.149490] fff00000c78a4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.149558] fff00000c78a4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.149723] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.065161] ================================================================== [ 18.065264] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.065350] Free of addr fff00000c6454000 by task kunit_try_catch/235 [ 18.065394] [ 18.065432] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.065514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.065651] Hardware name: linux,dummy-virt (DT) [ 18.065686] Call trace: [ 18.065711] show_stack+0x20/0x38 (C) [ 18.066156] dump_stack_lvl+0x8c/0xd0 [ 18.066262] print_report+0x118/0x608 [ 18.066414] kasan_report_invalid_free+0xc0/0xe8 [ 18.066505] check_slab_allocation+0xd4/0x108 [ 18.066711] __kasan_mempool_poison_object+0x78/0x150 [ 18.066923] mempool_free+0x28c/0x328 [ 18.067115] mempool_double_free_helper+0x150/0x2e8 [ 18.067261] mempool_kmalloc_double_free+0xc0/0x118 [ 18.067351] kunit_try_run_case+0x170/0x3f0 [ 18.067442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.067599] kthread+0x328/0x630 [ 18.067687] ret_from_fork+0x10/0x20 [ 18.068067] [ 18.068181] Allocated by task 235: [ 18.068217] kasan_save_stack+0x3c/0x68 [ 18.068386] kasan_save_track+0x20/0x40 [ 18.068677] kasan_save_alloc_info+0x40/0x58 [ 18.068794] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.068874] remove_element+0x130/0x1f8 [ 18.069022] mempool_alloc_preallocated+0x58/0xc0 [ 18.069102] mempool_double_free_helper+0x94/0x2e8 [ 18.069469] mempool_kmalloc_double_free+0xc0/0x118 [ 18.069646] kunit_try_run_case+0x170/0x3f0 [ 18.069718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.069857] kthread+0x328/0x630 [ 18.069896] ret_from_fork+0x10/0x20 [ 18.069934] [ 18.070114] Freed by task 235: [ 18.070166] kasan_save_stack+0x3c/0x68 [ 18.070357] kasan_save_track+0x20/0x40 [ 18.070518] kasan_save_free_info+0x4c/0x78 [ 18.070608] __kasan_mempool_poison_object+0xc0/0x150 [ 18.070760] mempool_free+0x28c/0x328 [ 18.070838] mempool_double_free_helper+0x100/0x2e8 [ 18.070909] mempool_kmalloc_double_free+0xc0/0x118 [ 18.070949] kunit_try_run_case+0x170/0x3f0 [ 18.071361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.071994] kthread+0x328/0x630 [ 18.072315] ret_from_fork+0x10/0x20 [ 18.072383] [ 18.072403] The buggy address belongs to the object at fff00000c6454000 [ 18.072403] which belongs to the cache kmalloc-128 of size 128 [ 18.072467] The buggy address is located 0 bytes inside of [ 18.072467] 128-byte region [fff00000c6454000, fff00000c6454080) [ 18.072556] [ 18.072579] The buggy address belongs to the physical page: [ 18.072612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106454 [ 18.072675] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.072738] page_type: f5(slab) [ 18.072787] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.072854] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.072905] page dumped because: kasan: bad access detected [ 18.072951] [ 18.072977] Memory state around the buggy address: [ 18.073010] fff00000c6453f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 18.073055] fff00000c6453f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.073111] >fff00000c6454000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.073148] ^ [ 18.073185] fff00000c6454080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.073236] fff00000c6454100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.073276] ================================================================== [ 18.106671] ================================================================== [ 18.106734] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.106883] Free of addr fff00000c78a4000 by task kunit_try_catch/239 [ 18.106928] [ 18.106979] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.107070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.107106] Hardware name: linux,dummy-virt (DT) [ 18.107137] Call trace: [ 18.107159] show_stack+0x20/0x38 (C) [ 18.107327] dump_stack_lvl+0x8c/0xd0 [ 18.107394] print_report+0x118/0x608 [ 18.107444] kasan_report_invalid_free+0xc0/0xe8 [ 18.107496] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.107550] mempool_free+0x24c/0x328 [ 18.107596] mempool_double_free_helper+0x150/0x2e8 [ 18.107646] mempool_page_alloc_double_free+0xbc/0x118 [ 18.107699] kunit_try_run_case+0x170/0x3f0 [ 18.107763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.107818] kthread+0x328/0x630 [ 18.107861] ret_from_fork+0x10/0x20 [ 18.107915] [ 18.107935] The buggy address belongs to the physical page: [ 18.107969] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 18.108028] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.108133] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.108185] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.108226] page dumped because: kasan: bad access detected [ 18.108255] [ 18.108273] Memory state around the buggy address: [ 18.108313] fff00000c78a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.108365] fff00000c78a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.108408] >fff00000c78a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.108445] ^ [ 18.108471] fff00000c78a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.108513] fff00000c78a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.108550] ================================================================== [ 18.088400] ================================================================== [ 18.088532] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.088604] Free of addr fff00000c780c000 by task kunit_try_catch/237 [ 18.088652] [ 18.088944] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.089049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.089256] Hardware name: linux,dummy-virt (DT) [ 18.089333] Call trace: [ 18.089359] show_stack+0x20/0x38 (C) [ 18.089508] dump_stack_lvl+0x8c/0xd0 [ 18.089564] print_report+0x118/0x608 [ 18.089624] kasan_report_invalid_free+0xc0/0xe8 [ 18.089716] __kasan_mempool_poison_object+0x14c/0x150 [ 18.090204] mempool_free+0x28c/0x328 [ 18.090281] mempool_double_free_helper+0x150/0x2e8 [ 18.090336] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.090391] kunit_try_run_case+0x170/0x3f0 [ 18.090744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.090983] kthread+0x328/0x630 [ 18.091830] ret_from_fork+0x10/0x20 [ 18.092480] [ 18.092516] The buggy address belongs to the physical page: [ 18.092579] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10780c [ 18.092696] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.092745] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.093119] page_type: f8(unknown) [ 18.093195] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.093404] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.093558] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.093667] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.093741] head: 0bfffe0000000002 ffffc1ffc31e0301 00000000ffffffff 00000000ffffffff [ 18.094205] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.094294] page dumped because: kasan: bad access detected [ 18.094429] [ 18.094467] Memory state around the buggy address: [ 18.094501] fff00000c780bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094572] fff00000c780bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094774] >fff00000c780c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094820] ^ [ 18.095177] fff00000c780c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.095364] fff00000c780c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.095432] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.044711] ================================================================== [ 18.045272] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.045397] Read of size 1 at addr fff00000c780c000 by task kunit_try_catch/233 [ 18.045451] [ 18.045532] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.046068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.046154] Hardware name: linux,dummy-virt (DT) [ 18.046190] Call trace: [ 18.046221] show_stack+0x20/0x38 (C) [ 18.046618] dump_stack_lvl+0x8c/0xd0 [ 18.046776] print_report+0x118/0x608 [ 18.046879] kasan_report+0xdc/0x128 [ 18.047243] __asan_report_load1_noabort+0x20/0x30 [ 18.047307] mempool_uaf_helper+0x314/0x340 [ 18.047618] mempool_page_alloc_uaf+0xc0/0x118 [ 18.047954] kunit_try_run_case+0x170/0x3f0 [ 18.048364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.048506] kthread+0x328/0x630 [ 18.048851] ret_from_fork+0x10/0x20 [ 18.048986] [ 18.049054] The buggy address belongs to the physical page: [ 18.049136] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10780c [ 18.049581] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.050049] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.050201] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.050291] page dumped because: kasan: bad access detected [ 18.050344] [ 18.050423] Memory state around the buggy address: [ 18.050599] fff00000c780bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.050816] fff00000c780bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.050906] >fff00000c780c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.050984] ^ [ 18.051296] fff00000c780c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.051490] fff00000c780c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.051537] ================================================================== [ 17.999999] ================================================================== [ 18.000106] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.000183] Read of size 1 at addr fff00000c780c000 by task kunit_try_catch/229 [ 18.000251] [ 18.000314] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.000417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.000444] Hardware name: linux,dummy-virt (DT) [ 18.000493] Call trace: [ 18.000516] show_stack+0x20/0x38 (C) [ 18.000586] dump_stack_lvl+0x8c/0xd0 [ 18.000636] print_report+0x118/0x608 [ 18.000684] kasan_report+0xdc/0x128 [ 18.000906] __asan_report_load1_noabort+0x20/0x30 [ 18.001010] mempool_uaf_helper+0x314/0x340 [ 18.001096] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.001169] kunit_try_run_case+0x170/0x3f0 [ 18.001220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.001358] kthread+0x328/0x630 [ 18.001504] ret_from_fork+0x10/0x20 [ 18.001602] [ 18.001642] The buggy address belongs to the physical page: [ 18.001678] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10780c [ 18.001733] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.001868] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.001972] page_type: f8(unknown) [ 18.002050] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.002134] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.002186] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.002243] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.002289] head: 0bfffe0000000002 ffffc1ffc31e0301 00000000ffffffff 00000000ffffffff [ 18.002616] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.002707] page dumped because: kasan: bad access detected [ 18.002774] [ 18.002854] Memory state around the buggy address: [ 18.002912] fff00000c780bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.003006] fff00000c780bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.003116] >fff00000c780c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.003153] ^ [ 18.003198] fff00000c780c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.003502] fff00000c780c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.003582] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.988006] ================================================================== [ 17.988120] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.988201] Read of size 1 at addr fff00000c5a29c00 by task kunit_try_catch/227 [ 17.988251] [ 17.988318] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.988430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.988619] Hardware name: linux,dummy-virt (DT) [ 17.988685] Call trace: [ 17.988711] show_stack+0x20/0x38 (C) [ 17.988775] dump_stack_lvl+0x8c/0xd0 [ 17.988850] print_report+0x118/0x608 [ 17.988900] kasan_report+0xdc/0x128 [ 17.989040] __asan_report_load1_noabort+0x20/0x30 [ 17.989199] mempool_uaf_helper+0x314/0x340 [ 17.989267] mempool_kmalloc_uaf+0xc4/0x120 [ 17.989332] kunit_try_run_case+0x170/0x3f0 [ 17.989385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.989440] kthread+0x328/0x630 [ 17.989522] ret_from_fork+0x10/0x20 [ 17.989572] [ 17.989590] Allocated by task 227: [ 17.989638] kasan_save_stack+0x3c/0x68 [ 17.989987] kasan_save_track+0x20/0x40 [ 17.990091] kasan_save_alloc_info+0x40/0x58 [ 17.990159] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.990232] remove_element+0x130/0x1f8 [ 17.990274] mempool_alloc_preallocated+0x58/0xc0 [ 17.990314] mempool_uaf_helper+0xa4/0x340 [ 17.990352] mempool_kmalloc_uaf+0xc4/0x120 [ 17.990391] kunit_try_run_case+0x170/0x3f0 [ 17.990554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.990699] kthread+0x328/0x630 [ 17.990814] ret_from_fork+0x10/0x20 [ 17.990881] [ 17.990933] Freed by task 227: [ 17.991015] kasan_save_stack+0x3c/0x68 [ 17.991110] kasan_save_track+0x20/0x40 [ 17.991197] kasan_save_free_info+0x4c/0x78 [ 17.991281] __kasan_mempool_poison_object+0xc0/0x150 [ 17.991324] mempool_free+0x28c/0x328 [ 17.991373] mempool_uaf_helper+0x104/0x340 [ 17.991692] mempool_kmalloc_uaf+0xc4/0x120 [ 17.991827] kunit_try_run_case+0x170/0x3f0 [ 17.991918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.991982] kthread+0x328/0x630 [ 17.992017] ret_from_fork+0x10/0x20 [ 17.992053] [ 17.992115] The buggy address belongs to the object at fff00000c5a29c00 [ 17.992115] which belongs to the cache kmalloc-128 of size 128 [ 17.992180] The buggy address is located 0 bytes inside of [ 17.992180] freed 128-byte region [fff00000c5a29c00, fff00000c5a29c80) [ 17.992250] [ 17.992272] The buggy address belongs to the physical page: [ 17.992307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a29 [ 17.992362] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.992426] page_type: f5(slab) [ 17.992476] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.992535] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.992576] page dumped because: kasan: bad access detected [ 17.992625] [ 17.992643] Memory state around the buggy address: [ 17.992677] fff00000c5a29b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.992720] fff00000c5a29b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.992763] >fff00000c5a29c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.992800] ^ [ 17.992828] fff00000c5a29c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.992878] fff00000c5a29d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.992918] ================================================================== [ 18.012792] ================================================================== [ 18.012868] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.013181] Read of size 1 at addr fff00000c6457240 by task kunit_try_catch/231 [ 18.013246] [ 18.013285] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.013371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.013664] Hardware name: linux,dummy-virt (DT) [ 18.013737] Call trace: [ 18.013905] show_stack+0x20/0x38 (C) [ 18.013985] dump_stack_lvl+0x8c/0xd0 [ 18.014123] print_report+0x118/0x608 [ 18.014221] kasan_report+0xdc/0x128 [ 18.014349] __asan_report_load1_noabort+0x20/0x30 [ 18.014420] mempool_uaf_helper+0x314/0x340 [ 18.014468] mempool_slab_uaf+0xc0/0x118 [ 18.014533] kunit_try_run_case+0x170/0x3f0 [ 18.014583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.014761] kthread+0x328/0x630 [ 18.014812] ret_from_fork+0x10/0x20 [ 18.014955] [ 18.015015] Allocated by task 231: [ 18.015109] kasan_save_stack+0x3c/0x68 [ 18.015201] kasan_save_track+0x20/0x40 [ 18.015288] kasan_save_alloc_info+0x40/0x58 [ 18.015341] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.015642] remove_element+0x16c/0x1f8 [ 18.015713] mempool_alloc_preallocated+0x58/0xc0 [ 18.015824] mempool_uaf_helper+0xa4/0x340 [ 18.015915] mempool_slab_uaf+0xc0/0x118 [ 18.016012] kunit_try_run_case+0x170/0x3f0 [ 18.016156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.016309] kthread+0x328/0x630 [ 18.016368] ret_from_fork+0x10/0x20 [ 18.016474] [ 18.016560] Freed by task 231: [ 18.016617] kasan_save_stack+0x3c/0x68 [ 18.016656] kasan_save_track+0x20/0x40 [ 18.016930] kasan_save_free_info+0x4c/0x78 [ 18.017026] __kasan_mempool_poison_object+0xc0/0x150 [ 18.017124] mempool_free+0x28c/0x328 [ 18.017252] mempool_uaf_helper+0x104/0x340 [ 18.017327] mempool_slab_uaf+0xc0/0x118 [ 18.017443] kunit_try_run_case+0x170/0x3f0 [ 18.017532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.017666] kthread+0x328/0x630 [ 18.017723] ret_from_fork+0x10/0x20 [ 18.017803] [ 18.017837] The buggy address belongs to the object at fff00000c6457240 [ 18.017837] which belongs to the cache test_cache of size 123 [ 18.017933] The buggy address is located 0 bytes inside of [ 18.017933] freed 123-byte region [fff00000c6457240, fff00000c64572bb) [ 18.017996] [ 18.018035] The buggy address belongs to the physical page: [ 18.018070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106457 [ 18.018402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.018469] page_type: f5(slab) [ 18.018511] raw: 0bfffe0000000000 fff00000c5945b40 dead000000000122 0000000000000000 [ 18.018560] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.018611] page dumped because: kasan: bad access detected [ 18.018649] [ 18.018668] Memory state around the buggy address: [ 18.018700] fff00000c6457100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.018742] fff00000c6457180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.018785] >fff00000c6457200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.018822] ^ [ 18.018854] fff00000c6457280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.018895] fff00000c6457300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.018933] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.913657] ================================================================== [ 17.913752] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.913852] Read of size 1 at addr fff00000c5a29873 by task kunit_try_catch/221 [ 17.913904] [ 17.913945] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.914033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.914059] Hardware name: linux,dummy-virt (DT) [ 17.914104] Call trace: [ 17.914129] show_stack+0x20/0x38 (C) [ 17.914184] dump_stack_lvl+0x8c/0xd0 [ 17.914235] print_report+0x118/0x608 [ 17.914284] kasan_report+0xdc/0x128 [ 17.914329] __asan_report_load1_noabort+0x20/0x30 [ 17.914382] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.914432] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.914484] kunit_try_run_case+0x170/0x3f0 [ 17.914534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.914588] kthread+0x328/0x630 [ 17.914632] ret_from_fork+0x10/0x20 [ 17.914683] [ 17.914701] Allocated by task 221: [ 17.914730] kasan_save_stack+0x3c/0x68 [ 17.914773] kasan_save_track+0x20/0x40 [ 17.914810] kasan_save_alloc_info+0x40/0x58 [ 17.914852] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.914895] remove_element+0x130/0x1f8 [ 17.914935] mempool_alloc_preallocated+0x58/0xc0 [ 17.914974] mempool_oob_right_helper+0x98/0x2f0 [ 17.915014] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.915057] kunit_try_run_case+0x170/0x3f0 [ 17.915105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.915149] kthread+0x328/0x630 [ 17.915182] ret_from_fork+0x10/0x20 [ 17.915218] [ 17.915237] The buggy address belongs to the object at fff00000c5a29800 [ 17.915237] which belongs to the cache kmalloc-128 of size 128 [ 17.915295] The buggy address is located 0 bytes to the right of [ 17.915295] allocated 115-byte region [fff00000c5a29800, fff00000c5a29873) [ 17.915359] [ 17.915380] The buggy address belongs to the physical page: [ 17.915415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a29 [ 17.915469] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.915522] page_type: f5(slab) [ 17.915563] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.915613] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.915654] page dumped because: kasan: bad access detected [ 17.915686] [ 17.915704] Memory state around the buggy address: [ 17.915738] fff00000c5a29700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.915780] fff00000c5a29780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.915826] >fff00000c5a29800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.915866] ^ [ 17.915904] fff00000c5a29880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.915946] fff00000c5a29900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.915985] ================================================================== [ 17.946473] ================================================================== [ 17.946553] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.946624] Read of size 1 at addr fff00000c7806001 by task kunit_try_catch/223 [ 17.946675] [ 17.946716] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.946803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.946830] Hardware name: linux,dummy-virt (DT) [ 17.946862] Call trace: [ 17.946888] show_stack+0x20/0x38 (C) [ 17.946940] dump_stack_lvl+0x8c/0xd0 [ 17.946990] print_report+0x118/0x608 [ 17.947038] kasan_report+0xdc/0x128 [ 17.947098] __asan_report_load1_noabort+0x20/0x30 [ 17.947152] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.947201] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.947255] kunit_try_run_case+0x170/0x3f0 [ 17.947303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.947357] kthread+0x328/0x630 [ 17.947401] ret_from_fork+0x10/0x20 [ 17.947450] [ 17.947471] The buggy address belongs to the physical page: [ 17.947508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107804 [ 17.947565] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.947612] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.947669] page_type: f8(unknown) [ 17.947710] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.947759] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.947809] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.947858] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.947907] head: 0bfffe0000000002 ffffc1ffc31e0101 00000000ffffffff 00000000ffffffff [ 17.947956] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.947999] page dumped because: kasan: bad access detected [ 17.948028] [ 17.948048] Memory state around the buggy address: [ 17.948089] fff00000c7805f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.948132] fff00000c7805f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.948174] >fff00000c7806000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.948212] ^ [ 17.948240] fff00000c7806080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.948282] fff00000c7806100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.948320] ================================================================== [ 17.969432] ================================================================== [ 17.969504] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.969569] Read of size 1 at addr fff00000c64522bb by task kunit_try_catch/225 [ 17.969634] [ 17.969675] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.969792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.969825] Hardware name: linux,dummy-virt (DT) [ 17.969857] Call trace: [ 17.969960] show_stack+0x20/0x38 (C) [ 17.970138] dump_stack_lvl+0x8c/0xd0 [ 17.970256] print_report+0x118/0x608 [ 17.970402] kasan_report+0xdc/0x128 [ 17.970508] __asan_report_load1_noabort+0x20/0x30 [ 17.970617] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.970718] mempool_slab_oob_right+0xc0/0x118 [ 17.970768] kunit_try_run_case+0x170/0x3f0 [ 17.970818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.970995] kthread+0x328/0x630 [ 17.971047] ret_from_fork+0x10/0x20 [ 17.971110] [ 17.971165] Allocated by task 225: [ 17.971221] kasan_save_stack+0x3c/0x68 [ 17.971347] kasan_save_track+0x20/0x40 [ 17.971407] kasan_save_alloc_info+0x40/0x58 [ 17.971755] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.971884] remove_element+0x16c/0x1f8 [ 17.971982] mempool_alloc_preallocated+0x58/0xc0 [ 17.972098] mempool_oob_right_helper+0x98/0x2f0 [ 17.972150] mempool_slab_oob_right+0xc0/0x118 [ 17.972191] kunit_try_run_case+0x170/0x3f0 [ 17.972228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.972281] kthread+0x328/0x630 [ 17.972331] ret_from_fork+0x10/0x20 [ 17.972369] [ 17.972398] The buggy address belongs to the object at fff00000c6452240 [ 17.972398] which belongs to the cache test_cache of size 123 [ 17.972472] The buggy address is located 0 bytes to the right of [ 17.972472] allocated 123-byte region [fff00000c6452240, fff00000c64522bb) [ 17.972535] [ 17.972558] The buggy address belongs to the physical page: [ 17.972590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106452 [ 17.972642] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.972694] page_type: f5(slab) [ 17.972753] raw: 0bfffe0000000000 fff00000c5945a00 dead000000000122 0000000000000000 [ 17.972804] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.972853] page dumped because: kasan: bad access detected [ 17.972886] [ 17.972905] Memory state around the buggy address: [ 17.972956] fff00000c6452180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.973009] fff00000c6452200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.973051] >fff00000c6452280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.973099] ^ [ 17.973132] fff00000c6452300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.973173] fff00000c6452380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.973211] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 17.357166] ================================================================== [ 17.357255] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 17.357331] Read of size 1 at addr fff00000c5945780 by task kunit_try_catch/215 [ 17.357383] [ 17.357427] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.357515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.357543] Hardware name: linux,dummy-virt (DT) [ 17.357577] Call trace: [ 17.357603] show_stack+0x20/0x38 (C) [ 17.357657] dump_stack_lvl+0x8c/0xd0 [ 17.357709] print_report+0x118/0x608 [ 17.357796] kasan_report+0xdc/0x128 [ 17.357873] __kasan_check_byte+0x54/0x70 [ 17.357925] kmem_cache_destroy+0x34/0x218 [ 17.357974] kmem_cache_double_destroy+0x174/0x300 [ 17.358024] kunit_try_run_case+0x170/0x3f0 [ 17.358076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.358142] kthread+0x328/0x630 [ 17.358185] ret_from_fork+0x10/0x20 [ 17.358237] [ 17.358256] Allocated by task 215: [ 17.358284] kasan_save_stack+0x3c/0x68 [ 17.358326] kasan_save_track+0x20/0x40 [ 17.358364] kasan_save_alloc_info+0x40/0x58 [ 17.358407] __kasan_slab_alloc+0xa8/0xb0 [ 17.358445] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.358488] __kmem_cache_create_args+0x178/0x280 [ 17.358527] kmem_cache_double_destroy+0xc0/0x300 [ 17.358569] kunit_try_run_case+0x170/0x3f0 [ 17.358606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.358651] kthread+0x328/0x630 [ 17.358683] ret_from_fork+0x10/0x20 [ 17.358721] [ 17.358739] Freed by task 215: [ 17.358764] kasan_save_stack+0x3c/0x68 [ 17.358802] kasan_save_track+0x20/0x40 [ 17.358839] kasan_save_free_info+0x4c/0x78 [ 17.358880] __kasan_slab_free+0x6c/0x98 [ 17.358917] kmem_cache_free+0x260/0x468 [ 17.358956] slab_kmem_cache_release+0x38/0x50 [ 17.358997] kmem_cache_release+0x1c/0x30 [ 17.359033] kobject_put+0x17c/0x420 [ 17.359071] sysfs_slab_release+0x1c/0x30 [ 17.359118] kmem_cache_destroy+0x118/0x218 [ 17.359156] kmem_cache_double_destroy+0x128/0x300 [ 17.359195] kunit_try_run_case+0x170/0x3f0 [ 17.359234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.359279] kthread+0x328/0x630 [ 17.359311] ret_from_fork+0x10/0x20 [ 17.359348] [ 17.359367] The buggy address belongs to the object at fff00000c5945780 [ 17.359367] which belongs to the cache kmem_cache of size 208 [ 17.359424] The buggy address is located 0 bytes inside of [ 17.359424] freed 208-byte region [fff00000c5945780, fff00000c5945850) [ 17.359485] [ 17.359507] The buggy address belongs to the physical page: [ 17.359542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105945 [ 17.359599] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.359649] page_type: f5(slab) [ 17.359693] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 17.359744] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 17.359786] page dumped because: kasan: bad access detected [ 17.359819] [ 17.359837] Memory state around the buggy address: [ 17.359871] fff00000c5945680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.359914] fff00000c5945700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.359959] >fff00000c5945780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.359998] ^ [ 17.360026] fff00000c5945800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 17.360070] fff00000c5945880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.360118] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.106012] ================================================================== [ 17.106752] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 17.107633] Read of size 1 at addr fff00000c63c5000 by task kunit_try_catch/213 [ 17.108131] [ 17.108244] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.109139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.109387] Hardware name: linux,dummy-virt (DT) [ 17.109759] Call trace: [ 17.109836] show_stack+0x20/0x38 (C) [ 17.110158] dump_stack_lvl+0x8c/0xd0 [ 17.110651] print_report+0x118/0x608 [ 17.110973] kasan_report+0xdc/0x128 [ 17.111069] __asan_report_load1_noabort+0x20/0x30 [ 17.111136] kmem_cache_rcu_uaf+0x388/0x468 [ 17.111183] kunit_try_run_case+0x170/0x3f0 [ 17.112799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.113122] kthread+0x328/0x630 [ 17.113190] ret_from_fork+0x10/0x20 [ 17.113608] [ 17.113671] Allocated by task 213: [ 17.114241] kasan_save_stack+0x3c/0x68 [ 17.114636] kasan_save_track+0x20/0x40 [ 17.115289] kasan_save_alloc_info+0x40/0x58 [ 17.115757] __kasan_slab_alloc+0xa8/0xb0 [ 17.116487] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.116586] kmem_cache_rcu_uaf+0x12c/0x468 [ 17.116744] kunit_try_run_case+0x170/0x3f0 [ 17.117062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.117884] kthread+0x328/0x630 [ 17.117922] ret_from_fork+0x10/0x20 [ 17.120114] [ 17.120139] Freed by task 0: [ 17.120268] kasan_save_stack+0x3c/0x68 [ 17.120451] kasan_save_track+0x20/0x40 [ 17.120572] kasan_save_free_info+0x4c/0x78 [ 17.121346] __kasan_slab_free+0x6c/0x98 [ 17.121595] slab_free_after_rcu_debug+0xd4/0x2f8 [ 17.122215] rcu_core+0x9f4/0x1e20 [ 17.122398] rcu_core_si+0x18/0x30 [ 17.122571] handle_softirqs+0x374/0xb28 [ 17.122636] __do_softirq+0x1c/0x28 [ 17.122672] [ 17.122810] Last potentially related work creation: [ 17.123055] kasan_save_stack+0x3c/0x68 [ 17.123716] kasan_record_aux_stack+0xb4/0xc8 [ 17.123801] kmem_cache_free+0x120/0x468 [ 17.124004] kmem_cache_rcu_uaf+0x16c/0x468 [ 17.124507] kunit_try_run_case+0x170/0x3f0 [ 17.124843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.125508] kthread+0x328/0x630 [ 17.125678] ret_from_fork+0x10/0x20 [ 17.125733] [ 17.126111] The buggy address belongs to the object at fff00000c63c5000 [ 17.126111] which belongs to the cache test_cache of size 200 [ 17.126451] The buggy address is located 0 bytes inside of [ 17.126451] freed 200-byte region [fff00000c63c5000, fff00000c63c50c8) [ 17.126822] [ 17.126848] The buggy address belongs to the physical page: [ 17.127305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063c5 [ 17.127375] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.127431] page_type: f5(slab) [ 17.127474] raw: 0bfffe0000000000 fff00000c5945640 dead000000000122 0000000000000000 [ 17.127525] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.129419] page dumped because: kasan: bad access detected [ 17.129620] [ 17.129765] Memory state around the buggy address: [ 17.129939] fff00000c63c4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.129986] fff00000c63c4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.130031] >fff00000c63c5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.130823] ^ [ 17.131365] fff00000c63c5080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.131420] fff00000c63c5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.131461] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 16.748990] ================================================================== [ 16.749122] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 16.749204] Free of addr fff00000c641b001 by task kunit_try_catch/211 [ 16.749248] [ 16.749565] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.749661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.749992] Hardware name: linux,dummy-virt (DT) [ 16.750115] Call trace: [ 16.750179] show_stack+0x20/0x38 (C) [ 16.750240] dump_stack_lvl+0x8c/0xd0 [ 16.750322] print_report+0x118/0x608 [ 16.750372] kasan_report_invalid_free+0xc0/0xe8 [ 16.750566] check_slab_allocation+0xfc/0x108 [ 16.750814] __kasan_slab_pre_free+0x2c/0x48 [ 16.750867] kmem_cache_free+0xf0/0x468 [ 16.751241] kmem_cache_invalid_free+0x184/0x3c8 [ 16.751374] kunit_try_run_case+0x170/0x3f0 [ 16.751432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.751791] kthread+0x328/0x630 [ 16.751920] ret_from_fork+0x10/0x20 [ 16.751979] [ 16.752022] Allocated by task 211: [ 16.752239] kasan_save_stack+0x3c/0x68 [ 16.752412] kasan_save_track+0x20/0x40 [ 16.752488] kasan_save_alloc_info+0x40/0x58 [ 16.752572] __kasan_slab_alloc+0xa8/0xb0 [ 16.752755] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.752932] kmem_cache_invalid_free+0x12c/0x3c8 [ 16.753011] kunit_try_run_case+0x170/0x3f0 [ 16.753137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.753225] kthread+0x328/0x630 [ 16.753666] ret_from_fork+0x10/0x20 [ 16.753788] [ 16.753842] The buggy address belongs to the object at fff00000c641b000 [ 16.753842] which belongs to the cache test_cache of size 200 [ 16.753947] The buggy address is located 1 bytes inside of [ 16.753947] 200-byte region [fff00000c641b000, fff00000c641b0c8) [ 16.754129] [ 16.754383] The buggy address belongs to the physical page: [ 16.754475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10641b [ 16.754539] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.754816] page_type: f5(slab) [ 16.755550] raw: 0bfffe0000000000 fff00000c5696500 dead000000000122 0000000000000000 [ 16.755782] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.755881] page dumped because: kasan: bad access detected [ 16.756228] [ 16.756357] Memory state around the buggy address: [ 16.756430] fff00000c641af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.756668] fff00000c641af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.756880] >fff00000c641b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.756959] ^ [ 16.756988] fff00000c641b080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.757182] fff00000c641b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.757326] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 16.704314] ================================================================== [ 16.704415] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 16.704789] Free of addr fff00000c6419000 by task kunit_try_catch/209 [ 16.704834] [ 16.704879] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.704967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.704995] Hardware name: linux,dummy-virt (DT) [ 16.705029] Call trace: [ 16.705053] show_stack+0x20/0x38 (C) [ 16.705424] dump_stack_lvl+0x8c/0xd0 [ 16.705509] print_report+0x118/0x608 [ 16.705561] kasan_report_invalid_free+0xc0/0xe8 [ 16.705692] check_slab_allocation+0xd4/0x108 [ 16.705755] __kasan_slab_pre_free+0x2c/0x48 [ 16.705881] kmem_cache_free+0xf0/0x468 [ 16.705935] kmem_cache_double_free+0x190/0x3c8 [ 16.706275] kunit_try_run_case+0x170/0x3f0 [ 16.706374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.706497] kthread+0x328/0x630 [ 16.706576] ret_from_fork+0x10/0x20 [ 16.706727] [ 16.706802] Allocated by task 209: [ 16.706861] kasan_save_stack+0x3c/0x68 [ 16.707113] kasan_save_track+0x20/0x40 [ 16.707404] kasan_save_alloc_info+0x40/0x58 [ 16.707471] __kasan_slab_alloc+0xa8/0xb0 [ 16.707603] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.707679] kmem_cache_double_free+0x12c/0x3c8 [ 16.707780] kunit_try_run_case+0x170/0x3f0 [ 16.707904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.707979] kthread+0x328/0x630 [ 16.708054] ret_from_fork+0x10/0x20 [ 16.708271] [ 16.708440] Freed by task 209: [ 16.708569] kasan_save_stack+0x3c/0x68 [ 16.708627] kasan_save_track+0x20/0x40 [ 16.708759] kasan_save_free_info+0x4c/0x78 [ 16.708827] __kasan_slab_free+0x6c/0x98 [ 16.708866] kmem_cache_free+0x260/0x468 [ 16.708933] kmem_cache_double_free+0x140/0x3c8 [ 16.709160] kunit_try_run_case+0x170/0x3f0 [ 16.709345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.709411] kthread+0x328/0x630 [ 16.710100] ret_from_fork+0x10/0x20 [ 16.710182] [ 16.710203] The buggy address belongs to the object at fff00000c6419000 [ 16.710203] which belongs to the cache test_cache of size 200 [ 16.710278] The buggy address is located 0 bytes inside of [ 16.710278] 200-byte region [fff00000c6419000, fff00000c64190c8) [ 16.710359] [ 16.710613] The buggy address belongs to the physical page: [ 16.710699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106419 [ 16.711118] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.711185] page_type: f5(slab) [ 16.711228] raw: 0bfffe0000000000 fff00000c56963c0 dead000000000122 0000000000000000 [ 16.711801] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.711853] page dumped because: kasan: bad access detected [ 16.711968] [ 16.712483] Memory state around the buggy address: [ 16.712546] fff00000c6418f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.712602] fff00000c6418f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.712698] >fff00000c6419000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.712776] ^ [ 16.712864] fff00000c6419080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.712933] fff00000c6419100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.713039] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 16.386767] ================================================================== [ 16.387158] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 16.387265] Read of size 1 at addr fff00000c64150c8 by task kunit_try_catch/207 [ 16.387683] [ 16.387914] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.388356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.388392] Hardware name: linux,dummy-virt (DT) [ 16.388686] Call trace: [ 16.389093] show_stack+0x20/0x38 (C) [ 16.389258] dump_stack_lvl+0x8c/0xd0 [ 16.389509] print_report+0x118/0x608 [ 16.389701] kasan_report+0xdc/0x128 [ 16.389759] __asan_report_load1_noabort+0x20/0x30 [ 16.389963] kmem_cache_oob+0x344/0x430 [ 16.390041] kunit_try_run_case+0x170/0x3f0 [ 16.390122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.390465] kthread+0x328/0x630 [ 16.390618] ret_from_fork+0x10/0x20 [ 16.390816] [ 16.391036] Allocated by task 207: [ 16.391159] kasan_save_stack+0x3c/0x68 [ 16.391207] kasan_save_track+0x20/0x40 [ 16.391385] kasan_save_alloc_info+0x40/0x58 [ 16.391480] __kasan_slab_alloc+0xa8/0xb0 [ 16.391717] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.391760] kmem_cache_oob+0x12c/0x430 [ 16.392291] kunit_try_run_case+0x170/0x3f0 [ 16.392678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.392955] kthread+0x328/0x630 [ 16.393003] ret_from_fork+0x10/0x20 [ 16.393213] [ 16.393282] The buggy address belongs to the object at fff00000c6415000 [ 16.393282] which belongs to the cache test_cache of size 200 [ 16.393575] The buggy address is located 0 bytes to the right of [ 16.393575] allocated 200-byte region [fff00000c6415000, fff00000c64150c8) [ 16.393951] [ 16.393983] The buggy address belongs to the physical page: [ 16.394047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106415 [ 16.394117] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.394173] page_type: f5(slab) [ 16.394648] raw: 0bfffe0000000000 fff00000c5696280 dead000000000122 0000000000000000 [ 16.394894] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.395195] page dumped because: kasan: bad access detected [ 16.395253] [ 16.395482] Memory state around the buggy address: [ 16.395521] fff00000c6414f80: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 16.396063] fff00000c6415000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.396133] >fff00000c6415080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.396182] ^ [ 16.396223] fff00000c6415100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.396408] fff00000c6415180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.396457] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 16.327388] ================================================================== [ 16.327461] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 16.327877] Read of size 8 at addr fff00000c6437840 by task kunit_try_catch/200 [ 16.327954] [ 16.328003] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.328155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.328182] Hardware name: linux,dummy-virt (DT) [ 16.328253] Call trace: [ 16.328279] show_stack+0x20/0x38 (C) [ 16.328337] dump_stack_lvl+0x8c/0xd0 [ 16.328389] print_report+0x118/0x608 [ 16.328444] kasan_report+0xdc/0x128 [ 16.328499] __asan_report_load8_noabort+0x20/0x30 [ 16.328552] workqueue_uaf+0x480/0x4a8 [ 16.328597] kunit_try_run_case+0x170/0x3f0 [ 16.328648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.328702] kthread+0x328/0x630 [ 16.328746] ret_from_fork+0x10/0x20 [ 16.328795] [ 16.328814] Allocated by task 200: [ 16.328843] kasan_save_stack+0x3c/0x68 [ 16.328889] kasan_save_track+0x20/0x40 [ 16.328928] kasan_save_alloc_info+0x40/0x58 [ 16.329140] __kasan_kmalloc+0xd4/0xd8 [ 16.329208] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.329251] workqueue_uaf+0x13c/0x4a8 [ 16.329297] kunit_try_run_case+0x170/0x3f0 [ 16.329363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.329408] kthread+0x328/0x630 [ 16.329457] ret_from_fork+0x10/0x20 [ 16.329503] [ 16.329529] Freed by task 47: [ 16.329566] kasan_save_stack+0x3c/0x68 [ 16.329622] kasan_save_track+0x20/0x40 [ 16.329668] kasan_save_free_info+0x4c/0x78 [ 16.329725] __kasan_slab_free+0x6c/0x98 [ 16.329871] kfree+0x214/0x3c8 [ 16.329928] workqueue_uaf_work+0x18/0x30 [ 16.329966] process_one_work+0x530/0xf98 [ 16.330003] worker_thread+0x618/0xf38 [ 16.330061] kthread+0x328/0x630 [ 16.330104] ret_from_fork+0x10/0x20 [ 16.330141] [ 16.330159] Last potentially related work creation: [ 16.330186] kasan_save_stack+0x3c/0x68 [ 16.330225] kasan_record_aux_stack+0xb4/0xc8 [ 16.330267] __queue_work+0x65c/0x1008 [ 16.330303] queue_work_on+0xbc/0xf8 [ 16.330339] workqueue_uaf+0x210/0x4a8 [ 16.330374] kunit_try_run_case+0x170/0x3f0 [ 16.330413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.330455] kthread+0x328/0x630 [ 16.330488] ret_from_fork+0x10/0x20 [ 16.330668] [ 16.330720] The buggy address belongs to the object at fff00000c6437840 [ 16.330720] which belongs to the cache kmalloc-32 of size 32 [ 16.330813] The buggy address is located 0 bytes inside of [ 16.330813] freed 32-byte region [fff00000c6437840, fff00000c6437860) [ 16.330913] [ 16.330992] The buggy address belongs to the physical page: [ 16.331032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106437 [ 16.331106] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.331159] page_type: f5(slab) [ 16.331199] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 16.331249] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.331290] page dumped because: kasan: bad access detected [ 16.331322] [ 16.331340] Memory state around the buggy address: [ 16.331371] fff00000c6437700: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 16.331414] fff00000c6437780: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.331458] >fff00000c6437800: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 16.331496] ^ [ 16.331541] fff00000c6437880: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.331598] fff00000c6437900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.331637] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 16.311240] ================================================================== [ 16.311397] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 16.311489] Read of size 4 at addr fff00000c6437640 by task swapper/1/0 [ 16.311557] [ 16.311604] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.311707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.311743] Hardware name: linux,dummy-virt (DT) [ 16.311869] Call trace: [ 16.312021] show_stack+0x20/0x38 (C) [ 16.312092] dump_stack_lvl+0x8c/0xd0 [ 16.312146] print_report+0x118/0x608 [ 16.312193] kasan_report+0xdc/0x128 [ 16.312239] __asan_report_load4_noabort+0x20/0x30 [ 16.312307] rcu_uaf_reclaim+0x64/0x70 [ 16.312361] rcu_core+0x9f4/0x1e20 [ 16.312426] rcu_core_si+0x18/0x30 [ 16.312471] handle_softirqs+0x374/0xb28 [ 16.312529] __do_softirq+0x1c/0x28 [ 16.312572] ____do_softirq+0x18/0x30 [ 16.312636] call_on_irq_stack+0x24/0x30 [ 16.312691] do_softirq_own_stack+0x24/0x38 [ 16.312746] __irq_exit_rcu+0x1fc/0x318 [ 16.312823] irq_exit_rcu+0x1c/0x80 [ 16.312868] el1_interrupt+0x38/0x58 [ 16.312923] el1h_64_irq_handler+0x18/0x28 [ 16.312987] el1h_64_irq+0x6c/0x70 [ 16.313121] arch_local_irq_enable+0x4/0x8 (P) [ 16.313329] do_idle+0x384/0x4e8 [ 16.313374] cpu_startup_entry+0x64/0x80 [ 16.313459] secondary_start_kernel+0x288/0x340 [ 16.313516] __secondary_switched+0xc0/0xc8 [ 16.313581] [ 16.313615] Allocated by task 198: [ 16.313677] kasan_save_stack+0x3c/0x68 [ 16.313721] kasan_save_track+0x20/0x40 [ 16.313886] kasan_save_alloc_info+0x40/0x58 [ 16.313954] __kasan_kmalloc+0xd4/0xd8 [ 16.314047] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.314099] rcu_uaf+0xb0/0x2d8 [ 16.314134] kunit_try_run_case+0x170/0x3f0 [ 16.314176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.314240] kthread+0x328/0x630 [ 16.314275] ret_from_fork+0x10/0x20 [ 16.314313] [ 16.314333] Freed by task 0: [ 16.314359] kasan_save_stack+0x3c/0x68 [ 16.314536] kasan_save_track+0x20/0x40 [ 16.314613] kasan_save_free_info+0x4c/0x78 [ 16.314705] __kasan_slab_free+0x6c/0x98 [ 16.314775] kfree+0x214/0x3c8 [ 16.314834] rcu_uaf_reclaim+0x28/0x70 [ 16.314891] rcu_core+0x9f4/0x1e20 [ 16.314958] rcu_core_si+0x18/0x30 [ 16.315026] handle_softirqs+0x374/0xb28 [ 16.315142] __do_softirq+0x1c/0x28 [ 16.315201] [ 16.315287] Last potentially related work creation: [ 16.315370] kasan_save_stack+0x3c/0x68 [ 16.315422] kasan_record_aux_stack+0xb4/0xc8 [ 16.315505] __call_rcu_common.constprop.0+0x74/0x8c8 [ 16.315795] call_rcu+0x18/0x30 [ 16.315866] rcu_uaf+0x14c/0x2d8 [ 16.315972] kunit_try_run_case+0x170/0x3f0 [ 16.316053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.316110] kthread+0x328/0x630 [ 16.316354] ret_from_fork+0x10/0x20 [ 16.316441] [ 16.316542] The buggy address belongs to the object at fff00000c6437640 [ 16.316542] which belongs to the cache kmalloc-32 of size 32 [ 16.316638] The buggy address is located 0 bytes inside of [ 16.316638] freed 32-byte region [fff00000c6437640, fff00000c6437660) [ 16.316749] [ 16.316809] The buggy address belongs to the physical page: [ 16.316863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106437 [ 16.316962] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.317060] page_type: f5(slab) [ 16.317116] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 16.317174] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.317225] page dumped because: kasan: bad access detected [ 16.317258] [ 16.317290] Memory state around the buggy address: [ 16.317323] fff00000c6437500: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 16.317368] fff00000c6437580: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 16.317422] >fff00000c6437600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.317459] ^ [ 16.317492] fff00000c6437680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.317533] fff00000c6437700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.317571] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 16.152245] ================================================================== [ 16.152717] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 16.153156] Read of size 1 at addr fff00000c63f3a00 by task kunit_try_catch/196 [ 16.153207] [ 16.153241] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.153323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.153348] Hardware name: linux,dummy-virt (DT) [ 16.153378] Call trace: [ 16.153886] show_stack+0x20/0x38 (C) [ 16.153971] dump_stack_lvl+0x8c/0xd0 [ 16.154028] print_report+0x118/0x608 [ 16.154104] kasan_report+0xdc/0x128 [ 16.154608] __asan_report_load1_noabort+0x20/0x30 [ 16.154666] ksize_uaf+0x598/0x5f8 [ 16.154711] kunit_try_run_case+0x170/0x3f0 [ 16.154760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.154815] kthread+0x328/0x630 [ 16.154857] ret_from_fork+0x10/0x20 [ 16.154905] [ 16.154924] Allocated by task 196: [ 16.155473] kasan_save_stack+0x3c/0x68 [ 16.155704] kasan_save_track+0x20/0x40 [ 16.156284] kasan_save_alloc_info+0x40/0x58 [ 16.156333] __kasan_kmalloc+0xd4/0xd8 [ 16.156370] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.156764] ksize_uaf+0xb8/0x5f8 [ 16.156807] kunit_try_run_case+0x170/0x3f0 [ 16.156915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.157120] kthread+0x328/0x630 [ 16.157165] ret_from_fork+0x10/0x20 [ 16.157201] [ 16.157220] Freed by task 196: [ 16.157717] kasan_save_stack+0x3c/0x68 [ 16.158140] kasan_save_track+0x20/0x40 [ 16.158358] kasan_save_free_info+0x4c/0x78 [ 16.158399] __kasan_slab_free+0x6c/0x98 [ 16.158645] kfree+0x214/0x3c8 [ 16.158996] ksize_uaf+0x11c/0x5f8 [ 16.159203] kunit_try_run_case+0x170/0x3f0 [ 16.159251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.159682] kthread+0x328/0x630 [ 16.159811] ret_from_fork+0x10/0x20 [ 16.160069] [ 16.160105] The buggy address belongs to the object at fff00000c63f3a00 [ 16.160105] which belongs to the cache kmalloc-128 of size 128 [ 16.160209] The buggy address is located 0 bytes inside of [ 16.160209] freed 128-byte region [fff00000c63f3a00, fff00000c63f3a80) [ 16.160272] [ 16.160649] The buggy address belongs to the physical page: [ 16.160906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 16.161165] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.161411] page_type: f5(slab) [ 16.161741] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.161872] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.161915] page dumped because: kasan: bad access detected [ 16.161947] [ 16.162186] Memory state around the buggy address: [ 16.162227] fff00000c63f3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.162530] fff00000c63f3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.162757] >fff00000c63f3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.163017] ^ [ 16.163225] fff00000c63f3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.163664] fff00000c63f3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.163709] ================================================================== [ 16.166399] ================================================================== [ 16.166540] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 16.166635] Read of size 1 at addr fff00000c63f3a78 by task kunit_try_catch/196 [ 16.166686] [ 16.166720] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.166937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.166974] Hardware name: linux,dummy-virt (DT) [ 16.167349] Call trace: [ 16.167374] show_stack+0x20/0x38 (C) [ 16.167729] dump_stack_lvl+0x8c/0xd0 [ 16.168008] print_report+0x118/0x608 [ 16.168335] kasan_report+0xdc/0x128 [ 16.168596] __asan_report_load1_noabort+0x20/0x30 [ 16.168650] ksize_uaf+0x544/0x5f8 [ 16.168696] kunit_try_run_case+0x170/0x3f0 [ 16.168747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.169517] kthread+0x328/0x630 [ 16.169707] ret_from_fork+0x10/0x20 [ 16.170302] [ 16.170333] Allocated by task 196: [ 16.170363] kasan_save_stack+0x3c/0x68 [ 16.170409] kasan_save_track+0x20/0x40 [ 16.170446] kasan_save_alloc_info+0x40/0x58 [ 16.170488] __kasan_kmalloc+0xd4/0xd8 [ 16.170525] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.171242] ksize_uaf+0xb8/0x5f8 [ 16.171739] kunit_try_run_case+0x170/0x3f0 [ 16.172053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.172115] kthread+0x328/0x630 [ 16.172402] ret_from_fork+0x10/0x20 [ 16.172577] [ 16.172719] Freed by task 196: [ 16.172752] kasan_save_stack+0x3c/0x68 [ 16.172794] kasan_save_track+0x20/0x40 [ 16.173135] kasan_save_free_info+0x4c/0x78 [ 16.173195] __kasan_slab_free+0x6c/0x98 [ 16.173456] kfree+0x214/0x3c8 [ 16.173534] ksize_uaf+0x11c/0x5f8 [ 16.173771] kunit_try_run_case+0x170/0x3f0 [ 16.173899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.174055] kthread+0x328/0x630 [ 16.174108] ret_from_fork+0x10/0x20 [ 16.174147] [ 16.174167] The buggy address belongs to the object at fff00000c63f3a00 [ 16.174167] which belongs to the cache kmalloc-128 of size 128 [ 16.174234] The buggy address is located 120 bytes inside of [ 16.174234] freed 128-byte region [fff00000c63f3a00, fff00000c63f3a80) [ 16.174406] [ 16.174466] The buggy address belongs to the physical page: [ 16.174541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 16.174615] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.174947] page_type: f5(slab) [ 16.175051] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.175793] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.177100] page dumped because: kasan: bad access detected [ 16.177268] [ 16.177313] Memory state around the buggy address: [ 16.177692] fff00000c63f3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.179563] fff00000c63f3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.180116] >fff00000c63f3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.180222] ^ [ 16.180352] fff00000c63f3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.180492] fff00000c63f3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.180562] ================================================================== [ 16.143548] ================================================================== [ 16.143612] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 16.143670] Read of size 1 at addr fff00000c63f3a00 by task kunit_try_catch/196 [ 16.143720] [ 16.143754] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.143838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.143864] Hardware name: linux,dummy-virt (DT) [ 16.143895] Call trace: [ 16.143919] show_stack+0x20/0x38 (C) [ 16.143966] dump_stack_lvl+0x8c/0xd0 [ 16.144016] print_report+0x118/0x608 [ 16.144063] kasan_report+0xdc/0x128 [ 16.144126] __kasan_check_byte+0x54/0x70 [ 16.144173] ksize+0x30/0x88 [ 16.144215] ksize_uaf+0x168/0x5f8 [ 16.144260] kunit_try_run_case+0x170/0x3f0 [ 16.144308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.144360] kthread+0x328/0x630 [ 16.144404] ret_from_fork+0x10/0x20 [ 16.144451] [ 16.144471] Allocated by task 196: [ 16.144498] kasan_save_stack+0x3c/0x68 [ 16.144537] kasan_save_track+0x20/0x40 [ 16.144576] kasan_save_alloc_info+0x40/0x58 [ 16.144617] __kasan_kmalloc+0xd4/0xd8 [ 16.144654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.144693] ksize_uaf+0xb8/0x5f8 [ 16.144727] kunit_try_run_case+0x170/0x3f0 [ 16.144765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.144809] kthread+0x328/0x630 [ 16.144841] ret_from_fork+0x10/0x20 [ 16.144878] [ 16.144896] Freed by task 196: [ 16.144922] kasan_save_stack+0x3c/0x68 [ 16.144958] kasan_save_track+0x20/0x40 [ 16.144996] kasan_save_free_info+0x4c/0x78 [ 16.145034] __kasan_slab_free+0x6c/0x98 [ 16.145072] kfree+0x214/0x3c8 [ 16.145861] ksize_uaf+0x11c/0x5f8 [ 16.145992] kunit_try_run_case+0x170/0x3f0 [ 16.146063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.146167] kthread+0x328/0x630 [ 16.146218] ret_from_fork+0x10/0x20 [ 16.146265] [ 16.146286] The buggy address belongs to the object at fff00000c63f3a00 [ 16.146286] which belongs to the cache kmalloc-128 of size 128 [ 16.146374] The buggy address is located 0 bytes inside of [ 16.146374] freed 128-byte region [fff00000c63f3a00, fff00000c63f3a80) [ 16.146434] [ 16.146475] The buggy address belongs to the physical page: [ 16.146532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 16.146585] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.146634] page_type: f5(slab) [ 16.146696] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.146758] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.146817] page dumped because: kasan: bad access detected [ 16.146849] [ 16.146868] Memory state around the buggy address: [ 16.146909] fff00000c63f3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.146966] fff00000c63f3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.147016] >fff00000c63f3a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.147055] ^ [ 16.147507] fff00000c63f3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.147560] fff00000c63f3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.147601] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 16.116910] ================================================================== [ 16.116974] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.117358] Read of size 1 at addr fff00000c63f3973 by task kunit_try_catch/194 [ 16.117590] [ 16.117755] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.117862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.118027] Hardware name: linux,dummy-virt (DT) [ 16.118091] Call trace: [ 16.118140] show_stack+0x20/0x38 (C) [ 16.118254] dump_stack_lvl+0x8c/0xd0 [ 16.118308] print_report+0x118/0x608 [ 16.118427] kasan_report+0xdc/0x128 [ 16.118533] __asan_report_load1_noabort+0x20/0x30 [ 16.118601] ksize_unpoisons_memory+0x628/0x740 [ 16.118651] kunit_try_run_case+0x170/0x3f0 [ 16.118701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.118756] kthread+0x328/0x630 [ 16.118921] ret_from_fork+0x10/0x20 [ 16.118985] [ 16.119004] Allocated by task 194: [ 16.119034] kasan_save_stack+0x3c/0x68 [ 16.119097] kasan_save_track+0x20/0x40 [ 16.119182] kasan_save_alloc_info+0x40/0x58 [ 16.119224] __kasan_kmalloc+0xd4/0xd8 [ 16.119282] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.119493] ksize_unpoisons_memory+0xc0/0x740 [ 16.119537] kunit_try_run_case+0x170/0x3f0 [ 16.119623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.119691] kthread+0x328/0x630 [ 16.119820] ret_from_fork+0x10/0x20 [ 16.119900] [ 16.119920] The buggy address belongs to the object at fff00000c63f3900 [ 16.119920] which belongs to the cache kmalloc-128 of size 128 [ 16.119983] The buggy address is located 0 bytes to the right of [ 16.119983] allocated 115-byte region [fff00000c63f3900, fff00000c63f3973) [ 16.120048] [ 16.120075] The buggy address belongs to the physical page: [ 16.120117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 16.120167] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.120507] page_type: f5(slab) [ 16.120582] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.120631] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.120672] page dumped because: kasan: bad access detected [ 16.120703] [ 16.121200] Memory state around the buggy address: [ 16.121239] fff00000c63f3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.121323] fff00000c63f3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.121583] >fff00000c63f3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.121747] ^ [ 16.121788] fff00000c63f3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.121839] fff00000c63f3a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.121877] ================================================================== [ 16.123524] ================================================================== [ 16.123961] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.124229] Read of size 1 at addr fff00000c63f3978 by task kunit_try_catch/194 [ 16.124564] [ 16.124625] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.124936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.124984] Hardware name: linux,dummy-virt (DT) [ 16.125015] Call trace: [ 16.125038] show_stack+0x20/0x38 (C) [ 16.125103] dump_stack_lvl+0x8c/0xd0 [ 16.125153] print_report+0x118/0x608 [ 16.125201] kasan_report+0xdc/0x128 [ 16.125248] __asan_report_load1_noabort+0x20/0x30 [ 16.125624] ksize_unpoisons_memory+0x618/0x740 [ 16.125828] kunit_try_run_case+0x170/0x3f0 [ 16.126143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.126312] kthread+0x328/0x630 [ 16.126358] ret_from_fork+0x10/0x20 [ 16.126408] [ 16.126472] Allocated by task 194: [ 16.126529] kasan_save_stack+0x3c/0x68 [ 16.126621] kasan_save_track+0x20/0x40 [ 16.126689] kasan_save_alloc_info+0x40/0x58 [ 16.126785] __kasan_kmalloc+0xd4/0xd8 [ 16.126822] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.127004] ksize_unpoisons_memory+0xc0/0x740 [ 16.127203] kunit_try_run_case+0x170/0x3f0 [ 16.127254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.127298] kthread+0x328/0x630 [ 16.127330] ret_from_fork+0x10/0x20 [ 16.127399] [ 16.127418] The buggy address belongs to the object at fff00000c63f3900 [ 16.127418] which belongs to the cache kmalloc-128 of size 128 [ 16.127523] The buggy address is located 5 bytes to the right of [ 16.127523] allocated 115-byte region [fff00000c63f3900, fff00000c63f3973) [ 16.127654] [ 16.127754] The buggy address belongs to the physical page: [ 16.127808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 16.127859] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.127971] page_type: f5(slab) [ 16.128010] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.128105] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.128146] page dumped because: kasan: bad access detected [ 16.128177] [ 16.128500] Memory state around the buggy address: [ 16.128688] fff00000c63f3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.128736] fff00000c63f3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.128933] >fff00000c63f3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.129183] ^ [ 16.129323] fff00000c63f3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.129666] fff00000c63f3a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.129824] ================================================================== [ 16.131844] ================================================================== [ 16.131914] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.131991] Read of size 1 at addr fff00000c63f397f by task kunit_try_catch/194 [ 16.132381] [ 16.132424] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.132607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.132834] Hardware name: linux,dummy-virt (DT) [ 16.132887] Call trace: [ 16.132962] show_stack+0x20/0x38 (C) [ 16.133019] dump_stack_lvl+0x8c/0xd0 [ 16.133220] print_report+0x118/0x608 [ 16.133399] kasan_report+0xdc/0x128 [ 16.133499] __asan_report_load1_noabort+0x20/0x30 [ 16.133551] ksize_unpoisons_memory+0x690/0x740 [ 16.133599] kunit_try_run_case+0x170/0x3f0 [ 16.133659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.133712] kthread+0x328/0x630 [ 16.134098] ret_from_fork+0x10/0x20 [ 16.134150] [ 16.134168] Allocated by task 194: [ 16.134197] kasan_save_stack+0x3c/0x68 [ 16.134237] kasan_save_track+0x20/0x40 [ 16.134432] kasan_save_alloc_info+0x40/0x58 [ 16.134553] __kasan_kmalloc+0xd4/0xd8 [ 16.134631] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.134786] ksize_unpoisons_memory+0xc0/0x740 [ 16.134880] kunit_try_run_case+0x170/0x3f0 [ 16.134918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.135223] kthread+0x328/0x630 [ 16.135266] ret_from_fork+0x10/0x20 [ 16.135348] [ 16.135367] The buggy address belongs to the object at fff00000c63f3900 [ 16.135367] which belongs to the cache kmalloc-128 of size 128 [ 16.135425] The buggy address is located 12 bytes to the right of [ 16.135425] allocated 115-byte region [fff00000c63f3900, fff00000c63f3973) [ 16.135499] [ 16.135519] The buggy address belongs to the physical page: [ 16.135550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 16.135962] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.136020] page_type: f5(slab) [ 16.136058] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.136120] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.136161] page dumped because: kasan: bad access detected [ 16.136192] [ 16.136219] Memory state around the buggy address: [ 16.136251] fff00000c63f3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.136294] fff00000c63f3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.136706] >fff00000c63f3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.136753] ^ [ 16.137149] fff00000c63f3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.137257] fff00000c63f3a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.137295] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 16.105249] ================================================================== [ 16.105337] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 16.105395] Free of addr fff00000c5ff7a40 by task kunit_try_catch/192 [ 16.105439] [ 16.105479] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.105564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.105589] Hardware name: linux,dummy-virt (DT) [ 16.105620] Call trace: [ 16.105643] show_stack+0x20/0x38 (C) [ 16.105692] dump_stack_lvl+0x8c/0xd0 [ 16.105743] print_report+0x118/0x608 [ 16.105801] kasan_report_invalid_free+0xc0/0xe8 [ 16.105855] check_slab_allocation+0xd4/0x108 [ 16.105903] __kasan_slab_pre_free+0x2c/0x48 [ 16.105949] kfree+0xe8/0x3c8 [ 16.105993] kfree_sensitive+0x3c/0xb0 [ 16.106039] kmalloc_double_kzfree+0x168/0x308 [ 16.106096] kunit_try_run_case+0x170/0x3f0 [ 16.106143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.106198] kthread+0x328/0x630 [ 16.106239] ret_from_fork+0x10/0x20 [ 16.106288] [ 16.106306] Allocated by task 192: [ 16.106333] kasan_save_stack+0x3c/0x68 [ 16.106375] kasan_save_track+0x20/0x40 [ 16.106415] kasan_save_alloc_info+0x40/0x58 [ 16.106459] __kasan_kmalloc+0xd4/0xd8 [ 16.106496] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.106536] kmalloc_double_kzfree+0xb8/0x308 [ 16.106576] kunit_try_run_case+0x170/0x3f0 [ 16.106614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.106660] kthread+0x328/0x630 [ 16.106693] ret_from_fork+0x10/0x20 [ 16.106729] [ 16.106746] Freed by task 192: [ 16.106770] kasan_save_stack+0x3c/0x68 [ 16.106808] kasan_save_track+0x20/0x40 [ 16.106848] kasan_save_free_info+0x4c/0x78 [ 16.106888] __kasan_slab_free+0x6c/0x98 [ 16.106926] kfree+0x214/0x3c8 [ 16.106958] kfree_sensitive+0x80/0xb0 [ 16.106994] kmalloc_double_kzfree+0x11c/0x308 [ 16.107034] kunit_try_run_case+0x170/0x3f0 [ 16.107070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.108103] kthread+0x328/0x630 [ 16.108148] ret_from_fork+0x10/0x20 [ 16.108281] [ 16.108352] The buggy address belongs to the object at fff00000c5ff7a40 [ 16.108352] which belongs to the cache kmalloc-16 of size 16 [ 16.108495] The buggy address is located 0 bytes inside of [ 16.108495] 16-byte region [fff00000c5ff7a40, fff00000c5ff7a50) [ 16.108762] [ 16.108790] The buggy address belongs to the physical page: [ 16.108880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ff7 [ 16.108944] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.108995] page_type: f5(slab) [ 16.109035] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.109094] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.109136] page dumped because: kasan: bad access detected [ 16.109177] [ 16.109194] Memory state around the buggy address: [ 16.109227] fff00000c5ff7900: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.109606] fff00000c5ff7980: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.109682] >fff00000c5ff7a00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 16.109782] ^ [ 16.109855] fff00000c5ff7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.109941] fff00000c5ff7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.109982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.093213] ================================================================== [ 16.093443] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 16.093659] Read of size 1 at addr fff00000c5ff7a40 by task kunit_try_catch/192 [ 16.093828] [ 16.093867] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.094129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.094157] Hardware name: linux,dummy-virt (DT) [ 16.094424] Call trace: [ 16.094450] show_stack+0x20/0x38 (C) [ 16.094637] dump_stack_lvl+0x8c/0xd0 [ 16.094754] print_report+0x118/0x608 [ 16.094920] kasan_report+0xdc/0x128 [ 16.094967] __kasan_check_byte+0x54/0x70 [ 16.095183] kfree_sensitive+0x30/0xb0 [ 16.095238] kmalloc_double_kzfree+0x168/0x308 [ 16.095285] kunit_try_run_case+0x170/0x3f0 [ 16.095337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.095567] kthread+0x328/0x630 [ 16.095619] ret_from_fork+0x10/0x20 [ 16.095888] [ 16.095938] Allocated by task 192: [ 16.095974] kasan_save_stack+0x3c/0x68 [ 16.096061] kasan_save_track+0x20/0x40 [ 16.096178] kasan_save_alloc_info+0x40/0x58 [ 16.096219] __kasan_kmalloc+0xd4/0xd8 [ 16.096418] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.096597] kmalloc_double_kzfree+0xb8/0x308 [ 16.096654] kunit_try_run_case+0x170/0x3f0 [ 16.096694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.096831] kthread+0x328/0x630 [ 16.096864] ret_from_fork+0x10/0x20 [ 16.096960] [ 16.096980] Freed by task 192: [ 16.097062] kasan_save_stack+0x3c/0x68 [ 16.097113] kasan_save_track+0x20/0x40 [ 16.097150] kasan_save_free_info+0x4c/0x78 [ 16.097190] __kasan_slab_free+0x6c/0x98 [ 16.097276] kfree+0x214/0x3c8 [ 16.097427] kfree_sensitive+0x80/0xb0 [ 16.097609] kmalloc_double_kzfree+0x11c/0x308 [ 16.097788] kunit_try_run_case+0x170/0x3f0 [ 16.097832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.098143] kthread+0x328/0x630 [ 16.098555] ret_from_fork+0x10/0x20 [ 16.098604] [ 16.098624] The buggy address belongs to the object at fff00000c5ff7a40 [ 16.098624] which belongs to the cache kmalloc-16 of size 16 [ 16.098684] The buggy address is located 0 bytes inside of [ 16.098684] freed 16-byte region [fff00000c5ff7a40, fff00000c5ff7a50) [ 16.098784] [ 16.098827] The buggy address belongs to the physical page: [ 16.098861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ff7 [ 16.098915] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.099336] page_type: f5(slab) [ 16.099459] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.099533] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.099609] page dumped because: kasan: bad access detected [ 16.099957] [ 16.100050] Memory state around the buggy address: [ 16.100106] fff00000c5ff7900: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.100231] fff00000c5ff7980: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.100275] >fff00000c5ff7a00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 16.100313] ^ [ 16.100348] fff00000c5ff7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.100389] fff00000c5ff7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.100437] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.069655] ================================================================== [ 16.069716] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 16.069785] Read of size 1 at addr fff00000c64512a8 by task kunit_try_catch/188 [ 16.069838] [ 16.069872] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.069956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.069981] Hardware name: linux,dummy-virt (DT) [ 16.070013] Call trace: [ 16.070034] show_stack+0x20/0x38 (C) [ 16.070095] dump_stack_lvl+0x8c/0xd0 [ 16.070144] print_report+0x118/0x608 [ 16.070192] kasan_report+0xdc/0x128 [ 16.070237] __asan_report_load1_noabort+0x20/0x30 [ 16.070290] kmalloc_uaf2+0x3f4/0x468 [ 16.070335] kunit_try_run_case+0x170/0x3f0 [ 16.070385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.070439] kthread+0x328/0x630 [ 16.070481] ret_from_fork+0x10/0x20 [ 16.070530] [ 16.070548] Allocated by task 188: [ 16.070576] kasan_save_stack+0x3c/0x68 [ 16.070615] kasan_save_track+0x20/0x40 [ 16.070654] kasan_save_alloc_info+0x40/0x58 [ 16.070693] __kasan_kmalloc+0xd4/0xd8 [ 16.070729] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.070769] kmalloc_uaf2+0xc4/0x468 [ 16.070804] kunit_try_run_case+0x170/0x3f0 [ 16.070841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.071113] kthread+0x328/0x630 [ 16.071151] ret_from_fork+0x10/0x20 [ 16.071342] [ 16.071361] Freed by task 188: [ 16.071390] kasan_save_stack+0x3c/0x68 [ 16.071508] kasan_save_track+0x20/0x40 [ 16.071551] kasan_save_free_info+0x4c/0x78 [ 16.071593] __kasan_slab_free+0x6c/0x98 [ 16.071631] kfree+0x214/0x3c8 [ 16.071663] kmalloc_uaf2+0x134/0x468 [ 16.071932] kunit_try_run_case+0x170/0x3f0 [ 16.072022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.072159] kthread+0x328/0x630 [ 16.072234] ret_from_fork+0x10/0x20 [ 16.072289] [ 16.072308] The buggy address belongs to the object at fff00000c6451280 [ 16.072308] which belongs to the cache kmalloc-64 of size 64 [ 16.072528] The buggy address is located 40 bytes inside of [ 16.072528] freed 64-byte region [fff00000c6451280, fff00000c64512c0) [ 16.072598] [ 16.072619] The buggy address belongs to the physical page: [ 16.072652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106451 [ 16.072725] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.072776] page_type: f5(slab) [ 16.072818] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.072903] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.072996] page dumped because: kasan: bad access detected [ 16.073028] [ 16.073045] Memory state around the buggy address: [ 16.073170] fff00000c6451180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.073214] fff00000c6451200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.073256] >fff00000c6451280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.073294] ^ [ 16.073326] fff00000c6451300: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 16.073368] fff00000c6451380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.073407] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.053431] ================================================================== [ 16.053509] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.053579] Write of size 33 at addr fff00000c6451100 by task kunit_try_catch/186 [ 16.053969] [ 16.054138] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.054282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.054308] Hardware name: linux,dummy-virt (DT) [ 16.054345] Call trace: [ 16.054407] show_stack+0x20/0x38 (C) [ 16.054530] dump_stack_lvl+0x8c/0xd0 [ 16.054651] print_report+0x118/0x608 [ 16.054700] kasan_report+0xdc/0x128 [ 16.054939] kasan_check_range+0x100/0x1a8 [ 16.054997] __asan_memset+0x34/0x78 [ 16.055055] kmalloc_uaf_memset+0x170/0x310 [ 16.055113] kunit_try_run_case+0x170/0x3f0 [ 16.055165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.055219] kthread+0x328/0x630 [ 16.055262] ret_from_fork+0x10/0x20 [ 16.055567] [ 16.055599] Allocated by task 186: [ 16.055926] kasan_save_stack+0x3c/0x68 [ 16.055979] kasan_save_track+0x20/0x40 [ 16.056026] kasan_save_alloc_info+0x40/0x58 [ 16.056097] __kasan_kmalloc+0xd4/0xd8 [ 16.056320] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.056401] kmalloc_uaf_memset+0xb8/0x310 [ 16.056438] kunit_try_run_case+0x170/0x3f0 [ 16.056475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.056725] kthread+0x328/0x630 [ 16.056759] ret_from_fork+0x10/0x20 [ 16.056794] [ 16.056843] Freed by task 186: [ 16.056869] kasan_save_stack+0x3c/0x68 [ 16.056906] kasan_save_track+0x20/0x40 [ 16.057271] kasan_save_free_info+0x4c/0x78 [ 16.057340] __kasan_slab_free+0x6c/0x98 [ 16.057378] kfree+0x214/0x3c8 [ 16.057452] kmalloc_uaf_memset+0x11c/0x310 [ 16.057519] kunit_try_run_case+0x170/0x3f0 [ 16.057558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.057973] kthread+0x328/0x630 [ 16.058054] ret_from_fork+0x10/0x20 [ 16.058139] [ 16.058159] The buggy address belongs to the object at fff00000c6451100 [ 16.058159] which belongs to the cache kmalloc-64 of size 64 [ 16.058313] The buggy address is located 0 bytes inside of [ 16.058313] freed 64-byte region [fff00000c6451100, fff00000c6451140) [ 16.058375] [ 16.058403] The buggy address belongs to the physical page: [ 16.058468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106451 [ 16.058522] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.058610] page_type: f5(slab) [ 16.058743] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.058845] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.058890] page dumped because: kasan: bad access detected [ 16.058921] [ 16.058940] Memory state around the buggy address: [ 16.058981] fff00000c6451000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.059033] fff00000c6451080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.059187] >fff00000c6451100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.059289] ^ [ 16.059318] fff00000c6451180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.059360] fff00000c6451200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.059398] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.020123] ================================================================== [ 16.020183] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.020243] Read of size 1 at addr fff00000c5ff7a28 by task kunit_try_catch/184 [ 16.020292] [ 16.020329] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.020412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.020438] Hardware name: linux,dummy-virt (DT) [ 16.020469] Call trace: [ 16.020492] show_stack+0x20/0x38 (C) [ 16.020560] dump_stack_lvl+0x8c/0xd0 [ 16.020612] print_report+0x118/0x608 [ 16.020668] kasan_report+0xdc/0x128 [ 16.020719] __asan_report_load1_noabort+0x20/0x30 [ 16.020774] kmalloc_uaf+0x300/0x338 [ 16.020818] kunit_try_run_case+0x170/0x3f0 [ 16.020868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.020932] kthread+0x328/0x630 [ 16.020985] ret_from_fork+0x10/0x20 [ 16.021036] [ 16.021055] Allocated by task 184: [ 16.021096] kasan_save_stack+0x3c/0x68 [ 16.021137] kasan_save_track+0x20/0x40 [ 16.021176] kasan_save_alloc_info+0x40/0x58 [ 16.021215] __kasan_kmalloc+0xd4/0xd8 [ 16.021251] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.021292] kmalloc_uaf+0xb8/0x338 [ 16.021575] kunit_try_run_case+0x170/0x3f0 [ 16.021770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.021940] kthread+0x328/0x630 [ 16.021990] ret_from_fork+0x10/0x20 [ 16.022129] [ 16.022161] Freed by task 184: [ 16.022188] kasan_save_stack+0x3c/0x68 [ 16.022226] kasan_save_track+0x20/0x40 [ 16.022285] kasan_save_free_info+0x4c/0x78 [ 16.022326] __kasan_slab_free+0x6c/0x98 [ 16.022402] kfree+0x214/0x3c8 [ 16.022437] kmalloc_uaf+0x11c/0x338 [ 16.022607] kunit_try_run_case+0x170/0x3f0 [ 16.022689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.022747] kthread+0x328/0x630 [ 16.022856] ret_from_fork+0x10/0x20 [ 16.022947] [ 16.022993] The buggy address belongs to the object at fff00000c5ff7a20 [ 16.022993] which belongs to the cache kmalloc-16 of size 16 [ 16.023069] The buggy address is located 8 bytes inside of [ 16.023069] freed 16-byte region [fff00000c5ff7a20, fff00000c5ff7a30) [ 16.023159] [ 16.023181] The buggy address belongs to the physical page: [ 16.023334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ff7 [ 16.023527] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.023634] page_type: f5(slab) [ 16.023692] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.023787] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.023863] page dumped because: kasan: bad access detected [ 16.023895] [ 16.023912] Memory state around the buggy address: [ 16.023970] fff00000c5ff7900: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.025808] fff00000c5ff7980: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.025861] >fff00000c5ff7a00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.025901] ^ [ 16.025935] fff00000c5ff7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.025977] fff00000c5ff7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.026016] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.008867] ================================================================== [ 16.008929] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.008988] Read of size 64 at addr fff00000c642ee04 by task kunit_try_catch/182 [ 16.009056] [ 16.009125] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.009256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.009284] Hardware name: linux,dummy-virt (DT) [ 16.009314] Call trace: [ 16.009339] show_stack+0x20/0x38 (C) [ 16.009546] dump_stack_lvl+0x8c/0xd0 [ 16.009630] print_report+0x118/0x608 [ 16.009685] kasan_report+0xdc/0x128 [ 16.009740] kasan_check_range+0x100/0x1a8 [ 16.009878] __asan_memmove+0x3c/0x98 [ 16.009969] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.010098] kunit_try_run_case+0x170/0x3f0 [ 16.010160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.010218] kthread+0x328/0x630 [ 16.010261] ret_from_fork+0x10/0x20 [ 16.010329] [ 16.010795] Allocated by task 182: [ 16.010886] kasan_save_stack+0x3c/0x68 [ 16.010995] kasan_save_track+0x20/0x40 [ 16.011075] kasan_save_alloc_info+0x40/0x58 [ 16.011143] __kasan_kmalloc+0xd4/0xd8 [ 16.011251] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.011330] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.011392] kunit_try_run_case+0x170/0x3f0 [ 16.011490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.011559] kthread+0x328/0x630 [ 16.011594] ret_from_fork+0x10/0x20 [ 16.011668] [ 16.011930] The buggy address belongs to the object at fff00000c642ee00 [ 16.011930] which belongs to the cache kmalloc-64 of size 64 [ 16.012006] The buggy address is located 4 bytes inside of [ 16.012006] allocated 64-byte region [fff00000c642ee00, fff00000c642ee40) [ 16.012481] [ 16.012651] The buggy address belongs to the physical page: [ 16.012691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10642e [ 16.012845] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.012912] page_type: f5(slab) [ 16.012965] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.013026] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.013067] page dumped because: kasan: bad access detected [ 16.013111] [ 16.013129] Memory state around the buggy address: [ 16.013173] fff00000c642ed00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.013216] fff00000c642ed80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.013258] >fff00000c642ee00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.013295] ^ [ 16.013329] fff00000c642ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.013370] fff00000c642ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.013408] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.999645] ================================================================== [ 15.999731] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.999788] Read of size 18446744073709551614 at addr fff00000c642ec04 by task kunit_try_catch/180 [ 15.999866] [ 15.999902] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.000163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.000214] Hardware name: linux,dummy-virt (DT) [ 16.000252] Call trace: [ 16.000275] show_stack+0x20/0x38 (C) [ 16.000326] dump_stack_lvl+0x8c/0xd0 [ 16.000383] print_report+0x118/0x608 [ 16.000437] kasan_report+0xdc/0x128 [ 16.000483] kasan_check_range+0x100/0x1a8 [ 16.000538] __asan_memmove+0x3c/0x98 [ 16.000582] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.000638] kunit_try_run_case+0x170/0x3f0 [ 16.000695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.000747] kthread+0x328/0x630 [ 16.000795] ret_from_fork+0x10/0x20 [ 16.000842] [ 16.000869] Allocated by task 180: [ 16.000896] kasan_save_stack+0x3c/0x68 [ 16.000943] kasan_save_track+0x20/0x40 [ 16.000989] kasan_save_alloc_info+0x40/0x58 [ 16.001029] __kasan_kmalloc+0xd4/0xd8 [ 16.001064] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.001424] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.001545] kunit_try_run_case+0x170/0x3f0 [ 16.001591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.001645] kthread+0x328/0x630 [ 16.001694] ret_from_fork+0x10/0x20 [ 16.001740] [ 16.001832] The buggy address belongs to the object at fff00000c642ec00 [ 16.001832] which belongs to the cache kmalloc-64 of size 64 [ 16.001976] The buggy address is located 4 bytes inside of [ 16.001976] 64-byte region [fff00000c642ec00, fff00000c642ec40) [ 16.002037] [ 16.002058] The buggy address belongs to the physical page: [ 16.002102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10642e [ 16.002154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.002203] page_type: f5(slab) [ 16.002425] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.002529] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.002609] page dumped because: kasan: bad access detected [ 16.002643] [ 16.002661] Memory state around the buggy address: [ 16.002709] fff00000c642eb00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.002886] fff00000c642eb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.003058] >fff00000c642ec00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.003143] ^ [ 16.003219] fff00000c642ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.003286] fff00000c642ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.003360] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 15.986401] ================================================================== [ 15.986461] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 15.986689] Write of size 16 at addr fff00000c63f3869 by task kunit_try_catch/178 [ 15.986752] [ 15.986859] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.986962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.987063] Hardware name: linux,dummy-virt (DT) [ 15.987138] Call trace: [ 15.987177] show_stack+0x20/0x38 (C) [ 15.987277] dump_stack_lvl+0x8c/0xd0 [ 15.987365] print_report+0x118/0x608 [ 15.987438] kasan_report+0xdc/0x128 [ 15.987544] kasan_check_range+0x100/0x1a8 [ 15.987594] __asan_memset+0x34/0x78 [ 15.987823] kmalloc_oob_memset_16+0x150/0x2f8 [ 15.987931] kunit_try_run_case+0x170/0x3f0 [ 15.988125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.988202] kthread+0x328/0x630 [ 15.988290] ret_from_fork+0x10/0x20 [ 15.988381] [ 15.988406] Allocated by task 178: [ 15.988481] kasan_save_stack+0x3c/0x68 [ 15.989885] kasan_save_track+0x20/0x40 [ 15.990633] kasan_save_alloc_info+0x40/0x58 [ 15.990682] __kasan_kmalloc+0xd4/0xd8 [ 15.990748] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.990791] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.990828] kunit_try_run_case+0x170/0x3f0 [ 15.992904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.993002] kthread+0x328/0x630 [ 15.993114] ret_from_fork+0x10/0x20 [ 15.993171] [ 15.993220] The buggy address belongs to the object at fff00000c63f3800 [ 15.993220] which belongs to the cache kmalloc-128 of size 128 [ 15.993300] The buggy address is located 105 bytes inside of [ 15.993300] allocated 120-byte region [fff00000c63f3800, fff00000c63f3878) [ 15.993384] [ 15.993443] The buggy address belongs to the physical page: [ 15.993474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.993526] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.993814] page_type: f5(slab) [ 15.993912] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.993991] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.994105] page dumped because: kasan: bad access detected [ 15.994163] [ 15.994214] Memory state around the buggy address: [ 15.994296] fff00000c63f3700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.994384] fff00000c63f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994455] >fff00000c63f3800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.994541] ^ [ 15.994599] fff00000c63f3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994669] fff00000c63f3900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994760] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.972942] ================================================================== [ 15.973020] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.973200] Write of size 8 at addr fff00000c63f3771 by task kunit_try_catch/176 [ 15.973414] [ 15.973492] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.973584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.973610] Hardware name: linux,dummy-virt (DT) [ 15.973641] Call trace: [ 15.973678] show_stack+0x20/0x38 (C) [ 15.973731] dump_stack_lvl+0x8c/0xd0 [ 15.973959] print_report+0x118/0x608 [ 15.974231] kasan_report+0xdc/0x128 [ 15.974337] kasan_check_range+0x100/0x1a8 [ 15.974405] __asan_memset+0x34/0x78 [ 15.974712] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.974866] kunit_try_run_case+0x170/0x3f0 [ 15.974927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.974980] kthread+0x328/0x630 [ 15.975022] ret_from_fork+0x10/0x20 [ 15.975072] [ 15.975101] Allocated by task 176: [ 15.975504] kasan_save_stack+0x3c/0x68 [ 15.975607] kasan_save_track+0x20/0x40 [ 15.975677] kasan_save_alloc_info+0x40/0x58 [ 15.975751] __kasan_kmalloc+0xd4/0xd8 [ 15.975837] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.975916] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.975994] kunit_try_run_case+0x170/0x3f0 [ 15.976074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.976156] kthread+0x328/0x630 [ 15.976189] ret_from_fork+0x10/0x20 [ 15.976251] [ 15.976570] The buggy address belongs to the object at fff00000c63f3700 [ 15.976570] which belongs to the cache kmalloc-128 of size 128 [ 15.976643] The buggy address is located 113 bytes inside of [ 15.976643] allocated 120-byte region [fff00000c63f3700, fff00000c63f3778) [ 15.976893] [ 15.977114] The buggy address belongs to the physical page: [ 15.977163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.977256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.977337] page_type: f5(slab) [ 15.977405] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.977515] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.977606] page dumped because: kasan: bad access detected [ 15.977700] [ 15.977773] Memory state around the buggy address: [ 15.977871] fff00000c63f3600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.977929] fff00000c63f3680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.977987] >fff00000c63f3700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.978032] ^ [ 15.978118] fff00000c63f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.978167] fff00000c63f3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.978203] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.963108] ================================================================== [ 15.963387] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.963471] Write of size 4 at addr fff00000c63f3675 by task kunit_try_catch/174 [ 15.963527] [ 15.963589] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.963791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.964026] Hardware name: linux,dummy-virt (DT) [ 15.964071] Call trace: [ 15.964217] show_stack+0x20/0x38 (C) [ 15.964437] dump_stack_lvl+0x8c/0xd0 [ 15.964508] print_report+0x118/0x608 [ 15.964574] kasan_report+0xdc/0x128 [ 15.964619] kasan_check_range+0x100/0x1a8 [ 15.964674] __asan_memset+0x34/0x78 [ 15.964738] kmalloc_oob_memset_4+0x150/0x300 [ 15.964795] kunit_try_run_case+0x170/0x3f0 [ 15.964853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.964906] kthread+0x328/0x630 [ 15.965028] ret_from_fork+0x10/0x20 [ 15.965089] [ 15.965231] Allocated by task 174: [ 15.965267] kasan_save_stack+0x3c/0x68 [ 15.965350] kasan_save_track+0x20/0x40 [ 15.965396] kasan_save_alloc_info+0x40/0x58 [ 15.965442] __kasan_kmalloc+0xd4/0xd8 [ 15.965479] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.965530] kmalloc_oob_memset_4+0xb0/0x300 [ 15.965598] kunit_try_run_case+0x170/0x3f0 [ 15.965645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.965690] kthread+0x328/0x630 [ 15.965739] ret_from_fork+0x10/0x20 [ 15.965875] [ 15.965923] The buggy address belongs to the object at fff00000c63f3600 [ 15.965923] which belongs to the cache kmalloc-128 of size 128 [ 15.966045] The buggy address is located 117 bytes inside of [ 15.966045] allocated 120-byte region [fff00000c63f3600, fff00000c63f3678) [ 15.966135] [ 15.966157] The buggy address belongs to the physical page: [ 15.966215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.966269] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.966320] page_type: f5(slab) [ 15.966361] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.966409] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.966448] page dumped because: kasan: bad access detected [ 15.966477] [ 15.966495] Memory state around the buggy address: [ 15.966527] fff00000c63f3500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.966568] fff00000c63f3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.966608] >fff00000c63f3600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.966645] ^ [ 15.966683] fff00000c63f3680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.967067] fff00000c63f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.967163] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.949006] ================================================================== [ 15.949069] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.949147] Write of size 2 at addr fff00000c63f3577 by task kunit_try_catch/172 [ 15.949333] [ 15.949381] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.949467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.949492] Hardware name: linux,dummy-virt (DT) [ 15.949523] Call trace: [ 15.949545] show_stack+0x20/0x38 (C) [ 15.949604] dump_stack_lvl+0x8c/0xd0 [ 15.949653] print_report+0x118/0x608 [ 15.949708] kasan_report+0xdc/0x128 [ 15.949763] kasan_check_range+0x100/0x1a8 [ 15.949811] __asan_memset+0x34/0x78 [ 15.949857] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.949903] kunit_try_run_case+0x170/0x3f0 [ 15.949951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.950028] kthread+0x328/0x630 [ 15.950075] ret_from_fork+0x10/0x20 [ 15.950430] [ 15.950479] Allocated by task 172: [ 15.950519] kasan_save_stack+0x3c/0x68 [ 15.950562] kasan_save_track+0x20/0x40 [ 15.950599] kasan_save_alloc_info+0x40/0x58 [ 15.950739] __kasan_kmalloc+0xd4/0xd8 [ 15.950804] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.950844] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.950882] kunit_try_run_case+0x170/0x3f0 [ 15.950920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.951024] kthread+0x328/0x630 [ 15.951097] ret_from_fork+0x10/0x20 [ 15.951166] [ 15.951226] The buggy address belongs to the object at fff00000c63f3500 [ 15.951226] which belongs to the cache kmalloc-128 of size 128 [ 15.951312] The buggy address is located 119 bytes inside of [ 15.951312] allocated 120-byte region [fff00000c63f3500, fff00000c63f3578) [ 15.951421] [ 15.951498] The buggy address belongs to the physical page: [ 15.951547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.951599] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.951648] page_type: f5(slab) [ 15.951687] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.951763] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.951913] page dumped because: kasan: bad access detected [ 15.951963] [ 15.952028] Memory state around the buggy address: [ 15.952154] fff00000c63f3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.953899] fff00000c63f3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.953940] >fff00000c63f3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.953976] ^ [ 15.954014] fff00000c63f3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.954054] fff00000c63f3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.954100] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.935199] ================================================================== [ 15.935262] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.935563] Write of size 128 at addr fff00000c63f3400 by task kunit_try_catch/170 [ 15.935734] [ 15.935792] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.935927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.935955] Hardware name: linux,dummy-virt (DT) [ 15.936013] Call trace: [ 15.936052] show_stack+0x20/0x38 (C) [ 15.936176] dump_stack_lvl+0x8c/0xd0 [ 15.936231] print_report+0x118/0x608 [ 15.936286] kasan_report+0xdc/0x128 [ 15.936339] kasan_check_range+0x100/0x1a8 [ 15.936620] __asan_memset+0x34/0x78 [ 15.936683] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.936814] kunit_try_run_case+0x170/0x3f0 [ 15.936877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.936946] kthread+0x328/0x630 [ 15.937051] ret_from_fork+0x10/0x20 [ 15.937116] [ 15.937134] Allocated by task 170: [ 15.937161] kasan_save_stack+0x3c/0x68 [ 15.937252] kasan_save_track+0x20/0x40 [ 15.937292] kasan_save_alloc_info+0x40/0x58 [ 15.937332] __kasan_kmalloc+0xd4/0xd8 [ 15.937384] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.937663] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.937728] kunit_try_run_case+0x170/0x3f0 [ 15.937846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.937910] kthread+0x328/0x630 [ 15.937942] ret_from_fork+0x10/0x20 [ 15.937985] [ 15.938005] The buggy address belongs to the object at fff00000c63f3400 [ 15.938005] which belongs to the cache kmalloc-128 of size 128 [ 15.938205] The buggy address is located 0 bytes inside of [ 15.938205] allocated 120-byte region [fff00000c63f3400, fff00000c63f3478) [ 15.938407] [ 15.938468] The buggy address belongs to the physical page: [ 15.938525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.938668] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.938760] page_type: f5(slab) [ 15.938874] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.938961] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.939011] page dumped because: kasan: bad access detected [ 15.939041] [ 15.939059] Memory state around the buggy address: [ 15.939398] fff00000c63f3300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.939464] fff00000c63f3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.939596] >fff00000c63f3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.939676] ^ [ 15.939763] fff00000c63f3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.939881] fff00000c63f3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.939961] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 15.923310] ================================================================== [ 15.923453] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 15.923529] Read of size 16 at addr fff00000c5ff7a00 by task kunit_try_catch/168 [ 15.923618] [ 15.923669] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.923849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.923888] Hardware name: linux,dummy-virt (DT) [ 15.923926] Call trace: [ 15.923963] show_stack+0x20/0x38 (C) [ 15.924203] dump_stack_lvl+0x8c/0xd0 [ 15.924275] print_report+0x118/0x608 [ 15.924333] kasan_report+0xdc/0x128 [ 15.924386] __asan_report_load16_noabort+0x20/0x30 [ 15.924470] kmalloc_uaf_16+0x3bc/0x438 [ 15.924527] kunit_try_run_case+0x170/0x3f0 [ 15.924583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.924698] kthread+0x328/0x630 [ 15.924743] ret_from_fork+0x10/0x20 [ 15.924799] [ 15.924863] Allocated by task 168: [ 15.924901] kasan_save_stack+0x3c/0x68 [ 15.924947] kasan_save_track+0x20/0x40 [ 15.924985] kasan_save_alloc_info+0x40/0x58 [ 15.925031] __kasan_kmalloc+0xd4/0xd8 [ 15.925067] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.925313] kmalloc_uaf_16+0x140/0x438 [ 15.925378] kunit_try_run_case+0x170/0x3f0 [ 15.925421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.925496] kthread+0x328/0x630 [ 15.925548] ret_from_fork+0x10/0x20 [ 15.925583] [ 15.925601] Freed by task 168: [ 15.925627] kasan_save_stack+0x3c/0x68 [ 15.925714] kasan_save_track+0x20/0x40 [ 15.925777] kasan_save_free_info+0x4c/0x78 [ 15.925847] __kasan_slab_free+0x6c/0x98 [ 15.926134] kfree+0x214/0x3c8 [ 15.926187] kmalloc_uaf_16+0x190/0x438 [ 15.926315] kunit_try_run_case+0x170/0x3f0 [ 15.926392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.926483] kthread+0x328/0x630 [ 15.926545] ret_from_fork+0x10/0x20 [ 15.926593] [ 15.926644] The buggy address belongs to the object at fff00000c5ff7a00 [ 15.926644] which belongs to the cache kmalloc-16 of size 16 [ 15.926820] The buggy address is located 0 bytes inside of [ 15.926820] freed 16-byte region [fff00000c5ff7a00, fff00000c5ff7a10) [ 15.926885] [ 15.926992] The buggy address belongs to the physical page: [ 15.927052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ff7 [ 15.927203] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.927282] page_type: f5(slab) [ 15.927416] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.927492] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.927611] page dumped because: kasan: bad access detected [ 15.927687] [ 15.927723] Memory state around the buggy address: [ 15.927754] fff00000c5ff7900: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.928064] fff00000c5ff7980: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 15.928222] >fff00000c5ff7a00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.928303] ^ [ 15.928392] fff00000c5ff7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.928442] fff00000c5ff7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.928521] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.903649] ================================================================== [ 15.903721] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.904019] Write of size 16 at addr fff00000c5ff79a0 by task kunit_try_catch/166 [ 15.904214] [ 15.904274] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.904420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.904449] Hardware name: linux,dummy-virt (DT) [ 15.904480] Call trace: [ 15.904502] show_stack+0x20/0x38 (C) [ 15.904572] dump_stack_lvl+0x8c/0xd0 [ 15.904876] print_report+0x118/0x608 [ 15.905029] kasan_report+0xdc/0x128 [ 15.905091] __asan_report_store16_noabort+0x20/0x30 [ 15.905186] kmalloc_oob_16+0x3a0/0x3f8 [ 15.905252] kunit_try_run_case+0x170/0x3f0 [ 15.905306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.905477] kthread+0x328/0x630 [ 15.905526] ret_from_fork+0x10/0x20 [ 15.905581] [ 15.905600] Allocated by task 166: [ 15.905860] kasan_save_stack+0x3c/0x68 [ 15.906050] kasan_save_track+0x20/0x40 [ 15.906119] kasan_save_alloc_info+0x40/0x58 [ 15.906160] __kasan_kmalloc+0xd4/0xd8 [ 15.906196] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.906236] kmalloc_oob_16+0xb4/0x3f8 [ 15.906421] kunit_try_run_case+0x170/0x3f0 [ 15.906461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.906562] kthread+0x328/0x630 [ 15.906643] ret_from_fork+0x10/0x20 [ 15.906777] [ 15.906848] The buggy address belongs to the object at fff00000c5ff79a0 [ 15.906848] which belongs to the cache kmalloc-16 of size 16 [ 15.907006] The buggy address is located 0 bytes inside of [ 15.907006] allocated 13-byte region [fff00000c5ff79a0, fff00000c5ff79ad) [ 15.907166] [ 15.907199] The buggy address belongs to the physical page: [ 15.907261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ff7 [ 15.907325] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.907376] page_type: f5(slab) [ 15.907667] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.907805] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.907897] page dumped because: kasan: bad access detected [ 15.907958] [ 15.907988] Memory state around the buggy address: [ 15.908111] fff00000c5ff7880: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.908168] fff00000c5ff7900: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.908314] >fff00000c5ff7980: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 15.908372] ^ [ 15.908407] fff00000c5ff7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.908468] fff00000c5ff7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.908684] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.881406] ================================================================== [ 15.881503] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.881566] Read of size 1 at addr fff00000c17b6e00 by task kunit_try_catch/164 [ 15.881956] [ 15.882022] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.884409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.884529] Hardware name: linux,dummy-virt (DT) [ 15.884666] Call trace: [ 15.884694] show_stack+0x20/0x38 (C) [ 15.884875] dump_stack_lvl+0x8c/0xd0 [ 15.885091] print_report+0x118/0x608 [ 15.885193] kasan_report+0xdc/0x128 [ 15.885261] __kasan_check_byte+0x54/0x70 [ 15.885374] krealloc_noprof+0x44/0x360 [ 15.885453] krealloc_uaf+0x180/0x520 [ 15.885525] kunit_try_run_case+0x170/0x3f0 [ 15.885603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.885680] kthread+0x328/0x630 [ 15.885751] ret_from_fork+0x10/0x20 [ 15.885839] [ 15.885869] Allocated by task 164: [ 15.885930] kasan_save_stack+0x3c/0x68 [ 15.886103] kasan_save_track+0x20/0x40 [ 15.886323] kasan_save_alloc_info+0x40/0x58 [ 15.886396] __kasan_kmalloc+0xd4/0xd8 [ 15.886504] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.886590] krealloc_uaf+0xc8/0x520 [ 15.886676] kunit_try_run_case+0x170/0x3f0 [ 15.886741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.886784] kthread+0x328/0x630 [ 15.886816] ret_from_fork+0x10/0x20 [ 15.886972] [ 15.887011] Freed by task 164: [ 15.887222] kasan_save_stack+0x3c/0x68 [ 15.887319] kasan_save_track+0x20/0x40 [ 15.887398] kasan_save_free_info+0x4c/0x78 [ 15.887462] __kasan_slab_free+0x6c/0x98 [ 15.887552] kfree+0x214/0x3c8 [ 15.887609] krealloc_uaf+0x12c/0x520 [ 15.887666] kunit_try_run_case+0x170/0x3f0 [ 15.887703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.887746] kthread+0x328/0x630 [ 15.887789] ret_from_fork+0x10/0x20 [ 15.887862] [ 15.887901] The buggy address belongs to the object at fff00000c17b6e00 [ 15.887901] which belongs to the cache kmalloc-256 of size 256 [ 15.888006] The buggy address is located 0 bytes inside of [ 15.888006] freed 256-byte region [fff00000c17b6e00, fff00000c17b6f00) [ 15.888089] [ 15.888112] The buggy address belongs to the physical page: [ 15.888159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6 [ 15.888211] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.888262] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.888352] page_type: f5(slab) [ 15.888393] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.888441] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.888489] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.888535] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.888581] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff [ 15.888628] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.888666] page dumped because: kasan: bad access detected [ 15.888712] [ 15.888729] Memory state around the buggy address: [ 15.888761] fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.888810] fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.888859] >fff00000c17b6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.888903] ^ [ 15.888936] fff00000c17b6e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.889012] fff00000c17b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.889073] ================================================================== [ 15.890614] ================================================================== [ 15.890682] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.890733] Read of size 1 at addr fff00000c17b6e00 by task kunit_try_catch/164 [ 15.890813] [ 15.890863] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.890942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.890967] Hardware name: linux,dummy-virt (DT) [ 15.891005] Call trace: [ 15.891045] show_stack+0x20/0x38 (C) [ 15.891107] dump_stack_lvl+0x8c/0xd0 [ 15.891165] print_report+0x118/0x608 [ 15.891212] kasan_report+0xdc/0x128 [ 15.891260] __asan_report_load1_noabort+0x20/0x30 [ 15.891409] krealloc_uaf+0x4c8/0x520 [ 15.891461] kunit_try_run_case+0x170/0x3f0 [ 15.891508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.891732] kthread+0x328/0x630 [ 15.891804] ret_from_fork+0x10/0x20 [ 15.891860] [ 15.891886] Allocated by task 164: [ 15.891922] kasan_save_stack+0x3c/0x68 [ 15.891972] kasan_save_track+0x20/0x40 [ 15.892019] kasan_save_alloc_info+0x40/0x58 [ 15.892076] __kasan_kmalloc+0xd4/0xd8 [ 15.892165] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.892212] krealloc_uaf+0xc8/0x520 [ 15.892247] kunit_try_run_case+0x170/0x3f0 [ 15.892284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.892326] kthread+0x328/0x630 [ 15.892357] ret_from_fork+0x10/0x20 [ 15.892518] [ 15.892543] Freed by task 164: [ 15.892569] kasan_save_stack+0x3c/0x68 [ 15.892833] kasan_save_track+0x20/0x40 [ 15.892890] kasan_save_free_info+0x4c/0x78 [ 15.892936] __kasan_slab_free+0x6c/0x98 [ 15.892975] kfree+0x214/0x3c8 [ 15.893007] krealloc_uaf+0x12c/0x520 [ 15.893165] kunit_try_run_case+0x170/0x3f0 [ 15.893205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.893255] kthread+0x328/0x630 [ 15.893356] ret_from_fork+0x10/0x20 [ 15.893466] [ 15.893554] The buggy address belongs to the object at fff00000c17b6e00 [ 15.893554] which belongs to the cache kmalloc-256 of size 256 [ 15.893629] The buggy address is located 0 bytes inside of [ 15.893629] freed 256-byte region [fff00000c17b6e00, fff00000c17b6f00) [ 15.893688] [ 15.893708] The buggy address belongs to the physical page: [ 15.893761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6 [ 15.893864] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.893957] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.894076] page_type: f5(slab) [ 15.894151] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.894235] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.894327] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.894374] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.894421] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff [ 15.894476] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.894514] page dumped because: kasan: bad access detected [ 15.894544] [ 15.894561] Memory state around the buggy address: [ 15.894629] fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.894672] fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.894884] >fff00000c17b6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.894970] ^ [ 15.895097] fff00000c17b6e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.895175] fff00000c17b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.895229] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.792538] ================================================================== [ 15.792613] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.792685] Write of size 1 at addr fff00000c17b6cc9 by task kunit_try_catch/158 [ 15.792733] [ 15.792766] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.792850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.792877] Hardware name: linux,dummy-virt (DT) [ 15.792912] Call trace: [ 15.792934] show_stack+0x20/0x38 (C) [ 15.792988] dump_stack_lvl+0x8c/0xd0 [ 15.793038] print_report+0x118/0x608 [ 15.793107] kasan_report+0xdc/0x128 [ 15.793154] __asan_report_store1_noabort+0x20/0x30 [ 15.793205] krealloc_less_oob_helper+0xa48/0xc50 [ 15.793263] krealloc_less_oob+0x20/0x38 [ 15.793310] kunit_try_run_case+0x170/0x3f0 [ 15.793358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.793411] kthread+0x328/0x630 [ 15.793454] ret_from_fork+0x10/0x20 [ 15.793511] [ 15.793530] Allocated by task 158: [ 15.793565] kasan_save_stack+0x3c/0x68 [ 15.793605] kasan_save_track+0x20/0x40 [ 15.793642] kasan_save_alloc_info+0x40/0x58 [ 15.793681] __kasan_krealloc+0x118/0x178 [ 15.793723] krealloc_noprof+0x128/0x360 [ 15.793797] krealloc_less_oob_helper+0x168/0xc50 [ 15.793843] krealloc_less_oob+0x20/0x38 [ 15.793880] kunit_try_run_case+0x170/0x3f0 [ 15.793918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.793961] kthread+0x328/0x630 [ 15.793993] ret_from_fork+0x10/0x20 [ 15.794028] [ 15.794047] The buggy address belongs to the object at fff00000c17b6c00 [ 15.794047] which belongs to the cache kmalloc-256 of size 256 [ 15.794444] The buggy address is located 0 bytes to the right of [ 15.794444] allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9) [ 15.794512] [ 15.794532] The buggy address belongs to the physical page: [ 15.794562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6 [ 15.794613] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.794671] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.794757] page_type: f5(slab) [ 15.794795] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.794937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.795006] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.795065] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.795151] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff [ 15.795259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.795341] page dumped because: kasan: bad access detected [ 15.795372] [ 15.795389] Memory state around the buggy address: [ 15.795460] fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.795505] fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.795789] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.795857] ^ [ 15.795925] fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.796013] fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.796062] ================================================================== [ 15.867644] ================================================================== [ 15.867821] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.867883] Write of size 1 at addr fff00000c663e0eb by task kunit_try_catch/162 [ 15.867932] [ 15.868275] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.868399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.868447] Hardware name: linux,dummy-virt (DT) [ 15.868481] Call trace: [ 15.868511] show_stack+0x20/0x38 (C) [ 15.868657] dump_stack_lvl+0x8c/0xd0 [ 15.868717] print_report+0x118/0x608 [ 15.868765] kasan_report+0xdc/0x128 [ 15.868837] __asan_report_store1_noabort+0x20/0x30 [ 15.868890] krealloc_less_oob_helper+0xa58/0xc50 [ 15.868939] krealloc_large_less_oob+0x20/0x38 [ 15.868987] kunit_try_run_case+0x170/0x3f0 [ 15.869045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.869125] kthread+0x328/0x630 [ 15.869169] ret_from_fork+0x10/0x20 [ 15.869217] [ 15.869237] The buggy address belongs to the physical page: [ 15.869275] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c [ 15.869326] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.869378] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.869442] page_type: f8(unknown) [ 15.869480] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.869542] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.869590] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.869637] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.869684] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff [ 15.869730] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.869767] page dumped because: kasan: bad access detected [ 15.870102] [ 15.870286] Memory state around the buggy address: [ 15.870354] fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.870398] fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.870438] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.870797] ^ [ 15.871002] fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.871451] fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.871568] ================================================================== [ 15.860574] ================================================================== [ 15.860644] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.860796] Write of size 1 at addr fff00000c663e0ea by task kunit_try_catch/162 [ 15.860850] [ 15.860878] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.860981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.861007] Hardware name: linux,dummy-virt (DT) [ 15.861035] Call trace: [ 15.861065] show_stack+0x20/0x38 (C) [ 15.861129] dump_stack_lvl+0x8c/0xd0 [ 15.861366] print_report+0x118/0x608 [ 15.861423] kasan_report+0xdc/0x128 [ 15.861469] __asan_report_store1_noabort+0x20/0x30 [ 15.861521] krealloc_less_oob_helper+0xae4/0xc50 [ 15.861569] krealloc_large_less_oob+0x20/0x38 [ 15.861616] kunit_try_run_case+0x170/0x3f0 [ 15.861662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.861715] kthread+0x328/0x630 [ 15.861756] ret_from_fork+0x10/0x20 [ 15.861803] [ 15.861828] The buggy address belongs to the physical page: [ 15.861866] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c [ 15.861917] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.861961] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.862009] page_type: f8(unknown) [ 15.863921] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.864606] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.864693] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.864778] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.864851] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff [ 15.865102] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.865269] page dumped because: kasan: bad access detected [ 15.865767] [ 15.865866] Memory state around the buggy address: [ 15.865924] fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.865990] fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.866140] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.866222] ^ [ 15.866279] fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.866337] fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.866576] ================================================================== [ 15.816233] ================================================================== [ 15.816277] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.816324] Write of size 1 at addr fff00000c17b6ceb by task kunit_try_catch/158 [ 15.816371] [ 15.816399] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.816502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.816528] Hardware name: linux,dummy-virt (DT) [ 15.816564] Call trace: [ 15.816594] show_stack+0x20/0x38 (C) [ 15.816641] dump_stack_lvl+0x8c/0xd0 [ 15.816688] print_report+0x118/0x608 [ 15.816734] kasan_report+0xdc/0x128 [ 15.816779] __asan_report_store1_noabort+0x20/0x30 [ 15.816831] krealloc_less_oob_helper+0xa58/0xc50 [ 15.816888] krealloc_less_oob+0x20/0x38 [ 15.816934] kunit_try_run_case+0x170/0x3f0 [ 15.816982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.817037] kthread+0x328/0x630 [ 15.817095] ret_from_fork+0x10/0x20 [ 15.817143] [ 15.817160] Allocated by task 158: [ 15.817195] kasan_save_stack+0x3c/0x68 [ 15.817235] kasan_save_track+0x20/0x40 [ 15.817271] kasan_save_alloc_info+0x40/0x58 [ 15.817311] __kasan_krealloc+0x118/0x178 [ 15.817348] krealloc_noprof+0x128/0x360 [ 15.817384] krealloc_less_oob_helper+0x168/0xc50 [ 15.817422] krealloc_less_oob+0x20/0x38 [ 15.817463] kunit_try_run_case+0x170/0x3f0 [ 15.817500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.817542] kthread+0x328/0x630 [ 15.817574] ret_from_fork+0x10/0x20 [ 15.817609] [ 15.817627] The buggy address belongs to the object at fff00000c17b6c00 [ 15.817627] which belongs to the cache kmalloc-256 of size 256 [ 15.817690] The buggy address is located 34 bytes to the right of [ 15.817690] allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9) [ 15.817782] [ 15.817801] The buggy address belongs to the physical page: [ 15.817833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6 [ 15.817883] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.817927] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.817976] page_type: f5(slab) [ 15.818012] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.818445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.818518] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.818577] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.818637] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff [ 15.818703] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.818818] page dumped because: kasan: bad access detected [ 15.818899] [ 15.818949] Memory state around the buggy address: [ 15.818981] fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819027] fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.819100] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.819148] ^ [ 15.819185] fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819239] fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819275] ================================================================== [ 15.796973] ================================================================== [ 15.797049] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.797114] Write of size 1 at addr fff00000c17b6cd0 by task kunit_try_catch/158 [ 15.797187] [ 15.797217] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.797491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.797527] Hardware name: linux,dummy-virt (DT) [ 15.797577] Call trace: [ 15.797604] show_stack+0x20/0x38 (C) [ 15.797678] dump_stack_lvl+0x8c/0xd0 [ 15.797775] print_report+0x118/0x608 [ 15.797829] kasan_report+0xdc/0x128 [ 15.797894] __asan_report_store1_noabort+0x20/0x30 [ 15.797947] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.798004] krealloc_less_oob+0x20/0x38 [ 15.798090] kunit_try_run_case+0x170/0x3f0 [ 15.798141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.798221] kthread+0x328/0x630 [ 15.798263] ret_from_fork+0x10/0x20 [ 15.798310] [ 15.798328] Allocated by task 158: [ 15.798364] kasan_save_stack+0x3c/0x68 [ 15.798404] kasan_save_track+0x20/0x40 [ 15.798533] kasan_save_alloc_info+0x40/0x58 [ 15.798618] __kasan_krealloc+0x118/0x178 [ 15.798755] krealloc_noprof+0x128/0x360 [ 15.798853] krealloc_less_oob_helper+0x168/0xc50 [ 15.798930] krealloc_less_oob+0x20/0x38 [ 15.799024] kunit_try_run_case+0x170/0x3f0 [ 15.799063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.799375] kthread+0x328/0x630 [ 15.799483] ret_from_fork+0x10/0x20 [ 15.799563] [ 15.799665] The buggy address belongs to the object at fff00000c17b6c00 [ 15.799665] which belongs to the cache kmalloc-256 of size 256 [ 15.799861] The buggy address is located 7 bytes to the right of [ 15.799861] allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9) [ 15.799955] [ 15.799974] The buggy address belongs to the physical page: [ 15.800003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6 [ 15.800156] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.800374] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.800466] page_type: f5(slab) [ 15.800521] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.800602] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.800650] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.800898] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.800985] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff [ 15.801095] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.801152] page dumped because: kasan: bad access detected [ 15.801218] [ 15.801303] Memory state around the buggy address: [ 15.801333] fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.801382] fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.801532] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.801681] ^ [ 15.801743] fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.801812] fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.801859] ================================================================== [ 15.851289] ================================================================== [ 15.851373] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.851447] Write of size 1 at addr fff00000c663e0c9 by task kunit_try_catch/162 [ 15.851502] [ 15.851556] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.851639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.851664] Hardware name: linux,dummy-virt (DT) [ 15.851705] Call trace: [ 15.851728] show_stack+0x20/0x38 (C) [ 15.851778] dump_stack_lvl+0x8c/0xd0 [ 15.851958] print_report+0x118/0x608 [ 15.852175] kasan_report+0xdc/0x128 [ 15.852255] __asan_report_store1_noabort+0x20/0x30 [ 15.852317] krealloc_less_oob_helper+0xa48/0xc50 [ 15.852373] krealloc_large_less_oob+0x20/0x38 [ 15.852421] kunit_try_run_case+0x170/0x3f0 [ 15.852478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.852531] kthread+0x328/0x630 [ 15.852574] ret_from_fork+0x10/0x20 [ 15.852671] [ 15.852700] The buggy address belongs to the physical page: [ 15.852749] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c [ 15.852802] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.852856] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.852912] page_type: f8(unknown) [ 15.853059] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.853228] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.853356] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.853425] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.853480] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff [ 15.853534] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.853653] page dumped because: kasan: bad access detected [ 15.853684] [ 15.853701] Memory state around the buggy address: [ 15.853860] fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.853933] fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.853986] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.854035] ^ [ 15.854157] fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.854225] fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.854302] ================================================================== [ 15.811269] ================================================================== [ 15.811335] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.811386] Write of size 1 at addr fff00000c17b6cea by task kunit_try_catch/158 [ 15.811443] [ 15.811505] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.811589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.811614] Hardware name: linux,dummy-virt (DT) [ 15.811644] Call trace: [ 15.811665] show_stack+0x20/0x38 (C) [ 15.811830] dump_stack_lvl+0x8c/0xd0 [ 15.812041] print_report+0x118/0x608 [ 15.812136] kasan_report+0xdc/0x128 [ 15.812203] __asan_report_store1_noabort+0x20/0x30 [ 15.812255] krealloc_less_oob_helper+0xae4/0xc50 [ 15.812321] krealloc_less_oob+0x20/0x38 [ 15.812396] kunit_try_run_case+0x170/0x3f0 [ 15.812451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.812505] kthread+0x328/0x630 [ 15.812558] ret_from_fork+0x10/0x20 [ 15.812607] [ 15.812625] Allocated by task 158: [ 15.812757] kasan_save_stack+0x3c/0x68 [ 15.812824] kasan_save_track+0x20/0x40 [ 15.812950] kasan_save_alloc_info+0x40/0x58 [ 15.813069] __kasan_krealloc+0x118/0x178 [ 15.813131] krealloc_noprof+0x128/0x360 [ 15.813250] krealloc_less_oob_helper+0x168/0xc50 [ 15.813332] krealloc_less_oob+0x20/0x38 [ 15.813396] kunit_try_run_case+0x170/0x3f0 [ 15.813453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.813497] kthread+0x328/0x630 [ 15.813553] ret_from_fork+0x10/0x20 [ 15.813599] [ 15.813655] The buggy address belongs to the object at fff00000c17b6c00 [ 15.813655] which belongs to the cache kmalloc-256 of size 256 [ 15.813721] The buggy address is located 33 bytes to the right of [ 15.813721] allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9) [ 15.813831] [ 15.813858] The buggy address belongs to the physical page: [ 15.813888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6 [ 15.813954] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.814135] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.814304] page_type: f5(slab) [ 15.814383] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.814480] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.814599] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.814675] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.814797] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff [ 15.814876] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.814945] page dumped because: kasan: bad access detected [ 15.814988] [ 15.815067] Memory state around the buggy address: [ 15.815168] fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.815220] fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.815260] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.815412] ^ [ 15.815618] fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.815721] fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.815800] ================================================================== [ 15.854903] ================================================================== [ 15.854971] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.855019] Write of size 1 at addr fff00000c663e0d0 by task kunit_try_catch/162 [ 15.855072] [ 15.855112] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.855290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.855321] Hardware name: linux,dummy-virt (DT) [ 15.855374] Call trace: [ 15.855400] show_stack+0x20/0x38 (C) [ 15.855456] dump_stack_lvl+0x8c/0xd0 [ 15.855516] print_report+0x118/0x608 [ 15.855562] kasan_report+0xdc/0x128 [ 15.855608] __asan_report_store1_noabort+0x20/0x30 [ 15.855659] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.855708] krealloc_large_less_oob+0x20/0x38 [ 15.855767] kunit_try_run_case+0x170/0x3f0 [ 15.855814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.855889] kthread+0x328/0x630 [ 15.855931] ret_from_fork+0x10/0x20 [ 15.855978] [ 15.855997] The buggy address belongs to the physical page: [ 15.856025] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c [ 15.856074] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.856130] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.856178] page_type: f8(unknown) [ 15.856214] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.856262] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.856309] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.856356] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.856403] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff [ 15.856449] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.856497] page dumped because: kasan: bad access detected [ 15.856532] [ 15.856549] Memory state around the buggy address: [ 15.856578] fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.856617] fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.856658] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.856693] ^ [ 15.856726] fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.856766] fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.856810] ================================================================== [ 15.802394] ================================================================== [ 15.802466] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.802523] Write of size 1 at addr fff00000c17b6cda by task kunit_try_catch/158 [ 15.802579] [ 15.802623] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.802729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.802759] Hardware name: linux,dummy-virt (DT) [ 15.802790] Call trace: [ 15.802818] show_stack+0x20/0x38 (C) [ 15.802873] dump_stack_lvl+0x8c/0xd0 [ 15.802920] print_report+0x118/0x608 [ 15.802972] kasan_report+0xdc/0x128 [ 15.803018] __asan_report_store1_noabort+0x20/0x30 [ 15.803070] krealloc_less_oob_helper+0xa80/0xc50 [ 15.803131] krealloc_less_oob+0x20/0x38 [ 15.803176] kunit_try_run_case+0x170/0x3f0 [ 15.803239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.803302] kthread+0x328/0x630 [ 15.803344] ret_from_fork+0x10/0x20 [ 15.803391] [ 15.803423] Allocated by task 158: [ 15.803458] kasan_save_stack+0x3c/0x68 [ 15.803498] kasan_save_track+0x20/0x40 [ 15.803534] kasan_save_alloc_info+0x40/0x58 [ 15.803578] __kasan_krealloc+0x118/0x178 [ 15.803624] krealloc_noprof+0x128/0x360 [ 15.803661] krealloc_less_oob_helper+0x168/0xc50 [ 15.803699] krealloc_less_oob+0x20/0x38 [ 15.803742] kunit_try_run_case+0x170/0x3f0 [ 15.803780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.803822] kthread+0x328/0x630 [ 15.803854] ret_from_fork+0x10/0x20 [ 15.803888] [ 15.803906] The buggy address belongs to the object at fff00000c17b6c00 [ 15.803906] which belongs to the cache kmalloc-256 of size 256 [ 15.803968] The buggy address is located 17 bytes to the right of [ 15.803968] allocated 201-byte region [fff00000c17b6c00, fff00000c17b6cc9) [ 15.804029] [ 15.804057] The buggy address belongs to the physical page: [ 15.804096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6 [ 15.804145] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.804189] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.804237] page_type: f5(slab) [ 15.804274] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.804321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.804626] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.805797] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.805883] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff [ 15.807110] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.807155] page dumped because: kasan: bad access detected [ 15.807185] [ 15.808866] Memory state around the buggy address: [ 15.808907] fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.809777] fff00000c17b6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.810153] >fff00000c17b6c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.810196] ^ [ 15.810233] fff00000c17b6d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.810296] fff00000c17b6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.810333] ================================================================== [ 15.856859] ================================================================== [ 15.856892] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.856932] Write of size 1 at addr fff00000c663e0da by task kunit_try_catch/162 [ 15.856978] [ 15.857003] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.857087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.857138] Hardware name: linux,dummy-virt (DT) [ 15.857168] Call trace: [ 15.857187] show_stack+0x20/0x38 (C) [ 15.857234] dump_stack_lvl+0x8c/0xd0 [ 15.857279] print_report+0x118/0x608 [ 15.857325] kasan_report+0xdc/0x128 [ 15.857370] __asan_report_store1_noabort+0x20/0x30 [ 15.857421] krealloc_less_oob_helper+0xa80/0xc50 [ 15.857824] krealloc_large_less_oob+0x20/0x38 [ 15.857928] kunit_try_run_case+0x170/0x3f0 [ 15.858017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.858188] kthread+0x328/0x630 [ 15.858265] ret_from_fork+0x10/0x20 [ 15.858395] [ 15.858426] The buggy address belongs to the physical page: [ 15.858462] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c [ 15.858595] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.858672] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.858778] page_type: f8(unknown) [ 15.858824] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.858873] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.858920] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.858966] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.859013] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff [ 15.859300] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.859392] page dumped because: kasan: bad access detected [ 15.859504] [ 15.859544] Memory state around the buggy address: [ 15.859601] fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.859702] fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.859749] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.859798] ^ [ 15.859888] fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.859934] fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.859993] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.836821] ================================================================== [ 15.837257] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.837390] Write of size 1 at addr fff00000c663e0f0 by task kunit_try_catch/160 [ 15.837443] [ 15.837478] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.837689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.837717] Hardware name: linux,dummy-virt (DT) [ 15.838190] Call trace: [ 15.838285] show_stack+0x20/0x38 (C) [ 15.838505] dump_stack_lvl+0x8c/0xd0 [ 15.838603] print_report+0x118/0x608 [ 15.838727] kasan_report+0xdc/0x128 [ 15.838805] __asan_report_store1_noabort+0x20/0x30 [ 15.839033] krealloc_more_oob_helper+0x5c0/0x678 [ 15.839363] krealloc_large_more_oob+0x20/0x38 [ 15.839422] kunit_try_run_case+0x170/0x3f0 [ 15.839801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.839956] kthread+0x328/0x630 [ 15.840327] ret_from_fork+0x10/0x20 [ 15.840475] [ 15.840532] The buggy address belongs to the physical page: [ 15.840651] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c [ 15.840945] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.841121] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.841383] page_type: f8(unknown) [ 15.841492] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.841877] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.841968] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.842381] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.842463] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff [ 15.842601] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.842689] page dumped because: kasan: bad access detected [ 15.842882] [ 15.843044] Memory state around the buggy address: [ 15.844136] fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.844186] fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.844227] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.844263] ^ [ 15.844302] fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.844342] fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.844378] ================================================================== [ 15.783071] ================================================================== [ 15.783266] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.783321] Write of size 1 at addr fff00000c17b6af0 by task kunit_try_catch/156 [ 15.783369] [ 15.783409] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.783488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.783514] Hardware name: linux,dummy-virt (DT) [ 15.783550] Call trace: [ 15.783580] show_stack+0x20/0x38 (C) [ 15.783635] dump_stack_lvl+0x8c/0xd0 [ 15.783690] print_report+0x118/0x608 [ 15.783749] kasan_report+0xdc/0x128 [ 15.783795] __asan_report_store1_noabort+0x20/0x30 [ 15.783847] krealloc_more_oob_helper+0x5c0/0x678 [ 15.783902] krealloc_more_oob+0x20/0x38 [ 15.783956] kunit_try_run_case+0x170/0x3f0 [ 15.784012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.784066] kthread+0x328/0x630 [ 15.784135] ret_from_fork+0x10/0x20 [ 15.784191] [ 15.784209] Allocated by task 156: [ 15.784235] kasan_save_stack+0x3c/0x68 [ 15.784274] kasan_save_track+0x20/0x40 [ 15.784410] kasan_save_alloc_info+0x40/0x58 [ 15.784580] __kasan_krealloc+0x118/0x178 [ 15.784626] krealloc_noprof+0x128/0x360 [ 15.784693] krealloc_more_oob_helper+0x168/0x678 [ 15.784740] krealloc_more_oob+0x20/0x38 [ 15.784776] kunit_try_run_case+0x170/0x3f0 [ 15.784813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.784856] kthread+0x328/0x630 [ 15.784889] ret_from_fork+0x10/0x20 [ 15.784929] [ 15.784949] The buggy address belongs to the object at fff00000c17b6a00 [ 15.784949] which belongs to the cache kmalloc-256 of size 256 [ 15.785003] The buggy address is located 5 bytes to the right of [ 15.785003] allocated 235-byte region [fff00000c17b6a00, fff00000c17b6aeb) [ 15.785064] [ 15.785177] The buggy address belongs to the physical page: [ 15.785328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6 [ 15.785384] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.785429] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.785499] page_type: f5(slab) [ 15.785556] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.785623] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.785672] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.785719] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.785803] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff [ 15.786094] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.786165] page dumped because: kasan: bad access detected [ 15.786248] [ 15.786275] Memory state around the buggy address: [ 15.786306] fff00000c17b6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.786366] fff00000c17b6a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.786406] >fff00000c17b6a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.786442] ^ [ 15.786701] fff00000c17b6b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.786798] fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.786857] ================================================================== [ 15.826489] ================================================================== [ 15.826548] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.826613] Write of size 1 at addr fff00000c663e0eb by task kunit_try_catch/160 [ 15.826672] [ 15.826710] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.826791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.826817] Hardware name: linux,dummy-virt (DT) [ 15.826848] Call trace: [ 15.826871] show_stack+0x20/0x38 (C) [ 15.828027] dump_stack_lvl+0x8c/0xd0 [ 15.828124] print_report+0x118/0x608 [ 15.828499] kasan_report+0xdc/0x128 [ 15.828813] __asan_report_store1_noabort+0x20/0x30 [ 15.828958] krealloc_more_oob_helper+0x60c/0x678 [ 15.829294] krealloc_large_more_oob+0x20/0x38 [ 15.829510] kunit_try_run_case+0x170/0x3f0 [ 15.829809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.830021] kthread+0x328/0x630 [ 15.830131] ret_from_fork+0x10/0x20 [ 15.830186] [ 15.830233] The buggy address belongs to the physical page: [ 15.830671] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10663c [ 15.830855] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.831035] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.831108] page_type: f8(unknown) [ 15.831231] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.831283] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.831353] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.831412] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.831468] head: 0bfffe0000000002 ffffc1ffc3198f01 00000000ffffffff 00000000ffffffff [ 15.831516] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.831555] page dumped because: kasan: bad access detected [ 15.831595] [ 15.831613] Memory state around the buggy address: [ 15.831653] fff00000c663df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.831703] fff00000c663e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.831744] >fff00000c663e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.831808] ^ [ 15.831852] fff00000c663e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.831893] fff00000c663e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.831945] ================================================================== [ 15.776455] ================================================================== [ 15.776528] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.776645] Write of size 1 at addr fff00000c17b6aeb by task kunit_try_catch/156 [ 15.776701] [ 15.776748] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.776848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.776874] Hardware name: linux,dummy-virt (DT) [ 15.776914] Call trace: [ 15.776954] show_stack+0x20/0x38 (C) [ 15.777006] dump_stack_lvl+0x8c/0xd0 [ 15.777062] print_report+0x118/0x608 [ 15.777122] kasan_report+0xdc/0x128 [ 15.777168] __asan_report_store1_noabort+0x20/0x30 [ 15.777501] krealloc_more_oob_helper+0x60c/0x678 [ 15.777572] krealloc_more_oob+0x20/0x38 [ 15.777627] kunit_try_run_case+0x170/0x3f0 [ 15.777678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.777732] kthread+0x328/0x630 [ 15.778121] ret_from_fork+0x10/0x20 [ 15.778396] [ 15.778422] Allocated by task 156: [ 15.778452] kasan_save_stack+0x3c/0x68 [ 15.778497] kasan_save_track+0x20/0x40 [ 15.778533] kasan_save_alloc_info+0x40/0x58 [ 15.778678] __kasan_krealloc+0x118/0x178 [ 15.778873] krealloc_noprof+0x128/0x360 [ 15.779028] krealloc_more_oob_helper+0x168/0x678 [ 15.779130] krealloc_more_oob+0x20/0x38 [ 15.779208] kunit_try_run_case+0x170/0x3f0 [ 15.779277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.779343] kthread+0x328/0x630 [ 15.779406] ret_from_fork+0x10/0x20 [ 15.779464] [ 15.779535] The buggy address belongs to the object at fff00000c17b6a00 [ 15.779535] which belongs to the cache kmalloc-256 of size 256 [ 15.779643] The buggy address is located 0 bytes to the right of [ 15.779643] allocated 235-byte region [fff00000c17b6a00, fff00000c17b6aeb) [ 15.779705] [ 15.779750] The buggy address belongs to the physical page: [ 15.779796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b6 [ 15.780127] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.780216] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.780315] page_type: f5(slab) [ 15.780377] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.780741] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.780909] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.781027] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.781094] head: 0bfffe0000000001 ffffc1ffc305ed81 00000000ffffffff 00000000ffffffff [ 15.781141] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.781419] page dumped because: kasan: bad access detected [ 15.781467] [ 15.781547] Memory state around the buggy address: [ 15.781608] fff00000c17b6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781672] fff00000c17b6a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.781744] >fff00000c17b6a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.781845] ^ [ 15.781902] fff00000c17b6b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781957] fff00000c17b6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.782016] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.762280] ================================================================== [ 15.762355] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 15.762423] Read of size 1 at addr fff00000c7840000 by task kunit_try_catch/154 [ 15.762471] [ 15.762508] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.762591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.762616] Hardware name: linux,dummy-virt (DT) [ 15.762647] Call trace: [ 15.763039] show_stack+0x20/0x38 (C) [ 15.763133] dump_stack_lvl+0x8c/0xd0 [ 15.763276] print_report+0x118/0x608 [ 15.763364] kasan_report+0xdc/0x128 [ 15.763435] __asan_report_load1_noabort+0x20/0x30 [ 15.763540] page_alloc_uaf+0x328/0x350 [ 15.763627] kunit_try_run_case+0x170/0x3f0 [ 15.763691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.763778] kthread+0x328/0x630 [ 15.763845] ret_from_fork+0x10/0x20 [ 15.763909] [ 15.763949] The buggy address belongs to the physical page: [ 15.763981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 15.764275] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.764331] page_type: f0(buddy) [ 15.764384] raw: 0bfffe0000000000 fff00000ff616170 fff00000ff616170 0000000000000000 [ 15.764432] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 15.764477] page dumped because: kasan: bad access detected [ 15.764513] [ 15.764539] Memory state around the buggy address: [ 15.764572] fff00000c783ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.764614] fff00000c783ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.764663] >fff00000c7840000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.764699] ^ [ 15.764726] fff00000c7840080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.764766] fff00000c7840100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.764802] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 15.748516] ================================================================== [ 15.748624] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 15.748779] Free of addr fff00000c6638001 by task kunit_try_catch/150 [ 15.748826] [ 15.748877] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.748973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.748998] Hardware name: linux,dummy-virt (DT) [ 15.749158] Call trace: [ 15.749207] show_stack+0x20/0x38 (C) [ 15.749262] dump_stack_lvl+0x8c/0xd0 [ 15.749311] print_report+0x118/0x608 [ 15.749462] kasan_report_invalid_free+0xc0/0xe8 [ 15.749523] __kasan_kfree_large+0x5c/0xa8 [ 15.749683] free_large_kmalloc+0x64/0x190 [ 15.749742] kfree+0x270/0x3c8 [ 15.749872] kmalloc_large_invalid_free+0x108/0x270 [ 15.749971] kunit_try_run_case+0x170/0x3f0 [ 15.750070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.750189] kthread+0x328/0x630 [ 15.750248] ret_from_fork+0x10/0x20 [ 15.750316] [ 15.750338] The buggy address belongs to the physical page: [ 15.750371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106638 [ 15.750450] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.750495] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.750550] page_type: f8(unknown) [ 15.750603] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.750818] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.750886] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.750955] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.751042] head: 0bfffe0000000002 ffffc1ffc3198e01 00000000ffffffff 00000000ffffffff [ 15.751166] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.751212] page dumped because: kasan: bad access detected [ 15.751242] [ 15.751268] Memory state around the buggy address: [ 15.751301] fff00000c6637f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.751345] fff00000c6637f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.751385] >fff00000c6638000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.751571] ^ [ 15.751630] fff00000c6638080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.751698] fff00000c6638100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.751810] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.739549] ================================================================== [ 15.739612] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 15.739666] Read of size 1 at addr fff00000c6638000 by task kunit_try_catch/148 [ 15.739713] [ 15.739830] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.740127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.740163] Hardware name: linux,dummy-virt (DT) [ 15.740202] Call trace: [ 15.740242] show_stack+0x20/0x38 (C) [ 15.740294] dump_stack_lvl+0x8c/0xd0 [ 15.740342] print_report+0x118/0x608 [ 15.740388] kasan_report+0xdc/0x128 [ 15.740432] __asan_report_load1_noabort+0x20/0x30 [ 15.740483] kmalloc_large_uaf+0x2cc/0x2f8 [ 15.740529] kunit_try_run_case+0x170/0x3f0 [ 15.740640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.740723] kthread+0x328/0x630 [ 15.740892] ret_from_fork+0x10/0x20 [ 15.740957] [ 15.741006] The buggy address belongs to the physical page: [ 15.741037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106638 [ 15.741118] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.741183] raw: 0bfffe0000000000 ffffc1ffc3198f08 fff00000da478c40 0000000000000000 [ 15.741230] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.741268] page dumped because: kasan: bad access detected [ 15.741396] [ 15.741586] Memory state around the buggy address: [ 15.741632] fff00000c6637f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.741677] fff00000c6637f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.741718] >fff00000c6638000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.741762] ^ [ 15.741788] fff00000c6638080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.741834] fff00000c6638100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.741870] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.731314] ================================================================== [ 15.731380] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 15.731432] Write of size 1 at addr fff00000c663600a by task kunit_try_catch/146 [ 15.731478] [ 15.731510] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.731589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.731614] Hardware name: linux,dummy-virt (DT) [ 15.731643] Call trace: [ 15.731665] show_stack+0x20/0x38 (C) [ 15.731712] dump_stack_lvl+0x8c/0xd0 [ 15.731760] print_report+0x118/0x608 [ 15.731805] kasan_report+0xdc/0x128 [ 15.731850] __asan_report_store1_noabort+0x20/0x30 [ 15.731901] kmalloc_large_oob_right+0x278/0x2b8 [ 15.731948] kunit_try_run_case+0x170/0x3f0 [ 15.731995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.732047] kthread+0x328/0x630 [ 15.732102] ret_from_fork+0x10/0x20 [ 15.732149] [ 15.732181] The buggy address belongs to the physical page: [ 15.732211] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106634 [ 15.732260] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.732303] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.732357] page_type: f8(unknown) [ 15.732393] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.732440] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.732487] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.732534] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.732580] head: 0bfffe0000000002 ffffc1ffc3198d01 00000000ffffffff 00000000ffffffff [ 15.732626] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.732664] page dumped because: kasan: bad access detected [ 15.732693] [ 15.732711] Memory state around the buggy address: [ 15.732739] fff00000c6635f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.732779] fff00000c6635f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.732819] >fff00000c6636000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.732854] ^ [ 15.732880] fff00000c6636080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.732920] fff00000c6636100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.732955] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.719364] ================================================================== [ 15.719425] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.719539] Write of size 1 at addr fff00000c65a5f00 by task kunit_try_catch/144 [ 15.719613] [ 15.719650] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.719956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.719984] Hardware name: linux,dummy-virt (DT) [ 15.720032] Call trace: [ 15.720075] show_stack+0x20/0x38 (C) [ 15.720154] dump_stack_lvl+0x8c/0xd0 [ 15.720221] print_report+0x118/0x608 [ 15.720277] kasan_report+0xdc/0x128 [ 15.720373] __asan_report_store1_noabort+0x20/0x30 [ 15.720451] kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.720517] kunit_try_run_case+0x170/0x3f0 [ 15.720566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.720638] kthread+0x328/0x630 [ 15.720697] ret_from_fork+0x10/0x20 [ 15.720763] [ 15.720788] Allocated by task 144: [ 15.720865] kasan_save_stack+0x3c/0x68 [ 15.720912] kasan_save_track+0x20/0x40 [ 15.720949] kasan_save_alloc_info+0x40/0x58 [ 15.720989] __kasan_kmalloc+0xd4/0xd8 [ 15.721041] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.721336] kmalloc_big_oob_right+0xb8/0x2f0 [ 15.721394] kunit_try_run_case+0x170/0x3f0 [ 15.721433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.721514] kthread+0x328/0x630 [ 15.721551] ret_from_fork+0x10/0x20 [ 15.721649] [ 15.721689] The buggy address belongs to the object at fff00000c65a4000 [ 15.721689] which belongs to the cache kmalloc-8k of size 8192 [ 15.721762] The buggy address is located 0 bytes to the right of [ 15.721762] allocated 7936-byte region [fff00000c65a4000, fff00000c65a5f00) [ 15.721933] [ 15.722022] The buggy address belongs to the physical page: [ 15.722158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a0 [ 15.722213] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.722258] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.722330] page_type: f5(slab) [ 15.722368] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.722416] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.722704] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.722851] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.722983] head: 0bfffe0000000003 ffffc1ffc3196801 00000000ffffffff 00000000ffffffff [ 15.723129] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.723228] page dumped because: kasan: bad access detected [ 15.723315] [ 15.723431] Memory state around the buggy address: [ 15.723500] fff00000c65a5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.723574] fff00000c65a5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.723713] >fff00000c65a5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.723750] ^ [ 15.723787] fff00000c65a5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.724125] fff00000c65a6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.724192] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.691547] ================================================================== [ 15.692053] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.692167] Write of size 1 at addr fff00000c63f3278 by task kunit_try_catch/142 [ 15.692570] [ 15.692611] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.692694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.692719] Hardware name: linux,dummy-virt (DT) [ 15.692749] Call trace: [ 15.692772] show_stack+0x20/0x38 (C) [ 15.692824] dump_stack_lvl+0x8c/0xd0 [ 15.693611] print_report+0x118/0x608 [ 15.693699] kasan_report+0xdc/0x128 [ 15.693747] __asan_report_store1_noabort+0x20/0x30 [ 15.693810] kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.694314] kunit_try_run_case+0x170/0x3f0 [ 15.694383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.694619] kthread+0x328/0x630 [ 15.694665] ret_from_fork+0x10/0x20 [ 15.694714] [ 15.694733] Allocated by task 142: [ 15.694761] kasan_save_stack+0x3c/0x68 [ 15.695031] kasan_save_track+0x20/0x40 [ 15.695070] kasan_save_alloc_info+0x40/0x58 [ 15.695319] __kasan_kmalloc+0xd4/0xd8 [ 15.695419] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.695464] kmalloc_track_caller_oob_right+0xa8/0x488 [ 15.698291] kunit_try_run_case+0x170/0x3f0 [ 15.698347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.698390] kthread+0x328/0x630 [ 15.698423] ret_from_fork+0x10/0x20 [ 15.698722] [ 15.698748] The buggy address belongs to the object at fff00000c63f3200 [ 15.698748] which belongs to the cache kmalloc-128 of size 128 [ 15.698854] The buggy address is located 0 bytes to the right of [ 15.698854] allocated 120-byte region [fff00000c63f3200, fff00000c63f3278) [ 15.698919] [ 15.698941] The buggy address belongs to the physical page: [ 15.699433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.699493] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.699546] page_type: f5(slab) [ 15.699587] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.699636] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.701364] page dumped because: kasan: bad access detected [ 15.701403] [ 15.702198] Memory state around the buggy address: [ 15.702237] fff00000c63f3100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.702280] fff00000c63f3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.702635] >fff00000c63f3200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.702676] ^ [ 15.702870] fff00000c63f3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.702957] fff00000c63f3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.702995] ================================================================== [ 15.705611] ================================================================== [ 15.705667] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 15.705728] Write of size 1 at addr fff00000c63f3378 by task kunit_try_catch/142 [ 15.706656] [ 15.706703] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.706842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.706869] Hardware name: linux,dummy-virt (DT) [ 15.706901] Call trace: [ 15.707051] show_stack+0x20/0x38 (C) [ 15.707858] dump_stack_lvl+0x8c/0xd0 [ 15.707913] print_report+0x118/0x608 [ 15.707962] kasan_report+0xdc/0x128 [ 15.708688] __asan_report_store1_noabort+0x20/0x30 [ 15.709194] kmalloc_track_caller_oob_right+0x418/0x488 [ 15.709249] kunit_try_run_case+0x170/0x3f0 [ 15.709435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.709713] kthread+0x328/0x630 [ 15.710144] ret_from_fork+0x10/0x20 [ 15.710213] [ 15.710232] Allocated by task 142: [ 15.710545] kasan_save_stack+0x3c/0x68 [ 15.710589] kasan_save_track+0x20/0x40 [ 15.710625] kasan_save_alloc_info+0x40/0x58 [ 15.710664] __kasan_kmalloc+0xd4/0xd8 [ 15.710700] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.710981] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.711054] kunit_try_run_case+0x170/0x3f0 [ 15.711550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.711715] kthread+0x328/0x630 [ 15.711755] ret_from_fork+0x10/0x20 [ 15.712018] [ 15.712062] The buggy address belongs to the object at fff00000c63f3300 [ 15.712062] which belongs to the cache kmalloc-128 of size 128 [ 15.712372] The buggy address is located 0 bytes to the right of [ 15.712372] allocated 120-byte region [fff00000c63f3300, fff00000c63f3378) [ 15.712523] [ 15.712552] The buggy address belongs to the physical page: [ 15.712852] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.713093] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.713149] page_type: f5(slab) [ 15.713189] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.713327] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.713500] page dumped because: kasan: bad access detected [ 15.713781] [ 15.713803] Memory state around the buggy address: [ 15.713848] fff00000c63f3200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.714322] fff00000c63f3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.714370] >fff00000c63f3300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.714420] ^ [ 15.714460] fff00000c63f3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.714514] fff00000c63f3400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.714550] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.667964] ================================================================== [ 15.668047] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 15.668190] Read of size 1 at addr fff00000c6567000 by task kunit_try_catch/140 [ 15.668240] [ 15.668274] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.668738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.668793] Hardware name: linux,dummy-virt (DT) [ 15.668825] Call trace: [ 15.668848] show_stack+0x20/0x38 (C) [ 15.668901] dump_stack_lvl+0x8c/0xd0 [ 15.668950] print_report+0x118/0x608 [ 15.669403] kasan_report+0xdc/0x128 [ 15.669470] __asan_report_load1_noabort+0x20/0x30 [ 15.669523] kmalloc_node_oob_right+0x2f4/0x330 [ 15.669837] kunit_try_run_case+0x170/0x3f0 [ 15.669982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.670038] kthread+0x328/0x630 [ 15.670091] ret_from_fork+0x10/0x20 [ 15.670141] [ 15.670344] Allocated by task 140: [ 15.670377] kasan_save_stack+0x3c/0x68 [ 15.670475] kasan_save_track+0x20/0x40 [ 15.670714] kasan_save_alloc_info+0x40/0x58 [ 15.670763] __kasan_kmalloc+0xd4/0xd8 [ 15.670799] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 15.670839] kmalloc_node_oob_right+0xbc/0x330 [ 15.670877] kunit_try_run_case+0x170/0x3f0 [ 15.671361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.671626] kthread+0x328/0x630 [ 15.671660] ret_from_fork+0x10/0x20 [ 15.672075] [ 15.672111] The buggy address belongs to the object at fff00000c6566000 [ 15.672111] which belongs to the cache kmalloc-4k of size 4096 [ 15.672217] The buggy address is located 0 bytes to the right of [ 15.672217] allocated 4096-byte region [fff00000c6566000, fff00000c6567000) [ 15.672423] [ 15.672444] The buggy address belongs to the physical page: [ 15.672936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106560 [ 15.673839] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.673897] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.673975] page_type: f5(slab) [ 15.674016] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.674322] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.674388] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.674436] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.674483] head: 0bfffe0000000003 ffffc1ffc3195801 00000000ffffffff 00000000ffffffff [ 15.674530] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.675186] page dumped because: kasan: bad access detected [ 15.675230] [ 15.675248] Memory state around the buggy address: [ 15.675306] fff00000c6566f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.675536] fff00000c6566f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.675581] >fff00000c6567000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.675744] ^ [ 15.675774] fff00000c6567080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.676028] fff00000c6567100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.676066] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.639948] ================================================================== [ 15.640029] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 15.640114] Read of size 1 at addr fff00000c5ff797f by task kunit_try_catch/138 [ 15.641602] [ 15.641661] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.641814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.641852] Hardware name: linux,dummy-virt (DT) [ 15.641884] Call trace: [ 15.641907] show_stack+0x20/0x38 (C) [ 15.641962] dump_stack_lvl+0x8c/0xd0 [ 15.642025] print_report+0x118/0x608 [ 15.642073] kasan_report+0xdc/0x128 [ 15.642131] __asan_report_load1_noabort+0x20/0x30 [ 15.642289] kmalloc_oob_left+0x2ec/0x320 [ 15.642342] kunit_try_run_case+0x170/0x3f0 [ 15.642734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.642802] kthread+0x328/0x630 [ 15.643173] ret_from_fork+0x10/0x20 [ 15.643418] [ 15.643446] Allocated by task 24: [ 15.643655] kasan_save_stack+0x3c/0x68 [ 15.643817] kasan_save_track+0x20/0x40 [ 15.643863] kasan_save_alloc_info+0x40/0x58 [ 15.644188] __kasan_kmalloc+0xd4/0xd8 [ 15.644234] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.644345] kvasprintf+0xe0/0x180 [ 15.644382] __kthread_create_on_node+0x16c/0x350 [ 15.644604] kthread_create_on_node+0xe4/0x130 [ 15.644652] create_worker+0x380/0x6b8 [ 15.644967] worker_thread+0x808/0xf38 [ 15.645010] kthread+0x328/0x630 [ 15.645041] ret_from_fork+0x10/0x20 [ 15.645089] [ 15.645485] The buggy address belongs to the object at fff00000c5ff7960 [ 15.645485] which belongs to the cache kmalloc-16 of size 16 [ 15.645860] The buggy address is located 19 bytes to the right of [ 15.645860] allocated 12-byte region [fff00000c5ff7960, fff00000c5ff796c) [ 15.646230] [ 15.646258] The buggy address belongs to the physical page: [ 15.646311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ff7 [ 15.646376] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.646428] page_type: f5(slab) [ 15.646563] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.646616] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.646942] page dumped because: kasan: bad access detected [ 15.646979] [ 15.646996] Memory state around the buggy address: [ 15.647358] fff00000c5ff7800: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 15.647472] fff00000c5ff7880: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.647516] >fff00000c5ff7900: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.647673] ^ [ 15.647883] fff00000c5ff7980: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.647931] fff00000c5ff7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.648245] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.613779] ================================================================== [ 15.614061] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.614189] Read of size 1 at addr fff00000c63f3180 by task kunit_try_catch/136 [ 15.614320] [ 15.614367] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.614479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.614514] Hardware name: linux,dummy-virt (DT) [ 15.614544] Call trace: [ 15.614565] show_stack+0x20/0x38 (C) [ 15.614636] dump_stack_lvl+0x8c/0xd0 [ 15.614684] print_report+0x118/0x608 [ 15.614851] kasan_report+0xdc/0x128 [ 15.614925] __asan_report_load1_noabort+0x20/0x30 [ 15.615909] kmalloc_oob_right+0x5d0/0x660 [ 15.617113] kunit_try_run_case+0x170/0x3f0 [ 15.617212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.617269] kthread+0x328/0x630 [ 15.617311] ret_from_fork+0x10/0x20 [ 15.617359] [ 15.617377] Allocated by task 136: [ 15.617903] kasan_save_stack+0x3c/0x68 [ 15.619324] kasan_save_track+0x20/0x40 [ 15.619492] kasan_save_alloc_info+0x40/0x58 [ 15.620109] __kasan_kmalloc+0xd4/0xd8 [ 15.620689] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.620755] kmalloc_oob_right+0xb0/0x660 [ 15.620810] kunit_try_run_case+0x170/0x3f0 [ 15.620901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.620959] kthread+0x328/0x630 [ 15.621022] ret_from_fork+0x10/0x20 [ 15.621761] [ 15.621836] The buggy address belongs to the object at fff00000c63f3100 [ 15.621836] which belongs to the cache kmalloc-128 of size 128 [ 15.622208] The buggy address is located 13 bytes to the right of [ 15.622208] allocated 115-byte region [fff00000c63f3100, fff00000c63f3173) [ 15.622511] [ 15.622731] The buggy address belongs to the physical page: [ 15.623141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.623198] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.623247] page_type: f5(slab) [ 15.623295] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.623344] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.623382] page dumped because: kasan: bad access detected [ 15.623584] [ 15.623603] Memory state around the buggy address: [ 15.623635] fff00000c63f3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.623735] fff00000c63f3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.623846] >fff00000c63f3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.623938] ^ [ 15.623966] fff00000c63f3200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.624013] fff00000c63f3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.624052] ================================================================== [ 15.593700] ================================================================== [ 15.594342] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.595622] Write of size 1 at addr fff00000c63f3173 by task kunit_try_catch/136 [ 15.595854] [ 15.597473] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 15.597676] Tainted: [N]=TEST [ 15.597732] Hardware name: linux,dummy-virt (DT) [ 15.598597] Call trace: [ 15.598973] show_stack+0x20/0x38 (C) [ 15.599136] dump_stack_lvl+0x8c/0xd0 [ 15.599231] print_report+0x118/0x608 [ 15.599330] kasan_report+0xdc/0x128 [ 15.599413] __asan_report_store1_noabort+0x20/0x30 [ 15.599482] kmalloc_oob_right+0x5a4/0x660 [ 15.599851] kunit_try_run_case+0x170/0x3f0 [ 15.599973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.600098] kthread+0x328/0x630 [ 15.600167] ret_from_fork+0x10/0x20 [ 15.600674] [ 15.600765] Allocated by task 136: [ 15.600976] kasan_save_stack+0x3c/0x68 [ 15.601393] kasan_save_track+0x20/0x40 [ 15.601505] kasan_save_alloc_info+0x40/0x58 [ 15.601554] __kasan_kmalloc+0xd4/0xd8 [ 15.601629] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.601950] kmalloc_oob_right+0xb0/0x660 [ 15.602124] kunit_try_run_case+0x170/0x3f0 [ 15.602262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.602405] kthread+0x328/0x630 [ 15.602441] ret_from_fork+0x10/0x20 [ 15.602539] [ 15.602605] The buggy address belongs to the object at fff00000c63f3100 [ 15.602605] which belongs to the cache kmalloc-128 of size 128 [ 15.602707] The buggy address is located 0 bytes to the right of [ 15.602707] allocated 115-byte region [fff00000c63f3100, fff00000c63f3173) [ 15.603018] [ 15.603208] The buggy address belongs to the physical page: [ 15.603868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.604857] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.605374] page_type: f5(slab) [ 15.605787] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.605883] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.605996] page dumped because: kasan: bad access detected [ 15.606325] [ 15.606410] Memory state around the buggy address: [ 15.606774] fff00000c63f3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.607044] fff00000c63f3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.607156] >fff00000c63f3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.607256] ^ [ 15.607426] fff00000c63f3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.607693] fff00000c63f3200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.607983] ================================================================== [ 15.609709] ================================================================== [ 15.609828] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.609999] Write of size 1 at addr fff00000c63f3178 by task kunit_try_catch/136 [ 15.610048] [ 15.610130] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 15.610234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.610259] Hardware name: linux,dummy-virt (DT) [ 15.610290] Call trace: [ 15.610312] show_stack+0x20/0x38 (C) [ 15.610361] dump_stack_lvl+0x8c/0xd0 [ 15.610409] print_report+0x118/0x608 [ 15.610457] kasan_report+0xdc/0x128 [ 15.610504] __asan_report_store1_noabort+0x20/0x30 [ 15.610713] kmalloc_oob_right+0x538/0x660 [ 15.610770] kunit_try_run_case+0x170/0x3f0 [ 15.610842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.610940] kthread+0x328/0x630 [ 15.611001] ret_from_fork+0x10/0x20 [ 15.611099] [ 15.611125] Allocated by task 136: [ 15.611153] kasan_save_stack+0x3c/0x68 [ 15.611222] kasan_save_track+0x20/0x40 [ 15.611269] kasan_save_alloc_info+0x40/0x58 [ 15.611308] __kasan_kmalloc+0xd4/0xd8 [ 15.611344] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.611556] kmalloc_oob_right+0xb0/0x660 [ 15.611635] kunit_try_run_case+0x170/0x3f0 [ 15.611709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.611793] kthread+0x328/0x630 [ 15.611866] ret_from_fork+0x10/0x20 [ 15.611903] [ 15.611922] The buggy address belongs to the object at fff00000c63f3100 [ 15.611922] which belongs to the cache kmalloc-128 of size 128 [ 15.612151] The buggy address is located 5 bytes to the right of [ 15.612151] allocated 115-byte region [fff00000c63f3100, fff00000c63f3173) [ 15.612249] [ 15.612286] The buggy address belongs to the physical page: [ 15.612356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f3 [ 15.612455] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.612563] page_type: f5(slab) [ 15.612603] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.612651] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.612700] page dumped because: kasan: bad access detected [ 15.612849] [ 15.612989] Memory state around the buggy address: [ 15.613043] fff00000c63f3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.613103] fff00000c63f3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.613150] >fff00000c63f3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.613186] ^ [ 15.613225] fff00000c63f3180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.613275] fff00000c63f3200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.613321] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 94.470566] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 94.471719] Modules linked in: [ 94.472156] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 94.473126] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 94.473475] Hardware name: linux,dummy-virt (DT) [ 94.473678] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.474117] pc : intlog10+0x38/0x48 [ 94.474310] lr : intlog10_test+0xe4/0x200 [ 94.474503] sp : ffff800082287c10 [ 94.474663] x29: ffff800082287c90 x28: 0000000000000000 x27: 0000000000000000 [ 94.475012] x26: 1ffe0000192b6fa1 x25: 0000000000000000 x24: ffff800082287ce0 [ 94.475919] x23: ffff800082287d00 x22: 0000000000000000 x21: 1ffff00010450f82 [ 94.476812] x20: ffff92ec29a89e80 x19: ffff800080087990 x18: 000000005e874196 [ 94.477718] x17: 00000000aee95e5a x16: fff00000c0975c3c x15: 000000008e449dd5 [ 94.478717] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a5cd x12: ffff725d85b23379 [ 94.479757] x11: 1ffff25d85b23378 x10: ffff725d85b23378 x9 : ffff92ec2703685c [ 94.480627] x8 : ffff92ec2d919bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 94.481566] x5 : ffff700010450f82 x4 : 1ffff00010010f3a x3 : 1ffff25d853513d0 [ 94.482537] x2 : 1ffff25d853513d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 94.483061] Call trace: [ 94.483226] intlog10+0x38/0x48 (P) [ 94.483423] kunit_try_run_case+0x170/0x3f0 [ 94.483628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.483870] kthread+0x328/0x630 [ 94.484047] ret_from_fork+0x10/0x20 [ 94.484250] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 94.423993] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 94.425286] Modules linked in: [ 94.425526] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 94.427170] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 94.427553] Hardware name: linux,dummy-virt (DT) [ 94.427772] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.428055] pc : intlog2+0xd8/0xf8 [ 94.428536] lr : intlog2_test+0xe4/0x200 [ 94.428996] sp : ffff800082207c10 [ 94.429394] x29: ffff800082207c90 x28: 0000000000000000 x27: 0000000000000000 [ 94.430299] x26: 1ffe000018cc1541 x25: 0000000000000000 x24: ffff800082207ce0 [ 94.431292] x23: ffff800082207d00 x22: 0000000000000000 x21: 1ffff00010440f82 [ 94.432064] x20: ffff92ec29a89d80 x19: ffff800080087990 x18: 00000000d7a68b98 [ 94.432760] x17: 0000000067b08c02 x16: fff00000c097583c x15: 00000000deb9e5c8 [ 94.433216] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e9cd x12: ffff725d85b23379 [ 94.434034] x11: 1ffff25d85b23378 x10: ffff725d85b23378 x9 : ffff92ec27036a5c [ 94.434878] x8 : ffff92ec2d919bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 94.435667] x5 : ffff700010440f82 x4 : 1ffff00010010f3a x3 : 1ffff25d853513b0 [ 94.436148] x2 : 1ffff25d853513b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 94.436506] Call trace: [ 94.436651] intlog2+0xd8/0xf8 (P) [ 94.436852] kunit_try_run_case+0x170/0x3f0 [ 94.437060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.437636] kthread+0x328/0x630 [ 94.438135] ret_from_fork+0x10/0x20 [ 94.438623] ---[ end trace 0000000000000000 ]---