Date
July 11, 2025, 11:09 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.176838] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 19.230696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.129627] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.133978] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.142275] Modules linked in: [ 94.142988] CPU: 0 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 94.144530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.144726] Hardware name: linux,dummy-virt (DT) [ 94.145028] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.145355] pc : kunit_test_null_dereference+0x70/0x170 [ 94.145634] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.145906] sp : ffff800080fd7d30 [ 94.146188] x29: ffff800080fd7d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.146695] x26: 1ffe000018b0c081 x25: 0000000000000000 x24: 0000000000000004 [ 94.147503] x23: fff00000c586040c x22: ffffaa495f423cb8 x21: fff00000c1213608 [ 94.148041] x20: 1ffff000101fafa6 x19: ffff800080087990 x18: 00000000d972a901 [ 94.148598] x17: 0000000000000001 x16: fff00000c097583c x15: fff00000ff616b08 [ 94.149131] x14: 0000000000018fff x13: 1ffe00001b48ebcd x12: fffd80001952c3a4 [ 94.149659] x11: 1ffe00001952c3a3 x10: fffd80001952c3a3 x9 : ffffaa495f41b120 [ 94.150249] x8 : ffff800080fd7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.150747] x5 : ffff7000101fafa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.151356] x2 : dfff800000000000 x1 : fff00000ca961440 x0 : ffff800080087990 [ 94.151816] Call trace: [ 94.152028] kunit_test_null_dereference+0x70/0x170 (P) [ 94.152332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.152623] kthread+0x328/0x630 [ 94.152835] ret_from_fork+0x10/0x20 [ 94.153800] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.154503] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.248327] ================================================================== [ 50.248386] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.248386] [ 50.248466] Use-after-free read at 0x00000000d16c9c4f (in kfence-#155): [ 50.248517] test_krealloc+0x51c/0x830 [ 50.248563] kunit_try_run_case+0x170/0x3f0 [ 50.248608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.248653] kthread+0x328/0x630 [ 50.248691] ret_from_fork+0x10/0x20 [ 50.248749] [ 50.248773] kfence-#155: 0x00000000d16c9c4f-0x000000003f3a6a53, size=32, cache=kmalloc-32 [ 50.248773] [ 50.248827] allocated by task 338 on cpu 1 at 50.247478s (0.001345s ago): [ 50.248906] test_alloc+0x29c/0x628 [ 50.248947] test_krealloc+0xc0/0x830 [ 50.248986] kunit_try_run_case+0x170/0x3f0 [ 50.249026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.249069] kthread+0x328/0x630 [ 50.249105] ret_from_fork+0x10/0x20 [ 50.249144] [ 50.249168] freed by task 338 on cpu 1 at 50.247911s (0.001253s ago): [ 50.249228] krealloc_noprof+0x148/0x360 [ 50.249266] test_krealloc+0x1dc/0x830 [ 50.249307] kunit_try_run_case+0x170/0x3f0 [ 50.249346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.249390] kthread+0x328/0x630 [ 50.249425] ret_from_fork+0x10/0x20 [ 50.249464] [ 50.249510] CPU: 1 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 50.249589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.249619] Hardware name: linux,dummy-virt (DT) [ 50.249655] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.191218] ================================================================== [ 50.191325] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.191325] [ 50.191422] Use-after-free read at 0x0000000015127aae (in kfence-#154): [ 50.191474] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.191523] kunit_try_run_case+0x170/0x3f0 [ 50.191566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.191612] kthread+0x328/0x630 [ 50.191651] ret_from_fork+0x10/0x20 [ 50.191689] [ 50.191714] kfence-#154: 0x0000000015127aae-0x00000000720ee958, size=32, cache=test [ 50.191714] [ 50.191765] allocated by task 336 on cpu 1 at 50.143630s (0.048131s ago): [ 50.191832] test_alloc+0x230/0x628 [ 50.191890] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.191933] kunit_try_run_case+0x170/0x3f0 [ 50.191972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.192015] kthread+0x328/0x630 [ 50.192050] ret_from_fork+0x10/0x20 [ 50.192089] [ 50.192112] freed by task 336 on cpu 1 at 50.143749s (0.048359s ago): [ 50.192167] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.192210] kunit_try_run_case+0x170/0x3f0 [ 50.192248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.192291] kthread+0x328/0x630 [ 50.192327] ret_from_fork+0x10/0x20 [ 50.192366] [ 50.192410] CPU: 0 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 50.192489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.192518] Hardware name: linux,dummy-virt (DT) [ 50.192553] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 27.175310] ================================================================== [ 27.175478] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 27.175478] [ 27.175573] Invalid read at 0x0000000017f97363: [ 27.175794] test_invalid_access+0xdc/0x1f0 [ 27.176001] kunit_try_run_case+0x170/0x3f0 [ 27.176079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.176136] kthread+0x328/0x630 [ 27.176211] ret_from_fork+0x10/0x20 [ 27.176555] [ 27.176621] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 27.176809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.176872] Hardware name: linux,dummy-virt (DT) [ 27.177176] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.947432] ================================================================== [ 26.947531] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.947531] [ 26.947596] Corrupted memory at 0x00000000e09aea3f [ ! . . . . . . . . . . . . . . . ] (in kfence-#150): [ 26.947922] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.947972] kunit_try_run_case+0x170/0x3f0 [ 26.948016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.948059] kthread+0x328/0x630 [ 26.948100] ret_from_fork+0x10/0x20 [ 26.948140] [ 26.948165] kfence-#150: 0x00000000d785791c-0x0000000054d1edb5, size=73, cache=kmalloc-96 [ 26.948165] [ 26.948220] allocated by task 326 on cpu 1 at 26.947176s (0.001040s ago): [ 26.948282] test_alloc+0x29c/0x628 [ 26.948323] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 26.948367] kunit_try_run_case+0x170/0x3f0 [ 26.948405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.948447] kthread+0x328/0x630 [ 26.948484] ret_from_fork+0x10/0x20 [ 26.948521] [ 26.948546] freed by task 326 on cpu 1 at 26.947331s (0.001211s ago): [ 26.948606] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.948650] kunit_try_run_case+0x170/0x3f0 [ 26.948688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.948731] kthread+0x328/0x630 [ 26.948767] ret_from_fork+0x10/0x20 [ 26.948805] [ 26.948865] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.948947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.948976] Hardware name: linux,dummy-virt (DT) [ 26.949009] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 26.843580] ================================================================== [ 26.843690] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.843690] [ 26.843791] Out-of-bounds read at 0x000000002ed57d7f (105B right of kfence-#149): [ 26.843867] test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.843918] kunit_try_run_case+0x170/0x3f0 [ 26.843963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.844007] kthread+0x328/0x630 [ 26.844046] ret_from_fork+0x10/0x20 [ 26.844086] [ 26.844112] kfence-#149: 0x0000000055c98b75-0x0000000054e0861d, size=73, cache=kmalloc-96 [ 26.844112] [ 26.844165] allocated by task 324 on cpu 0 at 26.843288s (0.000873s ago): [ 26.844236] test_alloc+0x29c/0x628 [ 26.844278] test_kmalloc_aligned_oob_read+0x100/0x468 [ 26.844321] kunit_try_run_case+0x170/0x3f0 [ 26.844361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.844405] kthread+0x328/0x630 [ 26.844439] ret_from_fork+0x10/0x20 [ 26.844478] [ 26.844530] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.844612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.844642] Hardware name: linux,dummy-virt (DT) [ 26.844677] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 21.645235] ================================================================== [ 21.645311] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 21.645311] [ 21.645372] Corrupted memory at 0x000000003003bc72 [ ! ] (in kfence-#99): [ 21.645494] test_corruption+0x284/0x378 [ 21.646776] kunit_try_run_case+0x170/0x3f0 [ 21.646870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.646918] kthread+0x328/0x630 [ 21.646955] ret_from_fork+0x10/0x20 [ 21.646996] [ 21.647044] kfence-#99: 0x000000009cbc3daa-0x00000000d0228385, size=32, cache=kmalloc-32 [ 21.647044] [ 21.647383] allocated by task 312 on cpu 1 at 21.644907s (0.002471s ago): [ 21.647468] test_alloc+0x29c/0x628 [ 21.647526] test_corruption+0x198/0x378 [ 21.647568] kunit_try_run_case+0x170/0x3f0 [ 21.647616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.647660] kthread+0x328/0x630 [ 21.647696] ret_from_fork+0x10/0x20 [ 21.647733] [ 21.647833] freed by task 312 on cpu 1 at 21.645054s (0.002769s ago): [ 21.647992] test_corruption+0x284/0x378 [ 21.648118] kunit_try_run_case+0x170/0x3f0 [ 21.648253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.648328] kthread+0x328/0x630 [ 21.648383] ret_from_fork+0x10/0x20 [ 21.648421] [ 21.648498] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.648609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.648638] Hardware name: linux,dummy-virt (DT) [ 21.648672] ================================================================== [ 21.955378] ================================================================== [ 21.955473] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 21.955473] [ 21.955548] Corrupted memory at 0x00000000c194201f [ ! ] (in kfence-#102): [ 21.955661] test_corruption+0x1d8/0x378 [ 21.955709] kunit_try_run_case+0x170/0x3f0 [ 21.955751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.955796] kthread+0x328/0x630 [ 21.955834] ret_from_fork+0x10/0x20 [ 21.955887] [ 21.955911] kfence-#102: 0x0000000019d2c34f-0x00000000c7883820, size=32, cache=test [ 21.955911] [ 21.955966] allocated by task 314 on cpu 1 at 21.955225s (0.000737s ago): [ 21.956026] test_alloc+0x230/0x628 [ 21.956067] test_corruption+0x198/0x378 [ 21.956108] kunit_try_run_case+0x170/0x3f0 [ 21.956146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.956189] kthread+0x328/0x630 [ 21.956224] ret_from_fork+0x10/0x20 [ 21.956263] [ 21.956286] freed by task 314 on cpu 1 at 21.955284s (0.000999s ago): [ 21.956345] test_corruption+0x1d8/0x378 [ 21.956384] kunit_try_run_case+0x170/0x3f0 [ 21.956424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.956467] kthread+0x328/0x630 [ 21.956501] ret_from_fork+0x10/0x20 [ 21.956541] [ 21.956584] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.956661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.956690] Hardware name: linux,dummy-virt (DT) [ 21.956725] ================================================================== [ 21.747277] ================================================================== [ 21.747383] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 21.747383] [ 21.747448] Corrupted memory at 0x000000009fb3e175 [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 21.747754] test_corruption+0x120/0x378 [ 21.747802] kunit_try_run_case+0x170/0x3f0 [ 21.747860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.747906] kthread+0x328/0x630 [ 21.747944] ret_from_fork+0x10/0x20 [ 21.747985] [ 21.748010] kfence-#100: 0x0000000093737c48-0x00000000ce3adc31, size=32, cache=test [ 21.748010] [ 21.748063] allocated by task 314 on cpu 1 at 21.747128s (0.000932s ago): [ 21.748125] test_alloc+0x230/0x628 [ 21.748166] test_corruption+0xdc/0x378 [ 21.748206] kunit_try_run_case+0x170/0x3f0 [ 21.748245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.748288] kthread+0x328/0x630 [ 21.748324] ret_from_fork+0x10/0x20 [ 21.748363] [ 21.748386] freed by task 314 on cpu 1 at 21.747191s (0.001191s ago): [ 21.748446] test_corruption+0x120/0x378 [ 21.748486] kunit_try_run_case+0x170/0x3f0 [ 21.748524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.748569] kthread+0x328/0x630 [ 21.748605] ret_from_fork+0x10/0x20 [ 21.748644] [ 21.748687] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.748765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.748793] Hardware name: linux,dummy-virt (DT) [ 21.748828] ================================================================== [ 21.541226] ================================================================== [ 21.541496] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 21.541496] [ 21.541590] Corrupted memory at 0x00000000ea00439e [ ! . . . . . . . . . . . . . . . ] (in kfence-#98): [ 21.546373] test_corruption+0x278/0x378 [ 21.546459] kunit_try_run_case+0x170/0x3f0 [ 21.546617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.546716] kthread+0x328/0x630 [ 21.546859] ret_from_fork+0x10/0x20 [ 21.546958] [ 21.546986] kfence-#98: 0x0000000094a1f80d-0x00000000036ecaea, size=32, cache=kmalloc-32 [ 21.546986] [ 21.547089] allocated by task 312 on cpu 1 at 21.540673s (0.006404s ago): [ 21.547165] test_alloc+0x29c/0x628 [ 21.547207] test_corruption+0xdc/0x378 [ 21.547599] kunit_try_run_case+0x170/0x3f0 [ 21.547698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.547858] kthread+0x328/0x630 [ 21.547930] ret_from_fork+0x10/0x20 [ 21.548031] [ 21.548194] freed by task 312 on cpu 1 at 21.540903s (0.007257s ago): [ 21.548282] test_corruption+0x278/0x378 [ 21.548604] kunit_try_run_case+0x170/0x3f0 [ 21.548689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.549010] kthread+0x328/0x630 [ 21.549157] ret_from_fork+0x10/0x20 [ 21.549268] [ 21.549426] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.549774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.549862] Hardware name: linux,dummy-virt (DT) [ 21.549964] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 21.435644] ================================================================== [ 21.435937] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 21.435937] [ 21.436010] Invalid free of 0x000000009cdd7bc4 (in kfence-#97): [ 21.436063] test_invalid_addr_free+0xec/0x238 [ 21.436333] kunit_try_run_case+0x170/0x3f0 [ 21.436445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.436537] kthread+0x328/0x630 [ 21.436577] ret_from_fork+0x10/0x20 [ 21.436622] [ 21.436693] kfence-#97: 0x000000006287950d-0x000000007e5b6525, size=32, cache=test [ 21.436693] [ 21.436786] allocated by task 310 on cpu 1 at 21.435500s (0.001276s ago): [ 21.436862] test_alloc+0x230/0x628 [ 21.436902] test_invalid_addr_free+0xd4/0x238 [ 21.436943] kunit_try_run_case+0x170/0x3f0 [ 21.436981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.437025] kthread+0x328/0x630 [ 21.437061] ret_from_fork+0x10/0x20 [ 21.437102] [ 21.437146] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.437227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.437254] Hardware name: linux,dummy-virt (DT) [ 21.437288] ================================================================== [ 21.331765] ================================================================== [ 21.331889] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 21.331889] [ 21.331951] Invalid free of 0x00000000c78ff793 (in kfence-#96): [ 21.332029] test_invalid_addr_free+0x1ac/0x238 [ 21.332124] kunit_try_run_case+0x170/0x3f0 [ 21.332167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.332251] kthread+0x328/0x630 [ 21.332329] ret_from_fork+0x10/0x20 [ 21.332395] [ 21.332423] kfence-#96: 0x000000007660db41-0x000000001cd4eaab, size=32, cache=kmalloc-32 [ 21.332423] [ 21.332535] allocated by task 308 on cpu 1 at 21.331429s (0.001044s ago): [ 21.332598] test_alloc+0x29c/0x628 [ 21.332638] test_invalid_addr_free+0xd4/0x238 [ 21.332679] kunit_try_run_case+0x170/0x3f0 [ 21.332718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.332760] kthread+0x328/0x630 [ 21.332921] ret_from_fork+0x10/0x20 [ 21.333007] [ 21.333084] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.333195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.333409] Hardware name: linux,dummy-virt (DT) [ 21.333455] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.227778] ================================================================== [ 21.228003] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 21.228003] [ 21.228076] Invalid free of 0x00000000fe62797a (in kfence-#95): [ 21.228201] test_double_free+0x100/0x238 [ 21.228257] kunit_try_run_case+0x170/0x3f0 [ 21.228300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.228374] kthread+0x328/0x630 [ 21.228414] ret_from_fork+0x10/0x20 [ 21.228481] [ 21.228507] kfence-#95: 0x00000000fe62797a-0x000000000ef7e50e, size=32, cache=test [ 21.228507] [ 21.228559] allocated by task 306 on cpu 1 at 21.227540s (0.001016s ago): [ 21.228760] test_alloc+0x230/0x628 [ 21.228826] test_double_free+0xd4/0x238 [ 21.228900] kunit_try_run_case+0x170/0x3f0 [ 21.228940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.229032] kthread+0x328/0x630 [ 21.229099] ret_from_fork+0x10/0x20 [ 21.229298] [ 21.229479] freed by task 306 on cpu 1 at 21.227633s (0.001804s ago): [ 21.229562] test_double_free+0xf0/0x238 [ 21.229609] kunit_try_run_case+0x170/0x3f0 [ 21.229653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.229702] kthread+0x328/0x630 [ 21.229765] ret_from_fork+0x10/0x20 [ 21.229873] [ 21.229919] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.230018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.230048] Hardware name: linux,dummy-virt (DT) [ 21.230082] ================================================================== [ 21.124188] ================================================================== [ 21.124306] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.124306] [ 21.124375] Invalid free of 0x0000000034284833 (in kfence-#94): [ 21.124437] test_double_free+0x1bc/0x238 [ 21.124482] kunit_try_run_case+0x170/0x3f0 [ 21.124527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.124568] kthread+0x328/0x630 [ 21.124607] ret_from_fork+0x10/0x20 [ 21.124645] [ 21.124672] kfence-#94: 0x0000000034284833-0x0000000017d09dc1, size=32, cache=kmalloc-32 [ 21.124672] [ 21.124739] allocated by task 304 on cpu 1 at 21.123663s (0.001058s ago): [ 21.124800] test_alloc+0x29c/0x628 [ 21.124859] test_double_free+0xd4/0x238 [ 21.124964] kunit_try_run_case+0x170/0x3f0 [ 21.125089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.125270] kthread+0x328/0x630 [ 21.125307] ret_from_fork+0x10/0x20 [ 21.125347] [ 21.125370] freed by task 304 on cpu 1 at 21.123743s (0.001623s ago): [ 21.125440] test_double_free+0x1ac/0x238 [ 21.125637] kunit_try_run_case+0x170/0x3f0 [ 21.125749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.126397] kthread+0x328/0x630 [ 21.126472] ret_from_fork+0x10/0x20 [ 21.126521] [ 21.126697] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.126853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.127178] Hardware name: linux,dummy-virt (DT) [ 21.127264] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 20.709886] ================================================================== [ 20.710157] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.710157] [ 20.710279] Use-after-free read at 0x00000000454d10b2 (in kfence-#90): [ 20.710635] test_use_after_free_read+0x114/0x248 [ 20.710710] kunit_try_run_case+0x170/0x3f0 [ 20.710917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.710965] kthread+0x328/0x630 [ 20.711003] ret_from_fork+0x10/0x20 [ 20.711374] [ 20.711421] kfence-#90: 0x00000000454d10b2-0x00000000d91a6a87, size=32, cache=kmalloc-32 [ 20.711421] [ 20.711478] allocated by task 296 on cpu 1 at 20.708908s (0.002567s ago): [ 20.711583] test_alloc+0x29c/0x628 [ 20.711633] test_use_after_free_read+0xd0/0x248 [ 20.711674] kunit_try_run_case+0x170/0x3f0 [ 20.711714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.711759] kthread+0x328/0x630 [ 20.711804] ret_from_fork+0x10/0x20 [ 20.711878] [ 20.712077] freed by task 296 on cpu 1 at 20.709478s (0.002471s ago): [ 20.712200] test_use_after_free_read+0x1c0/0x248 [ 20.712263] kunit_try_run_case+0x170/0x3f0 [ 20.712311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.712361] kthread+0x328/0x630 [ 20.712397] ret_from_fork+0x10/0x20 [ 20.712457] [ 20.712533] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.712635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.712664] Hardware name: linux,dummy-virt (DT) [ 20.712719] ================================================================== [ 20.814139] ================================================================== [ 20.814270] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.814270] [ 20.814364] Use-after-free read at 0x000000006cc31829 (in kfence-#91): [ 20.814433] test_use_after_free_read+0x114/0x248 [ 20.814915] kunit_try_run_case+0x170/0x3f0 [ 20.815074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.815121] kthread+0x328/0x630 [ 20.815395] ret_from_fork+0x10/0x20 [ 20.816100] [ 20.816169] kfence-#91: 0x000000006cc31829-0x000000009221e2b0, size=32, cache=test [ 20.816169] [ 20.816429] allocated by task 298 on cpu 1 at 20.813600s (0.002825s ago): [ 20.816538] test_alloc+0x230/0x628 [ 20.816886] test_use_after_free_read+0xd0/0x248 [ 20.817018] kunit_try_run_case+0x170/0x3f0 [ 20.817286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.817462] kthread+0x328/0x630 [ 20.817550] ret_from_fork+0x10/0x20 [ 20.817653] [ 20.817708] freed by task 298 on cpu 1 at 20.813784s (0.003921s ago): [ 20.818267] test_use_after_free_read+0xf0/0x248 [ 20.818382] kunit_try_run_case+0x170/0x3f0 [ 20.818903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.819016] kthread+0x328/0x630 [ 20.819258] ret_from_fork+0x10/0x20 [ 20.819413] [ 20.819763] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.819877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.819946] Hardware name: linux,dummy-virt (DT) [ 20.819985] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 20.500111] ================================================================== [ 20.500181] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.500181] [ 20.500279] Out-of-bounds write at 0x00000000e58bfd0b (1B left of kfence-#88): [ 20.500342] test_out_of_bounds_write+0x100/0x240 [ 20.500392] kunit_try_run_case+0x170/0x3f0 [ 20.500437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.500479] kthread+0x328/0x630 [ 20.500518] ret_from_fork+0x10/0x20 [ 20.500556] [ 20.500581] kfence-#88: 0x00000000b9c338b8-0x0000000042bcc925, size=32, cache=kmalloc-32 [ 20.500581] [ 20.500633] allocated by task 292 on cpu 1 at 20.499967s (0.000662s ago): [ 20.500701] test_alloc+0x29c/0x628 [ 20.500740] test_out_of_bounds_write+0xc8/0x240 [ 20.500781] kunit_try_run_case+0x170/0x3f0 [ 20.500821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.501122] kthread+0x328/0x630 [ 20.501419] ret_from_fork+0x10/0x20 [ 20.501792] [ 20.502087] CPU: 1 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.502525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.502561] Hardware name: linux,dummy-virt (DT) [ 20.502657] ================================================================== [ 20.605414] ================================================================== [ 20.605514] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.605514] [ 20.605605] Out-of-bounds write at 0x00000000a861e4fd (1B left of kfence-#89): [ 20.605660] test_out_of_bounds_write+0x100/0x240 [ 20.605708] kunit_try_run_case+0x170/0x3f0 [ 20.606064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.606295] kthread+0x328/0x630 [ 20.606460] ret_from_fork+0x10/0x20 [ 20.606540] [ 20.606580] kfence-#89: 0x00000000e82a4ed2-0x00000000a527098a, size=32, cache=test [ 20.606580] [ 20.606635] allocated by task 294 on cpu 1 at 20.605071s (0.001560s ago): [ 20.606705] test_alloc+0x230/0x628 [ 20.607020] test_out_of_bounds_write+0xc8/0x240 [ 20.607168] kunit_try_run_case+0x170/0x3f0 [ 20.607257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.607304] kthread+0x328/0x630 [ 20.607369] ret_from_fork+0x10/0x20 [ 20.607774] [ 20.607955] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.608320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.608437] Hardware name: linux,dummy-virt (DT) [ 20.608474] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.396140] ================================================================== [ 20.396562] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.396562] [ 20.396655] Out-of-bounds read at 0x0000000093c03cdb (32B right of kfence-#87): [ 20.396764] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.396873] kunit_try_run_case+0x170/0x3f0 [ 20.396920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.397204] kthread+0x328/0x630 [ 20.397284] ret_from_fork+0x10/0x20 [ 20.397336] [ 20.397410] kfence-#87: 0x000000003b1a6b3f-0x000000001211e3a1, size=32, cache=test [ 20.397410] [ 20.397482] allocated by task 290 on cpu 1 at 20.395908s (0.001569s ago): [ 20.397608] test_alloc+0x230/0x628 [ 20.397655] test_out_of_bounds_read+0x198/0x3e0 [ 20.397697] kunit_try_run_case+0x170/0x3f0 [ 20.397736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.397780] kthread+0x328/0x630 [ 20.397818] ret_from_fork+0x10/0x20 [ 20.397877] [ 20.397923] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.398003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.398041] Hardware name: linux,dummy-virt (DT) [ 20.398075] ================================================================== [ 19.984101] ================================================================== [ 19.985049] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.985049] [ 19.985829] Out-of-bounds read at 0x000000003829052e (1B left of kfence-#83): [ 19.986205] test_out_of_bounds_read+0x114/0x3e0 [ 19.986634] kunit_try_run_case+0x170/0x3f0 [ 19.986899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.987111] kthread+0x328/0x630 [ 19.987448] ret_from_fork+0x10/0x20 [ 19.987723] [ 19.988473] kfence-#83: 0x00000000e98a8cb3-0x00000000c8f837bc, size=32, cache=kmalloc-32 [ 19.988473] [ 19.989106] allocated by task 288 on cpu 1 at 19.980761s (0.008210s ago): [ 19.990327] test_alloc+0x29c/0x628 [ 19.990402] test_out_of_bounds_read+0xdc/0x3e0 [ 19.990456] kunit_try_run_case+0x170/0x3f0 [ 19.990858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.991016] kthread+0x328/0x630 [ 19.991054] ret_from_fork+0x10/0x20 [ 19.991511] [ 19.991601] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.991687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.991717] Hardware name: linux,dummy-virt (DT) [ 19.991754] ================================================================== [ 20.291549] ================================================================== [ 20.291654] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.291654] [ 20.291738] Out-of-bounds read at 0x00000000b4d5a9a4 (1B left of kfence-#86): [ 20.291794] test_out_of_bounds_read+0x114/0x3e0 [ 20.292083] kunit_try_run_case+0x170/0x3f0 [ 20.292167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.292211] kthread+0x328/0x630 [ 20.292278] ret_from_fork+0x10/0x20 [ 20.292318] [ 20.292368] kfence-#86: 0x000000000b22a0bb-0x0000000046c61681, size=32, cache=test [ 20.292368] [ 20.292455] allocated by task 290 on cpu 1 at 20.291465s (0.000969s ago): [ 20.292614] test_alloc+0x230/0x628 [ 20.292657] test_out_of_bounds_read+0xdc/0x3e0 [ 20.292699] kunit_try_run_case+0x170/0x3f0 [ 20.292932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.293000] kthread+0x328/0x630 [ 20.293073] ret_from_fork+0x10/0x20 [ 20.293130] [ 20.293196] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.293302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.293371] Hardware name: linux,dummy-virt (DT) [ 20.293406] ================================================================== [ 20.188259] ================================================================== [ 20.188345] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.188345] [ 20.188448] Out-of-bounds read at 0x00000000f49df50f (32B right of kfence-#85): [ 20.188507] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.188556] kunit_try_run_case+0x170/0x3f0 [ 20.188598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.188651] kthread+0x328/0x630 [ 20.188689] ret_from_fork+0x10/0x20 [ 20.188729] [ 20.188754] kfence-#85: 0x000000000f3bee02-0x000000003f14b694, size=32, cache=kmalloc-32 [ 20.188754] [ 20.188820] allocated by task 288 on cpu 1 at 20.188008s (0.000795s ago): [ 20.189775] test_alloc+0x29c/0x628 [ 20.189956] test_out_of_bounds_read+0x198/0x3e0 [ 20.190020] kunit_try_run_case+0x170/0x3f0 [ 20.190138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.190463] kthread+0x328/0x630 [ 20.190514] ret_from_fork+0x10/0x20 [ 20.191313] [ 20.191476] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.191661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.191972] Hardware name: linux,dummy-virt (DT) [ 20.192180] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.823591] ================================================================== [ 19.823644] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 19.823701] Write of size 121 at addr fff00000c5903800 by task kunit_try_catch/286 [ 19.823754] [ 19.823785] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.823881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.823909] Hardware name: linux,dummy-virt (DT) [ 19.824862] Call trace: [ 19.824903] show_stack+0x20/0x38 (C) [ 19.825014] dump_stack_lvl+0x8c/0xd0 [ 19.825065] print_report+0x118/0x608 [ 19.825528] kasan_report+0xdc/0x128 [ 19.826000] kasan_check_range+0x100/0x1a8 [ 19.826074] __kasan_check_write+0x20/0x30 [ 19.826124] strncpy_from_user+0x3c/0x2a0 [ 19.826697] copy_user_test_oob+0x5c0/0xec8 [ 19.826945] kunit_try_run_case+0x170/0x3f0 [ 19.827018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.827074] kthread+0x328/0x630 [ 19.827389] ret_from_fork+0x10/0x20 [ 19.827614] [ 19.827806] Allocated by task 286: [ 19.827973] kasan_save_stack+0x3c/0x68 [ 19.828093] kasan_save_track+0x20/0x40 [ 19.828565] kasan_save_alloc_info+0x40/0x58 [ 19.828711] __kasan_kmalloc+0xd4/0xd8 [ 19.828750] __kmalloc_noprof+0x198/0x4c8 [ 19.828995] kunit_kmalloc_array+0x34/0x88 [ 19.829070] copy_user_test_oob+0xac/0xec8 [ 19.829884] kunit_try_run_case+0x170/0x3f0 [ 19.829935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.829982] kthread+0x328/0x630 [ 19.830020] ret_from_fork+0x10/0x20 [ 19.830057] [ 19.830078] The buggy address belongs to the object at fff00000c5903800 [ 19.830078] which belongs to the cache kmalloc-128 of size 128 [ 19.830138] The buggy address is located 0 bytes inside of [ 19.830138] allocated 120-byte region [fff00000c5903800, fff00000c5903878) [ 19.830201] [ 19.830223] The buggy address belongs to the physical page: [ 19.830256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.830310] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.830362] page_type: f5(slab) [ 19.830402] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.830454] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.830497] page dumped because: kasan: bad access detected [ 19.830530] [ 19.830551] Memory state around the buggy address: [ 19.830584] fff00000c5903700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.830629] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.830675] >fff00000c5903800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.830716] ^ [ 19.830800] fff00000c5903880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.830942] fff00000c5903900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.830983] ================================================================== [ 19.832239] ================================================================== [ 19.833880] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 19.834061] Write of size 1 at addr fff00000c5903878 by task kunit_try_catch/286 [ 19.834776] [ 19.835577] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.835872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.836101] Hardware name: linux,dummy-virt (DT) [ 19.836563] Call trace: [ 19.836688] show_stack+0x20/0x38 (C) [ 19.837396] dump_stack_lvl+0x8c/0xd0 [ 19.837711] print_report+0x118/0x608 [ 19.837773] kasan_report+0xdc/0x128 [ 19.837822] __asan_report_store1_noabort+0x20/0x30 [ 19.838873] strncpy_from_user+0x270/0x2a0 [ 19.838958] copy_user_test_oob+0x5c0/0xec8 [ 19.839006] kunit_try_run_case+0x170/0x3f0 [ 19.840140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.840712] kthread+0x328/0x630 [ 19.841097] ret_from_fork+0x10/0x20 [ 19.841147] [ 19.841701] Allocated by task 286: [ 19.841981] kasan_save_stack+0x3c/0x68 [ 19.842523] kasan_save_track+0x20/0x40 [ 19.842888] kasan_save_alloc_info+0x40/0x58 [ 19.842938] __kasan_kmalloc+0xd4/0xd8 [ 19.843381] __kmalloc_noprof+0x198/0x4c8 [ 19.843651] kunit_kmalloc_array+0x34/0x88 [ 19.844161] copy_user_test_oob+0xac/0xec8 [ 19.844961] kunit_try_run_case+0x170/0x3f0 [ 19.846115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.846363] kthread+0x328/0x630 [ 19.846481] ret_from_fork+0x10/0x20 [ 19.846548] [ 19.846669] The buggy address belongs to the object at fff00000c5903800 [ 19.846669] which belongs to the cache kmalloc-128 of size 128 [ 19.846896] The buggy address is located 0 bytes to the right of [ 19.846896] allocated 120-byte region [fff00000c5903800, fff00000c5903878) [ 19.846975] [ 19.846997] The buggy address belongs to the physical page: [ 19.847577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.847979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.848607] page_type: f5(slab) [ 19.848688] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.848957] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.849071] page dumped because: kasan: bad access detected [ 19.849379] [ 19.849415] Memory state around the buggy address: [ 19.849492] fff00000c5903700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.849855] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.849967] >fff00000c5903800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.850015] ^ [ 19.850568] fff00000c5903880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.851668] fff00000c5903900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.851865] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.764323] ================================================================== [ 19.764383] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.764436] Write of size 121 at addr fff00000c5903800 by task kunit_try_catch/286 [ 19.764500] [ 19.764662] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.764976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.765124] Hardware name: linux,dummy-virt (DT) [ 19.765273] Call trace: [ 19.765332] show_stack+0x20/0x38 (C) [ 19.765444] dump_stack_lvl+0x8c/0xd0 [ 19.765640] print_report+0x118/0x608 [ 19.765741] kasan_report+0xdc/0x128 [ 19.766136] kasan_check_range+0x100/0x1a8 [ 19.766381] __kasan_check_write+0x20/0x30 [ 19.766523] copy_user_test_oob+0x35c/0xec8 [ 19.766572] kunit_try_run_case+0x170/0x3f0 [ 19.766620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.766675] kthread+0x328/0x630 [ 19.767667] ret_from_fork+0x10/0x20 [ 19.767858] [ 19.767881] Allocated by task 286: [ 19.767911] kasan_save_stack+0x3c/0x68 [ 19.767956] kasan_save_track+0x20/0x40 [ 19.767994] kasan_save_alloc_info+0x40/0x58 [ 19.768037] __kasan_kmalloc+0xd4/0xd8 [ 19.768075] __kmalloc_noprof+0x198/0x4c8 [ 19.768115] kunit_kmalloc_array+0x34/0x88 [ 19.768154] copy_user_test_oob+0xac/0xec8 [ 19.768192] kunit_try_run_case+0x170/0x3f0 [ 19.768231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.768275] kthread+0x328/0x630 [ 19.768310] ret_from_fork+0x10/0x20 [ 19.768348] [ 19.768368] The buggy address belongs to the object at fff00000c5903800 [ 19.768368] which belongs to the cache kmalloc-128 of size 128 [ 19.768429] The buggy address is located 0 bytes inside of [ 19.768429] allocated 120-byte region [fff00000c5903800, fff00000c5903878) [ 19.768493] [ 19.768515] The buggy address belongs to the physical page: [ 19.768548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.768600] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.768652] page_type: f5(slab) [ 19.768692] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.768744] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.768797] page dumped because: kasan: bad access detected [ 19.768830] [ 19.768862] Memory state around the buggy address: [ 19.768897] fff00000c5903700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.768942] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.768986] >fff00000c5903800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.769027] ^ [ 19.769070] fff00000c5903880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.769114] fff00000c5903900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.769154] ================================================================== [ 19.788110] ================================================================== [ 19.788166] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.788217] Write of size 121 at addr fff00000c5903800 by task kunit_try_catch/286 [ 19.788270] [ 19.788304] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.788388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.788417] Hardware name: linux,dummy-virt (DT) [ 19.788448] Call trace: [ 19.788471] show_stack+0x20/0x38 (C) [ 19.788521] dump_stack_lvl+0x8c/0xd0 [ 19.788569] print_report+0x118/0x608 [ 19.788617] kasan_report+0xdc/0x128 [ 19.788663] kasan_check_range+0x100/0x1a8 [ 19.788713] __kasan_check_write+0x20/0x30 [ 19.788760] copy_user_test_oob+0x434/0xec8 [ 19.788810] kunit_try_run_case+0x170/0x3f0 [ 19.788871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.788925] kthread+0x328/0x630 [ 19.788967] ret_from_fork+0x10/0x20 [ 19.789017] [ 19.789037] Allocated by task 286: [ 19.789867] kasan_save_stack+0x3c/0x68 [ 19.789930] kasan_save_track+0x20/0x40 [ 19.790062] kasan_save_alloc_info+0x40/0x58 [ 19.790117] __kasan_kmalloc+0xd4/0xd8 [ 19.790156] __kmalloc_noprof+0x198/0x4c8 [ 19.790205] kunit_kmalloc_array+0x34/0x88 [ 19.790244] copy_user_test_oob+0xac/0xec8 [ 19.790294] kunit_try_run_case+0x170/0x3f0 [ 19.790345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.790389] kthread+0x328/0x630 [ 19.790435] ret_from_fork+0x10/0x20 [ 19.790472] [ 19.790527] The buggy address belongs to the object at fff00000c5903800 [ 19.790527] which belongs to the cache kmalloc-128 of size 128 [ 19.790732] The buggy address is located 0 bytes inside of [ 19.790732] allocated 120-byte region [fff00000c5903800, fff00000c5903878) [ 19.791727] [ 19.791778] The buggy address belongs to the physical page: [ 19.792800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.793124] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.793438] page_type: f5(slab) [ 19.793757] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.793915] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.793961] page dumped because: kasan: bad access detected [ 19.794608] [ 19.794633] Memory state around the buggy address: [ 19.794673] fff00000c5903700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.794722] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.794769] >fff00000c5903800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.795456] ^ [ 19.795519] fff00000c5903880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.795566] fff00000c5903900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.795607] ================================================================== [ 19.752581] ================================================================== [ 19.752640] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.752697] Read of size 121 at addr fff00000c5903800 by task kunit_try_catch/286 [ 19.752915] [ 19.752973] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.753158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.753205] Hardware name: linux,dummy-virt (DT) [ 19.753236] Call trace: [ 19.753340] show_stack+0x20/0x38 (C) [ 19.753437] dump_stack_lvl+0x8c/0xd0 [ 19.753484] print_report+0x118/0x608 [ 19.753531] kasan_report+0xdc/0x128 [ 19.753579] kasan_check_range+0x100/0x1a8 [ 19.753627] __kasan_check_read+0x20/0x30 [ 19.753673] copy_user_test_oob+0x728/0xec8 [ 19.753720] kunit_try_run_case+0x170/0x3f0 [ 19.753770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.753825] kthread+0x328/0x630 [ 19.754018] ret_from_fork+0x10/0x20 [ 19.754074] [ 19.754097] Allocated by task 286: [ 19.754126] kasan_save_stack+0x3c/0x68 [ 19.754167] kasan_save_track+0x20/0x40 [ 19.754206] kasan_save_alloc_info+0x40/0x58 [ 19.754249] __kasan_kmalloc+0xd4/0xd8 [ 19.754286] __kmalloc_noprof+0x198/0x4c8 [ 19.754341] kunit_kmalloc_array+0x34/0x88 [ 19.754380] copy_user_test_oob+0xac/0xec8 [ 19.754419] kunit_try_run_case+0x170/0x3f0 [ 19.754626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.754829] kthread+0x328/0x630 [ 19.754975] ret_from_fork+0x10/0x20 [ 19.755040] [ 19.755123] The buggy address belongs to the object at fff00000c5903800 [ 19.755123] which belongs to the cache kmalloc-128 of size 128 [ 19.755182] The buggy address is located 0 bytes inside of [ 19.755182] allocated 120-byte region [fff00000c5903800, fff00000c5903878) [ 19.755248] [ 19.755347] The buggy address belongs to the physical page: [ 19.755394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.755542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.755686] page_type: f5(slab) [ 19.755726] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.756000] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.756135] page dumped because: kasan: bad access detected [ 19.756223] [ 19.756243] Memory state around the buggy address: [ 19.756285] fff00000c5903700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.756337] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.756553] >fff00000c5903800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.756594] ^ [ 19.756637] fff00000c5903880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.756713] fff00000c5903900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.756919] ================================================================== [ 19.737577] ================================================================== [ 19.737863] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.738195] Write of size 121 at addr fff00000c5903800 by task kunit_try_catch/286 [ 19.738752] [ 19.739151] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.739304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.739341] Hardware name: linux,dummy-virt (DT) [ 19.739376] Call trace: [ 19.739408] show_stack+0x20/0x38 (C) [ 19.739754] dump_stack_lvl+0x8c/0xd0 [ 19.739947] print_report+0x118/0x608 [ 19.740184] kasan_report+0xdc/0x128 [ 19.740231] kasan_check_range+0x100/0x1a8 [ 19.740322] __kasan_check_write+0x20/0x30 [ 19.740558] copy_user_test_oob+0x234/0xec8 [ 19.740607] kunit_try_run_case+0x170/0x3f0 [ 19.740659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.740762] kthread+0x328/0x630 [ 19.741123] ret_from_fork+0x10/0x20 [ 19.741525] [ 19.741640] Allocated by task 286: [ 19.741801] kasan_save_stack+0x3c/0x68 [ 19.741863] kasan_save_track+0x20/0x40 [ 19.742109] kasan_save_alloc_info+0x40/0x58 [ 19.742189] __kasan_kmalloc+0xd4/0xd8 [ 19.742318] __kmalloc_noprof+0x198/0x4c8 [ 19.742363] kunit_kmalloc_array+0x34/0x88 [ 19.742422] copy_user_test_oob+0xac/0xec8 [ 19.742484] kunit_try_run_case+0x170/0x3f0 [ 19.742545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.742623] kthread+0x328/0x630 [ 19.742657] ret_from_fork+0x10/0x20 [ 19.743809] [ 19.743848] The buggy address belongs to the object at fff00000c5903800 [ 19.743848] which belongs to the cache kmalloc-128 of size 128 [ 19.743914] The buggy address is located 0 bytes inside of [ 19.743914] allocated 120-byte region [fff00000c5903800, fff00000c5903878) [ 19.744510] [ 19.744558] The buggy address belongs to the physical page: [ 19.744865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.744995] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.745082] page_type: f5(slab) [ 19.745185] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.745313] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.745386] page dumped because: kasan: bad access detected [ 19.745504] [ 19.745568] Memory state around the buggy address: [ 19.745659] fff00000c5903700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.745760] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.745858] >fff00000c5903800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.745899] ^ [ 19.745972] fff00000c5903880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.746030] fff00000c5903900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.746172] ================================================================== [ 19.772468] ================================================================== [ 19.772525] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.772577] Read of size 121 at addr fff00000c5903800 by task kunit_try_catch/286 [ 19.772629] [ 19.772673] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.772759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.772789] Hardware name: linux,dummy-virt (DT) [ 19.772820] Call trace: [ 19.772857] show_stack+0x20/0x38 (C) [ 19.772905] dump_stack_lvl+0x8c/0xd0 [ 19.772956] print_report+0x118/0x608 [ 19.773002] kasan_report+0xdc/0x128 [ 19.773049] kasan_check_range+0x100/0x1a8 [ 19.773097] __kasan_check_read+0x20/0x30 [ 19.773143] copy_user_test_oob+0x3c8/0xec8 [ 19.773191] kunit_try_run_case+0x170/0x3f0 [ 19.773239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.773293] kthread+0x328/0x630 [ 19.773335] ret_from_fork+0x10/0x20 [ 19.773383] [ 19.773405] Allocated by task 286: [ 19.773433] kasan_save_stack+0x3c/0x68 [ 19.773476] kasan_save_track+0x20/0x40 [ 19.773514] kasan_save_alloc_info+0x40/0x58 [ 19.773556] __kasan_kmalloc+0xd4/0xd8 [ 19.773593] __kmalloc_noprof+0x198/0x4c8 [ 19.773633] kunit_kmalloc_array+0x34/0x88 [ 19.773671] copy_user_test_oob+0xac/0xec8 [ 19.773710] kunit_try_run_case+0x170/0x3f0 [ 19.773750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.773794] kthread+0x328/0x630 [ 19.773827] ret_from_fork+0x10/0x20 [ 19.775691] [ 19.775720] The buggy address belongs to the object at fff00000c5903800 [ 19.775720] which belongs to the cache kmalloc-128 of size 128 [ 19.776134] The buggy address is located 0 bytes inside of [ 19.776134] allocated 120-byte region [fff00000c5903800, fff00000c5903878) [ 19.777287] [ 19.777441] The buggy address belongs to the physical page: [ 19.777790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.778173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.778268] page_type: f5(slab) [ 19.778876] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.778989] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.779186] page dumped because: kasan: bad access detected [ 19.779437] [ 19.780770] Memory state around the buggy address: [ 19.780813] fff00000c5903700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.785497] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.785682] >fff00000c5903800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.785930] ^ [ 19.786177] fff00000c5903880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.786317] fff00000c5903900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.786692] ================================================================== [ 19.808634] ================================================================== [ 19.809337] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 19.809597] Read of size 121 at addr fff00000c5903800 by task kunit_try_catch/286 [ 19.809829] [ 19.810080] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.810735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.810818] Hardware name: linux,dummy-virt (DT) [ 19.810974] Call trace: [ 19.811001] show_stack+0x20/0x38 (C) [ 19.811056] dump_stack_lvl+0x8c/0xd0 [ 19.811896] print_report+0x118/0x608 [ 19.812245] kasan_report+0xdc/0x128 [ 19.812517] kasan_check_range+0x100/0x1a8 [ 19.813180] __kasan_check_read+0x20/0x30 [ 19.813269] copy_user_test_oob+0x4a0/0xec8 [ 19.813321] kunit_try_run_case+0x170/0x3f0 [ 19.813372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.814018] kthread+0x328/0x630 [ 19.814476] ret_from_fork+0x10/0x20 [ 19.814865] [ 19.815142] Allocated by task 286: [ 19.815182] kasan_save_stack+0x3c/0x68 [ 19.815239] kasan_save_track+0x20/0x40 [ 19.815284] kasan_save_alloc_info+0x40/0x58 [ 19.815469] __kasan_kmalloc+0xd4/0xd8 [ 19.815939] __kmalloc_noprof+0x198/0x4c8 [ 19.816129] kunit_kmalloc_array+0x34/0x88 [ 19.816245] copy_user_test_oob+0xac/0xec8 [ 19.816429] kunit_try_run_case+0x170/0x3f0 [ 19.816471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.816799] kthread+0x328/0x630 [ 19.817192] ret_from_fork+0x10/0x20 [ 19.817337] [ 19.817374] The buggy address belongs to the object at fff00000c5903800 [ 19.817374] which belongs to the cache kmalloc-128 of size 128 [ 19.817672] The buggy address is located 0 bytes inside of [ 19.817672] allocated 120-byte region [fff00000c5903800, fff00000c5903878) [ 19.817906] [ 19.817930] The buggy address belongs to the physical page: [ 19.818103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.818438] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.818582] page_type: f5(slab) [ 19.818627] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.819023] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.819172] page dumped because: kasan: bad access detected [ 19.819369] [ 19.819436] Memory state around the buggy address: [ 19.819538] fff00000c5903700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.819779] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.819916] >fff00000c5903800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.820124] ^ [ 19.820866] fff00000c5903880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.821075] fff00000c5903900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.821118] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.691914] ================================================================== [ 19.691981] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.692049] Read of size 8 at addr fff00000c5903778 by task kunit_try_catch/282 [ 19.692101] [ 19.692142] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.692269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.692301] Hardware name: linux,dummy-virt (DT) [ 19.692403] Call trace: [ 19.692455] show_stack+0x20/0x38 (C) [ 19.692511] dump_stack_lvl+0x8c/0xd0 [ 19.692560] print_report+0x118/0x608 [ 19.692640] kasan_report+0xdc/0x128 [ 19.692923] __asan_report_load8_noabort+0x20/0x30 [ 19.693010] copy_to_kernel_nofault+0x204/0x250 [ 19.693174] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.693300] kunit_try_run_case+0x170/0x3f0 [ 19.693398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.693517] kthread+0x328/0x630 [ 19.693562] ret_from_fork+0x10/0x20 [ 19.693612] [ 19.693634] Allocated by task 282: [ 19.693789] kasan_save_stack+0x3c/0x68 [ 19.694398] kasan_save_track+0x20/0x40 [ 19.695958] kasan_save_alloc_info+0x40/0x58 [ 19.696023] __kasan_kmalloc+0xd4/0xd8 [ 19.696329] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.696374] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.696887] kunit_try_run_case+0x170/0x3f0 [ 19.697096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.697149] kthread+0x328/0x630 [ 19.697285] ret_from_fork+0x10/0x20 [ 19.697329] [ 19.697354] The buggy address belongs to the object at fff00000c5903700 [ 19.697354] which belongs to the cache kmalloc-128 of size 128 [ 19.697414] The buggy address is located 0 bytes to the right of [ 19.697414] allocated 120-byte region [fff00000c5903700, fff00000c5903778) [ 19.697499] [ 19.697627] The buggy address belongs to the physical page: [ 19.697693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.697878] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.697965] page_type: f5(slab) [ 19.698015] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.698200] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.698245] page dumped because: kasan: bad access detected [ 19.698278] [ 19.698298] Memory state around the buggy address: [ 19.698334] fff00000c5903600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.698381] fff00000c5903680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.698426] >fff00000c5903700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.698501] ^ [ 19.698587] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.698681] fff00000c5903800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.698785] ================================================================== [ 19.699983] ================================================================== [ 19.700037] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.700090] Write of size 8 at addr fff00000c5903778 by task kunit_try_catch/282 [ 19.700142] [ 19.700444] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.700684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.700714] Hardware name: linux,dummy-virt (DT) [ 19.701146] Call trace: [ 19.701184] show_stack+0x20/0x38 (C) [ 19.701239] dump_stack_lvl+0x8c/0xd0 [ 19.701292] print_report+0x118/0x608 [ 19.701340] kasan_report+0xdc/0x128 [ 19.701386] kasan_check_range+0x100/0x1a8 [ 19.701437] __kasan_check_write+0x20/0x30 [ 19.701483] copy_to_kernel_nofault+0x8c/0x250 [ 19.701531] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.701583] kunit_try_run_case+0x170/0x3f0 [ 19.701630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.701684] kthread+0x328/0x630 [ 19.701741] ret_from_fork+0x10/0x20 [ 19.701790] [ 19.701810] Allocated by task 282: [ 19.702134] kasan_save_stack+0x3c/0x68 [ 19.702217] kasan_save_track+0x20/0x40 [ 19.702289] kasan_save_alloc_info+0x40/0x58 [ 19.702361] __kasan_kmalloc+0xd4/0xd8 [ 19.702511] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.702838] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.702898] kunit_try_run_case+0x170/0x3f0 [ 19.703003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.703078] kthread+0x328/0x630 [ 19.703123] ret_from_fork+0x10/0x20 [ 19.703280] [ 19.703301] The buggy address belongs to the object at fff00000c5903700 [ 19.703301] which belongs to the cache kmalloc-128 of size 128 [ 19.703380] The buggy address is located 0 bytes to the right of [ 19.703380] allocated 120-byte region [fff00000c5903700, fff00000c5903778) [ 19.703463] [ 19.703485] The buggy address belongs to the physical page: [ 19.703518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 19.703572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.703621] page_type: f5(slab) [ 19.703737] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.703791] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.703835] page dumped because: kasan: bad access detected [ 19.704121] [ 19.704204] Memory state around the buggy address: [ 19.704257] fff00000c5903600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.704330] fff00000c5903680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.704376] >fff00000c5903700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.704417] ^ [ 19.704459] fff00000c5903780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.704503] fff00000c5903800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.704545] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.637302] ================================================================== [ 19.637377] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.637439] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 19.637689] [ 19.637752] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.638154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.638237] Hardware name: linux,dummy-virt (DT) [ 19.638274] Call trace: [ 19.638298] show_stack+0x20/0x38 (C) [ 19.638390] dump_stack_lvl+0x8c/0xd0 [ 19.638448] print_report+0x310/0x608 [ 19.638497] kasan_report+0xdc/0x128 [ 19.638554] __asan_report_load1_noabort+0x20/0x30 [ 19.638675] vmalloc_oob+0x578/0x5d0 [ 19.638759] kunit_try_run_case+0x170/0x3f0 [ 19.639081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.639310] kthread+0x328/0x630 [ 19.639366] ret_from_fork+0x10/0x20 [ 19.639438] [ 19.639468] The buggy address belongs to the virtual mapping at [ 19.639468] [ffff8000800fe000, ffff800080100000) created by: [ 19.639468] vmalloc_oob+0x98/0x5d0 [ 19.639568] [ 19.639625] The buggy address belongs to the physical page: [ 19.639660] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f38 [ 19.639879] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.640056] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.640112] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.640206] page dumped because: kasan: bad access detected [ 19.640240] [ 19.640262] Memory state around the buggy address: [ 19.640326] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.640574] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.640626] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.640688] ^ [ 19.640760] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.641037] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.641085] ================================================================== [ 19.641557] ================================================================== [ 19.641610] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.641783] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 19.642031] [ 19.642117] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.642352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.642484] Hardware name: linux,dummy-virt (DT) [ 19.642531] Call trace: [ 19.642554] show_stack+0x20/0x38 (C) [ 19.642627] dump_stack_lvl+0x8c/0xd0 [ 19.642674] print_report+0x310/0x608 [ 19.642954] kasan_report+0xdc/0x128 [ 19.643055] __asan_report_load1_noabort+0x20/0x30 [ 19.643110] vmalloc_oob+0x51c/0x5d0 [ 19.643230] kunit_try_run_case+0x170/0x3f0 [ 19.643280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.643368] kthread+0x328/0x630 [ 19.643414] ret_from_fork+0x10/0x20 [ 19.643462] [ 19.643489] The buggy address belongs to the virtual mapping at [ 19.643489] [ffff8000800fe000, ffff800080100000) created by: [ 19.643489] vmalloc_oob+0x98/0x5d0 [ 19.643920] [ 19.643970] The buggy address belongs to the physical page: [ 19.644115] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f38 [ 19.644231] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.644439] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.644549] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.644591] page dumped because: kasan: bad access detected [ 19.644645] [ 19.644686] Memory state around the buggy address: [ 19.644759] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.644890] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.644936] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.644995] ^ [ 19.645188] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.645289] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.645388] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.497669] ================================================================== [ 19.497835] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.499306] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.499381] [ 19.499416] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.499977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.500006] Hardware name: linux,dummy-virt (DT) [ 19.500060] Call trace: [ 19.500086] show_stack+0x20/0x38 (C) [ 19.500237] dump_stack_lvl+0x8c/0xd0 [ 19.500670] print_report+0x118/0x608 [ 19.501271] kasan_report+0xdc/0x128 [ 19.501891] kasan_check_range+0x100/0x1a8 [ 19.502793] __kasan_check_write+0x20/0x30 [ 19.502970] kasan_atomics_helper+0x11f8/0x4858 [ 19.503020] kasan_atomics+0x198/0x2e0 [ 19.503616] kunit_try_run_case+0x170/0x3f0 [ 19.505329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.505416] kthread+0x328/0x630 [ 19.505460] ret_from_fork+0x10/0x20 [ 19.505511] [ 19.505531] Allocated by task 266: [ 19.505560] kasan_save_stack+0x3c/0x68 [ 19.505612] kasan_save_track+0x20/0x40 [ 19.505651] kasan_save_alloc_info+0x40/0x58 [ 19.505693] __kasan_kmalloc+0xd4/0xd8 [ 19.505731] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.505772] kasan_atomics+0xb8/0x2e0 [ 19.505809] kunit_try_run_case+0x170/0x3f0 [ 19.505862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.507490] kthread+0x328/0x630 [ 19.507530] ret_from_fork+0x10/0x20 [ 19.507567] [ 19.507591] The buggy address belongs to the object at fff00000c5906f00 [ 19.507591] which belongs to the cache kmalloc-64 of size 64 [ 19.507652] The buggy address is located 0 bytes to the right of [ 19.507652] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.507725] [ 19.507748] The buggy address belongs to the physical page: [ 19.507781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.507835] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.507906] page_type: f5(slab) [ 19.507947] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.508006] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.509364] page dumped because: kasan: bad access detected [ 19.509398] [ 19.510151] Memory state around the buggy address: [ 19.510654] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.510719] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.510764] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.510807] ^ [ 19.510857] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.510901] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.510941] ================================================================== [ 19.524560] ================================================================== [ 19.524613] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.524668] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.524719] [ 19.524752] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.529472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.529905] Hardware name: linux,dummy-virt (DT) [ 19.530431] Call trace: [ 19.530529] show_stack+0x20/0x38 (C) [ 19.530940] dump_stack_lvl+0x8c/0xd0 [ 19.531804] print_report+0x118/0x608 [ 19.532111] kasan_report+0xdc/0x128 [ 19.534129] kasan_check_range+0x100/0x1a8 [ 19.534345] __kasan_check_write+0x20/0x30 [ 19.534445] kasan_atomics_helper+0x1384/0x4858 [ 19.535002] kasan_atomics+0x198/0x2e0 [ 19.535070] kunit_try_run_case+0x170/0x3f0 [ 19.535711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.535778] kthread+0x328/0x630 [ 19.535823] ret_from_fork+0x10/0x20 [ 19.535889] [ 19.535910] Allocated by task 266: [ 19.535939] kasan_save_stack+0x3c/0x68 [ 19.539099] kasan_save_track+0x20/0x40 [ 19.539193] kasan_save_alloc_info+0x40/0x58 [ 19.539239] __kasan_kmalloc+0xd4/0xd8 [ 19.539276] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.540143] kasan_atomics+0xb8/0x2e0 [ 19.540195] kunit_try_run_case+0x170/0x3f0 [ 19.541232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.541342] kthread+0x328/0x630 [ 19.542404] ret_from_fork+0x10/0x20 [ 19.543984] [ 19.544152] The buggy address belongs to the object at fff00000c5906f00 [ 19.544152] which belongs to the cache kmalloc-64 of size 64 [ 19.544475] The buggy address is located 0 bytes to the right of [ 19.544475] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.544634] [ 19.544741] The buggy address belongs to the physical page: [ 19.544933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.545170] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.545221] page_type: f5(slab) [ 19.545261] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.545661] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.546654] page dumped because: kasan: bad access detected [ 19.546707] [ 19.546744] Memory state around the buggy address: [ 19.548433] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.548487] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.548533] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.548694] ^ [ 19.548753] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.548899] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.549892] ================================================================== [ 19.397991] ================================================================== [ 19.398313] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.398395] Read of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.398463] [ 19.398497] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.398589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.398626] Hardware name: linux,dummy-virt (DT) [ 19.398659] Call trace: [ 19.398690] show_stack+0x20/0x38 (C) [ 19.398802] dump_stack_lvl+0x8c/0xd0 [ 19.398899] print_report+0x118/0x608 [ 19.398997] kasan_report+0xdc/0x128 [ 19.399333] kasan_check_range+0x100/0x1a8 [ 19.399422] __kasan_check_read+0x20/0x30 [ 19.399572] kasan_atomics_helper+0xdd4/0x4858 [ 19.401263] kasan_atomics+0x198/0x2e0 [ 19.401346] kunit_try_run_case+0x170/0x3f0 [ 19.401429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.401545] kthread+0x328/0x630 [ 19.401623] ret_from_fork+0x10/0x20 [ 19.401717] [ 19.401829] Allocated by task 266: [ 19.401911] kasan_save_stack+0x3c/0x68 [ 19.401984] kasan_save_track+0x20/0x40 [ 19.402137] kasan_save_alloc_info+0x40/0x58 [ 19.402203] __kasan_kmalloc+0xd4/0xd8 [ 19.402261] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.402301] kasan_atomics+0xb8/0x2e0 [ 19.402339] kunit_try_run_case+0x170/0x3f0 [ 19.402385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.402464] kthread+0x328/0x630 [ 19.402531] ret_from_fork+0x10/0x20 [ 19.402568] [ 19.402597] The buggy address belongs to the object at fff00000c5906f00 [ 19.402597] which belongs to the cache kmalloc-64 of size 64 [ 19.402680] The buggy address is located 0 bytes to the right of [ 19.402680] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.402777] [ 19.402801] The buggy address belongs to the physical page: [ 19.402833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.402896] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.402973] page_type: f5(slab) [ 19.403207] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.403271] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.403339] page dumped because: kasan: bad access detected [ 19.403373] [ 19.403393] Memory state around the buggy address: [ 19.403681] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.403787] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.404637] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.404690] ^ [ 19.404812] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.405228] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.405449] ================================================================== [ 19.597884] ================================================================== [ 19.597931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.597985] Read of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.598035] [ 19.598066] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.598276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.598324] Hardware name: linux,dummy-virt (DT) [ 19.598501] Call trace: [ 19.598525] show_stack+0x20/0x38 (C) [ 19.598575] dump_stack_lvl+0x8c/0xd0 [ 19.598623] print_report+0x118/0x608 [ 19.598670] kasan_report+0xdc/0x128 [ 19.598744] __asan_report_load8_noabort+0x20/0x30 [ 19.598798] kasan_atomics_helper+0x3df4/0x4858 [ 19.598857] kasan_atomics+0x198/0x2e0 [ 19.598904] kunit_try_run_case+0x170/0x3f0 [ 19.599167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.599548] kthread+0x328/0x630 [ 19.599595] ret_from_fork+0x10/0x20 [ 19.599644] [ 19.599664] Allocated by task 266: [ 19.599693] kasan_save_stack+0x3c/0x68 [ 19.599735] kasan_save_track+0x20/0x40 [ 19.599784] kasan_save_alloc_info+0x40/0x58 [ 19.599944] __kasan_kmalloc+0xd4/0xd8 [ 19.599994] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.600058] kasan_atomics+0xb8/0x2e0 [ 19.600097] kunit_try_run_case+0x170/0x3f0 [ 19.600136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.600181] kthread+0x328/0x630 [ 19.600214] ret_from_fork+0x10/0x20 [ 19.600251] [ 19.600271] The buggy address belongs to the object at fff00000c5906f00 [ 19.600271] which belongs to the cache kmalloc-64 of size 64 [ 19.600347] The buggy address is located 0 bytes to the right of [ 19.600347] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.600421] [ 19.600443] The buggy address belongs to the physical page: [ 19.600475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.600629] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.600701] page_type: f5(slab) [ 19.601158] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.601315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.601382] page dumped because: kasan: bad access detected [ 19.601485] [ 19.601517] Memory state around the buggy address: [ 19.601550] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.601595] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.601640] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.601681] ^ [ 19.601716] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.601757] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.601797] ================================================================== [ 19.551973] ================================================================== [ 19.552043] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.552283] Read of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.553448] [ 19.553553] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.553647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.553677] Hardware name: linux,dummy-virt (DT) [ 19.553712] Call trace: [ 19.553887] show_stack+0x20/0x38 (C) [ 19.553943] dump_stack_lvl+0x8c/0xd0 [ 19.553994] print_report+0x118/0x608 [ 19.554043] kasan_report+0xdc/0x128 [ 19.554089] __asan_report_load8_noabort+0x20/0x30 [ 19.554683] kasan_atomics_helper+0x3f04/0x4858 [ 19.554757] kasan_atomics+0x198/0x2e0 [ 19.555102] kunit_try_run_case+0x170/0x3f0 [ 19.555362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.555448] kthread+0x328/0x630 [ 19.555492] ret_from_fork+0x10/0x20 [ 19.555549] [ 19.555569] Allocated by task 266: [ 19.555599] kasan_save_stack+0x3c/0x68 [ 19.555811] kasan_save_track+0x20/0x40 [ 19.555861] kasan_save_alloc_info+0x40/0x58 [ 19.555904] __kasan_kmalloc+0xd4/0xd8 [ 19.555940] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.555981] kasan_atomics+0xb8/0x2e0 [ 19.556028] kunit_try_run_case+0x170/0x3f0 [ 19.556185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.556230] kthread+0x328/0x630 [ 19.556265] ret_from_fork+0x10/0x20 [ 19.556302] [ 19.556324] The buggy address belongs to the object at fff00000c5906f00 [ 19.556324] which belongs to the cache kmalloc-64 of size 64 [ 19.556384] The buggy address is located 0 bytes to the right of [ 19.556384] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.556450] [ 19.556472] The buggy address belongs to the physical page: [ 19.556507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.556562] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.556612] page_type: f5(slab) [ 19.556651] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.556704] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.556748] page dumped because: kasan: bad access detected [ 19.556780] [ 19.556801] Memory state around the buggy address: [ 19.556834] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.556890] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.556934] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.556976] ^ [ 19.557010] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.557054] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.557095] ================================================================== [ 19.391706] ================================================================== [ 19.391829] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.391902] Read of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.391979] [ 19.392010] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.392121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.392149] Hardware name: linux,dummy-virt (DT) [ 19.392183] Call trace: [ 19.392205] show_stack+0x20/0x38 (C) [ 19.392256] dump_stack_lvl+0x8c/0xd0 [ 19.392303] print_report+0x118/0x608 [ 19.392496] kasan_report+0xdc/0x128 [ 19.392556] __asan_report_load4_noabort+0x20/0x30 [ 19.392621] kasan_atomics_helper+0x3e04/0x4858 [ 19.392670] kasan_atomics+0x198/0x2e0 [ 19.392723] kunit_try_run_case+0x170/0x3f0 [ 19.392812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.392914] kthread+0x328/0x630 [ 19.393289] ret_from_fork+0x10/0x20 [ 19.393656] [ 19.393737] Allocated by task 266: [ 19.393807] kasan_save_stack+0x3c/0x68 [ 19.393958] kasan_save_track+0x20/0x40 [ 19.394011] kasan_save_alloc_info+0x40/0x58 [ 19.394052] __kasan_kmalloc+0xd4/0xd8 [ 19.394127] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.394450] kasan_atomics+0xb8/0x2e0 [ 19.394516] kunit_try_run_case+0x170/0x3f0 [ 19.394615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.394684] kthread+0x328/0x630 [ 19.395399] ret_from_fork+0x10/0x20 [ 19.395712] [ 19.395779] The buggy address belongs to the object at fff00000c5906f00 [ 19.395779] which belongs to the cache kmalloc-64 of size 64 [ 19.396463] The buggy address is located 0 bytes to the right of [ 19.396463] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.396538] [ 19.396562] The buggy address belongs to the physical page: [ 19.396595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.396650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.396700] page_type: f5(slab) [ 19.396740] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.396794] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.396835] page dumped because: kasan: bad access detected [ 19.396879] [ 19.396899] Memory state around the buggy address: [ 19.396931] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.396977] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.397024] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.397179] ^ [ 19.397302] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.397357] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.397438] ================================================================== [ 19.316253] ================================================================== [ 19.316453] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.316515] Write of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.316582] [ 19.316635] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.316946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.316988] Hardware name: linux,dummy-virt (DT) [ 19.317052] Call trace: [ 19.317078] show_stack+0x20/0x38 (C) [ 19.317165] dump_stack_lvl+0x8c/0xd0 [ 19.317263] print_report+0x118/0x608 [ 19.317312] kasan_report+0xdc/0x128 [ 19.317463] kasan_check_range+0x100/0x1a8 [ 19.317517] __kasan_check_write+0x20/0x30 [ 19.317717] kasan_atomics_helper+0xa6c/0x4858 [ 19.317779] kasan_atomics+0x198/0x2e0 [ 19.317826] kunit_try_run_case+0x170/0x3f0 [ 19.317887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.317942] kthread+0x328/0x630 [ 19.317986] ret_from_fork+0x10/0x20 [ 19.318035] [ 19.318055] Allocated by task 266: [ 19.318094] kasan_save_stack+0x3c/0x68 [ 19.318139] kasan_save_track+0x20/0x40 [ 19.318179] kasan_save_alloc_info+0x40/0x58 [ 19.318221] __kasan_kmalloc+0xd4/0xd8 [ 19.318260] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.318299] kasan_atomics+0xb8/0x2e0 [ 19.318335] kunit_try_run_case+0x170/0x3f0 [ 19.318384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.318429] kthread+0x328/0x630 [ 19.318463] ret_from_fork+0x10/0x20 [ 19.318502] [ 19.318522] The buggy address belongs to the object at fff00000c5906f00 [ 19.318522] which belongs to the cache kmalloc-64 of size 64 [ 19.318595] The buggy address is located 0 bytes to the right of [ 19.318595] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.318660] [ 19.319043] The buggy address belongs to the physical page: [ 19.319081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.319136] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.319186] page_type: f5(slab) [ 19.319225] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.319314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.319459] page dumped because: kasan: bad access detected [ 19.319561] [ 19.319594] Memory state around the buggy address: [ 19.319634] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.319678] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.320030] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.320174] ^ [ 19.320253] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.320338] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.321332] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 19.322184] kthread+0x328/0x630 [ 19.322450] __kasan_kmalloc+0xd4/0xd8 [ 19.322498] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.322540] kasan_atomics+0xb8/0x2e0 [ 19.322577] kunit_try_run_case+0x170/0x3f0 [ 19.322623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.322671] kthread+0x328/0x630 [ 19.322714] ret_from_fork+0x10/0x20 [ 19.323288] [ 19.323378] The buggy address belongs to the object at fff00000c5906f00 [ 19.323378] which belongs to the cache kmalloc-64 of size 64 [ 19.323451] The buggy address is located 0 bytes to the right of [ 19.323451] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.323515] [ 19.323537] The buggy address belongs to the physical page: [ 19.323567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.323621] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.323669] page_type: f5(slab) [ 19.323708] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.323759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.328382] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.328495] kasan_atomics+0xb8/0x2e0 [ 19.331894] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.331934] ================================================================== [ 19.196144] ================================================================== [ 19.196194] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 19.196393] Read of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.196581] [ 19.196639] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.196742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.196789] Hardware name: linux,dummy-virt (DT) [ 19.196824] Call trace: [ 19.196877] show_stack+0x20/0x38 (C) [ 19.196957] dump_stack_lvl+0x8c/0xd0 [ 19.197024] print_report+0x118/0x608 [ 19.197089] kasan_report+0xdc/0x128 [ 19.197138] __asan_report_load4_noabort+0x20/0x30 [ 19.197192] kasan_atomics_helper+0x40fc/0x4858 [ 19.197366] kasan_atomics+0x198/0x2e0 [ 19.197442] kunit_try_run_case+0x170/0x3f0 [ 19.197629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.197736] kthread+0x328/0x630 [ 19.197810] ret_from_fork+0x10/0x20 [ 19.197890] [ 19.197930] Allocated by task 266: [ 19.197978] kasan_save_stack+0x3c/0x68 [ 19.198023] kasan_save_track+0x20/0x40 [ 19.198077] kasan_save_alloc_info+0x40/0x58 [ 19.198157] __kasan_kmalloc+0xd4/0xd8 [ 19.198213] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.198258] kasan_atomics+0xb8/0x2e0 [ 19.198295] kunit_try_run_case+0x170/0x3f0 [ 19.198333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.198378] kthread+0x328/0x630 [ 19.198583] ret_from_fork+0x10/0x20 [ 19.198644] [ 19.198823] The buggy address belongs to the object at fff00000c5906f00 [ 19.198823] which belongs to the cache kmalloc-64 of size 64 [ 19.198988] The buggy address is located 0 bytes to the right of [ 19.198988] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.199091] [ 19.199160] The buggy address belongs to the physical page: [ 19.199221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.199343] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.199459] page_type: f5(slab) [ 19.199579] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.199632] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.199675] page dumped because: kasan: bad access detected [ 19.199707] [ 19.199779] Memory state around the buggy address: [ 19.199813] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.199866] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.199911] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.200077] ^ [ 19.200199] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.200326] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.200412] ================================================================== [ 19.221499] ================================================================== [ 19.224027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 19.228130] The buggy address is located 0 bytes to the right of [ 19.228130] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.229682] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.230646] ================================================================== [ 19.590568] ================================================================== [ 19.590616] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.590665] Read of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.590745] [ 19.590778] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.590892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.590922] Hardware name: linux,dummy-virt (DT) [ 19.590956] Call trace: [ 19.590978] show_stack+0x20/0x38 (C) [ 19.591030] dump_stack_lvl+0x8c/0xd0 [ 19.591118] print_report+0x118/0x608 [ 19.591167] kasan_report+0xdc/0x128 [ 19.591258] __asan_report_load8_noabort+0x20/0x30 [ 19.591313] kasan_atomics_helper+0x3db0/0x4858 [ 19.591366] kasan_atomics+0x198/0x2e0 [ 19.591433] kunit_try_run_case+0x170/0x3f0 [ 19.591695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.591832] kthread+0x328/0x630 [ 19.591913] ret_from_fork+0x10/0x20 [ 19.592016] [ 19.592042] Allocated by task 266: [ 19.592071] kasan_save_stack+0x3c/0x68 [ 19.592263] kasan_save_track+0x20/0x40 [ 19.592355] kasan_save_alloc_info+0x40/0x58 [ 19.592535] __kasan_kmalloc+0xd4/0xd8 [ 19.592593] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.592672] kasan_atomics+0xb8/0x2e0 [ 19.592757] kunit_try_run_case+0x170/0x3f0 [ 19.592873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.592917] kthread+0x328/0x630 [ 19.592951] ret_from_fork+0x10/0x20 [ 19.592987] [ 19.593009] The buggy address belongs to the object at fff00000c5906f00 [ 19.593009] which belongs to the cache kmalloc-64 of size 64 [ 19.593067] The buggy address is located 0 bytes to the right of [ 19.593067] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.593134] [ 19.593156] The buggy address belongs to the physical page: [ 19.593187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.593241] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.593291] page_type: f5(slab) [ 19.593330] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.593382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.593425] page dumped because: kasan: bad access detected [ 19.593458] [ 19.593489] Memory state around the buggy address: [ 19.593606] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.593652] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.593696] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.593737] ^ [ 19.593771] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.593814] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.593863] ================================================================== [ 19.617646] ================================================================== [ 19.617692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.617741] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.617812] [ 19.617881] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.617965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.617993] Hardware name: linux,dummy-virt (DT) [ 19.618025] Call trace: [ 19.618047] show_stack+0x20/0x38 (C) [ 19.618094] dump_stack_lvl+0x8c/0xd0 [ 19.618141] print_report+0x118/0x608 [ 19.618201] kasan_report+0xdc/0x128 [ 19.618249] kasan_check_range+0x100/0x1a8 [ 19.618299] __kasan_check_write+0x20/0x30 [ 19.618344] kasan_atomics_helper+0x17ec/0x4858 [ 19.618394] kasan_atomics+0x198/0x2e0 [ 19.618439] kunit_try_run_case+0x170/0x3f0 [ 19.618487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.618651] kthread+0x328/0x630 [ 19.618735] ret_from_fork+0x10/0x20 [ 19.618882] [ 19.618902] Allocated by task 266: [ 19.619024] kasan_save_stack+0x3c/0x68 [ 19.619151] kasan_save_track+0x20/0x40 [ 19.619193] kasan_save_alloc_info+0x40/0x58 [ 19.619260] __kasan_kmalloc+0xd4/0xd8 [ 19.619299] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.619345] kasan_atomics+0xb8/0x2e0 [ 19.619383] kunit_try_run_case+0x170/0x3f0 [ 19.619422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.619466] kthread+0x328/0x630 [ 19.619501] ret_from_fork+0x10/0x20 [ 19.619538] [ 19.619559] The buggy address belongs to the object at fff00000c5906f00 [ 19.619559] which belongs to the cache kmalloc-64 of size 64 [ 19.619616] The buggy address is located 0 bytes to the right of [ 19.619616] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.619681] [ 19.619704] The buggy address belongs to the physical page: [ 19.619735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.619829] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.620042] page_type: f5(slab) [ 19.620465] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.620533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.620621] page dumped because: kasan: bad access detected [ 19.620679] [ 19.620699] Memory state around the buggy address: [ 19.620780] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.620825] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.620879] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.620925] ^ [ 19.620959] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.621004] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.621042] ================================================================== [ 19.201354] ================================================================== [ 19.201406] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 19.201528] Write of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.206295] Memory state around the buggy address: [ 19.207026] ================================================================== [ 19.453499] ================================================================== [ 19.453926] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.454010] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.454142] [ 19.454191] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.454279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.454542] Hardware name: linux,dummy-virt (DT) [ 19.454592] Call trace: [ 19.454624] show_stack+0x20/0x38 (C) [ 19.454755] dump_stack_lvl+0x8c/0xd0 [ 19.454976] print_report+0x118/0x608 [ 19.455030] kasan_report+0xdc/0x128 [ 19.455085] kasan_check_range+0x100/0x1a8 [ 19.455137] __kasan_check_write+0x20/0x30 [ 19.455182] kasan_atomics_helper+0xff0/0x4858 [ 19.455232] kasan_atomics+0x198/0x2e0 [ 19.455278] kunit_try_run_case+0x170/0x3f0 [ 19.455340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.455395] kthread+0x328/0x630 [ 19.455437] ret_from_fork+0x10/0x20 [ 19.455487] [ 19.455507] Allocated by task 266: [ 19.455537] kasan_save_stack+0x3c/0x68 [ 19.455581] kasan_save_track+0x20/0x40 [ 19.455619] kasan_save_alloc_info+0x40/0x58 [ 19.455666] __kasan_kmalloc+0xd4/0xd8 [ 19.455706] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.455745] kasan_atomics+0xb8/0x2e0 [ 19.455782] kunit_try_run_case+0x170/0x3f0 [ 19.455822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.455876] kthread+0x328/0x630 [ 19.455911] ret_from_fork+0x10/0x20 [ 19.455948] [ 19.455971] The buggy address belongs to the object at fff00000c5906f00 [ 19.455971] which belongs to the cache kmalloc-64 of size 64 [ 19.456030] The buggy address is located 0 bytes to the right of [ 19.456030] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.456094] [ 19.456116] The buggy address belongs to the physical page: [ 19.456149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.456204] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.456262] page_type: f5(slab) [ 19.456300] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.456353] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.456396] page dumped because: kasan: bad access detected [ 19.456429] [ 19.456448] Memory state around the buggy address: [ 19.456481] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.456527] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.456650] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.456691] ^ [ 19.456727] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.456768] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.456831] ================================================================== [ 19.584182] ================================================================== [ 19.584233] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.584286] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.584338] [ 19.584369] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.584451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.584480] Hardware name: linux,dummy-virt (DT) [ 19.584521] Call trace: [ 19.584646] show_stack+0x20/0x38 (C) [ 19.584702] dump_stack_lvl+0x8c/0xd0 [ 19.584881] print_report+0x118/0x608 [ 19.585134] kasan_report+0xdc/0x128 [ 19.585383] kasan_check_range+0x100/0x1a8 [ 19.585561] __kasan_check_write+0x20/0x30 [ 19.585664] kasan_atomics_helper+0x15b4/0x4858 [ 19.586121] kasan_atomics+0x198/0x2e0 [ 19.586214] kunit_try_run_case+0x170/0x3f0 [ 19.586482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.586620] kthread+0x328/0x630 [ 19.586665] ret_from_fork+0x10/0x20 [ 19.587054] [ 19.587148] Allocated by task 266: [ 19.587226] kasan_save_stack+0x3c/0x68 [ 19.587321] kasan_save_track+0x20/0x40 [ 19.587551] kasan_save_alloc_info+0x40/0x58 [ 19.588430] __kasan_kmalloc+0xd4/0xd8 [ 19.588513] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.588904] kasan_atomics+0xb8/0x2e0 [ 19.589059] kunit_try_run_case+0x170/0x3f0 [ 19.589180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.589227] kthread+0x328/0x630 [ 19.589322] ret_from_fork+0x10/0x20 [ 19.589379] [ 19.589402] The buggy address belongs to the object at fff00000c5906f00 [ 19.589402] which belongs to the cache kmalloc-64 of size 64 [ 19.589462] The buggy address is located 0 bytes to the right of [ 19.589462] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.589527] [ 19.589548] The buggy address belongs to the physical page: [ 19.589581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.589633] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.589683] page_type: f5(slab) [ 19.589722] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.589836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.589890] page dumped because: kasan: bad access detected [ 19.589924] [ 19.589945] Memory state around the buggy address: [ 19.589989] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.590034] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.590080] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.590121] ^ [ 19.590153] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.590203] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.590350] ================================================================== [ 19.407738] ================================================================== [ 19.407942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.408124] Read of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.408179] [ 19.408235] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.408329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.408357] Hardware name: linux,dummy-virt (DT) [ 19.408391] Call trace: [ 19.408414] show_stack+0x20/0x38 (C) [ 19.408472] dump_stack_lvl+0x8c/0xd0 [ 19.408521] print_report+0x118/0x608 [ 19.408570] kasan_report+0xdc/0x128 [ 19.408616] __asan_report_load8_noabort+0x20/0x30 [ 19.408669] kasan_atomics_helper+0x3f58/0x4858 [ 19.408717] kasan_atomics+0x198/0x2e0 [ 19.408765] kunit_try_run_case+0x170/0x3f0 [ 19.408823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.408892] kthread+0x328/0x630 [ 19.408935] ret_from_fork+0x10/0x20 [ 19.408983] [ 19.409004] Allocated by task 266: [ 19.409034] kasan_save_stack+0x3c/0x68 [ 19.409096] kasan_save_track+0x20/0x40 [ 19.409137] kasan_save_alloc_info+0x40/0x58 [ 19.409178] __kasan_kmalloc+0xd4/0xd8 [ 19.409223] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.409264] kasan_atomics+0xb8/0x2e0 [ 19.409301] kunit_try_run_case+0x170/0x3f0 [ 19.409340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.409385] kthread+0x328/0x630 [ 19.409419] ret_from_fork+0x10/0x20 [ 19.409455] [ 19.409478] The buggy address belongs to the object at fff00000c5906f00 [ 19.409478] which belongs to the cache kmalloc-64 of size 64 [ 19.409536] The buggy address is located 0 bytes to the right of [ 19.409536] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.409602] [ 19.409633] The buggy address belongs to the physical page: [ 19.409666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.409721] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.409775] page_type: f5(slab) [ 19.409823] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.409893] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.410181] page dumped because: kasan: bad access detected [ 19.410230] [ 19.410953] Memory state around the buggy address: [ 19.411123] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.411171] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.411217] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.411257] ^ [ 19.411292] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.411346] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.411387] ================================================================== [ 19.344776] ================================================================== [ 19.344862] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858 [ 19.344955] Write of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.345036] [ 19.345081] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.345172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.345226] Hardware name: linux,dummy-virt (DT) [ 19.345259] Call trace: [ 19.345300] show_stack+0x20/0x38 (C) [ 19.345350] dump_stack_lvl+0x8c/0xd0 [ 19.345400] print_report+0x118/0x608 [ 19.345449] kasan_report+0xdc/0x128 [ 19.345495] kasan_check_range+0x100/0x1a8 [ 19.345544] __kasan_check_write+0x20/0x30 [ 19.345593] kasan_atomics_helper+0xc08/0x4858 [ 19.346003] kasan_atomics+0x198/0x2e0 [ 19.346400] kunit_try_run_case+0x170/0x3f0 [ 19.346673] [ 19.346820] kasan_save_stack+0x3c/0x68 [ 19.347798] kunit_try_run_case+0x170/0x3f0 [ 19.347876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.348384] kthread+0x328/0x630 [ 19.348577] ret_from_fork+0x10/0x20 [ 19.348672] [ 19.348694] The buggy address belongs to the object at fff00000c5906f00 [ 19.348694] which belongs to the cache kmalloc-64 of size 64 [ 19.349626] The buggy address belongs to the physical page: [ 19.350048] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.351377] page dumped because: kasan: bad access detected [ 19.351648] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.352336] ^ [ 19.357828] kthread+0x328/0x630 [ 19.357974] ret_from_fork+0x10/0x20 [ 19.358017] [ 19.358038] The buggy address belongs to the object at fff00000c5906f00 [ 19.358038] which belongs to the cache kmalloc-64 of size 64 [ 19.358110] The buggy address is located 0 bytes to the right of [ 19.358110] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.358485] [ 19.358658] The buggy address belongs to the physical page: [ 19.358890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.359217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.359496] page_type: f5(slab) [ 19.359649] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.359731] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.360070] page dumped because: kasan: bad access detected [ 19.360192] [ 19.360475] Memory state around the buggy address: [ 19.360715] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.360859] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.360905] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.360944] ^ [ 19.360979] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.361024] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.361983] ================================================================== [ 19.576275] ================================================================== [ 19.576323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.576370] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.576420] [ 19.576457] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.576759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.576787] Hardware name: linux,dummy-virt (DT) [ 19.576820] Call trace: [ 19.576854] show_stack+0x20/0x38 (C) [ 19.576903] dump_stack_lvl+0x8c/0xd0 [ 19.576953] print_report+0x118/0x608 [ 19.577000] kasan_report+0xdc/0x128 [ 19.577046] kasan_check_range+0x100/0x1a8 [ 19.577096] __kasan_check_write+0x20/0x30 [ 19.577141] kasan_atomics_helper+0x154c/0x4858 [ 19.577191] kasan_atomics+0x198/0x2e0 [ 19.577242] kunit_try_run_case+0x170/0x3f0 [ 19.577288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.577341] kthread+0x328/0x630 [ 19.577392] ret_from_fork+0x10/0x20 [ 19.578935] [ 19.579595] Allocated by task 266: [ 19.579763] kasan_save_stack+0x3c/0x68 [ 19.579993] kasan_save_track+0x20/0x40 [ 19.580037] kasan_save_alloc_info+0x40/0x58 [ 19.580166] __kasan_kmalloc+0xd4/0xd8 [ 19.580323] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.580517] kasan_atomics+0xb8/0x2e0 [ 19.580562] kunit_try_run_case+0x170/0x3f0 [ 19.580600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.580646] kthread+0x328/0x630 [ 19.580907] ret_from_fork+0x10/0x20 [ 19.581081] [ 19.581106] The buggy address belongs to the object at fff00000c5906f00 [ 19.581106] which belongs to the cache kmalloc-64 of size 64 [ 19.581245] The buggy address is located 0 bytes to the right of [ 19.581245] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.581735] [ 19.581889] The buggy address belongs to the physical page: [ 19.582024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.582080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.582227] page_type: f5(slab) [ 19.582267] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.582320] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.582416] page dumped because: kasan: bad access detected [ 19.582570] [ 19.582591] Memory state around the buggy address: [ 19.582624] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.582788] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.582834] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.582884] ^ [ 19.582917] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.583110] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.583341] ================================================================== [ 19.594080] ================================================================== [ 19.594135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.594182] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.594232] [ 19.594264] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.594428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.594489] Hardware name: linux,dummy-virt (DT) [ 19.594546] Call trace: [ 19.594920] show_stack+0x20/0x38 (C) [ 19.594975] dump_stack_lvl+0x8c/0xd0 [ 19.595024] print_report+0x118/0x608 [ 19.595070] kasan_report+0xdc/0x128 [ 19.595141] kasan_check_range+0x100/0x1a8 [ 19.595368] __kasan_check_write+0x20/0x30 [ 19.595513] kasan_atomics_helper+0x1644/0x4858 [ 19.595563] kasan_atomics+0x198/0x2e0 [ 19.595612] kunit_try_run_case+0x170/0x3f0 [ 19.595682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.595737] kthread+0x328/0x630 [ 19.595779] ret_from_fork+0x10/0x20 [ 19.595828] [ 19.595858] Allocated by task 266: [ 19.595886] kasan_save_stack+0x3c/0x68 [ 19.595928] kasan_save_track+0x20/0x40 [ 19.595966] kasan_save_alloc_info+0x40/0x58 [ 19.596008] __kasan_kmalloc+0xd4/0xd8 [ 19.596071] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.596279] kasan_atomics+0xb8/0x2e0 [ 19.596458] kunit_try_run_case+0x170/0x3f0 [ 19.596499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.596591] kthread+0x328/0x630 [ 19.596627] ret_from_fork+0x10/0x20 [ 19.596663] [ 19.596737] The buggy address belongs to the object at fff00000c5906f00 [ 19.596737] which belongs to the cache kmalloc-64 of size 64 [ 19.596869] The buggy address is located 0 bytes to the right of [ 19.596869] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.596935] [ 19.596958] The buggy address belongs to the physical page: [ 19.596990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.597042] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.597092] page_type: f5(slab) [ 19.597133] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.597186] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.597229] page dumped because: kasan: bad access detected [ 19.597264] [ 19.597285] Memory state around the buggy address: [ 19.597318] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.597363] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.597448] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.597490] ^ [ 19.597524] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.597624] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.597664] ================================================================== [ 19.421597] ================================================================== [ 19.421651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.421704] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.421755] [ 19.421789] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.421896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.422137] Hardware name: linux,dummy-virt (DT) [ 19.422276] Call trace: [ 19.422306] show_stack+0x20/0x38 (C) [ 19.422360] dump_stack_lvl+0x8c/0xd0 [ 19.422418] print_report+0x118/0x608 [ 19.422466] kasan_report+0xdc/0x128 [ 19.422515] __asan_report_store8_noabort+0x20/0x30 [ 19.422568] kasan_atomics_helper+0x3e5c/0x4858 [ 19.422621] kasan_atomics+0x198/0x2e0 [ 19.422669] kunit_try_run_case+0x170/0x3f0 [ 19.422725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.422781] kthread+0x328/0x630 [ 19.423219] ret_from_fork+0x10/0x20 [ 19.423518] [ 19.423541] Allocated by task 266: [ 19.423736] kasan_save_stack+0x3c/0x68 [ 19.423917] kasan_save_track+0x20/0x40 [ 19.424372] kasan_save_alloc_info+0x40/0x58 [ 19.424650] __kasan_kmalloc+0xd4/0xd8 [ 19.424763] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.424860] kasan_atomics+0xb8/0x2e0 [ 19.424974] kunit_try_run_case+0x170/0x3f0 [ 19.425015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.425061] kthread+0x328/0x630 [ 19.425094] ret_from_fork+0x10/0x20 [ 19.425133] [ 19.425165] The buggy address belongs to the object at fff00000c5906f00 [ 19.425165] which belongs to the cache kmalloc-64 of size 64 [ 19.425225] The buggy address is located 0 bytes to the right of [ 19.425225] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.425290] [ 19.425330] The buggy address belongs to the physical page: [ 19.425382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.425445] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.425507] page_type: f5(slab) [ 19.425547] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.425599] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.425652] page dumped because: kasan: bad access detected [ 19.425707] [ 19.425726] Memory state around the buggy address: [ 19.425760] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.425803] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.426074] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.426228] ^ [ 19.426268] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.426355] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.426420] ================================================================== [ 19.609383] ================================================================== [ 19.609431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.609479] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.609531] [ 19.609563] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.609647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.609676] Hardware name: linux,dummy-virt (DT) [ 19.609716] Call trace: [ 19.609836] show_stack+0x20/0x38 (C) [ 19.610090] dump_stack_lvl+0x8c/0xd0 [ 19.610346] print_report+0x118/0x608 [ 19.610522] kasan_report+0xdc/0x128 [ 19.610598] kasan_check_range+0x100/0x1a8 [ 19.610654] __kasan_check_write+0x20/0x30 [ 19.610786] kasan_atomics_helper+0x175c/0x4858 [ 19.610835] kasan_atomics+0x198/0x2e0 [ 19.610891] kunit_try_run_case+0x170/0x3f0 [ 19.610940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.610993] kthread+0x328/0x630 [ 19.611036] ret_from_fork+0x10/0x20 [ 19.611085] [ 19.611105] Allocated by task 266: [ 19.611133] kasan_save_stack+0x3c/0x68 [ 19.611175] kasan_save_track+0x20/0x40 [ 19.611213] kasan_save_alloc_info+0x40/0x58 [ 19.611255] __kasan_kmalloc+0xd4/0xd8 [ 19.611292] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.611341] kasan_atomics+0xb8/0x2e0 [ 19.611377] kunit_try_run_case+0x170/0x3f0 [ 19.611416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.611462] kthread+0x328/0x630 [ 19.611512] ret_from_fork+0x10/0x20 [ 19.611548] [ 19.611622] The buggy address belongs to the object at fff00000c5906f00 [ 19.611622] which belongs to the cache kmalloc-64 of size 64 [ 19.611715] The buggy address is located 0 bytes to the right of [ 19.611715] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.611782] [ 19.611807] The buggy address belongs to the physical page: [ 19.611848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.611901] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.611950] page_type: f5(slab) [ 19.612029] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.612229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.612340] page dumped because: kasan: bad access detected [ 19.612387] [ 19.612406] Memory state around the buggy address: [ 19.612451] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.612498] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.612552] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.612592] ^ [ 19.612627] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.612718] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.612761] ================================================================== [ 19.369478] ================================================================== [ 19.369541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.369815] Read of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.370173] [ 19.370452] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.370584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.370612] Hardware name: linux,dummy-virt (DT) [ 19.370648] Call trace: [ 19.370670] show_stack+0x20/0x38 (C) [ 19.370725] dump_stack_lvl+0x8c/0xd0 [ 19.370773] print_report+0x118/0x608 [ 19.370821] kasan_report+0xdc/0x128 [ 19.372282] __asan_report_load4_noabort+0x20/0x30 [ 19.372816] kasan_atomics_helper+0x3dd8/0x4858 [ 19.373238] kasan_atomics+0x198/0x2e0 [ 19.373652] kunit_try_run_case+0x170/0x3f0 [ 19.373738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.374197] kthread+0x328/0x630 [ 19.374268] ret_from_fork+0x10/0x20 [ 19.374904] [ 19.374969] Allocated by task 266: [ 19.375003] kasan_save_stack+0x3c/0x68 [ 19.375650] kasan_save_track+0x20/0x40 [ 19.376194] kasan_save_alloc_info+0x40/0x58 [ 19.376250] __kasan_kmalloc+0xd4/0xd8 [ 19.376805] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.376876] kasan_atomics+0xb8/0x2e0 [ 19.377566] kunit_try_run_case+0x170/0x3f0 [ 19.377949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.378259] kthread+0x328/0x630 [ 19.378590] ret_from_fork+0x10/0x20 [ 19.379537] [ 19.379567] The buggy address belongs to the object at fff00000c5906f00 [ 19.379567] which belongs to the cache kmalloc-64 of size 64 [ 19.379633] The buggy address is located 0 bytes to the right of [ 19.379633] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.379699] [ 19.379720] The buggy address belongs to the physical page: [ 19.379755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.380870] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.381363] page_type: f5(slab) [ 19.381683] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.381740] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.381782] page dumped because: kasan: bad access detected [ 19.383250] [ 19.383445] Memory state around the buggy address: [ 19.383483] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.383927] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.384266] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.384943] ^ [ 19.384995] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.385043] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.385085] ================================================================== [ 19.565476] ================================================================== [ 19.565529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.565581] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.565632] [ 19.565873] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.566141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.566171] Hardware name: linux,dummy-virt (DT) [ 19.566206] Call trace: [ 19.566230] show_stack+0x20/0x38 (C) [ 19.566282] dump_stack_lvl+0x8c/0xd0 [ 19.566328] print_report+0x118/0x608 [ 19.566377] kasan_report+0xdc/0x128 [ 19.566424] kasan_check_range+0x100/0x1a8 [ 19.566475] __kasan_check_write+0x20/0x30 [ 19.566520] kasan_atomics_helper+0x147c/0x4858 [ 19.566570] kasan_atomics+0x198/0x2e0 [ 19.566616] kunit_try_run_case+0x170/0x3f0 [ 19.566664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.566727] kthread+0x328/0x630 [ 19.566771] ret_from_fork+0x10/0x20 [ 19.566819] [ 19.566847] Allocated by task 266: [ 19.566877] kasan_save_stack+0x3c/0x68 [ 19.566917] kasan_save_track+0x20/0x40 [ 19.566958] kasan_save_alloc_info+0x40/0x58 [ 19.567487] __kasan_kmalloc+0xd4/0xd8 [ 19.567573] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.567613] kasan_atomics+0xb8/0x2e0 [ 19.567663] kunit_try_run_case+0x170/0x3f0 [ 19.567761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.567827] kthread+0x328/0x630 [ 19.567875] ret_from_fork+0x10/0x20 [ 19.567915] [ 19.567938] The buggy address belongs to the object at fff00000c5906f00 [ 19.567938] which belongs to the cache kmalloc-64 of size 64 [ 19.568108] The buggy address is located 0 bytes to the right of [ 19.568108] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.568256] [ 19.568332] The buggy address belongs to the physical page: [ 19.568410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.568751] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.568809] page_type: f5(slab) [ 19.569026] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.569092] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.569175] page dumped because: kasan: bad access detected [ 19.569262] [ 19.569307] Memory state around the buggy address: [ 19.569373] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.569418] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.569675] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.569721] ^ [ 19.569754] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.569798] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.569837] ================================================================== [ 19.612941] ================================================================== [ 19.612989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.613038] Read of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.613089] [ 19.613119] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.613199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.613228] Hardware name: linux,dummy-virt (DT) [ 19.613347] Call trace: [ 19.613485] show_stack+0x20/0x38 (C) [ 19.613535] dump_stack_lvl+0x8c/0xd0 [ 19.613590] print_report+0x118/0x608 [ 19.613902] kasan_report+0xdc/0x128 [ 19.614108] __asan_report_load8_noabort+0x20/0x30 [ 19.614278] kasan_atomics_helper+0x3e20/0x4858 [ 19.614428] kasan_atomics+0x198/0x2e0 [ 19.614482] kunit_try_run_case+0x170/0x3f0 [ 19.614531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.614586] kthread+0x328/0x630 [ 19.614630] ret_from_fork+0x10/0x20 [ 19.614678] [ 19.614754] Allocated by task 266: [ 19.614827] kasan_save_stack+0x3c/0x68 [ 19.614928] kasan_save_track+0x20/0x40 [ 19.615416] kasan_save_alloc_info+0x40/0x58 [ 19.615554] __kasan_kmalloc+0xd4/0xd8 [ 19.615612] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.615795] kasan_atomics+0xb8/0x2e0 [ 19.615833] kunit_try_run_case+0x170/0x3f0 [ 19.615882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.615965] kthread+0x328/0x630 [ 19.616141] ret_from_fork+0x10/0x20 [ 19.616244] [ 19.616264] The buggy address belongs to the object at fff00000c5906f00 [ 19.616264] which belongs to the cache kmalloc-64 of size 64 [ 19.616442] The buggy address is located 0 bytes to the right of [ 19.616442] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.616508] [ 19.616556] The buggy address belongs to the physical page: [ 19.616717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.616874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.616925] page_type: f5(slab) [ 19.616964] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.617014] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.617064] page dumped because: kasan: bad access detected [ 19.617098] [ 19.617117] Memory state around the buggy address: [ 19.617150] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.617196] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.617240] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.617281] ^ [ 19.617315] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.617362] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.617401] ================================================================== [ 19.293606] ================================================================== [ 19.293659] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.293749] Read of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.293857] [ 19.293892] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.293974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.294003] Hardware name: linux,dummy-virt (DT) [ 19.294177] Call trace: [ 19.294715] kasan_atomics_helper+0x42d8/0x4858 [ 19.296603] kasan_atomics+0xb8/0x2e0 [ 19.297860] [ 19.298087] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.298559] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.300254] dump_stack_lvl+0x8c/0xd0 [ 19.300303] print_report+0x118/0x608 [ 19.300351] kasan_report+0xdc/0x128 [ 19.300399] kasan_check_range+0x100/0x1a8 [ 19.300447] __kasan_check_write+0x20/0x30 [ 19.300626] kasan_atomics_helper+0x934/0x4858 [ 19.300684] kasan_atomics+0x198/0x2e0 [ 19.300825] kunit_try_run_case+0x170/0x3f0 [ 19.300898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.301061] kthread+0x328/0x630 [ 19.301105] ret_from_fork+0x10/0x20 [ 19.301153] [ 19.301173] Allocated by task 266: [ 19.301203] kasan_save_stack+0x3c/0x68 [ 19.301273] kasan_save_track+0x20/0x40 [ 19.301401] kasan_save_alloc_info+0x40/0x58 [ 19.301539] __kasan_kmalloc+0xd4/0xd8 [ 19.301578] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.301688] kasan_atomics+0xb8/0x2e0 [ 19.301744] kunit_try_run_case+0x170/0x3f0 [ 19.301783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.301832] kthread+0x328/0x630 [ 19.301876] ret_from_fork+0x10/0x20 [ 19.301912] [ 19.301933] The buggy address belongs to the object at fff00000c5906f00 [ 19.301933] which belongs to the cache kmalloc-64 of size 64 [ 19.302290] The buggy address is located 0 bytes to the right of [ 19.302290] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.302371] [ 19.302403] The buggy address belongs to the physical page: [ 19.302437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.302654] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.302707] page_type: f5(slab) [ 19.302748] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.302922] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.303033] page dumped because: kasan: bad access detected [ 19.303093] [ 19.303113] Memory state around the buggy address: [ 19.303148] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.303350] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.303397] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.303637] ^ [ 19.303729] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.303864] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.304049] ================================================================== [ 19.466132] ================================================================== [ 19.466188] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.466339] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.466414] [ 19.466460] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.467101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.467143] Hardware name: linux,dummy-virt (DT) [ 19.467176] Call trace: [ 19.467208] show_stack+0x20/0x38 (C) [ 19.467424] dump_stack_lvl+0x8c/0xd0 [ 19.468972] print_report+0x118/0x608 [ 19.469036] kasan_report+0xdc/0x128 [ 19.469086] kasan_check_range+0x100/0x1a8 [ 19.469135] __kasan_check_write+0x20/0x30 [ 19.469184] kasan_atomics_helper+0x10c0/0x4858 [ 19.469236] kasan_atomics+0x198/0x2e0 [ 19.469282] kunit_try_run_case+0x170/0x3f0 [ 19.469332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.469386] kthread+0x328/0x630 [ 19.469429] ret_from_fork+0x10/0x20 [ 19.469479] [ 19.469499] Allocated by task 266: [ 19.469529] kasan_save_stack+0x3c/0x68 [ 19.469573] kasan_save_track+0x20/0x40 [ 19.469610] kasan_save_alloc_info+0x40/0x58 [ 19.469652] __kasan_kmalloc+0xd4/0xd8 [ 19.469689] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.469731] kasan_atomics+0xb8/0x2e0 [ 19.469768] kunit_try_run_case+0x170/0x3f0 [ 19.469806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.469861] kthread+0x328/0x630 [ 19.469958] ret_from_fork+0x10/0x20 [ 19.469996] [ 19.470076] The buggy address belongs to the object at fff00000c5906f00 [ 19.470076] which belongs to the cache kmalloc-64 of size 64 [ 19.470433] The buggy address is located 0 bytes to the right of [ 19.470433] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.470503] [ 19.470553] The buggy address belongs to the physical page: [ 19.470667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.470792] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.470892] page_type: f5(slab) [ 19.470980] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.471188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.471272] page dumped because: kasan: bad access detected [ 19.471418] [ 19.471512] Memory state around the buggy address: [ 19.471581] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.471667] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.471753] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.471858] ^ [ 19.471892] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.471963] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.472003] ================================================================== [ 19.488929] ================================================================== [ 19.489026] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.489252] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.489326] [ 19.489489] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.489585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.489614] Hardware name: linux,dummy-virt (DT) [ 19.489647] Call trace: [ 19.489670] show_stack+0x20/0x38 (C) [ 19.489720] dump_stack_lvl+0x8c/0xd0 [ 19.489775] print_report+0x118/0x608 [ 19.490240] kasan_report+0xdc/0x128 [ 19.490494] kasan_check_range+0x100/0x1a8 [ 19.490557] __kasan_check_write+0x20/0x30 [ 19.490609] kasan_atomics_helper+0x1190/0x4858 [ 19.490662] kasan_atomics+0x198/0x2e0 [ 19.491289] kunit_try_run_case+0x170/0x3f0 [ 19.491628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.492149] kthread+0x328/0x630 [ 19.492194] ret_from_fork+0x10/0x20 [ 19.492242] [ 19.492263] Allocated by task 266: [ 19.492414] kasan_save_stack+0x3c/0x68 [ 19.492465] kasan_save_track+0x20/0x40 [ 19.492505] kasan_save_alloc_info+0x40/0x58 [ 19.492597] __kasan_kmalloc+0xd4/0xd8 [ 19.492726] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.492767] kasan_atomics+0xb8/0x2e0 [ 19.493808] kunit_try_run_case+0x170/0x3f0 [ 19.493897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.493944] kthread+0x328/0x630 [ 19.493977] ret_from_fork+0x10/0x20 [ 19.494253] [ 19.494299] The buggy address belongs to the object at fff00000c5906f00 [ 19.494299] which belongs to the cache kmalloc-64 of size 64 [ 19.494360] The buggy address is located 0 bytes to the right of [ 19.494360] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.494426] [ 19.494454] The buggy address belongs to the physical page: [ 19.494487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.494729] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.494785] page_type: f5(slab) [ 19.494999] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.495204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.495249] page dumped because: kasan: bad access detected [ 19.495627] [ 19.495652] Memory state around the buggy address: [ 19.495686] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.495733] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.495778] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.496164] ^ [ 19.496331] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.496441] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.496482] ================================================================== [ 19.511434] ================================================================== [ 19.511495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.511548] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.511599] [ 19.511633] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.511717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.511746] Hardware name: linux,dummy-virt (DT) [ 19.511779] Call trace: [ 19.511803] show_stack+0x20/0x38 (C) [ 19.511866] dump_stack_lvl+0x8c/0xd0 [ 19.511915] print_report+0x118/0x608 [ 19.511961] kasan_report+0xdc/0x128 [ 19.512008] kasan_check_range+0x100/0x1a8 [ 19.512057] __kasan_check_write+0x20/0x30 [ 19.512103] kasan_atomics_helper+0x126c/0x4858 [ 19.512151] kasan_atomics+0x198/0x2e0 [ 19.512198] kunit_try_run_case+0x170/0x3f0 [ 19.512250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.512304] kthread+0x328/0x630 [ 19.512346] ret_from_fork+0x10/0x20 [ 19.512394] [ 19.512414] Allocated by task 266: [ 19.512443] kasan_save_stack+0x3c/0x68 [ 19.512484] kasan_save_track+0x20/0x40 [ 19.512522] kasan_save_alloc_info+0x40/0x58 [ 19.512564] __kasan_kmalloc+0xd4/0xd8 [ 19.512600] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.512641] kasan_atomics+0xb8/0x2e0 [ 19.512677] kunit_try_run_case+0x170/0x3f0 [ 19.512718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.512761] kthread+0x328/0x630 [ 19.512795] ret_from_fork+0x10/0x20 [ 19.512835] [ 19.513806] The buggy address belongs to the object at fff00000c5906f00 [ 19.513806] which belongs to the cache kmalloc-64 of size 64 [ 19.514081] The buggy address is located 0 bytes to the right of [ 19.514081] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.514150] [ 19.514172] The buggy address belongs to the physical page: [ 19.514206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.514260] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.514313] page_type: f5(slab) [ 19.514353] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.514406] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.514449] page dumped because: kasan: bad access detected [ 19.514487] [ 19.514508] Memory state around the buggy address: [ 19.514541] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.514586] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.514687] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.516268] ^ [ 19.516324] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.516369] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.516410] ================================================================== [ 19.473160] ================================================================== [ 19.473222] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.473274] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.473571] [ 19.473699] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.473802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.473860] Hardware name: linux,dummy-virt (DT) [ 19.473896] Call trace: [ 19.473942] show_stack+0x20/0x38 (C) [ 19.473996] dump_stack_lvl+0x8c/0xd0 [ 19.474054] print_report+0x118/0x608 [ 19.474112] kasan_report+0xdc/0x128 [ 19.474158] kasan_check_range+0x100/0x1a8 [ 19.474208] __kasan_check_write+0x20/0x30 [ 19.474265] kasan_atomics_helper+0x1128/0x4858 [ 19.474313] kasan_atomics+0x198/0x2e0 [ 19.474360] kunit_try_run_case+0x170/0x3f0 [ 19.474409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.474461] kthread+0x328/0x630 [ 19.474504] ret_from_fork+0x10/0x20 [ 19.474551] [ 19.474815] Allocated by task 266: [ 19.475152] kasan_save_stack+0x3c/0x68 [ 19.475212] kasan_save_track+0x20/0x40 [ 19.475646] kasan_save_alloc_info+0x40/0x58 [ 19.476107] __kasan_kmalloc+0xd4/0xd8 [ 19.476179] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.476221] kasan_atomics+0xb8/0x2e0 [ 19.476477] kunit_try_run_case+0x170/0x3f0 [ 19.476562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.477216] kthread+0x328/0x630 [ 19.477266] ret_from_fork+0x10/0x20 [ 19.477920] [ 19.477948] The buggy address belongs to the object at fff00000c5906f00 [ 19.477948] which belongs to the cache kmalloc-64 of size 64 [ 19.478465] The buggy address is located 0 bytes to the right of [ 19.478465] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.480082] [ 19.480108] The buggy address belongs to the physical page: [ 19.480141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.480621] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.480996] page_type: f5(slab) [ 19.481917] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.482157] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.482413] page dumped because: kasan: bad access detected [ 19.482449] [ 19.483043] Memory state around the buggy address: [ 19.483085] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.484033] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.484353] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.484712] ^ [ 19.486519] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.486570] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.486610] ================================================================== [ 19.444832] ================================================================== [ 19.444904] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.445028] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.445304] [ 19.445352] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.445680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.445758] Hardware name: linux,dummy-virt (DT) [ 19.445803] Call trace: [ 19.445985] show_stack+0x20/0x38 (C) [ 19.446213] dump_stack_lvl+0x8c/0xd0 [ 19.446543] print_report+0x118/0x608 [ 19.446705] kasan_report+0xdc/0x128 [ 19.446936] kasan_check_range+0x100/0x1a8 [ 19.447023] __kasan_check_write+0x20/0x30 [ 19.447106] kasan_atomics_helper+0xf88/0x4858 [ 19.447288] kasan_atomics+0x198/0x2e0 [ 19.447369] kunit_try_run_case+0x170/0x3f0 [ 19.447440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.447728] kthread+0x328/0x630 [ 19.447782] ret_from_fork+0x10/0x20 [ 19.447851] [ 19.447935] Allocated by task 266: [ 19.448180] kasan_save_stack+0x3c/0x68 [ 19.448242] kasan_save_track+0x20/0x40 [ 19.448358] kasan_save_alloc_info+0x40/0x58 [ 19.448433] __kasan_kmalloc+0xd4/0xd8 [ 19.448650] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.448728] kasan_atomics+0xb8/0x2e0 [ 19.449180] kunit_try_run_case+0x170/0x3f0 [ 19.449390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.449509] kthread+0x328/0x630 [ 19.449653] ret_from_fork+0x10/0x20 [ 19.449716] [ 19.449765] The buggy address belongs to the object at fff00000c5906f00 [ 19.449765] which belongs to the cache kmalloc-64 of size 64 [ 19.450048] The buggy address is located 0 bytes to the right of [ 19.450048] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.450146] [ 19.450175] The buggy address belongs to the physical page: [ 19.450208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.450405] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.450876] page_type: f5(slab) [ 19.450953] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.451296] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.451448] page dumped because: kasan: bad access detected [ 19.451505] [ 19.451553] Memory state around the buggy address: [ 19.451650] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.451710] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.451772] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.452005] ^ [ 19.452130] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.452197] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.452299] ================================================================== [ 19.304676] ================================================================== [ 19.305017] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.305177] Write of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.305286] [ 19.305365] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.305451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.305579] Hardware name: linux,dummy-virt (DT) [ 19.305669] Call trace: [ 19.305695] show_stack+0x20/0x38 (C) [ 19.305749] dump_stack_lvl+0x8c/0xd0 [ 19.305796] print_report+0x118/0x608 [ 19.306055] kasan_report+0xdc/0x128 [ 19.306259] kasan_check_range+0x100/0x1a8 [ 19.306333] __kasan_check_write+0x20/0x30 [ 19.306442] kasan_atomics_helper+0x99c/0x4858 [ 19.306493] kasan_atomics+0x198/0x2e0 [ 19.306560] kunit_try_run_case+0x170/0x3f0 [ 19.306822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.307119] kthread+0x328/0x630 [ 19.307171] ret_from_fork+0x10/0x20 [ 19.307382] [ 19.307851] Allocated by task 266: [ 19.307894] kasan_save_stack+0x3c/0x68 [ 19.308139] kasan_save_track+0x20/0x40 [ 19.308308] kasan_save_alloc_info+0x40/0x58 [ 19.308402] __kasan_kmalloc+0xd4/0xd8 [ 19.308635] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.308718] kasan_atomics+0xb8/0x2e0 [ 19.308757] kunit_try_run_case+0x170/0x3f0 [ 19.308966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.309141] kthread+0x328/0x630 [ 19.309180] ret_from_fork+0x10/0x20 [ 19.309392] [ 19.309519] The buggy address belongs to the object at fff00000c5906f00 [ 19.309519] which belongs to the cache kmalloc-64 of size 64 [ 19.309614] The buggy address is located 0 bytes to the right of [ 19.309614] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.309697] [ 19.309737] The buggy address belongs to the physical page: [ 19.309787] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.309850] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.309956] page_type: f5(slab) [ 19.310046] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.310154] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.310288] page dumped because: kasan: bad access detected [ 19.310323] [ 19.310344] Memory state around the buggy address: [ 19.310377] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.310422] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.310508] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.310693] ^ [ 19.310818] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.310893] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.311001] ================================================================== [ 19.602080] ================================================================== [ 19.602130] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.602185] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.602236] [ 19.602267] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.602349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.602390] Hardware name: linux,dummy-virt (DT) [ 19.602423] Call trace: [ 19.602446] show_stack+0x20/0x38 (C) [ 19.602495] dump_stack_lvl+0x8c/0xd0 [ 19.602543] print_report+0x118/0x608 [ 19.602590] kasan_report+0xdc/0x128 [ 19.602636] kasan_check_range+0x100/0x1a8 [ 19.602686] __kasan_check_write+0x20/0x30 [ 19.602756] kasan_atomics_helper+0x16d0/0x4858 [ 19.602897] kasan_atomics+0x198/0x2e0 [ 19.603023] kunit_try_run_case+0x170/0x3f0 [ 19.603100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.603155] kthread+0x328/0x630 [ 19.603198] ret_from_fork+0x10/0x20 [ 19.603245] [ 19.603265] Allocated by task 266: [ 19.603294] kasan_save_stack+0x3c/0x68 [ 19.603339] kasan_save_track+0x20/0x40 [ 19.603377] kasan_save_alloc_info+0x40/0x58 [ 19.603428] __kasan_kmalloc+0xd4/0xd8 [ 19.603551] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.603599] kasan_atomics+0xb8/0x2e0 [ 19.603637] kunit_try_run_case+0x170/0x3f0 [ 19.603849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.603895] kthread+0x328/0x630 [ 19.603977] ret_from_fork+0x10/0x20 [ 19.604015] [ 19.604042] The buggy address belongs to the object at fff00000c5906f00 [ 19.604042] which belongs to the cache kmalloc-64 of size 64 [ 19.604101] The buggy address is located 0 bytes to the right of [ 19.604101] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.604183] [ 19.604205] The buggy address belongs to the physical page: [ 19.604237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.604289] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.604338] page_type: f5(slab) [ 19.604375] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.604426] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.604469] page dumped because: kasan: bad access detected [ 19.604502] [ 19.604522] Memory state around the buggy address: [ 19.604567] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.604613] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.604664] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.604705] ^ [ 19.604739] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.604781] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.604867] ================================================================== [ 19.387114] ================================================================== [ 19.387175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.387233] Write of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.387286] [ 19.387331] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.387416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.387445] Hardware name: linux,dummy-virt (DT) [ 19.387477] Call trace: [ 19.387503] show_stack+0x20/0x38 (C) [ 19.387552] dump_stack_lvl+0x8c/0xd0 [ 19.387602] print_report+0x118/0x608 [ 19.387649] kasan_report+0xdc/0x128 [ 19.387696] kasan_check_range+0x100/0x1a8 [ 19.387744] __kasan_check_write+0x20/0x30 [ 19.387791] kasan_atomics_helper+0xd3c/0x4858 [ 19.387855] kasan_atomics+0x198/0x2e0 [ 19.387931] kunit_try_run_case+0x170/0x3f0 [ 19.388061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.388146] kthread+0x328/0x630 [ 19.388193] ret_from_fork+0x10/0x20 [ 19.388243] [ 19.388264] Allocated by task 266: [ 19.388295] kasan_save_stack+0x3c/0x68 [ 19.388347] kasan_save_track+0x20/0x40 [ 19.388388] kasan_save_alloc_info+0x40/0x58 [ 19.388442] __kasan_kmalloc+0xd4/0xd8 [ 19.388483] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.388525] kasan_atomics+0xb8/0x2e0 [ 19.388562] kunit_try_run_case+0x170/0x3f0 [ 19.388602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.388647] kthread+0x328/0x630 [ 19.388681] ret_from_fork+0x10/0x20 [ 19.388719] [ 19.388741] The buggy address belongs to the object at fff00000c5906f00 [ 19.388741] which belongs to the cache kmalloc-64 of size 64 [ 19.388800] The buggy address is located 0 bytes to the right of [ 19.388800] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.388876] [ 19.389269] The buggy address belongs to the physical page: [ 19.389306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.389389] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.389442] page_type: f5(slab) [ 19.389483] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.389532] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.389574] page dumped because: kasan: bad access detected [ 19.389612] [ 19.389633] Memory state around the buggy address: [ 19.389666] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.389726] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.389772] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.389812] ^ [ 19.390676] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.390821] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.390897] ================================================================== [ 19.363556] ================================================================== [ 19.364697] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 19.364807] Write of size 4 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.364932] [ 19.364984] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.365069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.365098] Hardware name: linux,dummy-virt (DT) [ 19.365130] Call trace: [ 19.365175] show_stack+0x20/0x38 (C) [ 19.365265] dump_stack_lvl+0x8c/0xd0 [ 19.365323] print_report+0x118/0x608 [ 19.365517] kasan_report+0xdc/0x128 [ 19.365673] kasan_check_range+0x100/0x1a8 [ 19.365724] __kasan_check_write+0x20/0x30 [ 19.365790] kasan_atomics_helper+0xca0/0x4858 [ 19.365861] kasan_atomics+0x198/0x2e0 [ 19.365910] kunit_try_run_case+0x170/0x3f0 [ 19.365967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.366260] kasan_save_stack+0x3c/0x68 [ 19.366605] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.366648] kasan_atomics+0xb8/0x2e0 [ 19.366686] kunit_try_run_case+0x170/0x3f0 [ 19.368066] ret_from_fork+0x10/0x20 [ 19.368121] [ 19.368143] The buggy address belongs to the object at fff00000c5906f00 [ 19.368143] which belongs to the cache kmalloc-64 of size 64 [ 19.368205] The buggy address is located 0 bytes to the right of [ 19.368205] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.368272] [ 19.368300] The buggy address belongs to the physical page: [ 19.368332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.368392] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.368443] page_type: f5(slab) [ 19.368481] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.368533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.368575] page dumped because: kasan: bad access detected [ 19.368608] [ 19.368628] Memory state around the buggy address: [ 19.368659] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.368704] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.368748] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.368788] ^ [ 19.368822] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.368927] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.368968] ================================================================== [ 19.457609] ================================================================== [ 19.457673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.457725] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.457776] [ 19.457806] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.457902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.457933] Hardware name: linux,dummy-virt (DT) [ 19.458484] Call trace: [ 19.458575] show_stack+0x20/0x38 (C) [ 19.458668] dump_stack_lvl+0x8c/0xd0 [ 19.459077] print_report+0x118/0x608 [ 19.459277] kasan_report+0xdc/0x128 [ 19.459416] kasan_check_range+0x100/0x1a8 [ 19.459537] __kasan_check_write+0x20/0x30 [ 19.459716] kasan_atomics_helper+0x1058/0x4858 [ 19.459856] kasan_atomics+0x198/0x2e0 [ 19.459908] kunit_try_run_case+0x170/0x3f0 [ 19.459955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.460039] kthread+0x328/0x630 [ 19.460218] ret_from_fork+0x10/0x20 [ 19.460353] [ 19.460445] Allocated by task 266: [ 19.460817] kasan_save_stack+0x3c/0x68 [ 19.460872] kasan_save_track+0x20/0x40 [ 19.460942] kasan_save_alloc_info+0x40/0x58 [ 19.460986] __kasan_kmalloc+0xd4/0xd8 [ 19.461024] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.461787] kasan_atomics+0xb8/0x2e0 [ 19.462181] kunit_try_run_case+0x170/0x3f0 [ 19.462286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.462829] kthread+0x328/0x630 [ 19.462910] ret_from_fork+0x10/0x20 [ 19.462985] [ 19.463035] The buggy address belongs to the object at fff00000c5906f00 [ 19.463035] which belongs to the cache kmalloc-64 of size 64 [ 19.463111] The buggy address is located 0 bytes to the right of [ 19.463111] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.463197] [ 19.463221] The buggy address belongs to the physical page: [ 19.463254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.463543] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.463693] page_type: f5(slab) [ 19.463756] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.464023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.464102] page dumped because: kasan: bad access detected [ 19.464195] [ 19.464245] Memory state around the buggy address: [ 19.464315] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.464417] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.464500] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.464545] ^ [ 19.464580] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.464624] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.464917] ================================================================== [ 19.516625] ================================================================== [ 19.516681] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.516730] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.516780] [ 19.516813] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.516912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.516939] Hardware name: linux,dummy-virt (DT) [ 19.516972] Call trace: [ 19.517240] show_stack+0x20/0x38 (C) [ 19.517300] dump_stack_lvl+0x8c/0xd0 [ 19.517350] print_report+0x118/0x608 [ 19.517507] kasan_report+0xdc/0x128 [ 19.517566] kasan_check_range+0x100/0x1a8 [ 19.517614] __kasan_check_write+0x20/0x30 [ 19.517668] kasan_atomics_helper+0x12d8/0x4858 [ 19.517717] kasan_atomics+0x198/0x2e0 [ 19.517763] kunit_try_run_case+0x170/0x3f0 [ 19.517813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.517878] kthread+0x328/0x630 [ 19.517926] ret_from_fork+0x10/0x20 [ 19.517987] [ 19.518008] Allocated by task 266: [ 19.518037] kasan_save_stack+0x3c/0x68 [ 19.518201] kasan_save_track+0x20/0x40 [ 19.518337] kasan_save_alloc_info+0x40/0x58 [ 19.518398] __kasan_kmalloc+0xd4/0xd8 [ 19.518436] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.518476] kasan_atomics+0xb8/0x2e0 [ 19.518512] kunit_try_run_case+0x170/0x3f0 [ 19.518553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.518596] kthread+0x328/0x630 [ 19.518632] ret_from_fork+0x10/0x20 [ 19.518669] [ 19.518716] The buggy address belongs to the object at fff00000c5906f00 [ 19.518716] which belongs to the cache kmalloc-64 of size 64 [ 19.518809] The buggy address is located 0 bytes to the right of [ 19.518809] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.518916] [ 19.518972] The buggy address belongs to the physical page: [ 19.519013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.520551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.520899] page_type: f5(slab) [ 19.520949] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.521262] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.521384] page dumped because: kasan: bad access detected [ 19.521448] [ 19.521476] Memory state around the buggy address: [ 19.521663] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.521881] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.521926] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.521968] ^ [ 19.522004] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.522047] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.522134] ================================================================== [ 19.570547] ================================================================== [ 19.570788] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.571257] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.571395] [ 19.571491] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.571573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.571603] Hardware name: linux,dummy-virt (DT) [ 19.571637] Call trace: [ 19.571668] show_stack+0x20/0x38 (C) [ 19.571720] dump_stack_lvl+0x8c/0xd0 [ 19.571791] print_report+0x118/0x608 [ 19.571850] kasan_report+0xdc/0x128 [ 19.571922] kasan_check_range+0x100/0x1a8 [ 19.571972] __kasan_check_write+0x20/0x30 [ 19.572438] kasan_atomics_helper+0x14e4/0x4858 [ 19.572616] kasan_atomics+0x198/0x2e0 [ 19.572663] kunit_try_run_case+0x170/0x3f0 [ 19.572710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.573501] kthread+0x328/0x630 [ 19.573551] ret_from_fork+0x10/0x20 [ 19.573598] [ 19.573672] Allocated by task 266: [ 19.574625] kasan_save_stack+0x3c/0x68 [ 19.574674] kasan_save_track+0x20/0x40 [ 19.574713] kasan_save_alloc_info+0x40/0x58 [ 19.574812] __kasan_kmalloc+0xd4/0xd8 [ 19.574861] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.574900] kasan_atomics+0xb8/0x2e0 [ 19.574938] kunit_try_run_case+0x170/0x3f0 [ 19.574976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.575028] kthread+0x328/0x630 [ 19.575082] ret_from_fork+0x10/0x20 [ 19.575132] [ 19.575154] The buggy address belongs to the object at fff00000c5906f00 [ 19.575154] which belongs to the cache kmalloc-64 of size 64 [ 19.575214] The buggy address is located 0 bytes to the right of [ 19.575214] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.575278] [ 19.575327] The buggy address belongs to the physical page: [ 19.575367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.575419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.575468] page_type: f5(slab) [ 19.575507] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.575560] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.575602] page dumped because: kasan: bad access detected [ 19.575639] [ 19.575660] Memory state around the buggy address: [ 19.575692] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.575737] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.575782] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.575822] ^ [ 19.575863] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.575907] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.575945] ================================================================== [ 19.605137] ================================================================== [ 19.605183] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.605229] Read of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.605279] [ 19.605309] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.605389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.605418] Hardware name: linux,dummy-virt (DT) [ 19.605450] Call trace: [ 19.605472] show_stack+0x20/0x38 (C) [ 19.605553] dump_stack_lvl+0x8c/0xd0 [ 19.605749] print_report+0x118/0x608 [ 19.605799] kasan_report+0xdc/0x128 [ 19.605857] __asan_report_load8_noabort+0x20/0x30 [ 19.605919] kasan_atomics_helper+0x3e10/0x4858 [ 19.605968] kasan_atomics+0x198/0x2e0 [ 19.606016] kunit_try_run_case+0x170/0x3f0 [ 19.606065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.606118] kthread+0x328/0x630 [ 19.606168] ret_from_fork+0x10/0x20 [ 19.606217] [ 19.606249] Allocated by task 266: [ 19.606289] kasan_save_stack+0x3c/0x68 [ 19.606330] kasan_save_track+0x20/0x40 [ 19.606368] kasan_save_alloc_info+0x40/0x58 [ 19.606735] __kasan_kmalloc+0xd4/0xd8 [ 19.606889] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.606954] kasan_atomics+0xb8/0x2e0 [ 19.607075] kunit_try_run_case+0x170/0x3f0 [ 19.607482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.607550] kthread+0x328/0x630 [ 19.607639] ret_from_fork+0x10/0x20 [ 19.607685] [ 19.607732] The buggy address belongs to the object at fff00000c5906f00 [ 19.607732] which belongs to the cache kmalloc-64 of size 64 [ 19.607855] The buggy address is located 0 bytes to the right of [ 19.607855] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.607930] [ 19.608026] The buggy address belongs to the physical page: [ 19.608150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.608204] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.608254] page_type: f5(slab) [ 19.608291] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.608344] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.608387] page dumped because: kasan: bad access detected [ 19.608421] [ 19.608440] Memory state around the buggy address: [ 19.608471] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.608516] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.608567] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.608608] ^ [ 19.608679] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.608852] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.608891] ================================================================== [ 19.412474] ================================================================== [ 19.412544] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.412598] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.412649] [ 19.412680] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.414808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.414853] Hardware name: linux,dummy-virt (DT) [ 19.414888] Call trace: [ 19.414912] show_stack+0x20/0x38 (C) [ 19.414968] dump_stack_lvl+0x8c/0xd0 [ 19.415015] print_report+0x118/0x608 [ 19.415064] kasan_report+0xdc/0x128 [ 19.415109] kasan_check_range+0x100/0x1a8 [ 19.415159] __kasan_check_write+0x20/0x30 [ 19.415205] kasan_atomics_helper+0xe44/0x4858 [ 19.415255] kasan_atomics+0x198/0x2e0 [ 19.415300] kunit_try_run_case+0x170/0x3f0 [ 19.415356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.415409] kthread+0x328/0x630 [ 19.415455] ret_from_fork+0x10/0x20 [ 19.415502] [ 19.415523] Allocated by task 266: [ 19.415551] kasan_save_stack+0x3c/0x68 [ 19.415594] kasan_save_track+0x20/0x40 [ 19.415634] kasan_save_alloc_info+0x40/0x58 [ 19.415677] __kasan_kmalloc+0xd4/0xd8 [ 19.415716] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.415756] kasan_atomics+0xb8/0x2e0 [ 19.415794] kunit_try_run_case+0x170/0x3f0 [ 19.415834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.415898] kthread+0x328/0x630 [ 19.415931] ret_from_fork+0x10/0x20 [ 19.416223] [ 19.416540] The buggy address belongs to the object at fff00000c5906f00 [ 19.416540] which belongs to the cache kmalloc-64 of size 64 [ 19.417871] The buggy address is located 0 bytes to the right of [ 19.417871] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.417943] [ 19.417965] The buggy address belongs to the physical page: [ 19.418576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.418683] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.419026] page_type: f5(slab) [ 19.419168] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.419274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.419327] page dumped because: kasan: bad access detected [ 19.419572] [ 19.419597] Memory state around the buggy address: [ 19.419635] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.419679] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.420009] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.420096] ^ [ 19.420199] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.420451] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.420520] ================================================================== [ 19.557320] ================================================================== [ 19.557367] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.557414] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.557465] [ 19.557497] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.557579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.557606] Hardware name: linux,dummy-virt (DT) [ 19.557639] Call trace: [ 19.558030] show_stack+0x20/0x38 (C) [ 19.558218] dump_stack_lvl+0x8c/0xd0 [ 19.558379] print_report+0x118/0x608 [ 19.558427] kasan_report+0xdc/0x128 [ 19.558475] kasan_check_range+0x100/0x1a8 [ 19.558523] __kasan_check_write+0x20/0x30 [ 19.558569] kasan_atomics_helper+0x1414/0x4858 [ 19.558627] kasan_atomics+0x198/0x2e0 [ 19.558675] kunit_try_run_case+0x170/0x3f0 [ 19.559005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.559242] kthread+0x328/0x630 [ 19.559354] ret_from_fork+0x10/0x20 [ 19.559424] [ 19.559540] Allocated by task 266: [ 19.559569] kasan_save_stack+0x3c/0x68 [ 19.559632] kasan_save_track+0x20/0x40 [ 19.559804] kasan_save_alloc_info+0x40/0x58 [ 19.559885] __kasan_kmalloc+0xd4/0xd8 [ 19.559923] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.560041] kasan_atomics+0xb8/0x2e0 [ 19.560078] kunit_try_run_case+0x170/0x3f0 [ 19.560119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.560368] kthread+0x328/0x630 [ 19.560412] ret_from_fork+0x10/0x20 [ 19.561093] [ 19.561148] The buggy address belongs to the object at fff00000c5906f00 [ 19.561148] which belongs to the cache kmalloc-64 of size 64 [ 19.561221] The buggy address is located 0 bytes to the right of [ 19.561221] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.561356] [ 19.561379] The buggy address belongs to the physical page: [ 19.561413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.561807] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.561880] page_type: f5(slab) [ 19.561946] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.562206] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.562532] page dumped because: kasan: bad access detected [ 19.562616] [ 19.562638] Memory state around the buggy address: [ 19.562673] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.563652] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.563701] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.564201] ^ [ 19.564242] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.564288] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.564375] ================================================================== [ 19.437687] ================================================================== [ 19.437745] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.437797] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.437863] [ 19.437907] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.438013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.438042] Hardware name: linux,dummy-virt (DT) [ 19.438084] Call trace: [ 19.438109] show_stack+0x20/0x38 (C) [ 19.438157] dump_stack_lvl+0x8c/0xd0 [ 19.438207] print_report+0x118/0x608 [ 19.438262] kasan_report+0xdc/0x128 [ 19.438308] kasan_check_range+0x100/0x1a8 [ 19.438358] __kasan_check_write+0x20/0x30 [ 19.438408] kasan_atomics_helper+0xf20/0x4858 [ 19.438458] kasan_atomics+0x198/0x2e0 [ 19.438504] kunit_try_run_case+0x170/0x3f0 [ 19.438553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.438625] kthread+0x328/0x630 [ 19.438669] ret_from_fork+0x10/0x20 [ 19.438733] [ 19.438782] Allocated by task 266: [ 19.438811] kasan_save_stack+0x3c/0x68 [ 19.439109] kasan_save_track+0x20/0x40 [ 19.440237] kasan_save_alloc_info+0x40/0x58 [ 19.440303] __kasan_kmalloc+0xd4/0xd8 [ 19.440464] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.440658] kasan_atomics+0xb8/0x2e0 [ 19.440729] kunit_try_run_case+0x170/0x3f0 [ 19.440903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.440995] kthread+0x328/0x630 [ 19.441062] ret_from_fork+0x10/0x20 [ 19.441216] [ 19.441295] The buggy address belongs to the object at fff00000c5906f00 [ 19.441295] which belongs to the cache kmalloc-64 of size 64 [ 19.441394] The buggy address is located 0 bytes to the right of [ 19.441394] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.441565] [ 19.441618] The buggy address belongs to the physical page: [ 19.441651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.441900] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.441962] page_type: f5(slab) [ 19.442004] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.442062] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.442104] page dumped because: kasan: bad access detected [ 19.442139] [ 19.442159] Memory state around the buggy address: [ 19.442193] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.442240] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.442283] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.442323] ^ [ 19.442356] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.442401] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.442440] ================================================================== [ 19.427323] ================================================================== [ 19.427405] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.427476] Write of size 8 at addr fff00000c5906f30 by task kunit_try_catch/266 [ 19.427546] [ 19.427668] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.427895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.428005] Hardware name: linux,dummy-virt (DT) [ 19.428087] Call trace: [ 19.428201] show_stack+0x20/0x38 (C) [ 19.428257] dump_stack_lvl+0x8c/0xd0 [ 19.428331] print_report+0x118/0x608 [ 19.428380] kasan_report+0xdc/0x128 [ 19.428453] kasan_check_range+0x100/0x1a8 [ 19.428808] __kasan_check_write+0x20/0x30 [ 19.430041] kasan_atomics_helper+0xeb8/0x4858 [ 19.430402] kasan_atomics+0x198/0x2e0 [ 19.431613] kunit_try_run_case+0x170/0x3f0 [ 19.431814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.431916] kthread+0x328/0x630 [ 19.432110] ret_from_fork+0x10/0x20 [ 19.432190] [ 19.432212] Allocated by task 266: [ 19.432461] kasan_save_stack+0x3c/0x68 [ 19.432516] kasan_save_track+0x20/0x40 [ 19.432562] kasan_save_alloc_info+0x40/0x58 [ 19.432791] __kasan_kmalloc+0xd4/0xd8 [ 19.432913] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.433154] kasan_atomics+0xb8/0x2e0 [ 19.433287] kunit_try_run_case+0x170/0x3f0 [ 19.433474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.433551] kthread+0x328/0x630 [ 19.433825] ret_from_fork+0x10/0x20 [ 19.433922] [ 19.434190] The buggy address belongs to the object at fff00000c5906f00 [ 19.434190] which belongs to the cache kmalloc-64 of size 64 [ 19.434276] The buggy address is located 0 bytes to the right of [ 19.434276] allocated 48-byte region [fff00000c5906f00, fff00000c5906f30) [ 19.434583] [ 19.434656] The buggy address belongs to the physical page: [ 19.434728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.434919] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.434998] page_type: f5(slab) [ 19.435079] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.435141] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.435187] page dumped because: kasan: bad access detected [ 19.435452] [ 19.435476] Memory state around the buggy address: [ 19.435554] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.435623] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.435687] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.435906] ^ [ 19.436059] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.436137] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.436271] ================================================================== [ 19.183648] ================================================================== [ 19.183702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 19.183934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.184677] kasan_save_stack+0x3c/0x68 [ 19.184718] kasan_save_track+0x20/0x40 [ 19.184806] __kasan_kmalloc+0xd4/0xd8 [ 19.184894] kasan_atomics+0xb8/0x2e0 [ 19.189229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.190811] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.192011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.192949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.193017] kthread+0x328/0x630 [ 19.193062] ret_from_fork+0x10/0x20 [ 19.193129] [ 19.193223] kasan_save_stack+0x3c/0x68 [ 19.193526] kasan_atomics+0xb8/0x2e0 [ 19.194273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906 [ 19.194326] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.194414] page_type: f5(slab) [ 19.194465] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.194518] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.194576] page dumped because: kasan: bad access detected [ 19.194629] [ 19.194649] Memory state around the buggy address: [ 19.194682] fff00000c5906e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.194815] fff00000c5906e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.195192] >fff00000c5906f00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.195395] ^ [ 19.195548] fff00000c5906f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.195655] fff00000c5907000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.195777] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 19.048698] ================================================================== [ 19.048781] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 19.048891] Read of size 1 at addr fff00000c5908250 by task kunit_try_catch/260 [ 19.048945] [ 19.048980] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.049192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.049230] Hardware name: linux,dummy-virt (DT) [ 19.049264] Call trace: [ 19.049327] show_stack+0x20/0x38 (C) [ 19.049377] dump_stack_lvl+0x8c/0xd0 [ 19.049426] print_report+0x118/0x608 [ 19.049602] kasan_report+0xdc/0x128 [ 19.049708] __asan_report_load1_noabort+0x20/0x30 [ 19.049764] strnlen+0x80/0x88 [ 19.049809] kasan_strings+0x478/0xb00 [ 19.049976] kunit_try_run_case+0x170/0x3f0 [ 19.050062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.050116] kthread+0x328/0x630 [ 19.050161] ret_from_fork+0x10/0x20 [ 19.050214] [ 19.050263] Allocated by task 260: [ 19.050308] kasan_save_stack+0x3c/0x68 [ 19.050352] kasan_save_track+0x20/0x40 [ 19.050390] kasan_save_alloc_info+0x40/0x58 [ 19.050432] __kasan_kmalloc+0xd4/0xd8 [ 19.050606] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.050885] kthread+0x328/0x630 [ 19.052562] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.058073] not ok 62 kasan_strings [ 19.061539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.062073] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.062598] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.063685] fff00000c5857e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.065323] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.067259] kasan_bitops_generic+0xa0/0x1c8 [ 19.068797] page_type: f5(slab) [ 19.070427] ^ [ 19.072051] Call trace: [ 19.074532] [ 19.075277] page dumped because: kasan: bad access detected [ 19.075499] ^ [ 19.076210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.076295] show_stack+0x20/0x38 (C) [ 19.076774] kthread+0x328/0x630 [ 19.076921] Allocated by task 262: [ 19.077108] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.077432] The buggy address is located 8 bytes inside of [ 19.077432] allocated 9-byte region [fff00000c5857dc0, fff00000c5857dc9) [ 19.077804] page dumped because: kasan: bad access detected [ 19.079289] ^ [ 19.079363] fff00000c5857e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.080565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.080618] Hardware name: linux,dummy-virt (DT) [ 19.080902] kasan_report+0xdc/0x128 [ 19.081590] kthread+0x328/0x630 [ 19.081965] kasan_save_stack+0x3c/0x68 [ 19.082435] kthread+0x328/0x630 [ 19.083048] [ 19.083125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105857 [ 19.083901] fff00000c5857c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 19.084333] >fff00000c5857d80: 00 00 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.084436] ^ [ 19.084512] fff00000c5857e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.085497] [ 19.085956] Call trace: [ 19.086437] __kasan_check_write+0x20/0x30 [ 19.086816] ret_from_fork+0x10/0x20 [ 19.089809] >fff00000c5857d80: 00 00 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.090069] fff00000c5857e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.091241] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 19.040482] ================================================================== [ 19.040586] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 19.040640] Read of size 1 at addr fff00000c5908250 by task kunit_try_catch/260 [ 19.040741] [ 19.040774] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.040870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.040899] Hardware name: linux,dummy-virt (DT) [ 19.040931] Call trace: [ 19.041087] show_stack+0x20/0x38 (C) [ 19.041149] dump_stack_lvl+0x8c/0xd0 [ 19.041302] print_report+0x118/0x608 [ 19.041353] kasan_report+0xdc/0x128 [ 19.041571] __asan_report_load1_noabort+0x20/0x30 [ 19.041696] strlen+0xa8/0xb0 [ 19.041743] kasan_strings+0x418/0xb00 [ 19.041789] kunit_try_run_case+0x170/0x3f0 [ 19.041853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.041908] kthread+0x328/0x630 [ 19.042110] ret_from_fork+0x10/0x20 [ 19.042206] [ 19.042264] Allocated by task 260: [ 19.042359] kasan_save_stack+0x3c/0x68 [ 19.042403] kasan_save_track+0x20/0x40 [ 19.042548] kasan_save_alloc_info+0x40/0x58 [ 19.042686] __kasan_kmalloc+0xd4/0xd8 [ 19.042736] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.042872] kasan_strings+0xc8/0xb00 [ 19.043025] kunit_try_run_case+0x170/0x3f0 [ 19.043146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.043198] kthread+0x328/0x630 [ 19.043457] ret_from_fork+0x10/0x20 [ 19.043656] [ 19.043726] Freed by task 260: [ 19.043757] kasan_save_stack+0x3c/0x68 [ 19.043796] kasan_save_track+0x20/0x40 [ 19.044046] kasan_save_free_info+0x4c/0x78 [ 19.044174] __kasan_slab_free+0x6c/0x98 [ 19.044258] kfree+0x214/0x3c8 [ 19.044428] kasan_strings+0x24c/0xb00 [ 19.044468] kunit_try_run_case+0x170/0x3f0 [ 19.044520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.045001] kthread+0x328/0x630 [ 19.045149] ret_from_fork+0x10/0x20 [ 19.045277] [ 19.045485] The buggy address belongs to the object at fff00000c5908240 [ 19.045485] which belongs to the cache kmalloc-32 of size 32 [ 19.045616] The buggy address is located 16 bytes inside of [ 19.045616] freed 32-byte region [fff00000c5908240, fff00000c5908260) [ 19.045679] [ 19.045703] The buggy address belongs to the physical page: [ 19.045735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105908 [ 19.045960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.046016] page_type: f5(slab) [ 19.046057] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.046240] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.046316] page dumped because: kasan: bad access detected [ 19.046627] [ 19.046738] Memory state around the buggy address: [ 19.046898] fff00000c5908100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.047135] fff00000c5908180: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.047249] >fff00000c5908200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.047290] ^ [ 19.047485] fff00000c5908280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.047542] fff00000c5908300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.047582] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 19.035709] ================================================================== [ 19.035767] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 19.035861] Read of size 1 at addr fff00000c5908250 by task kunit_try_catch/260 [ 19.035915] [ 19.035948] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.036033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.036063] Hardware name: linux,dummy-virt (DT) [ 19.036106] Call trace: [ 19.036140] show_stack+0x20/0x38 (C) [ 19.036191] dump_stack_lvl+0x8c/0xd0 [ 19.036241] print_report+0x118/0x608 [ 19.036298] kasan_report+0xdc/0x128 [ 19.036355] __asan_report_load1_noabort+0x20/0x30 [ 19.036416] kasan_strings+0x95c/0xb00 [ 19.036462] kunit_try_run_case+0x170/0x3f0 [ 19.036509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.036565] kthread+0x328/0x630 [ 19.036609] ret_from_fork+0x10/0x20 [ 19.036657] [ 19.036686] Allocated by task 260: [ 19.036715] kasan_save_stack+0x3c/0x68 [ 19.036757] kasan_save_track+0x20/0x40 [ 19.036796] kasan_save_alloc_info+0x40/0x58 [ 19.036836] __kasan_kmalloc+0xd4/0xd8 [ 19.036885] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.036926] kasan_strings+0xc8/0xb00 [ 19.036963] kunit_try_run_case+0x170/0x3f0 [ 19.037001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.037046] kthread+0x328/0x630 [ 19.037079] ret_from_fork+0x10/0x20 [ 19.037117] [ 19.037180] Freed by task 260: [ 19.037452] kasan_save_stack+0x3c/0x68 [ 19.037503] kasan_save_track+0x20/0x40 [ 19.037600] kasan_save_free_info+0x4c/0x78 [ 19.037911] __kasan_slab_free+0x6c/0x98 [ 19.037978] kfree+0x214/0x3c8 [ 19.038017] kasan_strings+0x24c/0xb00 [ 19.038054] kunit_try_run_case+0x170/0x3f0 [ 19.038094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.038139] kthread+0x328/0x630 [ 19.038215] ret_from_fork+0x10/0x20 [ 19.038252] [ 19.038275] The buggy address belongs to the object at fff00000c5908240 [ 19.038275] which belongs to the cache kmalloc-32 of size 32 [ 19.038429] The buggy address is located 16 bytes inside of [ 19.038429] freed 32-byte region [fff00000c5908240, fff00000c5908260) [ 19.038500] [ 19.038549] The buggy address belongs to the physical page: [ 19.038585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105908 [ 19.038638] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.038689] page_type: f5(slab) [ 19.038729] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.038779] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.038852] page dumped because: kasan: bad access detected [ 19.038884] [ 19.039046] Memory state around the buggy address: [ 19.039149] fff00000c5908100: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.039242] fff00000c5908180: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.039339] >fff00000c5908200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.039380] ^ [ 19.039442] fff00000c5908280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.039486] fff00000c5908300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.039527] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 19.026003] ================================================================== [ 19.026282] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 19.026365] Read of size 1 at addr fff00000c5908250 by task kunit_try_catch/260 [ 19.026429] [ 19.026473] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.026564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.026593] Hardware name: linux,dummy-virt (DT) [ 19.026628] Call trace: [ 19.026794] show_stack+0x20/0x38 (C) [ 19.027003] dump_stack_lvl+0x8c/0xd0 [ 19.027131] print_report+0x118/0x608 [ 19.027394] kasan_report+0xdc/0x128 [ 19.027576] __asan_report_load1_noabort+0x20/0x30 [ 19.027721] strcmp+0xc0/0xc8 [ 19.027822] kasan_strings+0x340/0xb00 [ 19.027884] kunit_try_run_case+0x170/0x3f0 [ 19.028147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.028218] kthread+0x328/0x630 [ 19.028266] ret_from_fork+0x10/0x20 [ 19.028424] [ 19.028466] Allocated by task 260: [ 19.028516] kasan_save_stack+0x3c/0x68 [ 19.028672] kasan_save_track+0x20/0x40 [ 19.028759] kasan_save_alloc_info+0x40/0x58 [ 19.028820] __kasan_kmalloc+0xd4/0xd8 [ 19.028922] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.029013] kasan_strings+0xc8/0xb00 [ 19.029104] kunit_try_run_case+0x170/0x3f0 [ 19.029220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.029265] kthread+0x328/0x630 [ 19.029419] ret_from_fork+0x10/0x20 [ 19.029564] [ 19.029730] Freed by task 260: [ 19.029851] kasan_save_stack+0x3c/0x68 [ 19.029920] kasan_save_track+0x20/0x40 [ 19.030032] kasan_save_free_info+0x4c/0x78 [ 19.030121] __kasan_slab_free+0x6c/0x98 [ 19.030398] kfree+0x214/0x3c8 [ 19.030585] kasan_strings+0x24c/0xb00 [ 19.030624] kunit_try_run_case+0x170/0x3f0 [ 19.030883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.031068] kthread+0x328/0x630 [ 19.031364] ret_from_fork+0x10/0x20 [ 19.031594] [ 19.031713] The buggy address belongs to the object at fff00000c5908240 [ 19.031713] which belongs to the cache kmalloc-32 of size 32 [ 19.031956] The buggy address is located 16 bytes inside of [ 19.031956] freed 32-byte region [fff00000c5908240, fff00000c5908260) [ 19.032039] [ 19.032063] The buggy address belongs to the physical page: [ 19.032097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105908 [ 19.032614] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.032941] page_type: f5(slab) [ 19.033012] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.033179] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.033511] page dumped because: kasan: bad access detected [ 19.033552] [ 19.033705] Memory state around the buggy address: [ 19.033794] fff00000c5908100: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.033924] fff00000c5908180: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.033976] >fff00000c5908200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.034123] ^ [ 19.034258] fff00000c5908280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.034303] fff00000c5908300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.034357] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 19.005535] ================================================================== [ 19.005599] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 19.005666] Read of size 1 at addr fff00000c5908098 by task kunit_try_catch/258 [ 19.005718] [ 19.005760] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.005922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.006052] Hardware name: linux,dummy-virt (DT) [ 19.006095] Call trace: [ 19.006175] show_stack+0x20/0x38 (C) [ 19.006240] dump_stack_lvl+0x8c/0xd0 [ 19.006291] print_report+0x118/0x608 [ 19.006597] kasan_report+0xdc/0x128 [ 19.006806] __asan_report_load1_noabort+0x20/0x30 [ 19.006947] memcmp+0x198/0x1d8 [ 19.007006] kasan_memcmp+0x16c/0x300 [ 19.007055] kunit_try_run_case+0x170/0x3f0 [ 19.007107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.007164] kthread+0x328/0x630 [ 19.007211] ret_from_fork+0x10/0x20 [ 19.007263] [ 19.007284] Allocated by task 258: [ 19.007315] kasan_save_stack+0x3c/0x68 [ 19.007364] kasan_save_track+0x20/0x40 [ 19.007403] kasan_save_alloc_info+0x40/0x58 [ 19.007445] __kasan_kmalloc+0xd4/0xd8 [ 19.007483] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.007526] kasan_memcmp+0xbc/0x300 [ 19.007562] kunit_try_run_case+0x170/0x3f0 [ 19.007601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.007646] kthread+0x328/0x630 [ 19.007681] ret_from_fork+0x10/0x20 [ 19.007718] [ 19.007739] The buggy address belongs to the object at fff00000c5908080 [ 19.007739] which belongs to the cache kmalloc-32 of size 32 [ 19.007797] The buggy address is located 0 bytes to the right of [ 19.007797] allocated 24-byte region [fff00000c5908080, fff00000c5908098) [ 19.007928] [ 19.008003] The buggy address belongs to the physical page: [ 19.008101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105908 [ 19.008172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.008256] page_type: f5(slab) [ 19.008479] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.008677] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.008720] page dumped because: kasan: bad access detected [ 19.008754] [ 19.008775] Memory state around the buggy address: [ 19.008809] fff00000c5907f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.008863] fff00000c5908000: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.008936] >fff00000c5908080: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.008978] ^ [ 19.009016] fff00000c5908100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.009094] fff00000c5908180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.009146] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.969562] ================================================================== [ 18.969876] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 18.969949] Read of size 1 at addr ffff800080a17b4a by task kunit_try_catch/254 [ 18.970320] [ 18.970518] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.970744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.971031] Hardware name: linux,dummy-virt (DT) [ 18.971377] Call trace: [ 18.971406] show_stack+0x20/0x38 (C) [ 18.971590] dump_stack_lvl+0x8c/0xd0 [ 18.971807] print_report+0x310/0x608 [ 18.971998] kasan_report+0xdc/0x128 [ 18.972282] __asan_report_load1_noabort+0x20/0x30 [ 18.972466] kasan_alloca_oob_right+0x2dc/0x340 [ 18.972760] kunit_try_run_case+0x170/0x3f0 [ 18.973130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.973428] kthread+0x328/0x630 [ 18.973600] ret_from_fork+0x10/0x20 [ 18.973835] [ 18.973932] The buggy address belongs to stack of task kunit_try_catch/254 [ 18.974114] [ 18.974152] The buggy address belongs to the virtual mapping at [ 18.974152] [ffff800080a10000, ffff800080a19000) created by: [ 18.974152] kernel_clone+0x150/0x7a8 [ 18.974367] [ 18.974565] The buggy address belongs to the physical page: [ 18.974745] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ff [ 18.974875] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.975067] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.975125] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.975167] page dumped because: kasan: bad access detected [ 18.975364] [ 18.975560] Memory state around the buggy address: [ 18.975750] ffff800080a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.975826] ffff800080a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.976119] >ffff800080a17b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.976294] ^ [ 18.976412] ffff800080a17b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.976691] ffff800080a17c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.976852] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.950673] ================================================================== [ 18.950773] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 18.951106] Read of size 1 at addr ffff800080927b5f by task kunit_try_catch/252 [ 18.951393] [ 18.951545] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.951787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.952069] Hardware name: linux,dummy-virt (DT) [ 18.952320] Call trace: [ 18.952450] show_stack+0x20/0x38 (C) [ 18.952638] dump_stack_lvl+0x8c/0xd0 [ 18.952821] print_report+0x310/0x608 [ 18.952900] kasan_report+0xdc/0x128 [ 18.953434] __asan_report_load1_noabort+0x20/0x30 [ 18.953560] kasan_alloca_oob_left+0x2b8/0x310 [ 18.953763] kunit_try_run_case+0x170/0x3f0 [ 18.954105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.954295] kthread+0x328/0x630 [ 18.954494] ret_from_fork+0x10/0x20 [ 18.954795] [ 18.954931] The buggy address belongs to stack of task kunit_try_catch/252 [ 18.955109] [ 18.955200] The buggy address belongs to the virtual mapping at [ 18.955200] [ffff800080920000, ffff800080929000) created by: [ 18.955200] kernel_clone+0x150/0x7a8 [ 18.955614] [ 18.955676] The buggy address belongs to the physical page: [ 18.955965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058c6 [ 18.956073] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.956243] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.956523] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.956580] page dumped because: kasan: bad access detected [ 18.956622] [ 18.956796] Memory state around the buggy address: [ 18.956837] ffff800080927a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.956898] ffff800080927a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.956944] >ffff800080927b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 18.957005] ^ [ 18.957046] ffff800080927b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.957094] ffff800080927c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.957144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.930069] ================================================================== [ 18.930148] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.930560] Read of size 1 at addr ffff800080927c2a by task kunit_try_catch/250 [ 18.930628] [ 18.930705] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.930952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.930980] Hardware name: linux,dummy-virt (DT) [ 18.931305] Call trace: [ 18.931361] show_stack+0x20/0x38 (C) [ 18.931556] dump_stack_lvl+0x8c/0xd0 [ 18.931879] print_report+0x310/0x608 [ 18.932079] kasan_report+0xdc/0x128 [ 18.932320] __asan_report_load1_noabort+0x20/0x30 [ 18.932678] kasan_stack_oob+0x238/0x270 [ 18.932903] kunit_try_run_case+0x170/0x3f0 [ 18.933160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.933459] kthread+0x328/0x630 [ 18.933729] ret_from_fork+0x10/0x20 [ 18.933871] [ 18.934279] The buggy address belongs to stack of task kunit_try_catch/250 [ 18.934760] and is located at offset 138 in frame: [ 18.935171] kasan_stack_oob+0x0/0x270 [ 18.935423] [ 18.935461] This frame has 4 objects: [ 18.935622] [48, 49) '__assertion' [ 18.935684] [64, 72) 'array' [ 18.935748] [96, 112) '__assertion' [ 18.935791] [128, 138) 'stack_array' [ 18.935873] [ 18.936314] The buggy address belongs to the virtual mapping at [ 18.936314] [ffff800080920000, ffff800080929000) created by: [ 18.936314] kernel_clone+0x150/0x7a8 [ 18.936562] [ 18.936640] The buggy address belongs to the physical page: [ 18.936731] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058c6 [ 18.937063] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.937259] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.937767] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.937864] page dumped because: kasan: bad access detected [ 18.937913] [ 18.938245] Memory state around the buggy address: [ 18.938286] ffff800080927b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.938347] ffff800080927b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.938424] >ffff800080927c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.938487] ^ [ 18.938770] ffff800080927c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.939334] ffff800080927d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.939386] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.902172] ================================================================== [ 18.902236] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 18.902289] Read of size 1 at addr ffffaa4965d4f58d by task kunit_try_catch/246 [ 18.902990] [ 18.903057] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.903201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.903519] Hardware name: linux,dummy-virt (DT) [ 18.903581] Call trace: [ 18.903633] show_stack+0x20/0x38 (C) [ 18.903725] dump_stack_lvl+0x8c/0xd0 [ 18.904101] print_report+0x310/0x608 [ 18.904403] kasan_report+0xdc/0x128 [ 18.904859] __asan_report_load1_noabort+0x20/0x30 [ 18.905229] kasan_global_oob_right+0x230/0x270 [ 18.905592] kunit_try_run_case+0x170/0x3f0 [ 18.905752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.905878] kthread+0x328/0x630 [ 18.906009] ret_from_fork+0x10/0x20 [ 18.906180] [ 18.906461] The buggy address belongs to the variable: [ 18.906751] global_array+0xd/0x40 [ 18.906971] [ 18.907439] The buggy address belongs to the virtual mapping at [ 18.907439] [ffffaa4963f00000, ffffaa4965e01000) created by: [ 18.907439] paging_init+0x66c/0x7d0 [ 18.907592] [ 18.908080] The buggy address belongs to the physical page: [ 18.908298] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 18.908432] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 18.908523] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 18.908687] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.908857] page dumped because: kasan: bad access detected [ 18.908973] [ 18.909253] Memory state around the buggy address: [ 18.909375] ffffaa4965d4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.909645] ffffaa4965d4f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 18.909932] >ffffaa4965d4f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 18.909992] ^ [ 18.910025] ffffaa4965d4f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 18.910078] ffffaa4965d4f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.910123] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.883914] ================================================================== [ 18.884678] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.884935] Free of addr fff00000c78b0001 by task kunit_try_catch/244 [ 18.885211] [ 18.885321] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.885508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.885553] Hardware name: linux,dummy-virt (DT) [ 18.885589] Call trace: [ 18.885618] show_stack+0x20/0x38 (C) [ 18.885852] dump_stack_lvl+0x8c/0xd0 [ 18.886092] print_report+0x118/0x608 [ 18.886270] kasan_report_invalid_free+0xc0/0xe8 [ 18.886478] __kasan_mempool_poison_object+0xfc/0x150 [ 18.886730] mempool_free+0x28c/0x328 [ 18.886795] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.886857] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 18.887281] kunit_try_run_case+0x170/0x3f0 [ 18.887420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.887685] kthread+0x328/0x630 [ 18.888066] ret_from_fork+0x10/0x20 [ 18.888128] [ 18.888151] The buggy address belongs to the physical page: [ 18.888581] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b0 [ 18.888825] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.889062] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.889252] page_type: f8(unknown) [ 18.889296] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.889528] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.889741] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.889990] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.890432] head: 0bfffe0000000002 ffffc1ffc31e2c01 00000000ffffffff 00000000ffffffff [ 18.890614] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.890878] page dumped because: kasan: bad access detected [ 18.890910] [ 18.890929] Memory state around the buggy address: [ 18.891255] fff00000c78aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.891354] fff00000c78aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.891542] >fff00000c78b0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.891730] ^ [ 18.891789] fff00000c78b0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.892162] fff00000c78b0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.892272] ================================================================== [ 18.865046] ================================================================== [ 18.865415] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.865646] Free of addr fff00000c5903301 by task kunit_try_catch/242 [ 18.865701] [ 18.865736] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.865883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.866144] Hardware name: linux,dummy-virt (DT) [ 18.866195] Call trace: [ 18.866262] show_stack+0x20/0x38 (C) [ 18.866452] dump_stack_lvl+0x8c/0xd0 [ 18.866506] print_report+0x118/0x608 [ 18.866551] kasan_report_invalid_free+0xc0/0xe8 [ 18.866620] check_slab_allocation+0xfc/0x108 [ 18.866751] __kasan_mempool_poison_object+0x78/0x150 [ 18.866816] mempool_free+0x28c/0x328 [ 18.866994] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.867052] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.867316] kunit_try_run_case+0x170/0x3f0 [ 18.867548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.867749] kthread+0x328/0x630 [ 18.867883] ret_from_fork+0x10/0x20 [ 18.868020] [ 18.868045] Allocated by task 242: [ 18.868325] kasan_save_stack+0x3c/0x68 [ 18.868400] kasan_save_track+0x20/0x40 [ 18.868558] kasan_save_alloc_info+0x40/0x58 [ 18.868715] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.869008] remove_element+0x130/0x1f8 [ 18.869072] mempool_alloc_preallocated+0x58/0xc0 [ 18.869279] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.869517] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.869701] kunit_try_run_case+0x170/0x3f0 [ 18.869851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.869989] kthread+0x328/0x630 [ 18.870041] ret_from_fork+0x10/0x20 [ 18.870245] [ 18.870357] The buggy address belongs to the object at fff00000c5903300 [ 18.870357] which belongs to the cache kmalloc-128 of size 128 [ 18.870577] The buggy address is located 1 bytes inside of [ 18.870577] 128-byte region [fff00000c5903300, fff00000c5903380) [ 18.870651] [ 18.870679] The buggy address belongs to the physical page: [ 18.870835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105903 [ 18.870903] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.870954] page_type: f5(slab) [ 18.870992] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.871457] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.871652] page dumped because: kasan: bad access detected [ 18.871925] [ 18.871960] Memory state around the buggy address: [ 18.872396] fff00000c5903200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.872516] fff00000c5903280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.872609] >fff00000c5903300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.872669] ^ [ 18.872710] fff00000c5903380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.872761] fff00000c5903400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.872809] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.837179] ================================================================== [ 18.837446] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.837855] Free of addr fff00000c7864000 by task kunit_try_catch/240 [ 18.837958] [ 18.838137] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.838246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.838273] Hardware name: linux,dummy-virt (DT) [ 18.838323] Call trace: [ 18.838390] show_stack+0x20/0x38 (C) [ 18.838762] dump_stack_lvl+0x8c/0xd0 [ 18.838892] print_report+0x118/0x608 [ 18.838984] kasan_report_invalid_free+0xc0/0xe8 [ 18.839127] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.839226] mempool_free+0x24c/0x328 [ 18.839273] mempool_double_free_helper+0x150/0x2e8 [ 18.839328] mempool_page_alloc_double_free+0xbc/0x118 [ 18.839594] kunit_try_run_case+0x170/0x3f0 [ 18.839770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.839881] kthread+0x328/0x630 [ 18.839968] ret_from_fork+0x10/0x20 [ 18.840320] [ 18.840363] The buggy address belongs to the physical page: [ 18.840460] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107864 [ 18.840554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.840992] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.841148] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.841546] page dumped because: kasan: bad access detected [ 18.841702] [ 18.841770] Memory state around the buggy address: [ 18.841808] fff00000c7863f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.842138] fff00000c7863f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.842323] >fff00000c7864000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.842621] ^ [ 18.842714] fff00000c7864080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.843092] fff00000c7864100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.843457] ================================================================== [ 18.804077] ================================================================== [ 18.804148] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.804207] Free of addr fff00000c5872f00 by task kunit_try_catch/236 [ 18.804249] [ 18.804283] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.804367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.804392] Hardware name: linux,dummy-virt (DT) [ 18.804425] Call trace: [ 18.804448] show_stack+0x20/0x38 (C) [ 18.804498] dump_stack_lvl+0x8c/0xd0 [ 18.804545] print_report+0x118/0x608 [ 18.804592] kasan_report_invalid_free+0xc0/0xe8 [ 18.804641] check_slab_allocation+0xd4/0x108 [ 18.804689] __kasan_mempool_poison_object+0x78/0x150 [ 18.804741] mempool_free+0x28c/0x328 [ 18.804786] mempool_double_free_helper+0x150/0x2e8 [ 18.804835] mempool_kmalloc_double_free+0xc0/0x118 [ 18.804900] kunit_try_run_case+0x170/0x3f0 [ 18.804948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.805000] kthread+0x328/0x630 [ 18.805044] ret_from_fork+0x10/0x20 [ 18.805091] [ 18.805109] Allocated by task 236: [ 18.805140] kasan_save_stack+0x3c/0x68 [ 18.805180] kasan_save_track+0x20/0x40 [ 18.805217] kasan_save_alloc_info+0x40/0x58 [ 18.805255] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.805298] remove_element+0x130/0x1f8 [ 18.805331] mempool_alloc_preallocated+0x58/0xc0 [ 18.805370] mempool_double_free_helper+0x94/0x2e8 [ 18.805407] mempool_kmalloc_double_free+0xc0/0x118 [ 18.805447] kunit_try_run_case+0x170/0x3f0 [ 18.805484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.805527] kthread+0x328/0x630 [ 18.805558] ret_from_fork+0x10/0x20 [ 18.805595] [ 18.805614] Freed by task 236: [ 18.805640] kasan_save_stack+0x3c/0x68 [ 18.805678] kasan_save_track+0x20/0x40 [ 18.805712] kasan_save_free_info+0x4c/0x78 [ 18.805751] __kasan_mempool_poison_object+0xc0/0x150 [ 18.805792] mempool_free+0x28c/0x328 [ 18.805826] mempool_double_free_helper+0x100/0x2e8 [ 18.805875] mempool_kmalloc_double_free+0xc0/0x118 [ 18.805914] kunit_try_run_case+0x170/0x3f0 [ 18.805952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.805996] kthread+0x328/0x630 [ 18.806028] ret_from_fork+0x10/0x20 [ 18.806062] [ 18.806080] The buggy address belongs to the object at fff00000c5872f00 [ 18.806080] which belongs to the cache kmalloc-128 of size 128 [ 18.806138] The buggy address is located 0 bytes inside of [ 18.806138] 128-byte region [fff00000c5872f00, fff00000c5872f80) [ 18.806198] [ 18.806218] The buggy address belongs to the physical page: [ 18.806249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105872 [ 18.806300] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.806348] page_type: f5(slab) [ 18.806388] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.806438] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 18.806479] page dumped because: kasan: bad access detected [ 18.806508] [ 18.806529] Memory state around the buggy address: [ 18.806560] fff00000c5872e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.806605] fff00000c5872e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.806647] >fff00000c5872f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.806685] ^ [ 18.806711] fff00000c5872f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.806971] fff00000c5873000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.807014] ================================================================== [ 18.816365] ================================================================== [ 18.816423] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.816479] Free of addr fff00000c7864000 by task kunit_try_catch/238 [ 18.816520] [ 18.816553] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.816636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.816665] Hardware name: linux,dummy-virt (DT) [ 18.816695] Call trace: [ 18.816715] show_stack+0x20/0x38 (C) [ 18.816765] dump_stack_lvl+0x8c/0xd0 [ 18.816812] print_report+0x118/0x608 [ 18.817072] kasan_report_invalid_free+0xc0/0xe8 [ 18.817296] __kasan_mempool_poison_object+0x14c/0x150 [ 18.817583] mempool_free+0x28c/0x328 [ 18.817764] mempool_double_free_helper+0x150/0x2e8 [ 18.817868] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.817966] kunit_try_run_case+0x170/0x3f0 [ 18.818013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.818066] kthread+0x328/0x630 [ 18.818315] ret_from_fork+0x10/0x20 [ 18.818467] [ 18.818488] The buggy address belongs to the physical page: [ 18.818522] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107864 [ 18.818638] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.818686] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.819180] page_type: f8(unknown) [ 18.819242] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.819294] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.819359] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.819547] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.819597] head: 0bfffe0000000002 ffffc1ffc31e1901 00000000ffffffff 00000000ffffffff [ 18.819645] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.819729] page dumped because: kasan: bad access detected [ 18.819871] [ 18.819951] Memory state around the buggy address: [ 18.819983] fff00000c7863f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.820135] fff00000c7863f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.820211] >fff00000c7864000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.820276] ^ [ 18.820304] fff00000c7864080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.820381] fff00000c7864100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.820441] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.781430] ================================================================== [ 18.781503] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.781574] Read of size 1 at addr fff00000c7864000 by task kunit_try_catch/234 [ 18.781624] [ 18.781663] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.781749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.781775] Hardware name: linux,dummy-virt (DT) [ 18.781809] Call trace: [ 18.781833] show_stack+0x20/0x38 (C) [ 18.781903] dump_stack_lvl+0x8c/0xd0 [ 18.781954] print_report+0x118/0x608 [ 18.782001] kasan_report+0xdc/0x128 [ 18.782047] __asan_report_load1_noabort+0x20/0x30 [ 18.782096] mempool_uaf_helper+0x314/0x340 [ 18.782143] mempool_page_alloc_uaf+0xc0/0x118 [ 18.782190] kunit_try_run_case+0x170/0x3f0 [ 18.782239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.782291] kthread+0x328/0x630 [ 18.782333] ret_from_fork+0x10/0x20 [ 18.782381] [ 18.782402] The buggy address belongs to the physical page: [ 18.782437] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107864 [ 18.782491] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.782560] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.782610] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.782652] page dumped because: kasan: bad access detected [ 18.782684] [ 18.782701] Memory state around the buggy address: [ 18.782830] fff00000c7863f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.782895] fff00000c7863f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.782938] >fff00000c7864000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.782976] ^ [ 18.783005] fff00000c7864080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.783046] fff00000c7864100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.783444] ================================================================== [ 18.706162] ================================================================== [ 18.706851] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.707186] Read of size 1 at addr fff00000c659c000 by task kunit_try_catch/230 [ 18.707528] [ 18.707567] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.707830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.708190] Hardware name: linux,dummy-virt (DT) [ 18.708237] Call trace: [ 18.708742] show_stack+0x20/0x38 (C) [ 18.708976] dump_stack_lvl+0x8c/0xd0 [ 18.709267] print_report+0x118/0x608 [ 18.709413] kasan_report+0xdc/0x128 [ 18.709783] __asan_report_load1_noabort+0x20/0x30 [ 18.710081] mempool_uaf_helper+0x314/0x340 [ 18.710466] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.710777] kunit_try_run_case+0x170/0x3f0 [ 18.711101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.711201] kthread+0x328/0x630 [ 18.711247] ret_from_fork+0x10/0x20 [ 18.711296] [ 18.711837] The buggy address belongs to the physical page: [ 18.711898] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659c [ 18.711955] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.712296] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.712479] page_type: f8(unknown) [ 18.712539] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.712944] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.713159] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.713210] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.713723] head: 0bfffe0000000002 ffffc1ffc3196701 00000000ffffffff 00000000ffffffff [ 18.713785] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.713826] page dumped because: kasan: bad access detected [ 18.713864] [ 18.713881] Memory state around the buggy address: [ 18.714359] fff00000c659bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.714790] fff00000c659bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.714900] >fff00000c659c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.714954] ^ [ 18.715358] fff00000c659c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.715468] fff00000c659c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.715630] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.676183] ================================================================== [ 18.676253] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.677819] Read of size 1 at addr fff00000c5872b00 by task kunit_try_catch/228 [ 18.677905] [ 18.677948] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.678490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.678518] Hardware name: linux,dummy-virt (DT) [ 18.678552] Call trace: [ 18.678576] show_stack+0x20/0x38 (C) [ 18.678634] dump_stack_lvl+0x8c/0xd0 [ 18.678684] print_report+0x118/0x608 [ 18.679182] kasan_report+0xdc/0x128 [ 18.679251] __asan_report_load1_noabort+0x20/0x30 [ 18.679805] mempool_uaf_helper+0x314/0x340 [ 18.679971] mempool_kmalloc_uaf+0xc4/0x120 [ 18.680022] kunit_try_run_case+0x170/0x3f0 [ 18.680075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.680952] kthread+0x328/0x630 [ 18.681223] ret_from_fork+0x10/0x20 [ 18.681423] [ 18.681522] Allocated by task 228: [ 18.681907] kasan_save_stack+0x3c/0x68 [ 18.681967] kasan_save_track+0x20/0x40 [ 18.682007] kasan_save_alloc_info+0x40/0x58 [ 18.682306] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.682417] remove_element+0x130/0x1f8 [ 18.682519] mempool_alloc_preallocated+0x58/0xc0 [ 18.682560] mempool_uaf_helper+0xa4/0x340 [ 18.682891] mempool_kmalloc_uaf+0xc4/0x120 [ 18.683203] kunit_try_run_case+0x170/0x3f0 [ 18.683372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.683617] kthread+0x328/0x630 [ 18.683901] ret_from_fork+0x10/0x20 [ 18.684425] [ 18.684597] Freed by task 228: [ 18.684727] kasan_save_stack+0x3c/0x68 [ 18.684783] kasan_save_track+0x20/0x40 [ 18.684819] kasan_save_free_info+0x4c/0x78 [ 18.684868] __kasan_mempool_poison_object+0xc0/0x150 [ 18.684908] mempool_free+0x28c/0x328 [ 18.684941] mempool_uaf_helper+0x104/0x340 [ 18.684979] mempool_kmalloc_uaf+0xc4/0x120 [ 18.685016] kunit_try_run_case+0x170/0x3f0 [ 18.685052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.685094] kthread+0x328/0x630 [ 18.686174] ret_from_fork+0x10/0x20 [ 18.686226] [ 18.686248] The buggy address belongs to the object at fff00000c5872b00 [ 18.686248] which belongs to the cache kmalloc-128 of size 128 [ 18.686390] The buggy address is located 0 bytes inside of [ 18.686390] freed 128-byte region [fff00000c5872b00, fff00000c5872b80) [ 18.686648] [ 18.686672] The buggy address belongs to the physical page: [ 18.686703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105872 [ 18.687090] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.687342] page_type: f5(slab) [ 18.687500] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.687552] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.687645] page dumped because: kasan: bad access detected [ 18.688052] [ 18.688077] Memory state around the buggy address: [ 18.688308] fff00000c5872a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.688557] fff00000c5872a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.688603] >fff00000c5872b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.688908] ^ [ 18.689134] fff00000c5872b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.689520] fff00000c5872c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.689569] ================================================================== [ 18.740242] ================================================================== [ 18.740336] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.740403] Read of size 1 at addr fff00000c5901240 by task kunit_try_catch/232 [ 18.740453] [ 18.740492] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.740578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.740605] Hardware name: linux,dummy-virt (DT) [ 18.740637] Call trace: [ 18.740662] show_stack+0x20/0x38 (C) [ 18.740710] dump_stack_lvl+0x8c/0xd0 [ 18.740759] print_report+0x118/0x608 [ 18.740804] kasan_report+0xdc/0x128 [ 18.740866] __asan_report_load1_noabort+0x20/0x30 [ 18.740915] mempool_uaf_helper+0x314/0x340 [ 18.740962] mempool_slab_uaf+0xc0/0x118 [ 18.741006] kunit_try_run_case+0x170/0x3f0 [ 18.741056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.741108] kthread+0x328/0x630 [ 18.741150] ret_from_fork+0x10/0x20 [ 18.741201] [ 18.741221] Allocated by task 232: [ 18.741249] kasan_save_stack+0x3c/0x68 [ 18.741288] kasan_save_track+0x20/0x40 [ 18.741326] kasan_save_alloc_info+0x40/0x58 [ 18.741366] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.741410] remove_element+0x16c/0x1f8 [ 18.741448] mempool_alloc_preallocated+0x58/0xc0 [ 18.741487] mempool_uaf_helper+0xa4/0x340 [ 18.741524] mempool_slab_uaf+0xc0/0x118 [ 18.741561] kunit_try_run_case+0x170/0x3f0 [ 18.741598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.741641] kthread+0x328/0x630 [ 18.741672] ret_from_fork+0x10/0x20 [ 18.741709] [ 18.741728] Freed by task 232: [ 18.741753] kasan_save_stack+0x3c/0x68 [ 18.741790] kasan_save_track+0x20/0x40 [ 18.741827] kasan_save_free_info+0x4c/0x78 [ 18.741879] __kasan_mempool_poison_object+0xc0/0x150 [ 18.741921] mempool_free+0x28c/0x328 [ 18.741955] mempool_uaf_helper+0x104/0x340 [ 18.741992] mempool_slab_uaf+0xc0/0x118 [ 18.742028] kunit_try_run_case+0x170/0x3f0 [ 18.742066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.742109] kthread+0x328/0x630 [ 18.742140] ret_from_fork+0x10/0x20 [ 18.742176] [ 18.742196] The buggy address belongs to the object at fff00000c5901240 [ 18.742196] which belongs to the cache test_cache of size 123 [ 18.742254] The buggy address is located 0 bytes inside of [ 18.742254] freed 123-byte region [fff00000c5901240, fff00000c59012bb) [ 18.742314] [ 18.742335] The buggy address belongs to the physical page: [ 18.742368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105901 [ 18.742420] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.742472] page_type: f5(slab) [ 18.742511] raw: 0bfffe0000000000 fff00000c6f4f280 dead000000000122 0000000000000000 [ 18.742561] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.742601] page dumped because: kasan: bad access detected [ 18.742632] [ 18.742651] Memory state around the buggy address: [ 18.742681] fff00000c5901100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.742724] fff00000c5901180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.743215] >fff00000c5901200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.743257] ^ [ 18.743293] fff00000c5901280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.743342] fff00000c5901300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.743380] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.600329] ================================================================== [ 18.600390] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.600746] Read of size 1 at addr fff00000c659a001 by task kunit_try_catch/224 [ 18.600810] [ 18.601533] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.601711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.601740] Hardware name: linux,dummy-virt (DT) [ 18.601772] Call trace: [ 18.601796] show_stack+0x20/0x38 (C) [ 18.601861] dump_stack_lvl+0x8c/0xd0 [ 18.601907] print_report+0x118/0x608 [ 18.601951] kasan_report+0xdc/0x128 [ 18.601996] __asan_report_load1_noabort+0x20/0x30 [ 18.602045] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.602755] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.603248] kunit_try_run_case+0x170/0x3f0 [ 18.603356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.603545] kthread+0x328/0x630 [ 18.604045] ret_from_fork+0x10/0x20 [ 18.604352] [ 18.604383] The buggy address belongs to the physical page: [ 18.604719] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106598 [ 18.604789] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.605217] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.605286] page_type: f8(unknown) [ 18.605326] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.605783] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.605852] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.606238] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.606447] head: 0bfffe0000000002 ffffc1ffc3196601 00000000ffffffff 00000000ffffffff [ 18.606622] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.606920] page dumped because: kasan: bad access detected [ 18.606957] [ 18.607003] Memory state around the buggy address: [ 18.607118] fff00000c6599f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.607181] fff00000c6599f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.607504] >fff00000c659a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.607547] ^ [ 18.607885] fff00000c659a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.608024] fff00000c659a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.608063] ================================================================== [ 18.625404] ================================================================== [ 18.625480] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.625772] Read of size 1 at addr fff00000c6f592bb by task kunit_try_catch/226 [ 18.626275] [ 18.626364] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.626453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.626480] Hardware name: linux,dummy-virt (DT) [ 18.626511] Call trace: [ 18.626535] show_stack+0x20/0x38 (C) [ 18.627131] dump_stack_lvl+0x8c/0xd0 [ 18.627545] print_report+0x118/0x608 [ 18.627671] kasan_report+0xdc/0x128 [ 18.627990] __asan_report_load1_noabort+0x20/0x30 [ 18.628177] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.628227] mempool_slab_oob_right+0xc0/0x118 [ 18.628275] kunit_try_run_case+0x170/0x3f0 [ 18.628760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.628814] kthread+0x328/0x630 [ 18.629123] ret_from_fork+0x10/0x20 [ 18.629422] [ 18.629516] Allocated by task 226: [ 18.629560] kasan_save_stack+0x3c/0x68 [ 18.629606] kasan_save_track+0x20/0x40 [ 18.629643] kasan_save_alloc_info+0x40/0x58 [ 18.629682] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.630046] remove_element+0x16c/0x1f8 [ 18.630090] mempool_alloc_preallocated+0x58/0xc0 [ 18.630135] mempool_oob_right_helper+0x98/0x2f0 [ 18.630172] mempool_slab_oob_right+0xc0/0x118 [ 18.630211] kunit_try_run_case+0x170/0x3f0 [ 18.630628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.630678] kthread+0x328/0x630 [ 18.630861] ret_from_fork+0x10/0x20 [ 18.631090] [ 18.631140] The buggy address belongs to the object at fff00000c6f59240 [ 18.631140] which belongs to the cache test_cache of size 123 [ 18.631209] The buggy address is located 0 bytes to the right of [ 18.631209] allocated 123-byte region [fff00000c6f59240, fff00000c6f592bb) [ 18.631295] [ 18.631347] The buggy address belongs to the physical page: [ 18.631382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f59 [ 18.631433] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.631483] page_type: f5(slab) [ 18.631599] raw: 0bfffe0000000000 fff00000c6f4f140 dead000000000122 0000000000000000 [ 18.631804] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.631969] page dumped because: kasan: bad access detected [ 18.632014] [ 18.632031] Memory state around the buggy address: [ 18.632063] fff00000c6f59180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.632113] fff00000c6f59200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.632178] >fff00000c6f59280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.632215] ^ [ 18.632614] fff00000c6f59300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.632661] fff00000c6f59380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.632706] ================================================================== [ 18.588743] ================================================================== [ 18.588822] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.588914] Read of size 1 at addr fff00000c5872773 by task kunit_try_catch/222 [ 18.588963] [ 18.589007] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.589096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.589123] Hardware name: linux,dummy-virt (DT) [ 18.589157] Call trace: [ 18.589183] show_stack+0x20/0x38 (C) [ 18.589236] dump_stack_lvl+0x8c/0xd0 [ 18.589286] print_report+0x118/0x608 [ 18.589333] kasan_report+0xdc/0x128 [ 18.589377] __asan_report_load1_noabort+0x20/0x30 [ 18.589428] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.589476] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.589525] kunit_try_run_case+0x170/0x3f0 [ 18.589575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.589625] kthread+0x328/0x630 [ 18.589669] ret_from_fork+0x10/0x20 [ 18.589717] [ 18.589736] Allocated by task 222: [ 18.589766] kasan_save_stack+0x3c/0x68 [ 18.589805] kasan_save_track+0x20/0x40 [ 18.589854] kasan_save_alloc_info+0x40/0x58 [ 18.589892] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.589935] remove_element+0x130/0x1f8 [ 18.589972] mempool_alloc_preallocated+0x58/0xc0 [ 18.590011] mempool_oob_right_helper+0x98/0x2f0 [ 18.590051] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.590091] kunit_try_run_case+0x170/0x3f0 [ 18.590128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.590171] kthread+0x328/0x630 [ 18.590202] ret_from_fork+0x10/0x20 [ 18.590239] [ 18.590259] The buggy address belongs to the object at fff00000c5872700 [ 18.590259] which belongs to the cache kmalloc-128 of size 128 [ 18.590317] The buggy address is located 0 bytes to the right of [ 18.590317] allocated 115-byte region [fff00000c5872700, fff00000c5872773) [ 18.590379] [ 18.590400] The buggy address belongs to the physical page: [ 18.590434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105872 [ 18.590492] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.590543] page_type: f5(slab) [ 18.590585] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.590636] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.590678] page dumped because: kasan: bad access detected [ 18.590708] [ 18.590733] Memory state around the buggy address: [ 18.590881] fff00000c5872600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.590929] fff00000c5872680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.590973] >fff00000c5872700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.591012] ^ [ 18.591052] fff00000c5872780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.591096] fff00000c5872800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.591136] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.017593] ================================================================== [ 18.017678] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.017753] Read of size 1 at addr fff00000c3ea3c80 by task kunit_try_catch/216 [ 18.017805] [ 18.017862] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.017955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.017983] Hardware name: linux,dummy-virt (DT) [ 18.018018] Call trace: [ 18.018045] show_stack+0x20/0x38 (C) [ 18.018100] dump_stack_lvl+0x8c/0xd0 [ 18.018151] print_report+0x118/0x608 [ 18.018197] kasan_report+0xdc/0x128 [ 18.018242] __kasan_check_byte+0x54/0x70 [ 18.018288] kmem_cache_destroy+0x34/0x218 [ 18.018335] kmem_cache_double_destroy+0x174/0x300 [ 18.018384] kunit_try_run_case+0x170/0x3f0 [ 18.018434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.018484] kthread+0x328/0x630 [ 18.018528] ret_from_fork+0x10/0x20 [ 18.018576] [ 18.018594] Allocated by task 216: [ 18.018625] kasan_save_stack+0x3c/0x68 [ 18.018667] kasan_save_track+0x20/0x40 [ 18.018704] kasan_save_alloc_info+0x40/0x58 [ 18.018748] __kasan_slab_alloc+0xa8/0xb0 [ 18.018784] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.018825] __kmem_cache_create_args+0x178/0x280 [ 18.018873] kmem_cache_double_destroy+0xc0/0x300 [ 18.018910] kunit_try_run_case+0x170/0x3f0 [ 18.018948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.018989] kthread+0x328/0x630 [ 18.019021] ret_from_fork+0x10/0x20 [ 18.019057] [ 18.019075] Freed by task 216: [ 18.019101] kasan_save_stack+0x3c/0x68 [ 18.019137] kasan_save_track+0x20/0x40 [ 18.019174] kasan_save_free_info+0x4c/0x78 [ 18.019212] __kasan_slab_free+0x6c/0x98 [ 18.019250] kmem_cache_free+0x260/0x468 [ 18.019285] slab_kmem_cache_release+0x38/0x50 [ 18.019328] kmem_cache_release+0x1c/0x30 [ 18.019364] kobject_put+0x17c/0x420 [ 18.019398] sysfs_slab_release+0x1c/0x30 [ 18.019436] kmem_cache_destroy+0x118/0x218 [ 18.019471] kmem_cache_double_destroy+0x128/0x300 [ 18.019510] kunit_try_run_case+0x170/0x3f0 [ 18.019546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.019589] kthread+0x328/0x630 [ 18.019622] ret_from_fork+0x10/0x20 [ 18.019656] [ 18.019675] The buggy address belongs to the object at fff00000c3ea3c80 [ 18.019675] which belongs to the cache kmem_cache of size 208 [ 18.019732] The buggy address is located 0 bytes inside of [ 18.019732] freed 208-byte region [fff00000c3ea3c80, fff00000c3ea3d50) [ 18.019792] [ 18.019814] The buggy address belongs to the physical page: [ 18.019857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ea3 [ 18.019912] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.019964] page_type: f5(slab) [ 18.020005] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.020056] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.020098] page dumped because: kasan: bad access detected [ 18.020130] [ 18.020148] Memory state around the buggy address: [ 18.020181] fff00000c3ea3b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.020225] fff00000c3ea3c00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.020267] >fff00000c3ea3c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.020306] ^ [ 18.020334] fff00000c3ea3d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 18.020378] fff00000c3ea3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.020418] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.935152] ================================================================== [ 17.935260] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 17.935351] Read of size 1 at addr fff00000c6f4d000 by task kunit_try_catch/214 [ 17.935405] [ 17.935450] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.935537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.935563] Hardware name: linux,dummy-virt (DT) [ 17.935597] Call trace: [ 17.935622] show_stack+0x20/0x38 (C) [ 17.935676] dump_stack_lvl+0x8c/0xd0 [ 17.935727] print_report+0x118/0x608 [ 17.935775] kasan_report+0xdc/0x128 [ 17.935819] __asan_report_load1_noabort+0x20/0x30 [ 17.935888] kmem_cache_rcu_uaf+0x388/0x468 [ 17.935935] kunit_try_run_case+0x170/0x3f0 [ 17.935985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.936038] kthread+0x328/0x630 [ 17.936081] ret_from_fork+0x10/0x20 [ 17.936131] [ 17.936150] Allocated by task 214: [ 17.936180] kasan_save_stack+0x3c/0x68 [ 17.936220] kasan_save_track+0x20/0x40 [ 17.936259] kasan_save_alloc_info+0x40/0x58 [ 17.936298] __kasan_slab_alloc+0xa8/0xb0 [ 17.936336] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.936377] kmem_cache_rcu_uaf+0x12c/0x468 [ 17.936414] kunit_try_run_case+0x170/0x3f0 [ 17.936451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.936493] kthread+0x328/0x630 [ 17.936525] ret_from_fork+0x10/0x20 [ 17.936561] [ 17.936579] Freed by task 0: [ 17.936607] kasan_save_stack+0x3c/0x68 [ 17.936645] kasan_save_track+0x20/0x40 [ 17.936680] kasan_save_free_info+0x4c/0x78 [ 17.936719] __kasan_slab_free+0x6c/0x98 [ 17.936755] slab_free_after_rcu_debug+0xd4/0x2f8 [ 17.936794] rcu_core+0x9f4/0x1e20 [ 17.936830] rcu_core_si+0x18/0x30 [ 17.936874] handle_softirqs+0x374/0xb28 [ 17.936912] __do_softirq+0x1c/0x28 [ 17.936944] [ 17.936962] Last potentially related work creation: [ 17.936990] kasan_save_stack+0x3c/0x68 [ 17.937029] kasan_record_aux_stack+0xb4/0xc8 [ 17.937068] kmem_cache_free+0x120/0x468 [ 17.937106] kmem_cache_rcu_uaf+0x16c/0x468 [ 17.937143] kunit_try_run_case+0x170/0x3f0 [ 17.937179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.937222] kthread+0x328/0x630 [ 17.937253] ret_from_fork+0x10/0x20 [ 17.937289] [ 17.937308] The buggy address belongs to the object at fff00000c6f4d000 [ 17.937308] which belongs to the cache test_cache of size 200 [ 17.937365] The buggy address is located 0 bytes inside of [ 17.937365] freed 200-byte region [fff00000c6f4d000, fff00000c6f4d0c8) [ 17.937427] [ 17.937447] The buggy address belongs to the physical page: [ 17.937481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f4d [ 17.937538] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.937591] page_type: f5(slab) [ 17.937632] raw: 0bfffe0000000000 fff00000c6f4f000 dead000000000122 0000000000000000 [ 17.937684] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.937726] page dumped because: kasan: bad access detected [ 17.937757] [ 17.937774] Memory state around the buggy address: [ 17.937808] fff00000c6f4cf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.937861] fff00000c6f4cf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.937904] >fff00000c6f4d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.937943] ^ [ 17.937969] fff00000c6f4d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.938012] fff00000c6f4d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.938049] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.624481] ================================================================== [ 17.624828] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.624908] Free of addr fff00000c58d9001 by task kunit_try_catch/212 [ 17.624951] [ 17.625125] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.625231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.625294] Hardware name: linux,dummy-virt (DT) [ 17.625335] Call trace: [ 17.625382] show_stack+0x20/0x38 (C) [ 17.625449] dump_stack_lvl+0x8c/0xd0 [ 17.625501] print_report+0x118/0x608 [ 17.625548] kasan_report_invalid_free+0xc0/0xe8 [ 17.625716] check_slab_allocation+0xfc/0x108 [ 17.625771] __kasan_slab_pre_free+0x2c/0x48 [ 17.625819] kmem_cache_free+0xf0/0x468 [ 17.625880] kmem_cache_invalid_free+0x184/0x3c8 [ 17.625929] kunit_try_run_case+0x170/0x3f0 [ 17.626001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.626058] kthread+0x328/0x630 [ 17.626217] ret_from_fork+0x10/0x20 [ 17.626386] [ 17.626437] Allocated by task 212: [ 17.626704] kasan_save_stack+0x3c/0x68 [ 17.627080] kasan_save_track+0x20/0x40 [ 17.627167] kasan_save_alloc_info+0x40/0x58 [ 17.627207] __kasan_slab_alloc+0xa8/0xb0 [ 17.627244] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.627284] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.627505] kunit_try_run_case+0x170/0x3f0 [ 17.627548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.627616] kthread+0x328/0x630 [ 17.627663] ret_from_fork+0x10/0x20 [ 17.627745] [ 17.627799] The buggy address belongs to the object at fff00000c58d9000 [ 17.627799] which belongs to the cache test_cache of size 200 [ 17.627880] The buggy address is located 1 bytes inside of [ 17.627880] 200-byte region [fff00000c58d9000, fff00000c58d90c8) [ 17.628056] [ 17.628126] The buggy address belongs to the physical page: [ 17.628293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058d9 [ 17.628356] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.628437] page_type: f5(slab) [ 17.628477] raw: 0bfffe0000000000 fff00000c3ea3b40 dead000000000122 0000000000000000 [ 17.628527] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.628872] page dumped because: kasan: bad access detected [ 17.628960] [ 17.629082] Memory state around the buggy address: [ 17.629158] fff00000c58d8f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.629202] fff00000c58d8f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.629244] >fff00000c58d9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.629282] ^ [ 17.629311] fff00000c58d9080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.629352] fff00000c58d9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.629492] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.576694] ================================================================== [ 17.576772] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.577496] Free of addr fff00000c58da000 by task kunit_try_catch/210 [ 17.577611] [ 17.577656] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.577752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.577781] Hardware name: linux,dummy-virt (DT) [ 17.577815] Call trace: [ 17.577848] show_stack+0x20/0x38 (C) [ 17.577907] dump_stack_lvl+0x8c/0xd0 [ 17.578769] print_report+0x118/0x608 [ 17.579199] kasan_report_invalid_free+0xc0/0xe8 [ 17.579346] check_slab_allocation+0xd4/0x108 [ 17.579725] __kasan_slab_pre_free+0x2c/0x48 [ 17.579783] kmem_cache_free+0xf0/0x468 [ 17.579833] kmem_cache_double_free+0x190/0x3c8 [ 17.579896] kunit_try_run_case+0x170/0x3f0 [ 17.579945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.580000] kthread+0x328/0x630 [ 17.581163] ret_from_fork+0x10/0x20 [ 17.581403] [ 17.581540] Allocated by task 210: [ 17.581723] kasan_save_stack+0x3c/0x68 [ 17.582056] kasan_save_track+0x20/0x40 [ 17.582273] kasan_save_alloc_info+0x40/0x58 [ 17.582334] __kasan_slab_alloc+0xa8/0xb0 [ 17.582678] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.582771] kmem_cache_double_free+0x12c/0x3c8 [ 17.582857] kunit_try_run_case+0x170/0x3f0 [ 17.583052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.583291] kthread+0x328/0x630 [ 17.583341] ret_from_fork+0x10/0x20 [ 17.583377] [ 17.583628] Freed by task 210: [ 17.583862] kasan_save_stack+0x3c/0x68 [ 17.583909] kasan_save_track+0x20/0x40 [ 17.583944] kasan_save_free_info+0x4c/0x78 [ 17.584410] __kasan_slab_free+0x6c/0x98 [ 17.584472] kmem_cache_free+0x260/0x468 [ 17.584522] kmem_cache_double_free+0x140/0x3c8 [ 17.584567] kunit_try_run_case+0x170/0x3f0 [ 17.584605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.585358] kthread+0x328/0x630 [ 17.585662] ret_from_fork+0x10/0x20 [ 17.585792] [ 17.585811] The buggy address belongs to the object at fff00000c58da000 [ 17.585811] which belongs to the cache test_cache of size 200 [ 17.586303] The buggy address is located 0 bytes inside of [ 17.586303] 200-byte region [fff00000c58da000, fff00000c58da0c8) [ 17.586376] [ 17.587016] The buggy address belongs to the physical page: [ 17.587220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058da [ 17.587545] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.587606] page_type: f5(slab) [ 17.587657] raw: 0bfffe0000000000 fff00000ffe82f00 dead000000000122 0000000000000000 [ 17.587921] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.588343] page dumped because: kasan: bad access detected [ 17.588405] [ 17.588612] Memory state around the buggy address: [ 17.588655] fff00000c58d9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.588701] fff00000c58d9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.588744] >fff00000c58da000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.588784] ^ [ 17.589498] fff00000c58da080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.589550] fff00000c58da100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.589589] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.301523] ================================================================== [ 17.301751] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.301894] Read of size 1 at addr fff00000c58e90c8 by task kunit_try_catch/208 [ 17.301945] [ 17.301981] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.302065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.302093] Hardware name: linux,dummy-virt (DT) [ 17.302164] Call trace: [ 17.302223] show_stack+0x20/0x38 (C) [ 17.302282] dump_stack_lvl+0x8c/0xd0 [ 17.302547] print_report+0x118/0x608 [ 17.302770] kasan_report+0xdc/0x128 [ 17.302896] __asan_report_load1_noabort+0x20/0x30 [ 17.302946] kmem_cache_oob+0x344/0x430 [ 17.302992] kunit_try_run_case+0x170/0x3f0 [ 17.303040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.303092] kthread+0x328/0x630 [ 17.303135] ret_from_fork+0x10/0x20 [ 17.303183] [ 17.303201] Allocated by task 208: [ 17.303250] kasan_save_stack+0x3c/0x68 [ 17.303291] kasan_save_track+0x20/0x40 [ 17.303339] kasan_save_alloc_info+0x40/0x58 [ 17.303401] __kasan_slab_alloc+0xa8/0xb0 [ 17.303492] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.303620] kmem_cache_oob+0x12c/0x430 [ 17.303655] kunit_try_run_case+0x170/0x3f0 [ 17.303709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.303752] kthread+0x328/0x630 [ 17.303822] ret_from_fork+0x10/0x20 [ 17.303969] [ 17.303989] The buggy address belongs to the object at fff00000c58e9000 [ 17.303989] which belongs to the cache test_cache of size 200 [ 17.304072] The buggy address is located 0 bytes to the right of [ 17.304072] allocated 200-byte region [fff00000c58e9000, fff00000c58e90c8) [ 17.304226] [ 17.304253] The buggy address belongs to the physical page: [ 17.304359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058e9 [ 17.304416] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.304466] page_type: f5(slab) [ 17.304591] raw: 0bfffe0000000000 fff00000c3ea3a00 dead000000000122 0000000000000000 [ 17.305319] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.305423] page dumped because: kasan: bad access detected [ 17.305484] [ 17.305502] Memory state around the buggy address: [ 17.305534] fff00000c58e8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.305577] fff00000c58e9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.305620] >fff00000c58e9080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.305657] ^ [ 17.305692] fff00000c58e9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.305733] fff00000c58e9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.305773] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.269201] ================================================================== [ 17.269274] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.269331] Read of size 8 at addr fff00000c589be40 by task kunit_try_catch/201 [ 17.269636] [ 17.270009] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.270206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.270236] Hardware name: linux,dummy-virt (DT) [ 17.270382] Call trace: [ 17.270406] show_stack+0x20/0x38 (C) [ 17.270597] dump_stack_lvl+0x8c/0xd0 [ 17.270648] print_report+0x118/0x608 [ 17.270695] kasan_report+0xdc/0x128 [ 17.271231] __asan_report_load8_noabort+0x20/0x30 [ 17.271288] workqueue_uaf+0x480/0x4a8 [ 17.271386] kunit_try_run_case+0x170/0x3f0 [ 17.271574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.271921] kthread+0x328/0x630 [ 17.272202] ret_from_fork+0x10/0x20 [ 17.272464] [ 17.272489] Allocated by task 201: [ 17.272520] kasan_save_stack+0x3c/0x68 [ 17.272565] kasan_save_track+0x20/0x40 [ 17.272603] kasan_save_alloc_info+0x40/0x58 [ 17.272975] __kasan_kmalloc+0xd4/0xd8 [ 17.273031] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.273073] workqueue_uaf+0x13c/0x4a8 [ 17.273118] kunit_try_run_case+0x170/0x3f0 [ 17.273578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.273631] kthread+0x328/0x630 [ 17.273769] ret_from_fork+0x10/0x20 [ 17.274074] [ 17.274108] Freed by task 76: [ 17.274137] kasan_save_stack+0x3c/0x68 [ 17.274255] kasan_save_track+0x20/0x40 [ 17.274296] kasan_save_free_info+0x4c/0x78 [ 17.274334] __kasan_slab_free+0x6c/0x98 [ 17.274370] kfree+0x214/0x3c8 [ 17.274894] workqueue_uaf_work+0x18/0x30 [ 17.275030] process_one_work+0x530/0xf98 [ 17.275162] worker_thread+0x618/0xf38 [ 17.275365] kthread+0x328/0x630 [ 17.275407] ret_from_fork+0x10/0x20 [ 17.275444] [ 17.275464] Last potentially related work creation: [ 17.275704] kasan_save_stack+0x3c/0x68 [ 17.275943] kasan_record_aux_stack+0xb4/0xc8 [ 17.276175] __queue_work+0x65c/0x1008 [ 17.276218] queue_work_on+0xbc/0xf8 [ 17.276252] workqueue_uaf+0x210/0x4a8 [ 17.276288] kunit_try_run_case+0x170/0x3f0 [ 17.276324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.276370] kthread+0x328/0x630 [ 17.276402] ret_from_fork+0x10/0x20 [ 17.276440] [ 17.276458] The buggy address belongs to the object at fff00000c589be40 [ 17.276458] which belongs to the cache kmalloc-32 of size 32 [ 17.277301] The buggy address is located 0 bytes inside of [ 17.277301] freed 32-byte region [fff00000c589be40, fff00000c589be60) [ 17.277380] [ 17.277401] The buggy address belongs to the physical page: [ 17.277434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10589b [ 17.277490] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.277541] page_type: f5(slab) [ 17.278088] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.278765] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.278962] page dumped because: kasan: bad access detected [ 17.279061] [ 17.279080] Memory state around the buggy address: [ 17.279115] fff00000c589bd00: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 17.279370] fff00000c589bd80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.279413] >fff00000c589be00: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 17.279452] ^ [ 17.279747] fff00000c589be80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.280051] fff00000c589bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.280306] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.235413] ================================================================== [ 17.235552] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.235623] Read of size 4 at addr fff00000c589bc40 by task swapper/0/0 [ 17.235669] [ 17.235709] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.235794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.235819] Hardware name: linux,dummy-virt (DT) [ 17.235865] Call trace: [ 17.235889] show_stack+0x20/0x38 (C) [ 17.235938] dump_stack_lvl+0x8c/0xd0 [ 17.235987] print_report+0x118/0x608 [ 17.236032] kasan_report+0xdc/0x128 [ 17.236077] __asan_report_load4_noabort+0x20/0x30 [ 17.236125] rcu_uaf_reclaim+0x64/0x70 [ 17.236169] rcu_core+0x9f4/0x1e20 [ 17.236216] rcu_core_si+0x18/0x30 [ 17.236259] handle_softirqs+0x374/0xb28 [ 17.236306] __do_softirq+0x1c/0x28 [ 17.236347] ____do_softirq+0x18/0x30 [ 17.236391] call_on_irq_stack+0x24/0x30 [ 17.236434] do_softirq_own_stack+0x24/0x38 [ 17.236480] __irq_exit_rcu+0x1fc/0x318 [ 17.236523] irq_exit_rcu+0x1c/0x80 [ 17.236567] el1_interrupt+0x38/0x58 [ 17.236614] el1h_64_irq_handler+0x18/0x28 [ 17.236660] el1h_64_irq+0x6c/0x70 [ 17.236746] arch_local_irq_enable+0x4/0x8 (P) [ 17.236796] do_idle+0x384/0x4e8 [ 17.236838] cpu_startup_entry+0x64/0x80 [ 17.238893] rest_init+0x160/0x188 [ 17.238936] start_kernel+0x30c/0x3d0 [ 17.238989] __primary_switched+0x8c/0xa0 [ 17.239040] [ 17.239059] Allocated by task 199: [ 17.239088] kasan_save_stack+0x3c/0x68 [ 17.239131] kasan_save_track+0x20/0x40 [ 17.239167] kasan_save_alloc_info+0x40/0x58 [ 17.239207] __kasan_kmalloc+0xd4/0xd8 [ 17.239242] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.239281] rcu_uaf+0xb0/0x2d8 [ 17.239315] kunit_try_run_case+0x170/0x3f0 [ 17.239360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.239464] kthread+0x328/0x630 [ 17.239511] ret_from_fork+0x10/0x20 [ 17.239557] [ 17.239577] Freed by task 0: [ 17.239681] kasan_save_stack+0x3c/0x68 [ 17.239922] kasan_save_track+0x20/0x40 [ 17.239962] kasan_save_free_info+0x4c/0x78 [ 17.240001] __kasan_slab_free+0x6c/0x98 [ 17.240039] kfree+0x214/0x3c8 [ 17.240070] rcu_uaf_reclaim+0x28/0x70 [ 17.240241] rcu_core+0x9f4/0x1e20 [ 17.240331] rcu_core_si+0x18/0x30 [ 17.240369] handle_softirqs+0x374/0xb28 [ 17.240407] __do_softirq+0x1c/0x28 [ 17.240463] [ 17.240520] Last potentially related work creation: [ 17.240587] kasan_save_stack+0x3c/0x68 [ 17.240629] kasan_record_aux_stack+0xb4/0xc8 [ 17.240706] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.240748] call_rcu+0x18/0x30 [ 17.240782] rcu_uaf+0x14c/0x2d8 [ 17.240815] kunit_try_run_case+0x170/0x3f0 [ 17.240863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.240906] kthread+0x328/0x630 [ 17.240939] ret_from_fork+0x10/0x20 [ 17.240981] [ 17.241022] The buggy address belongs to the object at fff00000c589bc40 [ 17.241022] which belongs to the cache kmalloc-32 of size 32 [ 17.241313] The buggy address is located 0 bytes inside of [ 17.241313] freed 32-byte region [fff00000c589bc40, fff00000c589bc60) [ 17.241435] [ 17.241463] The buggy address belongs to the physical page: [ 17.242040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10589b [ 17.242116] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.242170] page_type: f5(slab) [ 17.242276] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.242383] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.242601] page dumped because: kasan: bad access detected [ 17.242727] [ 17.242747] Memory state around the buggy address: [ 17.242989] fff00000c589bb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.243132] fff00000c589bb80: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 17.243243] >fff00000c589bc00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.243282] ^ [ 17.243649] fff00000c589bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.244574] fff00000c589bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.244675] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.043879] ================================================================== [ 17.044294] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 17.044340] Read of size 1 at addr fff00000c6f3fa78 by task kunit_try_catch/197 [ 17.044391] [ 17.044421] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.044502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.045149] Hardware name: linux,dummy-virt (DT) [ 17.045246] Call trace: [ 17.045268] show_stack+0x20/0x38 (C) [ 17.045318] dump_stack_lvl+0x8c/0xd0 [ 17.045373] print_report+0x118/0x608 [ 17.045727] kasan_report+0xdc/0x128 [ 17.046209] __asan_report_load1_noabort+0x20/0x30 [ 17.046504] ksize_uaf+0x544/0x5f8 [ 17.046549] kunit_try_run_case+0x170/0x3f0 [ 17.046896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.047469] kthread+0x328/0x630 [ 17.047515] ret_from_fork+0x10/0x20 [ 17.047690] [ 17.047716] Allocated by task 197: [ 17.047744] kasan_save_stack+0x3c/0x68 [ 17.047851] kasan_save_track+0x20/0x40 [ 17.047889] kasan_save_alloc_info+0x40/0x58 [ 17.047929] __kasan_kmalloc+0xd4/0xd8 [ 17.048146] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.048194] ksize_uaf+0xb8/0x5f8 [ 17.048227] kunit_try_run_case+0x170/0x3f0 [ 17.048264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.048622] kthread+0x328/0x630 [ 17.049019] ret_from_fork+0x10/0x20 [ 17.049070] [ 17.049089] Freed by task 197: [ 17.049117] kasan_save_stack+0x3c/0x68 [ 17.049153] kasan_save_track+0x20/0x40 [ 17.049190] kasan_save_free_info+0x4c/0x78 [ 17.049227] __kasan_slab_free+0x6c/0x98 [ 17.049265] kfree+0x214/0x3c8 [ 17.049879] ksize_uaf+0x11c/0x5f8 [ 17.049925] kunit_try_run_case+0x170/0x3f0 [ 17.049962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.050240] kthread+0x328/0x630 [ 17.050273] ret_from_fork+0x10/0x20 [ 17.050310] [ 17.050332] The buggy address belongs to the object at fff00000c6f3fa00 [ 17.050332] which belongs to the cache kmalloc-128 of size 128 [ 17.050765] The buggy address is located 120 bytes inside of [ 17.050765] freed 128-byte region [fff00000c6f3fa00, fff00000c6f3fa80) [ 17.051530] [ 17.051831] The buggy address belongs to the physical page: [ 17.052160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 17.052301] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.052891] page_type: f5(slab) [ 17.052933] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.052984] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.053696] page dumped because: kasan: bad access detected [ 17.053995] [ 17.054134] Memory state around the buggy address: [ 17.054170] fff00000c6f3f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.054218] fff00000c6f3f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.054261] >fff00000c6f3fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.054298] ^ [ 17.054338] fff00000c6f3fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.055489] fff00000c6f3fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.055936] ================================================================== [ 17.032941] ================================================================== [ 17.032993] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 17.033039] Read of size 1 at addr fff00000c6f3fa00 by task kunit_try_catch/197 [ 17.033089] [ 17.033121] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.033204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.033228] Hardware name: linux,dummy-virt (DT) [ 17.033257] Call trace: [ 17.033279] show_stack+0x20/0x38 (C) [ 17.034919] dump_stack_lvl+0x8c/0xd0 [ 17.035078] print_report+0x118/0x608 [ 17.035217] kasan_report+0xdc/0x128 [ 17.035402] __asan_report_load1_noabort+0x20/0x30 [ 17.035490] ksize_uaf+0x598/0x5f8 [ 17.035535] kunit_try_run_case+0x170/0x3f0 [ 17.035590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.036200] kthread+0x328/0x630 [ 17.036260] ret_from_fork+0x10/0x20 [ 17.036308] [ 17.036329] Allocated by task 197: [ 17.036356] kasan_save_stack+0x3c/0x68 [ 17.036398] kasan_save_track+0x20/0x40 [ 17.036434] kasan_save_alloc_info+0x40/0x58 [ 17.036986] __kasan_kmalloc+0xd4/0xd8 [ 17.037032] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.037090] ksize_uaf+0xb8/0x5f8 [ 17.037197] kunit_try_run_case+0x170/0x3f0 [ 17.037269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.037669] kthread+0x328/0x630 [ 17.037706] ret_from_fork+0x10/0x20 [ 17.037741] [ 17.038172] Freed by task 197: [ 17.038213] kasan_save_stack+0x3c/0x68 [ 17.038262] kasan_save_track+0x20/0x40 [ 17.038300] kasan_save_free_info+0x4c/0x78 [ 17.038337] __kasan_slab_free+0x6c/0x98 [ 17.038374] kfree+0x214/0x3c8 [ 17.038407] ksize_uaf+0x11c/0x5f8 [ 17.038440] kunit_try_run_case+0x170/0x3f0 [ 17.038477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.038961] kthread+0x328/0x630 [ 17.039002] ret_from_fork+0x10/0x20 [ 17.039037] [ 17.039332] The buggy address belongs to the object at fff00000c6f3fa00 [ 17.039332] which belongs to the cache kmalloc-128 of size 128 [ 17.039687] The buggy address is located 0 bytes inside of [ 17.039687] freed 128-byte region [fff00000c6f3fa00, fff00000c6f3fa80) [ 17.039769] [ 17.039789] The buggy address belongs to the physical page: [ 17.039967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 17.040279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.040330] page_type: f5(slab) [ 17.040695] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.041072] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.041156] page dumped because: kasan: bad access detected [ 17.041376] [ 17.041618] Memory state around the buggy address: [ 17.041869] fff00000c6f3f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.042254] fff00000c6f3f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042345] >fff00000c6f3fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.042557] ^ [ 17.042591] fff00000c6f3fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042851] fff00000c6f3fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042892] ================================================================== [ 17.022452] ================================================================== [ 17.022583] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 17.022645] Read of size 1 at addr fff00000c6f3fa00 by task kunit_try_catch/197 [ 17.022695] [ 17.022870] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.023224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.023259] Hardware name: linux,dummy-virt (DT) [ 17.023292] Call trace: [ 17.023393] show_stack+0x20/0x38 (C) [ 17.023498] dump_stack_lvl+0x8c/0xd0 [ 17.023547] print_report+0x118/0x608 [ 17.023647] kasan_report+0xdc/0x128 [ 17.023697] __kasan_check_byte+0x54/0x70 [ 17.024051] ksize+0x30/0x88 [ 17.024442] ksize_uaf+0x168/0x5f8 [ 17.024665] kunit_try_run_case+0x170/0x3f0 [ 17.024715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.025070] kthread+0x328/0x630 [ 17.025139] ret_from_fork+0x10/0x20 [ 17.025187] [ 17.025207] Allocated by task 197: [ 17.025236] kasan_save_stack+0x3c/0x68 [ 17.025762] kasan_save_track+0x20/0x40 [ 17.025901] kasan_save_alloc_info+0x40/0x58 [ 17.026027] __kasan_kmalloc+0xd4/0xd8 [ 17.026063] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.026439] ksize_uaf+0xb8/0x5f8 [ 17.026485] kunit_try_run_case+0x170/0x3f0 [ 17.026622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.026994] kthread+0x328/0x630 [ 17.027054] ret_from_fork+0x10/0x20 [ 17.027347] [ 17.027370] Freed by task 197: [ 17.027400] kasan_save_stack+0x3c/0x68 [ 17.027441] kasan_save_track+0x20/0x40 [ 17.027479] kasan_save_free_info+0x4c/0x78 [ 17.027517] __kasan_slab_free+0x6c/0x98 [ 17.027802] kfree+0x214/0x3c8 [ 17.027874] ksize_uaf+0x11c/0x5f8 [ 17.027912] kunit_try_run_case+0x170/0x3f0 [ 17.027954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.028426] kthread+0x328/0x630 [ 17.028668] ret_from_fork+0x10/0x20 [ 17.028825] [ 17.028898] The buggy address belongs to the object at fff00000c6f3fa00 [ 17.028898] which belongs to the cache kmalloc-128 of size 128 [ 17.029175] The buggy address is located 0 bytes inside of [ 17.029175] freed 128-byte region [fff00000c6f3fa00, fff00000c6f3fa80) [ 17.029514] [ 17.029539] The buggy address belongs to the physical page: [ 17.029572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 17.029929] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.030087] page_type: f5(slab) [ 17.030130] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.030548] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.030601] page dumped because: kasan: bad access detected [ 17.030653] [ 17.030794] Memory state around the buggy address: [ 17.030832] fff00000c6f3f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.030886] fff00000c6f3f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.030929] >fff00000c6f3fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.030969] ^ [ 17.031488] fff00000c6f3fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031612] fff00000c6f3fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.032035] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 16.987993] ================================================================== [ 16.988042] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.988091] Read of size 1 at addr fff00000c6f3f97f by task kunit_try_catch/195 [ 16.988371] [ 16.988859] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.989308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.989449] Hardware name: linux,dummy-virt (DT) [ 16.989562] Call trace: [ 16.989585] show_stack+0x20/0x38 (C) [ 16.989940] dump_stack_lvl+0x8c/0xd0 [ 16.989990] print_report+0x118/0x608 [ 16.990284] kasan_report+0xdc/0x128 [ 16.990597] __asan_report_load1_noabort+0x20/0x30 [ 16.990649] ksize_unpoisons_memory+0x690/0x740 [ 16.990695] kunit_try_run_case+0x170/0x3f0 [ 16.991225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.991490] kthread+0x328/0x630 [ 16.991534] ret_from_fork+0x10/0x20 [ 16.991582] [ 16.991600] Allocated by task 195: [ 16.991628] kasan_save_stack+0x3c/0x68 [ 16.992779] kasan_save_track+0x20/0x40 [ 16.992831] kasan_save_alloc_info+0x40/0x58 [ 16.992881] __kasan_kmalloc+0xd4/0xd8 [ 16.992918] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.992956] ksize_unpoisons_memory+0xc0/0x740 [ 16.993676] kunit_try_run_case+0x170/0x3f0 [ 16.994207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.994699] kthread+0x328/0x630 [ 16.994860] ret_from_fork+0x10/0x20 [ 16.995167] [ 16.995483] The buggy address belongs to the object at fff00000c6f3f900 [ 16.995483] which belongs to the cache kmalloc-128 of size 128 [ 16.995568] The buggy address is located 12 bytes to the right of [ 16.995568] allocated 115-byte region [fff00000c6f3f900, fff00000c6f3f973) [ 16.995633] [ 16.996190] The buggy address belongs to the physical page: [ 16.996439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.996825] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.997185] page_type: f5(slab) [ 16.997763] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.998116] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.998204] page dumped because: kasan: bad access detected [ 16.998828] [ 16.999216] Memory state around the buggy address: [ 16.999259] fff00000c6f3f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.999564] fff00000c6f3f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.000004] >fff00000c6f3f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.000560] ^ [ 17.000611] fff00000c6f3f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.001050] fff00000c6f3fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.001369] ================================================================== [ 16.978863] ================================================================== [ 16.978986] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.979064] Read of size 1 at addr fff00000c6f3f978 by task kunit_try_catch/195 [ 16.979117] [ 16.979147] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.979229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.979254] Hardware name: linux,dummy-virt (DT) [ 16.979285] Call trace: [ 16.979307] show_stack+0x20/0x38 (C) [ 16.979362] dump_stack_lvl+0x8c/0xd0 [ 16.979409] print_report+0x118/0x608 [ 16.980391] kasan_report+0xdc/0x128 [ 16.980721] __asan_report_load1_noabort+0x20/0x30 [ 16.980912] ksize_unpoisons_memory+0x618/0x740 [ 16.980963] kunit_try_run_case+0x170/0x3f0 [ 16.981018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.981071] kthread+0x328/0x630 [ 16.981112] ret_from_fork+0x10/0x20 [ 16.981630] [ 16.981654] Allocated by task 195: [ 16.981685] kasan_save_stack+0x3c/0x68 [ 16.981907] kasan_save_track+0x20/0x40 [ 16.981996] kasan_save_alloc_info+0x40/0x58 [ 16.982350] __kasan_kmalloc+0xd4/0xd8 [ 16.982393] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.982438] ksize_unpoisons_memory+0xc0/0x740 [ 16.982770] kunit_try_run_case+0x170/0x3f0 [ 16.982821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.983000] kthread+0x328/0x630 [ 16.983039] ret_from_fork+0x10/0x20 [ 16.983076] [ 16.983094] The buggy address belongs to the object at fff00000c6f3f900 [ 16.983094] which belongs to the cache kmalloc-128 of size 128 [ 16.983189] The buggy address is located 5 bytes to the right of [ 16.983189] allocated 115-byte region [fff00000c6f3f900, fff00000c6f3f973) [ 16.983252] [ 16.983272] The buggy address belongs to the physical page: [ 16.983600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.983771] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.983891] page_type: f5(slab) [ 16.984188] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.984461] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.984762] page dumped because: kasan: bad access detected [ 16.985090] [ 16.985110] Memory state around the buggy address: [ 16.985142] fff00000c6f3f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.985186] fff00000c6f3f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.985657] >fff00000c6f3f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.985904] ^ [ 16.985950] fff00000c6f3f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.985994] fff00000c6f3fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.986036] ================================================================== [ 16.968850] ================================================================== [ 16.968972] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.969041] Read of size 1 at addr fff00000c6f3f973 by task kunit_try_catch/195 [ 16.969092] [ 16.969130] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.969217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.969244] Hardware name: linux,dummy-virt (DT) [ 16.969692] Call trace: [ 16.970102] show_stack+0x20/0x38 (C) [ 16.970161] dump_stack_lvl+0x8c/0xd0 [ 16.970209] print_report+0x118/0x608 [ 16.970254] kasan_report+0xdc/0x128 [ 16.970299] __asan_report_load1_noabort+0x20/0x30 [ 16.970351] ksize_unpoisons_memory+0x628/0x740 [ 16.970806] kunit_try_run_case+0x170/0x3f0 [ 16.970883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.970989] kthread+0x328/0x630 [ 16.971059] ret_from_fork+0x10/0x20 [ 16.971113] [ 16.971131] Allocated by task 195: [ 16.971160] kasan_save_stack+0x3c/0x68 [ 16.971266] kasan_save_track+0x20/0x40 [ 16.971307] kasan_save_alloc_info+0x40/0x58 [ 16.971426] __kasan_kmalloc+0xd4/0xd8 [ 16.971765] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.971808] ksize_unpoisons_memory+0xc0/0x740 [ 16.972149] kunit_try_run_case+0x170/0x3f0 [ 16.972195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.972238] kthread+0x328/0x630 [ 16.972525] ret_from_fork+0x10/0x20 [ 16.972807] [ 16.972835] The buggy address belongs to the object at fff00000c6f3f900 [ 16.972835] which belongs to the cache kmalloc-128 of size 128 [ 16.972909] The buggy address is located 0 bytes to the right of [ 16.972909] allocated 115-byte region [fff00000c6f3f900, fff00000c6f3f973) [ 16.973066] [ 16.973097] The buggy address belongs to the physical page: [ 16.973146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.973434] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.973725] page_type: f5(slab) [ 16.973767] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.974004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.974489] page dumped because: kasan: bad access detected [ 16.974529] [ 16.974547] Memory state around the buggy address: [ 16.974652] fff00000c6f3f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.974740] fff00000c6f3f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.975152] >fff00000c6f3f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.975194] ^ [ 16.975235] fff00000c6f3f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.975275] fff00000c6f3fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.975314] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 16.932574] ================================================================== [ 16.934181] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 16.934535] Free of addr fff00000c3f2f640 by task kunit_try_catch/193 [ 16.934923] [ 16.935148] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.935280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.935401] Hardware name: linux,dummy-virt (DT) [ 16.935575] Call trace: [ 16.935682] show_stack+0x20/0x38 (C) [ 16.936068] dump_stack_lvl+0x8c/0xd0 [ 16.936125] print_report+0x118/0x608 [ 16.936170] kasan_report_invalid_free+0xc0/0xe8 [ 16.936220] check_slab_allocation+0xd4/0x108 [ 16.937128] __kasan_slab_pre_free+0x2c/0x48 [ 16.937316] kfree+0xe8/0x3c8 [ 16.937713] kfree_sensitive+0x3c/0xb0 [ 16.937761] kmalloc_double_kzfree+0x168/0x308 [ 16.937809] kunit_try_run_case+0x170/0x3f0 [ 16.938936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.939182] kthread+0x328/0x630 [ 16.939345] ret_from_fork+0x10/0x20 [ 16.939402] [ 16.939421] Allocated by task 193: [ 16.939448] kasan_save_stack+0x3c/0x68 [ 16.939498] kasan_save_track+0x20/0x40 [ 16.940291] kasan_save_alloc_info+0x40/0x58 [ 16.940788] __kasan_kmalloc+0xd4/0xd8 [ 16.941072] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.941115] kmalloc_double_kzfree+0xb8/0x308 [ 16.941154] kunit_try_run_case+0x170/0x3f0 [ 16.941192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.941236] kthread+0x328/0x630 [ 16.941268] ret_from_fork+0x10/0x20 [ 16.942021] [ 16.942044] Freed by task 193: [ 16.942072] kasan_save_stack+0x3c/0x68 [ 16.942114] kasan_save_track+0x20/0x40 [ 16.942152] kasan_save_free_info+0x4c/0x78 [ 16.942193] __kasan_slab_free+0x6c/0x98 [ 16.942230] kfree+0x214/0x3c8 [ 16.942263] kfree_sensitive+0x80/0xb0 [ 16.942299] kmalloc_double_kzfree+0x11c/0x308 [ 16.942337] kunit_try_run_case+0x170/0x3f0 [ 16.942373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.942416] kthread+0x328/0x630 [ 16.942448] ret_from_fork+0x10/0x20 [ 16.944092] [ 16.944122] The buggy address belongs to the object at fff00000c3f2f640 [ 16.944122] which belongs to the cache kmalloc-16 of size 16 [ 16.944551] The buggy address is located 0 bytes inside of [ 16.944551] 16-byte region [fff00000c3f2f640, fff00000c3f2f650) [ 16.945023] [ 16.945179] The buggy address belongs to the physical page: [ 16.945353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2f [ 16.945414] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.945996] page_type: f5(slab) [ 16.946213] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.946908] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.947485] page dumped because: kasan: bad access detected [ 16.947532] [ 16.947551] Memory state around the buggy address: [ 16.947585] fff00000c3f2f500: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.947637] fff00000c3f2f580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.947999] >fff00000c3f2f600: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 16.948219] ^ [ 16.948260] fff00000c3f2f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948304] fff00000c3f2f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948346] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.917727] ================================================================== [ 16.917788] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 16.917866] Read of size 1 at addr fff00000c3f2f640 by task kunit_try_catch/193 [ 16.917916] [ 16.917954] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.918039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.918066] Hardware name: linux,dummy-virt (DT) [ 16.918097] Call trace: [ 16.918120] show_stack+0x20/0x38 (C) [ 16.918171] dump_stack_lvl+0x8c/0xd0 [ 16.918218] print_report+0x118/0x608 [ 16.918264] kasan_report+0xdc/0x128 [ 16.918308] __kasan_check_byte+0x54/0x70 [ 16.918354] kfree_sensitive+0x30/0xb0 [ 16.918402] kmalloc_double_kzfree+0x168/0x308 [ 16.918447] kunit_try_run_case+0x170/0x3f0 [ 16.918494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.918547] kthread+0x328/0x630 [ 16.918587] ret_from_fork+0x10/0x20 [ 16.918638] [ 16.918656] Allocated by task 193: [ 16.918685] kasan_save_stack+0x3c/0x68 [ 16.918724] kasan_save_track+0x20/0x40 [ 16.918761] kasan_save_alloc_info+0x40/0x58 [ 16.918799] __kasan_kmalloc+0xd4/0xd8 [ 16.918836] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.921460] kmalloc_double_kzfree+0xb8/0x308 [ 16.921517] kunit_try_run_case+0x170/0x3f0 [ 16.921690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.921910] kthread+0x328/0x630 [ 16.922002] ret_from_fork+0x10/0x20 [ 16.922049] [ 16.922068] Freed by task 193: [ 16.922098] kasan_save_stack+0x3c/0x68 [ 16.922182] kasan_save_track+0x20/0x40 [ 16.922306] kasan_save_free_info+0x4c/0x78 [ 16.922502] __kasan_slab_free+0x6c/0x98 [ 16.922907] kfree+0x214/0x3c8 [ 16.923273] kfree_sensitive+0x80/0xb0 [ 16.923327] kmalloc_double_kzfree+0x11c/0x308 [ 16.923365] kunit_try_run_case+0x170/0x3f0 [ 16.923403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.923507] kthread+0x328/0x630 [ 16.923670] ret_from_fork+0x10/0x20 [ 16.923862] [ 16.924155] The buggy address belongs to the object at fff00000c3f2f640 [ 16.924155] which belongs to the cache kmalloc-16 of size 16 [ 16.924641] The buggy address is located 0 bytes inside of [ 16.924641] freed 16-byte region [fff00000c3f2f640, fff00000c3f2f650) [ 16.924704] [ 16.924726] The buggy address belongs to the physical page: [ 16.924759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2f [ 16.925143] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.925207] page_type: f5(slab) [ 16.925433] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.926150] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.926888] page dumped because: kasan: bad access detected [ 16.927218] [ 16.927528] Memory state around the buggy address: [ 16.927594] fff00000c3f2f500: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.928088] fff00000c3f2f580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.928409] >fff00000c3f2f600: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 16.928633] ^ [ 16.928867] fff00000c3f2f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.929103] fff00000c3f2f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.929145] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.878701] ================================================================== [ 16.880125] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 16.880191] Read of size 1 at addr fff00000c58a8228 by task kunit_try_catch/189 [ 16.880240] [ 16.880280] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.881581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.881949] Hardware name: linux,dummy-virt (DT) [ 16.882439] Call trace: [ 16.882652] show_stack+0x20/0x38 (C) [ 16.883100] dump_stack_lvl+0x8c/0xd0 [ 16.883155] print_report+0x118/0x608 [ 16.883202] kasan_report+0xdc/0x128 [ 16.883368] __asan_report_load1_noabort+0x20/0x30 [ 16.884216] kmalloc_uaf2+0x3f4/0x468 [ 16.884307] kunit_try_run_case+0x170/0x3f0 [ 16.884358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.884412] kthread+0x328/0x630 [ 16.884454] ret_from_fork+0x10/0x20 [ 16.884504] [ 16.884521] Allocated by task 189: [ 16.885619] kasan_save_stack+0x3c/0x68 [ 16.885812] kasan_save_track+0x20/0x40 [ 16.886097] kasan_save_alloc_info+0x40/0x58 [ 16.886196] __kasan_kmalloc+0xd4/0xd8 [ 16.887028] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.887172] kmalloc_uaf2+0xc4/0x468 [ 16.887418] kunit_try_run_case+0x170/0x3f0 [ 16.887671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.887905] kthread+0x328/0x630 [ 16.888350] ret_from_fork+0x10/0x20 [ 16.888396] [ 16.888942] Freed by task 189: [ 16.889077] kasan_save_stack+0x3c/0x68 [ 16.889120] kasan_save_track+0x20/0x40 [ 16.889157] kasan_save_free_info+0x4c/0x78 [ 16.889772] __kasan_slab_free+0x6c/0x98 [ 16.889819] kfree+0x214/0x3c8 [ 16.890358] kmalloc_uaf2+0x134/0x468 [ 16.890508] kunit_try_run_case+0x170/0x3f0 [ 16.890796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.891198] kthread+0x328/0x630 [ 16.891435] ret_from_fork+0x10/0x20 [ 16.891500] [ 16.891641] The buggy address belongs to the object at fff00000c58a8200 [ 16.891641] which belongs to the cache kmalloc-64 of size 64 [ 16.892060] The buggy address is located 40 bytes inside of [ 16.892060] freed 64-byte region [fff00000c58a8200, fff00000c58a8240) [ 16.892456] [ 16.892751] The buggy address belongs to the physical page: [ 16.892921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 16.893072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.893272] page_type: f5(slab) [ 16.893782] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.893850] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.894396] page dumped because: kasan: bad access detected [ 16.894623] [ 16.894660] Memory state around the buggy address: [ 16.894865] fff00000c58a8100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.895201] fff00000c58a8180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.895530] >fff00000c58a8200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.895858] ^ [ 16.895927] fff00000c58a8280: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 16.896325] fff00000c58a8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.896395] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.829830] ================================================================== [ 16.832356] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.832535] Write of size 33 at addr fff00000c58a8100 by task kunit_try_catch/187 [ 16.832586] [ 16.833213] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.834041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.834398] Hardware name: linux,dummy-virt (DT) [ 16.834483] Call trace: [ 16.834719] show_stack+0x20/0x38 (C) [ 16.835358] dump_stack_lvl+0x8c/0xd0 [ 16.835851] print_report+0x118/0x608 [ 16.835904] kasan_report+0xdc/0x128 [ 16.835950] kasan_check_range+0x100/0x1a8 [ 16.835999] __asan_memset+0x34/0x78 [ 16.836041] kmalloc_uaf_memset+0x170/0x310 [ 16.836087] kunit_try_run_case+0x170/0x3f0 [ 16.837920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.837988] kthread+0x328/0x630 [ 16.838897] ret_from_fork+0x10/0x20 [ 16.839228] [ 16.839948] Allocated by task 187: [ 16.840567] kasan_save_stack+0x3c/0x68 [ 16.840863] kasan_save_track+0x20/0x40 [ 16.841023] kasan_save_alloc_info+0x40/0x58 [ 16.841629] __kasan_kmalloc+0xd4/0xd8 [ 16.841894] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.841969] kmalloc_uaf_memset+0xb8/0x310 [ 16.842635] kunit_try_run_case+0x170/0x3f0 [ 16.842676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.842803] kthread+0x328/0x630 [ 16.843032] ret_from_fork+0x10/0x20 [ 16.843106] [ 16.843773] Freed by task 187: [ 16.844501] kasan_save_stack+0x3c/0x68 [ 16.844895] kasan_save_track+0x20/0x40 [ 16.845000] kasan_save_free_info+0x4c/0x78 [ 16.845040] __kasan_slab_free+0x6c/0x98 [ 16.845077] kfree+0x214/0x3c8 [ 16.845111] kmalloc_uaf_memset+0x11c/0x310 [ 16.845147] kunit_try_run_case+0x170/0x3f0 [ 16.845184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.845227] kthread+0x328/0x630 [ 16.845257] ret_from_fork+0x10/0x20 [ 16.845292] [ 16.845312] The buggy address belongs to the object at fff00000c58a8100 [ 16.845312] which belongs to the cache kmalloc-64 of size 64 [ 16.846852] The buggy address is located 0 bytes inside of [ 16.846852] freed 64-byte region [fff00000c58a8100, fff00000c58a8140) [ 16.847016] [ 16.847038] The buggy address belongs to the physical page: [ 16.847554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 16.847806] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.847961] page_type: f5(slab) [ 16.848391] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.848574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.848807] page dumped because: kasan: bad access detected [ 16.848860] [ 16.848879] Memory state around the buggy address: [ 16.849367] fff00000c58a8000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.849654] fff00000c58a8080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.849864] >fff00000c58a8100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.850364] ^ [ 16.850570] fff00000c58a8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.850910] fff00000c58a8200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.850956] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.792372] ================================================================== [ 16.792431] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.792486] Read of size 1 at addr fff00000c3f2f628 by task kunit_try_catch/185 [ 16.792723] [ 16.792881] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.792974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.793000] Hardware name: linux,dummy-virt (DT) [ 16.793204] Call trace: [ 16.793232] show_stack+0x20/0x38 (C) [ 16.793460] dump_stack_lvl+0x8c/0xd0 [ 16.793510] print_report+0x118/0x608 [ 16.793563] kasan_report+0xdc/0x128 [ 16.793778] __asan_report_load1_noabort+0x20/0x30 [ 16.793882] kmalloc_uaf+0x300/0x338 [ 16.793923] kunit_try_run_case+0x170/0x3f0 [ 16.793970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.794021] kthread+0x328/0x630 [ 16.794061] ret_from_fork+0x10/0x20 [ 16.794123] [ 16.794141] Allocated by task 185: [ 16.794543] kasan_save_stack+0x3c/0x68 [ 16.794605] kasan_save_track+0x20/0x40 [ 16.794943] kasan_save_alloc_info+0x40/0x58 [ 16.795119] __kasan_kmalloc+0xd4/0xd8 [ 16.795155] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.795195] kmalloc_uaf+0xb8/0x338 [ 16.795247] kunit_try_run_case+0x170/0x3f0 [ 16.795283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.795329] kthread+0x328/0x630 [ 16.795525] ret_from_fork+0x10/0x20 [ 16.795716] [ 16.795816] Freed by task 185: [ 16.795993] kasan_save_stack+0x3c/0x68 [ 16.796046] kasan_save_track+0x20/0x40 [ 16.796355] kasan_save_free_info+0x4c/0x78 [ 16.796734] __kasan_slab_free+0x6c/0x98 [ 16.797208] kfree+0x214/0x3c8 [ 16.797664] kmalloc_uaf+0x11c/0x338 [ 16.797798] kunit_try_run_case+0x170/0x3f0 [ 16.798437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.798579] kthread+0x328/0x630 [ 16.798610] ret_from_fork+0x10/0x20 [ 16.798647] [ 16.799295] The buggy address belongs to the object at fff00000c3f2f620 [ 16.799295] which belongs to the cache kmalloc-16 of size 16 [ 16.799543] The buggy address is located 8 bytes inside of [ 16.799543] freed 16-byte region [fff00000c3f2f620, fff00000c3f2f630) [ 16.799964] [ 16.799992] The buggy address belongs to the physical page: [ 16.800276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2f [ 16.801159] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.801296] page_type: f5(slab) [ 16.801782] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.801995] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.802913] page dumped because: kasan: bad access detected [ 16.802972] [ 16.802990] Memory state around the buggy address: [ 16.803373] fff00000c3f2f500: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.803533] fff00000c3f2f580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.803797] >fff00000c3f2f600: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.804079] ^ [ 16.804584] fff00000c3f2f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.804996] fff00000c3f2f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.805134] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.777680] ================================================================== [ 16.777807] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.777880] Read of size 64 at addr fff00000c6f45e04 by task kunit_try_catch/183 [ 16.777929] [ 16.777968] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.778060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.778195] Hardware name: linux,dummy-virt (DT) [ 16.778281] Call trace: [ 16.778307] show_stack+0x20/0x38 (C) [ 16.778533] dump_stack_lvl+0x8c/0xd0 [ 16.778736] print_report+0x118/0x608 [ 16.778785] kasan_report+0xdc/0x128 [ 16.778835] kasan_check_range+0x100/0x1a8 [ 16.779153] __asan_memmove+0x3c/0x98 [ 16.779215] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.779497] kunit_try_run_case+0x170/0x3f0 [ 16.779548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.779620] kthread+0x328/0x630 [ 16.779962] ret_from_fork+0x10/0x20 [ 16.780123] [ 16.780143] Allocated by task 183: [ 16.780290] kasan_save_stack+0x3c/0x68 [ 16.780421] kasan_save_track+0x20/0x40 [ 16.780458] kasan_save_alloc_info+0x40/0x58 [ 16.780704] __kasan_kmalloc+0xd4/0xd8 [ 16.780892] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.780935] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.780976] kunit_try_run_case+0x170/0x3f0 [ 16.781013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.781056] kthread+0x328/0x630 [ 16.781089] ret_from_fork+0x10/0x20 [ 16.781126] [ 16.781146] The buggy address belongs to the object at fff00000c6f45e00 [ 16.781146] which belongs to the cache kmalloc-64 of size 64 [ 16.781213] The buggy address is located 4 bytes inside of [ 16.781213] allocated 64-byte region [fff00000c6f45e00, fff00000c6f45e40) [ 16.781273] [ 16.781853] The buggy address belongs to the physical page: [ 16.781954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f45 [ 16.782026] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.782077] page_type: f5(slab) [ 16.782268] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.782483] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.782889] page dumped because: kasan: bad access detected [ 16.782928] [ 16.782945] Memory state around the buggy address: [ 16.782979] fff00000c6f45d00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.783078] fff00000c6f45d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.783126] >fff00000c6f45e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.783406] ^ [ 16.783455] fff00000c6f45e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.783558] fff00000c6f45f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.783597] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.760697] ================================================================== [ 16.760951] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.761503] Read of size 18446744073709551614 at addr fff00000c6f45c04 by task kunit_try_catch/181 [ 16.761688] [ 16.761731] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.761815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.761851] Hardware name: linux,dummy-virt (DT) [ 16.761882] Call trace: [ 16.761906] show_stack+0x20/0x38 (C) [ 16.762258] dump_stack_lvl+0x8c/0xd0 [ 16.762313] print_report+0x118/0x608 [ 16.762359] kasan_report+0xdc/0x128 [ 16.762402] kasan_check_range+0x100/0x1a8 [ 16.762918] __asan_memmove+0x3c/0x98 [ 16.762973] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.763138] kunit_try_run_case+0x170/0x3f0 [ 16.763210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.763261] kthread+0x328/0x630 [ 16.763302] ret_from_fork+0x10/0x20 [ 16.763357] [ 16.763376] Allocated by task 181: [ 16.763404] kasan_save_stack+0x3c/0x68 [ 16.763501] kasan_save_track+0x20/0x40 [ 16.763658] kasan_save_alloc_info+0x40/0x58 [ 16.763776] __kasan_kmalloc+0xd4/0xd8 [ 16.763813] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.764290] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.764552] kunit_try_run_case+0x170/0x3f0 [ 16.764630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.764672] kthread+0x328/0x630 [ 16.764703] ret_from_fork+0x10/0x20 [ 16.764740] [ 16.764762] The buggy address belongs to the object at fff00000c6f45c00 [ 16.764762] which belongs to the cache kmalloc-64 of size 64 [ 16.764836] The buggy address is located 4 bytes inside of [ 16.764836] 64-byte region [fff00000c6f45c00, fff00000c6f45c40) [ 16.764918] [ 16.764939] The buggy address belongs to the physical page: [ 16.764975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f45 [ 16.765543] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.765653] page_type: f5(slab) [ 16.765697] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.765915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.766007] page dumped because: kasan: bad access detected [ 16.766041] [ 16.766059] Memory state around the buggy address: [ 16.766165] fff00000c6f45b00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.766230] fff00000c6f45b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.766334] >fff00000c6f45c00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.766372] ^ [ 16.766455] fff00000c6f45c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.766608] fff00000c6f45d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.766670] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.744820] ================================================================== [ 16.745246] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.745421] Write of size 16 at addr fff00000c6f3f869 by task kunit_try_catch/179 [ 16.745472] [ 16.745507] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.745596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.745718] Hardware name: linux,dummy-virt (DT) [ 16.746081] Call trace: [ 16.746284] show_stack+0x20/0x38 (C) [ 16.746385] dump_stack_lvl+0x8c/0xd0 [ 16.746430] print_report+0x118/0x608 [ 16.746869] kasan_report+0xdc/0x128 [ 16.746915] kasan_check_range+0x100/0x1a8 [ 16.746962] __asan_memset+0x34/0x78 [ 16.747003] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.747047] kunit_try_run_case+0x170/0x3f0 [ 16.747093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.747142] kthread+0x328/0x630 [ 16.747184] ret_from_fork+0x10/0x20 [ 16.747510] [ 16.747532] Allocated by task 179: [ 16.747580] kasan_save_stack+0x3c/0x68 [ 16.747623] kasan_save_track+0x20/0x40 [ 16.747935] kasan_save_alloc_info+0x40/0x58 [ 16.748015] __kasan_kmalloc+0xd4/0xd8 [ 16.748089] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.748127] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.748474] kunit_try_run_case+0x170/0x3f0 [ 16.748522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.748565] kthread+0x328/0x630 [ 16.748640] ret_from_fork+0x10/0x20 [ 16.748676] [ 16.748696] The buggy address belongs to the object at fff00000c6f3f800 [ 16.748696] which belongs to the cache kmalloc-128 of size 128 [ 16.748751] The buggy address is located 105 bytes inside of [ 16.748751] allocated 120-byte region [fff00000c6f3f800, fff00000c6f3f878) [ 16.748820] [ 16.748849] The buggy address belongs to the physical page: [ 16.748880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.749242] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.749558] page_type: f5(slab) [ 16.749790] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.749890] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.749935] page dumped because: kasan: bad access detected [ 16.750069] [ 16.750106] Memory state around the buggy address: [ 16.750137] fff00000c6f3f700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.750242] fff00000c6f3f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.750283] >fff00000c6f3f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.750365] ^ [ 16.750451] fff00000c6f3f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.750492] fff00000c6f3f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.750584] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.727778] ================================================================== [ 16.727861] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.727914] Write of size 8 at addr fff00000c6f3f771 by task kunit_try_catch/177 [ 16.727961] [ 16.728703] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.728795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.728820] Hardware name: linux,dummy-virt (DT) [ 16.728861] Call trace: [ 16.728883] show_stack+0x20/0x38 (C) [ 16.728934] dump_stack_lvl+0x8c/0xd0 [ 16.729357] print_report+0x118/0x608 [ 16.729522] kasan_report+0xdc/0x128 [ 16.729567] kasan_check_range+0x100/0x1a8 [ 16.729827] __asan_memset+0x34/0x78 [ 16.729998] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.730133] kunit_try_run_case+0x170/0x3f0 [ 16.730182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.730234] kthread+0x328/0x630 [ 16.730276] ret_from_fork+0x10/0x20 [ 16.730324] [ 16.730342] Allocated by task 177: [ 16.730369] kasan_save_stack+0x3c/0x68 [ 16.730409] kasan_save_track+0x20/0x40 [ 16.730444] kasan_save_alloc_info+0x40/0x58 [ 16.730484] __kasan_kmalloc+0xd4/0xd8 [ 16.730518] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.730556] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.730728] kunit_try_run_case+0x170/0x3f0 [ 16.730880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.731071] kthread+0x328/0x630 [ 16.731105] ret_from_fork+0x10/0x20 [ 16.731139] [ 16.731159] The buggy address belongs to the object at fff00000c6f3f700 [ 16.731159] which belongs to the cache kmalloc-128 of size 128 [ 16.731342] The buggy address is located 113 bytes inside of [ 16.731342] allocated 120-byte region [fff00000c6f3f700, fff00000c6f3f778) [ 16.731554] [ 16.731577] The buggy address belongs to the physical page: [ 16.731640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.731930] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.732054] page_type: f5(slab) [ 16.732166] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.732300] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.732390] page dumped because: kasan: bad access detected [ 16.732482] [ 16.732499] Memory state around the buggy address: [ 16.732535] fff00000c6f3f600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.732633] fff00000c6f3f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.732776] >fff00000c6f3f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.732813] ^ [ 16.732860] fff00000c6f3f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.732901] fff00000c6f3f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.733526] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.693971] ================================================================== [ 16.694027] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.694077] Write of size 4 at addr fff00000c6f3f675 by task kunit_try_catch/175 [ 16.694125] [ 16.695734] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.696945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.697048] Hardware name: linux,dummy-virt (DT) [ 16.697382] Call trace: [ 16.697936] show_stack+0x20/0x38 (C) [ 16.698196] dump_stack_lvl+0x8c/0xd0 [ 16.698696] print_report+0x118/0x608 [ 16.699151] kasan_report+0xdc/0x128 [ 16.699300] kasan_check_range+0x100/0x1a8 [ 16.699673] __asan_memset+0x34/0x78 [ 16.700141] kmalloc_oob_memset_4+0x150/0x300 [ 16.700201] kunit_try_run_case+0x170/0x3f0 [ 16.700248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.700299] kthread+0x328/0x630 [ 16.701483] ret_from_fork+0x10/0x20 [ 16.701923] [ 16.701944] Allocated by task 175: [ 16.702467] kasan_save_stack+0x3c/0x68 [ 16.702620] kasan_save_track+0x20/0x40 [ 16.703076] kasan_save_alloc_info+0x40/0x58 [ 16.703128] __kasan_kmalloc+0xd4/0xd8 [ 16.703165] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.703203] kmalloc_oob_memset_4+0xb0/0x300 [ 16.704333] kunit_try_run_case+0x170/0x3f0 [ 16.704386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.705295] kthread+0x328/0x630 [ 16.705529] ret_from_fork+0x10/0x20 [ 16.706059] [ 16.706224] The buggy address belongs to the object at fff00000c6f3f600 [ 16.706224] which belongs to the cache kmalloc-128 of size 128 [ 16.706705] The buggy address is located 117 bytes inside of [ 16.706705] allocated 120-byte region [fff00000c6f3f600, fff00000c6f3f678) [ 16.706999] [ 16.707023] The buggy address belongs to the physical page: [ 16.707928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.708368] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.708693] page_type: f5(slab) [ 16.709102] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.709588] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.710130] page dumped because: kasan: bad access detected [ 16.710356] [ 16.710559] Memory state around the buggy address: [ 16.710942] fff00000c6f3f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.710989] fff00000c6f3f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.711030] >fff00000c6f3f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.711066] ^ [ 16.711105] fff00000c6f3f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.711146] fff00000c6f3f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.712315] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.682070] ================================================================== [ 16.682154] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.682208] Write of size 2 at addr fff00000c6f3f577 by task kunit_try_catch/173 [ 16.682255] [ 16.682288] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.682371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.682397] Hardware name: linux,dummy-virt (DT) [ 16.682584] Call trace: [ 16.682634] show_stack+0x20/0x38 (C) [ 16.682685] dump_stack_lvl+0x8c/0xd0 [ 16.682759] print_report+0x118/0x608 [ 16.682805] kasan_report+0xdc/0x128 [ 16.682860] kasan_check_range+0x100/0x1a8 [ 16.682906] __asan_memset+0x34/0x78 [ 16.682947] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.683126] kunit_try_run_case+0x170/0x3f0 [ 16.683276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.683427] kthread+0x328/0x630 [ 16.683534] ret_from_fork+0x10/0x20 [ 16.683709] [ 16.683768] Allocated by task 173: [ 16.683795] kasan_save_stack+0x3c/0x68 [ 16.684056] kasan_save_track+0x20/0x40 [ 16.684283] kasan_save_alloc_info+0x40/0x58 [ 16.684372] __kasan_kmalloc+0xd4/0xd8 [ 16.684478] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.684551] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.684616] kunit_try_run_case+0x170/0x3f0 [ 16.684684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.685128] kthread+0x328/0x630 [ 16.685261] ret_from_fork+0x10/0x20 [ 16.685326] [ 16.685598] The buggy address belongs to the object at fff00000c6f3f500 [ 16.685598] which belongs to the cache kmalloc-128 of size 128 [ 16.685793] The buggy address is located 119 bytes inside of [ 16.685793] allocated 120-byte region [fff00000c6f3f500, fff00000c6f3f578) [ 16.685922] [ 16.686022] The buggy address belongs to the physical page: [ 16.686058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.686110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.686457] page_type: f5(slab) [ 16.686609] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.686765] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.686890] page dumped because: kasan: bad access detected [ 16.686990] [ 16.687053] Memory state around the buggy address: [ 16.687085] fff00000c6f3f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.687126] fff00000c6f3f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687167] >fff00000c6f3f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.687203] ^ [ 16.687386] fff00000c6f3f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687445] fff00000c6f3f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687671] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.667432] ================================================================== [ 16.667556] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.667673] Write of size 128 at addr fff00000c6f3f400 by task kunit_try_catch/171 [ 16.667813] [ 16.667906] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.668004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.668034] Hardware name: linux,dummy-virt (DT) [ 16.668064] Call trace: [ 16.668087] show_stack+0x20/0x38 (C) [ 16.668134] dump_stack_lvl+0x8c/0xd0 [ 16.668443] print_report+0x118/0x608 [ 16.668553] kasan_report+0xdc/0x128 [ 16.668621] kasan_check_range+0x100/0x1a8 [ 16.668670] __asan_memset+0x34/0x78 [ 16.668857] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.669031] kunit_try_run_case+0x170/0x3f0 [ 16.669163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.669289] kthread+0x328/0x630 [ 16.669409] ret_from_fork+0x10/0x20 [ 16.669572] [ 16.669651] Allocated by task 171: [ 16.669762] kasan_save_stack+0x3c/0x68 [ 16.669871] kasan_save_track+0x20/0x40 [ 16.670004] kasan_save_alloc_info+0x40/0x58 [ 16.670043] __kasan_kmalloc+0xd4/0xd8 [ 16.670109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.670344] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.670616] kunit_try_run_case+0x170/0x3f0 [ 16.670776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.670822] kthread+0x328/0x630 [ 16.671092] ret_from_fork+0x10/0x20 [ 16.671359] [ 16.671449] The buggy address belongs to the object at fff00000c6f3f400 [ 16.671449] which belongs to the cache kmalloc-128 of size 128 [ 16.671555] The buggy address is located 0 bytes inside of [ 16.671555] allocated 120-byte region [fff00000c6f3f400, fff00000c6f3f478) [ 16.671663] [ 16.671685] The buggy address belongs to the physical page: [ 16.671716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.671767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.671813] page_type: f5(slab) [ 16.672295] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.672350] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.672500] page dumped because: kasan: bad access detected [ 16.672668] [ 16.672789] Memory state around the buggy address: [ 16.672922] fff00000c6f3f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.672998] fff00000c6f3f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.673039] >fff00000c6f3f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.673094] ^ [ 16.673149] fff00000c6f3f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.673542] fff00000c6f3f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.673644] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.654507] ================================================================== [ 16.654571] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.654629] Read of size 16 at addr fff00000c3f2f600 by task kunit_try_catch/169 [ 16.654678] [ 16.654716] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.654800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.654825] Hardware name: linux,dummy-virt (DT) [ 16.658797] Call trace: [ 16.658827] show_stack+0x20/0x38 (C) [ 16.659310] dump_stack_lvl+0x8c/0xd0 [ 16.659391] print_report+0x118/0x608 [ 16.659440] kasan_report+0xdc/0x128 [ 16.659486] __asan_report_load16_noabort+0x20/0x30 [ 16.659536] kmalloc_uaf_16+0x3bc/0x438 [ 16.659583] kunit_try_run_case+0x170/0x3f0 [ 16.659631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.659683] kthread+0x328/0x630 [ 16.659725] ret_from_fork+0x10/0x20 [ 16.659774] [ 16.659793] Allocated by task 169: [ 16.659822] kasan_save_stack+0x3c/0x68 [ 16.659875] kasan_save_track+0x20/0x40 [ 16.659911] kasan_save_alloc_info+0x40/0x58 [ 16.660061] __kasan_kmalloc+0xd4/0xd8 [ 16.660278] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.660395] kmalloc_uaf_16+0x140/0x438 [ 16.660441] kunit_try_run_case+0x170/0x3f0 [ 16.660477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.660519] kthread+0x328/0x630 [ 16.660550] ret_from_fork+0x10/0x20 [ 16.660599] [ 16.660617] Freed by task 169: [ 16.660644] kasan_save_stack+0x3c/0x68 [ 16.660682] kasan_save_track+0x20/0x40 [ 16.660717] kasan_save_free_info+0x4c/0x78 [ 16.660765] __kasan_slab_free+0x6c/0x98 [ 16.660800] kfree+0x214/0x3c8 [ 16.660832] kmalloc_uaf_16+0x190/0x438 [ 16.660887] kunit_try_run_case+0x170/0x3f0 [ 16.660923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.660965] kthread+0x328/0x630 [ 16.661005] ret_from_fork+0x10/0x20 [ 16.661056] [ 16.661090] The buggy address belongs to the object at fff00000c3f2f600 [ 16.661090] which belongs to the cache kmalloc-16 of size 16 [ 16.661156] The buggy address is located 0 bytes inside of [ 16.661156] freed 16-byte region [fff00000c3f2f600, fff00000c3f2f610) [ 16.661225] [ 16.661255] The buggy address belongs to the physical page: [ 16.661286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2f [ 16.661340] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.661390] page_type: f5(slab) [ 16.661430] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.661480] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.661529] page dumped because: kasan: bad access detected [ 16.661560] [ 16.661578] Memory state around the buggy address: [ 16.661618] fff00000c3f2f500: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.661670] fff00000c3f2f580: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 16.661720] >fff00000c3f2f600: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.661758] ^ [ 16.661784] fff00000c3f2f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.661824] fff00000c3f2f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.661871] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.618869] ================================================================== [ 16.619169] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.619334] Write of size 16 at addr fff00000c3f2f5a0 by task kunit_try_catch/167 [ 16.619399] [ 16.619437] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.619850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.620043] Hardware name: linux,dummy-virt (DT) [ 16.620102] Call trace: [ 16.620126] show_stack+0x20/0x38 (C) [ 16.620348] dump_stack_lvl+0x8c/0xd0 [ 16.620555] print_report+0x118/0x608 [ 16.620694] kasan_report+0xdc/0x128 [ 16.620749] __asan_report_store16_noabort+0x20/0x30 [ 16.620947] kmalloc_oob_16+0x3a0/0x3f8 [ 16.621125] kunit_try_run_case+0x170/0x3f0 [ 16.621306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.621573] kthread+0x328/0x630 [ 16.621705] ret_from_fork+0x10/0x20 [ 16.621970] [ 16.622095] Allocated by task 167: [ 16.622564] kasan_save_stack+0x3c/0x68 [ 16.622757] kasan_save_track+0x20/0x40 [ 16.622801] kasan_save_alloc_info+0x40/0x58 [ 16.622910] __kasan_kmalloc+0xd4/0xd8 [ 16.623044] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.623125] kmalloc_oob_16+0xb4/0x3f8 [ 16.623167] kunit_try_run_case+0x170/0x3f0 [ 16.623423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.623494] kthread+0x328/0x630 [ 16.623572] ret_from_fork+0x10/0x20 [ 16.623715] [ 16.623794] The buggy address belongs to the object at fff00000c3f2f5a0 [ 16.623794] which belongs to the cache kmalloc-16 of size 16 [ 16.623996] The buggy address is located 0 bytes inside of [ 16.623996] allocated 13-byte region [fff00000c3f2f5a0, fff00000c3f2f5ad) [ 16.624058] [ 16.624079] The buggy address belongs to the physical page: [ 16.624153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2f [ 16.625959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.626047] page_type: f5(slab) [ 16.626096] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.626401] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.626570] page dumped because: kasan: bad access detected [ 16.626601] [ 16.626618] Memory state around the buggy address: [ 16.626650] fff00000c3f2f480: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.626691] fff00000c3f2f500: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.626732] >fff00000c3f2f580: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 16.626768] ^ [ 16.626798] fff00000c3f2f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.626838] fff00000c3f2f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.626886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.593197] ================================================================== [ 16.593639] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.593925] Read of size 1 at addr fff00000c4409000 by task kunit_try_catch/165 [ 16.593973] [ 16.594017] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.594100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.594126] Hardware name: linux,dummy-virt (DT) [ 16.594156] Call trace: [ 16.594178] show_stack+0x20/0x38 (C) [ 16.594224] dump_stack_lvl+0x8c/0xd0 [ 16.594268] print_report+0x118/0x608 [ 16.594313] kasan_report+0xdc/0x128 [ 16.594363] __kasan_check_byte+0x54/0x70 [ 16.594409] krealloc_noprof+0x44/0x360 [ 16.594454] krealloc_uaf+0x180/0x520 [ 16.594504] kunit_try_run_case+0x170/0x3f0 [ 16.594550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.594599] kthread+0x328/0x630 [ 16.594639] ret_from_fork+0x10/0x20 [ 16.594685] [ 16.594703] Allocated by task 165: [ 16.595200] kasan_save_stack+0x3c/0x68 [ 16.595251] kasan_save_track+0x20/0x40 [ 16.595288] kasan_save_alloc_info+0x40/0x58 [ 16.595716] __kasan_kmalloc+0xd4/0xd8 [ 16.595764] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.596537] krealloc_uaf+0xc8/0x520 [ 16.597044] kunit_try_run_case+0x170/0x3f0 [ 16.597182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.597435] kthread+0x328/0x630 [ 16.597649] ret_from_fork+0x10/0x20 [ 16.597872] [ 16.597913] Freed by task 165: [ 16.598388] kasan_save_stack+0x3c/0x68 [ 16.598442] kasan_save_track+0x20/0x40 [ 16.598813] kasan_save_free_info+0x4c/0x78 [ 16.598925] __kasan_slab_free+0x6c/0x98 [ 16.599096] kfree+0x214/0x3c8 [ 16.599131] krealloc_uaf+0x12c/0x520 [ 16.599171] kunit_try_run_case+0x170/0x3f0 [ 16.599208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.599484] kthread+0x328/0x630 [ 16.599641] ret_from_fork+0x10/0x20 [ 16.599913] [ 16.600157] The buggy address belongs to the object at fff00000c4409000 [ 16.600157] which belongs to the cache kmalloc-256 of size 256 [ 16.600427] The buggy address is located 0 bytes inside of [ 16.600427] freed 256-byte region [fff00000c4409000, fff00000c4409100) [ 16.600852] [ 16.600894] The buggy address belongs to the physical page: [ 16.601058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104408 [ 16.601442] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.601686] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.601931] page_type: f5(slab) [ 16.602075] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.602596] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.602755] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.602899] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.602952] head: 0bfffe0000000001 ffffc1ffc3110201 00000000ffffffff 00000000ffffffff [ 16.603134] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.603535] page dumped because: kasan: bad access detected [ 16.603690] [ 16.603881] Memory state around the buggy address: [ 16.603917] fff00000c4408f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.603959] fff00000c4408f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.604001] >fff00000c4409000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.604037] ^ [ 16.604064] fff00000c4409080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.604105] fff00000c4409100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.604142] ================================================================== [ 16.605858] ================================================================== [ 16.605992] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.606045] Read of size 1 at addr fff00000c4409000 by task kunit_try_catch/165 [ 16.606319] [ 16.606487] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.606632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.606666] Hardware name: linux,dummy-virt (DT) [ 16.606741] Call trace: [ 16.606783] show_stack+0x20/0x38 (C) [ 16.606932] dump_stack_lvl+0x8c/0xd0 [ 16.607014] print_report+0x118/0x608 [ 16.607062] kasan_report+0xdc/0x128 [ 16.607116] __asan_report_load1_noabort+0x20/0x30 [ 16.607409] krealloc_uaf+0x4c8/0x520 [ 16.607465] kunit_try_run_case+0x170/0x3f0 [ 16.607578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.607708] kthread+0x328/0x630 [ 16.607754] ret_from_fork+0x10/0x20 [ 16.607801] [ 16.607830] Allocated by task 165: [ 16.607867] kasan_save_stack+0x3c/0x68 [ 16.607906] kasan_save_track+0x20/0x40 [ 16.607942] kasan_save_alloc_info+0x40/0x58 [ 16.607981] __kasan_kmalloc+0xd4/0xd8 [ 16.608015] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.608052] krealloc_uaf+0xc8/0x520 [ 16.608085] kunit_try_run_case+0x170/0x3f0 [ 16.608121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.608161] kthread+0x328/0x630 [ 16.608200] ret_from_fork+0x10/0x20 [ 16.608244] [ 16.608262] Freed by task 165: [ 16.608296] kasan_save_stack+0x3c/0x68 [ 16.608332] kasan_save_track+0x20/0x40 [ 16.608366] kasan_save_free_info+0x4c/0x78 [ 16.608404] __kasan_slab_free+0x6c/0x98 [ 16.608451] kfree+0x214/0x3c8 [ 16.608483] krealloc_uaf+0x12c/0x520 [ 16.608525] kunit_try_run_case+0x170/0x3f0 [ 16.608561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.608602] kthread+0x328/0x630 [ 16.608633] ret_from_fork+0x10/0x20 [ 16.608676] [ 16.608693] The buggy address belongs to the object at fff00000c4409000 [ 16.608693] which belongs to the cache kmalloc-256 of size 256 [ 16.608770] The buggy address is located 0 bytes inside of [ 16.608770] freed 256-byte region [fff00000c4409000, fff00000c4409100) [ 16.608869] [ 16.608887] The buggy address belongs to the physical page: [ 16.608919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104408 [ 16.608970] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.609015] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.609063] page_type: f5(slab) [ 16.609110] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.609167] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.609230] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.609304] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.609358] head: 0bfffe0000000001 ffffc1ffc3110201 00000000ffffffff 00000000ffffffff [ 16.609420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.609468] page dumped because: kasan: bad access detected [ 16.609498] [ 16.609515] Memory state around the buggy address: [ 16.609544] fff00000c4408f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609585] fff00000c4408f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609626] >fff00000c4409000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.609662] ^ [ 16.609687] fff00000c4409080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.609728] fff00000c4409100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609773] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.559447] ================================================================== [ 16.559705] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.559830] Write of size 1 at addr fff00000c65220d0 by task kunit_try_catch/163 [ 16.559896] [ 16.560027] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.560115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.560157] Hardware name: linux,dummy-virt (DT) [ 16.560411] Call trace: [ 16.560438] show_stack+0x20/0x38 (C) [ 16.560865] dump_stack_lvl+0x8c/0xd0 [ 16.560989] print_report+0x118/0x608 [ 16.561093] kasan_report+0xdc/0x128 [ 16.561142] __asan_report_store1_noabort+0x20/0x30 [ 16.561197] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.561245] krealloc_large_less_oob+0x20/0x38 [ 16.561303] kunit_try_run_case+0x170/0x3f0 [ 16.561349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.561401] kthread+0x328/0x630 [ 16.561442] ret_from_fork+0x10/0x20 [ 16.561487] [ 16.561506] The buggy address belongs to the physical page: [ 16.561543] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106520 [ 16.561594] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.561648] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.561697] page_type: f8(unknown) [ 16.561734] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.561782] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.561830] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.561897] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.561953] head: 0bfffe0000000002 ffffc1ffc3194801 00000000ffffffff 00000000ffffffff [ 16.562001] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.562047] page dumped because: kasan: bad access detected [ 16.562086] [ 16.562103] Memory state around the buggy address: [ 16.562133] fff00000c6521f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.562174] fff00000c6522000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.562218] >fff00000c6522080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.562265] ^ [ 16.562300] fff00000c6522100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.562341] fff00000c6522180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.562385] ================================================================== [ 16.496993] ================================================================== [ 16.497346] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.497408] Write of size 1 at addr fff00000c4408eea by task kunit_try_catch/159 [ 16.497524] [ 16.497557] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.497810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.497863] Hardware name: linux,dummy-virt (DT) [ 16.498129] Call trace: [ 16.498392] show_stack+0x20/0x38 (C) [ 16.498591] dump_stack_lvl+0x8c/0xd0 [ 16.498672] print_report+0x118/0x608 [ 16.498824] kasan_report+0xdc/0x128 [ 16.498969] __asan_report_store1_noabort+0x20/0x30 [ 16.499124] krealloc_less_oob_helper+0xae4/0xc50 [ 16.499505] krealloc_less_oob+0x20/0x38 [ 16.499954] kunit_try_run_case+0x170/0x3f0 [ 16.500346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.500569] kthread+0x328/0x630 [ 16.500805] ret_from_fork+0x10/0x20 [ 16.500951] [ 16.500991] Allocated by task 159: [ 16.501018] kasan_save_stack+0x3c/0x68 [ 16.501236] kasan_save_track+0x20/0x40 [ 16.501288] kasan_save_alloc_info+0x40/0x58 [ 16.501432] __kasan_krealloc+0x118/0x178 [ 16.501541] krealloc_noprof+0x128/0x360 [ 16.501602] krealloc_less_oob_helper+0x168/0xc50 [ 16.501655] krealloc_less_oob+0x20/0x38 [ 16.501690] kunit_try_run_case+0x170/0x3f0 [ 16.501727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.501769] kthread+0x328/0x630 [ 16.501823] ret_from_fork+0x10/0x20 [ 16.501870] [ 16.501888] The buggy address belongs to the object at fff00000c4408e00 [ 16.501888] which belongs to the cache kmalloc-256 of size 256 [ 16.501944] The buggy address is located 33 bytes to the right of [ 16.501944] allocated 201-byte region [fff00000c4408e00, fff00000c4408ec9) [ 16.502025] [ 16.502045] The buggy address belongs to the physical page: [ 16.502083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104408 [ 16.502149] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.502201] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.502262] page_type: f5(slab) [ 16.502309] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.502357] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.502407] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.502455] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.502502] head: 0bfffe0000000001 ffffc1ffc3110201 00000000ffffffff 00000000ffffffff [ 16.502559] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.502604] page dumped because: kasan: bad access detected [ 16.502640] [ 16.502657] Memory state around the buggy address: [ 16.502688] fff00000c4408d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.503019] fff00000c4408e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.503417] >fff00000c4408e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.503460] ^ [ 16.503498] fff00000c4408f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.503714] fff00000c4408f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.503781] ================================================================== [ 16.562436] ================================================================== [ 16.562470] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.562512] Write of size 1 at addr fff00000c65220da by task kunit_try_catch/163 [ 16.562558] [ 16.562585] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.562660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.562694] Hardware name: linux,dummy-virt (DT) [ 16.563596] Call trace: [ 16.563637] show_stack+0x20/0x38 (C) [ 16.563720] dump_stack_lvl+0x8c/0xd0 [ 16.563832] print_report+0x118/0x608 [ 16.564090] kasan_report+0xdc/0x128 [ 16.564145] __asan_report_store1_noabort+0x20/0x30 [ 16.564862] krealloc_less_oob_helper+0xa80/0xc50 [ 16.565151] krealloc_large_less_oob+0x20/0x38 [ 16.565298] kunit_try_run_case+0x170/0x3f0 [ 16.565509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.565766] kthread+0x328/0x630 [ 16.565832] ret_from_fork+0x10/0x20 [ 16.566316] [ 16.566429] The buggy address belongs to the physical page: [ 16.566719] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106520 [ 16.566876] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.567061] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.567204] page_type: f8(unknown) [ 16.567250] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.567299] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.567538] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.567732] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.568026] head: 0bfffe0000000002 ffffc1ffc3194801 00000000ffffffff 00000000ffffffff [ 16.568217] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.568387] page dumped because: kasan: bad access detected [ 16.568443] [ 16.568461] Memory state around the buggy address: [ 16.568663] fff00000c6521f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.569133] fff00000c6522000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.569189] >fff00000c6522080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.569759] ^ [ 16.569949] fff00000c6522100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.570090] fff00000c6522180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.570206] ================================================================== [ 16.571257] ================================================================== [ 16.571306] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.571485] Write of size 1 at addr fff00000c65220ea by task kunit_try_catch/163 [ 16.571601] [ 16.571777] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.571949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.571978] Hardware name: linux,dummy-virt (DT) [ 16.572046] Call trace: [ 16.572094] show_stack+0x20/0x38 (C) [ 16.572245] dump_stack_lvl+0x8c/0xd0 [ 16.572294] print_report+0x118/0x608 [ 16.572359] kasan_report+0xdc/0x128 [ 16.572810] __asan_report_store1_noabort+0x20/0x30 [ 16.573006] krealloc_less_oob_helper+0xae4/0xc50 [ 16.573409] krealloc_large_less_oob+0x20/0x38 [ 16.573518] kunit_try_run_case+0x170/0x3f0 [ 16.573642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.573725] kthread+0x328/0x630 [ 16.573933] ret_from_fork+0x10/0x20 [ 16.574137] [ 16.574404] The buggy address belongs to the physical page: [ 16.574438] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106520 [ 16.574507] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.574697] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.575044] page_type: f8(unknown) [ 16.575219] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.575308] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.575606] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.575857] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.576485] head: 0bfffe0000000002 ffffc1ffc3194801 00000000ffffffff 00000000ffffffff [ 16.576838] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.577074] page dumped because: kasan: bad access detected [ 16.577387] [ 16.577541] Memory state around the buggy address: [ 16.577652] fff00000c6521f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.577900] fff00000c6522000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.578165] >fff00000c6522080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.578371] ^ [ 16.578626] fff00000c6522100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.578698] fff00000c6522180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.578905] ================================================================== [ 16.470083] ================================================================== [ 16.470308] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.470386] Write of size 1 at addr fff00000c4408ec9 by task kunit_try_catch/159 [ 16.470530] [ 16.470611] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.470692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.470762] Hardware name: linux,dummy-virt (DT) [ 16.470820] Call trace: [ 16.470852] show_stack+0x20/0x38 (C) [ 16.471048] dump_stack_lvl+0x8c/0xd0 [ 16.471099] print_report+0x118/0x608 [ 16.471144] kasan_report+0xdc/0x128 [ 16.471277] __asan_report_store1_noabort+0x20/0x30 [ 16.471442] krealloc_less_oob_helper+0xa48/0xc50 [ 16.471715] krealloc_less_oob+0x20/0x38 [ 16.471877] kunit_try_run_case+0x170/0x3f0 [ 16.472128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.472409] kthread+0x328/0x630 [ 16.472660] ret_from_fork+0x10/0x20 [ 16.473037] [ 16.473282] Allocated by task 159: [ 16.473634] kasan_save_stack+0x3c/0x68 [ 16.473676] kasan_save_track+0x20/0x40 [ 16.474108] kasan_save_alloc_info+0x40/0x58 [ 16.474264] __kasan_krealloc+0x118/0x178 [ 16.474489] krealloc_noprof+0x128/0x360 [ 16.474765] krealloc_less_oob_helper+0x168/0xc50 [ 16.474812] krealloc_less_oob+0x20/0x38 [ 16.474890] kunit_try_run_case+0x170/0x3f0 [ 16.475157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.475374] kthread+0x328/0x630 [ 16.475608] ret_from_fork+0x10/0x20 [ 16.475657] [ 16.475676] The buggy address belongs to the object at fff00000c4408e00 [ 16.475676] which belongs to the cache kmalloc-256 of size 256 [ 16.475865] The buggy address is located 0 bytes to the right of [ 16.475865] allocated 201-byte region [fff00000c4408e00, fff00000c4408ec9) [ 16.476178] [ 16.476242] The buggy address belongs to the physical page: [ 16.476367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104408 [ 16.476645] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.476769] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.476819] page_type: f5(slab) [ 16.476971] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.477350] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.477508] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.477583] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.477642] head: 0bfffe0000000001 ffffc1ffc3110201 00000000ffffffff 00000000ffffffff [ 16.477689] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.477757] page dumped because: kasan: bad access detected [ 16.477787] [ 16.477804] Memory state around the buggy address: [ 16.477862] fff00000c4408d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.477908] fff00000c4408e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.477964] >fff00000c4408e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.478021] ^ [ 16.478054] fff00000c4408f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.478095] fff00000c4408f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.478132] ================================================================== [ 16.480653] ================================================================== [ 16.480701] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.480764] Write of size 1 at addr fff00000c4408ed0 by task kunit_try_catch/159 [ 16.480851] [ 16.480883] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.480960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.481022] Hardware name: linux,dummy-virt (DT) [ 16.481086] Call trace: [ 16.481135] show_stack+0x20/0x38 (C) [ 16.481220] dump_stack_lvl+0x8c/0xd0 [ 16.481267] print_report+0x118/0x608 [ 16.481312] kasan_report+0xdc/0x128 [ 16.481356] __asan_report_store1_noabort+0x20/0x30 [ 16.481406] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.481453] krealloc_less_oob+0x20/0x38 [ 16.481496] kunit_try_run_case+0x170/0x3f0 [ 16.481678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.481769] kthread+0x328/0x630 [ 16.481838] ret_from_fork+0x10/0x20 [ 16.481968] [ 16.481986] Allocated by task 159: [ 16.482012] kasan_save_stack+0x3c/0x68 [ 16.482125] kasan_save_track+0x20/0x40 [ 16.482162] kasan_save_alloc_info+0x40/0x58 [ 16.482211] __kasan_krealloc+0x118/0x178 [ 16.482247] krealloc_noprof+0x128/0x360 [ 16.482282] krealloc_less_oob_helper+0x168/0xc50 [ 16.482319] krealloc_less_oob+0x20/0x38 [ 16.482354] kunit_try_run_case+0x170/0x3f0 [ 16.482458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.482576] kthread+0x328/0x630 [ 16.482608] ret_from_fork+0x10/0x20 [ 16.482641] [ 16.482792] The buggy address belongs to the object at fff00000c4408e00 [ 16.482792] which belongs to the cache kmalloc-256 of size 256 [ 16.483177] The buggy address is located 7 bytes to the right of [ 16.483177] allocated 201-byte region [fff00000c4408e00, fff00000c4408ec9) [ 16.483296] [ 16.483424] The buggy address belongs to the physical page: [ 16.483516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104408 [ 16.483662] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.483778] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.483876] page_type: f5(slab) [ 16.483912] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.483969] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.484261] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.484427] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.484564] head: 0bfffe0000000001 ffffc1ffc3110201 00000000ffffffff 00000000ffffffff [ 16.484744] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.484908] page dumped because: kasan: bad access detected [ 16.485017] [ 16.485083] Memory state around the buggy address: [ 16.485230] fff00000c4408d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485272] fff00000c4408e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.485346] >fff00000c4408e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.485498] ^ [ 16.485778] fff00000c4408f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485833] fff00000c4408f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485940] ================================================================== [ 16.579854] ================================================================== [ 16.579900] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.579947] Write of size 1 at addr fff00000c65220eb by task kunit_try_catch/163 [ 16.580433] [ 16.580668] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.580871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.580939] Hardware name: linux,dummy-virt (DT) [ 16.580989] Call trace: [ 16.581076] show_stack+0x20/0x38 (C) [ 16.581190] dump_stack_lvl+0x8c/0xd0 [ 16.581286] print_report+0x118/0x608 [ 16.581333] kasan_report+0xdc/0x128 [ 16.581697] __asan_report_store1_noabort+0x20/0x30 [ 16.581763] krealloc_less_oob_helper+0xa58/0xc50 [ 16.581829] krealloc_large_less_oob+0x20/0x38 [ 16.581891] kunit_try_run_case+0x170/0x3f0 [ 16.581937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.581987] kthread+0x328/0x630 [ 16.582027] ret_from_fork+0x10/0x20 [ 16.582072] [ 16.582091] The buggy address belongs to the physical page: [ 16.582120] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106520 [ 16.582171] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.582216] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.582266] page_type: f8(unknown) [ 16.582303] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.582351] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.582398] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.582444] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.582490] head: 0bfffe0000000002 ffffc1ffc3194801 00000000ffffffff 00000000ffffffff [ 16.582536] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.582573] page dumped because: kasan: bad access detected [ 16.582602] [ 16.582619] Memory state around the buggy address: [ 16.582648] fff00000c6521f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.582688] fff00000c6522000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.582727] >fff00000c6522080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.582763] ^ [ 16.582799] fff00000c6522100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.582847] fff00000c6522180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.582883] ================================================================== [ 16.549983] ================================================================== [ 16.550038] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.550090] Write of size 1 at addr fff00000c65220c9 by task kunit_try_catch/163 [ 16.550280] [ 16.550324] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.550405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.550430] Hardware name: linux,dummy-virt (DT) [ 16.550460] Call trace: [ 16.550685] show_stack+0x20/0x38 (C) [ 16.550862] dump_stack_lvl+0x8c/0xd0 [ 16.550910] print_report+0x118/0x608 [ 16.551201] kasan_report+0xdc/0x128 [ 16.551533] __asan_report_store1_noabort+0x20/0x30 [ 16.551757] krealloc_less_oob_helper+0xa48/0xc50 [ 16.552045] krealloc_large_less_oob+0x20/0x38 [ 16.552280] kunit_try_run_case+0x170/0x3f0 [ 16.552438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.552586] kthread+0x328/0x630 [ 16.552674] ret_from_fork+0x10/0x20 [ 16.552962] [ 16.553176] The buggy address belongs to the physical page: [ 16.553425] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106520 [ 16.553542] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.553595] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.553804] page_type: f8(unknown) [ 16.554052] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.554166] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.554294] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.554486] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.554949] head: 0bfffe0000000002 ffffc1ffc3194801 00000000ffffffff 00000000ffffffff [ 16.555011] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.555536] page dumped because: kasan: bad access detected [ 16.555643] [ 16.555718] Memory state around the buggy address: [ 16.555950] fff00000c6521f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.556024] fff00000c6522000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.556437] >fff00000c6522080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.556647] ^ [ 16.556697] fff00000c6522100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.556901] fff00000c6522180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.557251] ================================================================== [ 16.487760] ================================================================== [ 16.487808] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.487869] Write of size 1 at addr fff00000c4408eda by task kunit_try_catch/159 [ 16.487927] [ 16.487956] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.488035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.488060] Hardware name: linux,dummy-virt (DT) [ 16.488091] Call trace: [ 16.488111] show_stack+0x20/0x38 (C) [ 16.488374] dump_stack_lvl+0x8c/0xd0 [ 16.488809] print_report+0x118/0x608 [ 16.488883] kasan_report+0xdc/0x128 [ 16.488928] __asan_report_store1_noabort+0x20/0x30 [ 16.489058] krealloc_less_oob_helper+0xa80/0xc50 [ 16.489112] krealloc_less_oob+0x20/0x38 [ 16.489157] kunit_try_run_case+0x170/0x3f0 [ 16.489202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.489590] kthread+0x328/0x630 [ 16.489684] ret_from_fork+0x10/0x20 [ 16.489876] [ 16.489906] Allocated by task 159: [ 16.490079] kasan_save_stack+0x3c/0x68 [ 16.490135] kasan_save_track+0x20/0x40 [ 16.490276] kasan_save_alloc_info+0x40/0x58 [ 16.490314] __kasan_krealloc+0x118/0x178 [ 16.490351] krealloc_noprof+0x128/0x360 [ 16.490387] krealloc_less_oob_helper+0x168/0xc50 [ 16.490424] krealloc_less_oob+0x20/0x38 [ 16.490708] kunit_try_run_case+0x170/0x3f0 [ 16.491020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.491067] kthread+0x328/0x630 [ 16.491099] ret_from_fork+0x10/0x20 [ 16.491133] [ 16.491444] The buggy address belongs to the object at fff00000c4408e00 [ 16.491444] which belongs to the cache kmalloc-256 of size 256 [ 16.491720] The buggy address is located 17 bytes to the right of [ 16.491720] allocated 201-byte region [fff00000c4408e00, fff00000c4408ec9) [ 16.491867] [ 16.491916] The buggy address belongs to the physical page: [ 16.491996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104408 [ 16.492104] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.492250] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.492486] page_type: f5(slab) [ 16.492788] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.493272] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.493484] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.493551] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.493899] head: 0bfffe0000000001 ffffc1ffc3110201 00000000ffffffff 00000000ffffffff [ 16.494039] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.494363] page dumped because: kasan: bad access detected [ 16.494542] [ 16.494808] Memory state around the buggy address: [ 16.494909] fff00000c4408d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.494956] fff00000c4408e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.495004] >fff00000c4408e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.495202] ^ [ 16.495513] fff00000c4408f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.495569] fff00000c4408f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.495884] ================================================================== [ 16.504773] ================================================================== [ 16.504818] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.505193] Write of size 1 at addr fff00000c4408eeb by task kunit_try_catch/159 [ 16.505485] [ 16.505523] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.505739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.505767] Hardware name: linux,dummy-virt (DT) [ 16.505953] Call trace: [ 16.506029] show_stack+0x20/0x38 (C) [ 16.506085] dump_stack_lvl+0x8c/0xd0 [ 16.506177] print_report+0x118/0x608 [ 16.506431] kasan_report+0xdc/0x128 [ 16.506647] __asan_report_store1_noabort+0x20/0x30 [ 16.506724] krealloc_less_oob_helper+0xa58/0xc50 [ 16.506888] krealloc_less_oob+0x20/0x38 [ 16.507160] kunit_try_run_case+0x170/0x3f0 [ 16.507270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.507538] kthread+0x328/0x630 [ 16.507726] ret_from_fork+0x10/0x20 [ 16.507776] [ 16.507801] Allocated by task 159: [ 16.507828] kasan_save_stack+0x3c/0x68 [ 16.507999] kasan_save_track+0x20/0x40 [ 16.508044] kasan_save_alloc_info+0x40/0x58 [ 16.508249] __kasan_krealloc+0x118/0x178 [ 16.508295] krealloc_noprof+0x128/0x360 [ 16.508591] krealloc_less_oob_helper+0x168/0xc50 [ 16.508803] krealloc_less_oob+0x20/0x38 [ 16.508905] kunit_try_run_case+0x170/0x3f0 [ 16.509005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.509049] kthread+0x328/0x630 [ 16.509452] ret_from_fork+0x10/0x20 [ 16.509561] [ 16.509640] The buggy address belongs to the object at fff00000c4408e00 [ 16.509640] which belongs to the cache kmalloc-256 of size 256 [ 16.509804] The buggy address is located 34 bytes to the right of [ 16.509804] allocated 201-byte region [fff00000c4408e00, fff00000c4408ec9) [ 16.510005] [ 16.510028] The buggy address belongs to the physical page: [ 16.510123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104408 [ 16.510308] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.510584] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.510811] page_type: f5(slab) [ 16.510887] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.511055] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.511120] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.511335] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.511475] head: 0bfffe0000000001 ffffc1ffc3110201 00000000ffffffff 00000000ffffffff [ 16.511525] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.511614] page dumped because: kasan: bad access detected [ 16.511809] [ 16.512008] Memory state around the buggy address: [ 16.512148] fff00000c4408d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.512341] fff00000c4408e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.512430] >fff00000c4408e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.512480] ^ [ 16.512736] fff00000c4408f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.512896] fff00000c4408f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.513037] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.522881] ================================================================== [ 16.523100] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.523194] Write of size 1 at addr fff00000c65220eb by task kunit_try_catch/161 [ 16.523557] [ 16.523643] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.524066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.524132] Hardware name: linux,dummy-virt (DT) [ 16.524268] Call trace: [ 16.524405] show_stack+0x20/0x38 (C) [ 16.524492] dump_stack_lvl+0x8c/0xd0 [ 16.524651] print_report+0x118/0x608 [ 16.524725] kasan_report+0xdc/0x128 [ 16.524838] __asan_report_store1_noabort+0x20/0x30 [ 16.525065] krealloc_more_oob_helper+0x60c/0x678 [ 16.525304] krealloc_large_more_oob+0x20/0x38 [ 16.525385] kunit_try_run_case+0x170/0x3f0 [ 16.525610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.525897] kthread+0x328/0x630 [ 16.526156] ret_from_fork+0x10/0x20 [ 16.526500] [ 16.526543] The buggy address belongs to the physical page: [ 16.526814] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106520 [ 16.526890] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.526942] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.527340] page_type: f8(unknown) [ 16.527574] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.527636] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.527934] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.528338] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.528431] head: 0bfffe0000000002 ffffc1ffc3194801 00000000ffffffff 00000000ffffffff [ 16.528482] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.528687] page dumped because: kasan: bad access detected [ 16.528936] [ 16.529078] Memory state around the buggy address: [ 16.529113] fff00000c6521f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.529171] fff00000c6522000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.529416] >fff00000c6522080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.529613] ^ [ 16.529662] fff00000c6522100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.529914] fff00000c6522180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.530124] ================================================================== [ 16.459972] ================================================================== [ 16.460030] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.460117] Write of size 1 at addr fff00000c4408cf0 by task kunit_try_catch/157 [ 16.460183] [ 16.460213] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.460290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.460533] Hardware name: linux,dummy-virt (DT) [ 16.460642] Call trace: [ 16.460664] show_stack+0x20/0x38 (C) [ 16.460750] dump_stack_lvl+0x8c/0xd0 [ 16.460866] print_report+0x118/0x608 [ 16.460942] kasan_report+0xdc/0x128 [ 16.460988] __asan_report_store1_noabort+0x20/0x30 [ 16.461097] krealloc_more_oob_helper+0x5c0/0x678 [ 16.461155] krealloc_more_oob+0x20/0x38 [ 16.461200] kunit_try_run_case+0x170/0x3f0 [ 16.461245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.461483] kthread+0x328/0x630 [ 16.461570] ret_from_fork+0x10/0x20 [ 16.461626] [ 16.461644] Allocated by task 157: [ 16.461717] kasan_save_stack+0x3c/0x68 [ 16.461764] kasan_save_track+0x20/0x40 [ 16.461917] kasan_save_alloc_info+0x40/0x58 [ 16.461963] __kasan_krealloc+0x118/0x178 [ 16.462042] krealloc_noprof+0x128/0x360 [ 16.462079] krealloc_more_oob_helper+0x168/0x678 [ 16.462155] krealloc_more_oob+0x20/0x38 [ 16.462193] kunit_try_run_case+0x170/0x3f0 [ 16.462229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.462420] kthread+0x328/0x630 [ 16.462462] ret_from_fork+0x10/0x20 [ 16.462498] [ 16.462516] The buggy address belongs to the object at fff00000c4408c00 [ 16.462516] which belongs to the cache kmalloc-256 of size 256 [ 16.462570] The buggy address is located 5 bytes to the right of [ 16.462570] allocated 235-byte region [fff00000c4408c00, fff00000c4408ceb) [ 16.462660] [ 16.462750] The buggy address belongs to the physical page: [ 16.462905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104408 [ 16.462957] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.463003] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.463054] page_type: f5(slab) [ 16.463090] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.463140] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.463187] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.463233] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.463280] head: 0bfffe0000000001 ffffc1ffc3110201 00000000ffffffff 00000000ffffffff [ 16.463331] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.463369] page dumped because: kasan: bad access detected [ 16.463398] [ 16.463415] Memory state around the buggy address: [ 16.463443] fff00000c4408b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.463483] fff00000c4408c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.463523] >fff00000c4408c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.463558] ^ [ 16.463595] fff00000c4408d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.463635] fff00000c4408d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.463670] ================================================================== [ 16.454705] ================================================================== [ 16.454775] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.455103] Write of size 1 at addr fff00000c4408ceb by task kunit_try_catch/157 [ 16.455229] [ 16.455388] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.455530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.455587] Hardware name: linux,dummy-virt (DT) [ 16.455616] Call trace: [ 16.455637] show_stack+0x20/0x38 (C) [ 16.455686] dump_stack_lvl+0x8c/0xd0 [ 16.455731] print_report+0x118/0x608 [ 16.455777] kasan_report+0xdc/0x128 [ 16.456167] __asan_report_store1_noabort+0x20/0x30 [ 16.456351] krealloc_more_oob_helper+0x60c/0x678 [ 16.456494] krealloc_more_oob+0x20/0x38 [ 16.456592] kunit_try_run_case+0x170/0x3f0 [ 16.456681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.456878] kthread+0x328/0x630 [ 16.456929] ret_from_fork+0x10/0x20 [ 16.456976] [ 16.457098] Allocated by task 157: [ 16.457132] kasan_save_stack+0x3c/0x68 [ 16.457174] kasan_save_track+0x20/0x40 [ 16.457210] kasan_save_alloc_info+0x40/0x58 [ 16.457258] __kasan_krealloc+0x118/0x178 [ 16.457293] krealloc_noprof+0x128/0x360 [ 16.457338] krealloc_more_oob_helper+0x168/0x678 [ 16.457376] krealloc_more_oob+0x20/0x38 [ 16.457411] kunit_try_run_case+0x170/0x3f0 [ 16.457447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.457504] kthread+0x328/0x630 [ 16.457537] ret_from_fork+0x10/0x20 [ 16.457581] [ 16.457601] The buggy address belongs to the object at fff00000c4408c00 [ 16.457601] which belongs to the cache kmalloc-256 of size 256 [ 16.457656] The buggy address is located 0 bytes to the right of [ 16.457656] allocated 235-byte region [fff00000c4408c00, fff00000c4408ceb) [ 16.457740] [ 16.457768] The buggy address belongs to the physical page: [ 16.457799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104408 [ 16.457887] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.457933] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.457991] page_type: f5(slab) [ 16.458036] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.458094] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.458141] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.458198] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.458245] head: 0bfffe0000000001 ffffc1ffc3110201 00000000ffffffff 00000000ffffffff [ 16.458293] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.458331] page dumped because: kasan: bad access detected [ 16.458360] [ 16.458379] Memory state around the buggy address: [ 16.458417] fff00000c4408b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458459] fff00000c4408c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.458514] >fff00000c4408c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.458558] ^ [ 16.458600] fff00000c4408d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458646] fff00000c4408d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458685] ================================================================== [ 16.533630] ================================================================== [ 16.533697] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.533995] Write of size 1 at addr fff00000c65220f0 by task kunit_try_catch/161 [ 16.534064] [ 16.534132] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.534215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.534392] Hardware name: linux,dummy-virt (DT) [ 16.534610] Call trace: [ 16.534670] show_stack+0x20/0x38 (C) [ 16.534853] dump_stack_lvl+0x8c/0xd0 [ 16.535210] print_report+0x118/0x608 [ 16.535413] kasan_report+0xdc/0x128 [ 16.535611] __asan_report_store1_noabort+0x20/0x30 [ 16.535704] krealloc_more_oob_helper+0x5c0/0x678 [ 16.536134] krealloc_large_more_oob+0x20/0x38 [ 16.536244] kunit_try_run_case+0x170/0x3f0 [ 16.536496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.536559] kthread+0x328/0x630 [ 16.536927] ret_from_fork+0x10/0x20 [ 16.537264] [ 16.537543] The buggy address belongs to the physical page: [ 16.537582] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106520 [ 16.537978] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.538182] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.538357] page_type: f8(unknown) [ 16.538517] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.538881] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.538991] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.539254] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.539306] head: 0bfffe0000000002 ffffc1ffc3194801 00000000ffffffff 00000000ffffffff [ 16.539369] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.539416] page dumped because: kasan: bad access detected [ 16.539480] [ 16.539499] Memory state around the buggy address: [ 16.539537] fff00000c6521f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.539580] fff00000c6522000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.539620] >fff00000c6522080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.539657] ^ [ 16.540104] fff00000c6522100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.540234] fff00000c6522180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.540390] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.445567] ================================================================== [ 16.445622] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.445887] Read of size 1 at addr fff00000c7800000 by task kunit_try_catch/155 [ 16.445961] [ 16.445997] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.446089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.446116] Hardware name: linux,dummy-virt (DT) [ 16.446155] Call trace: [ 16.446185] show_stack+0x20/0x38 (C) [ 16.446235] dump_stack_lvl+0x8c/0xd0 [ 16.446280] print_report+0x118/0x608 [ 16.446325] kasan_report+0xdc/0x128 [ 16.446378] __asan_report_load1_noabort+0x20/0x30 [ 16.446428] page_alloc_uaf+0x328/0x350 [ 16.446472] kunit_try_run_case+0x170/0x3f0 [ 16.446525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.446586] kthread+0x328/0x630 [ 16.446629] ret_from_fork+0x10/0x20 [ 16.446676] [ 16.446705] The buggy address belongs to the physical page: [ 16.446734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 16.446785] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.446977] page_type: f0(buddy) [ 16.447021] raw: 0bfffe0000000000 fff00000ff616310 fff00000ff616310 0000000000000000 [ 16.447070] raw: 0000000000000000 000000000000000a 00000000f0000000 0000000000000000 [ 16.447108] page dumped because: kasan: bad access detected [ 16.447137] [ 16.447154] Memory state around the buggy address: [ 16.447186] fff00000c77fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.447582] fff00000c77fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.447783] >fff00000c7800000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.448047] ^ [ 16.448288] fff00000c7800080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.448455] fff00000c7800100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.448583] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.426252] ================================================================== [ 16.426333] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.426392] Free of addr fff00000c6518001 by task kunit_try_catch/151 [ 16.426435] [ 16.426464] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.426713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.426816] Hardware name: linux,dummy-virt (DT) [ 16.426912] Call trace: [ 16.426962] show_stack+0x20/0x38 (C) [ 16.427078] dump_stack_lvl+0x8c/0xd0 [ 16.427201] print_report+0x118/0x608 [ 16.427295] kasan_report_invalid_free+0xc0/0xe8 [ 16.427393] __kasan_kfree_large+0x5c/0xa8 [ 16.427526] free_large_kmalloc+0x64/0x190 [ 16.427653] kfree+0x270/0x3c8 [ 16.427713] kmalloc_large_invalid_free+0x108/0x270 [ 16.427759] kunit_try_run_case+0x170/0x3f0 [ 16.427803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.427864] kthread+0x328/0x630 [ 16.427904] ret_from_fork+0x10/0x20 [ 16.428260] [ 16.428295] The buggy address belongs to the physical page: [ 16.428351] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106518 [ 16.428449] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.428572] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.428690] page_type: f8(unknown) [ 16.428806] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.428922] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.429060] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.429215] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.429318] head: 0bfffe0000000002 ffffc1ffc3194601 00000000ffffffff 00000000ffffffff [ 16.429418] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.429766] page dumped because: kasan: bad access detected [ 16.429867] [ 16.430035] Memory state around the buggy address: [ 16.430115] fff00000c6517f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.430171] fff00000c6517f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.430255] >fff00000c6518000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.430335] ^ [ 16.430420] fff00000c6518080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.430530] fff00000c6518100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.430611] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.419712] ================================================================== [ 16.419792] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.419873] Read of size 1 at addr fff00000c6518000 by task kunit_try_catch/149 [ 16.419921] [ 16.419959] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.420081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.420109] Hardware name: linux,dummy-virt (DT) [ 16.420147] Call trace: [ 16.420220] show_stack+0x20/0x38 (C) [ 16.420275] dump_stack_lvl+0x8c/0xd0 [ 16.420361] print_report+0x118/0x608 [ 16.420445] kasan_report+0xdc/0x128 [ 16.420501] __asan_report_load1_noabort+0x20/0x30 [ 16.420551] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.420595] kunit_try_run_case+0x170/0x3f0 [ 16.420642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.420693] kthread+0x328/0x630 [ 16.420735] ret_from_fork+0x10/0x20 [ 16.420782] [ 16.420803] The buggy address belongs to the physical page: [ 16.420834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106518 [ 16.420897] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.420963] raw: 0bfffe0000000000 ffffc1ffc3194708 fff00000da457c40 0000000000000000 [ 16.421011] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.421049] page dumped because: kasan: bad access detected [ 16.421080] [ 16.421097] Memory state around the buggy address: [ 16.421129] fff00000c6517f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.421179] fff00000c6517f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.421220] >fff00000c6518000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.421256] ^ [ 16.421283] fff00000c6518080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.421326] fff00000c6518100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.421363] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.385750] ================================================================== [ 16.385924] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.385978] Write of size 1 at addr fff00000c651a00a by task kunit_try_catch/147 [ 16.386225] [ 16.386268] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.386604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.386630] Hardware name: linux,dummy-virt (DT) [ 16.386671] Call trace: [ 16.386794] show_stack+0x20/0x38 (C) [ 16.386867] dump_stack_lvl+0x8c/0xd0 [ 16.386913] print_report+0x118/0x608 [ 16.386978] kasan_report+0xdc/0x128 [ 16.387023] __asan_report_store1_noabort+0x20/0x30 [ 16.387198] kmalloc_large_oob_right+0x278/0x2b8 [ 16.387245] kunit_try_run_case+0x170/0x3f0 [ 16.387918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.388002] kthread+0x328/0x630 [ 16.388043] ret_from_fork+0x10/0x20 [ 16.388090] [ 16.388130] The buggy address belongs to the physical page: [ 16.388234] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106518 [ 16.388881] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.388936] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.390703] page_type: f8(unknown) [ 16.391819] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.391891] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.392328] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.392698] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.394922] head: 0bfffe0000000002 ffffc1ffc3194601 00000000ffffffff 00000000ffffffff [ 16.395156] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.395250] page dumped because: kasan: bad access detected [ 16.395282] [ 16.395300] Memory state around the buggy address: [ 16.395339] fff00000c6519f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.395380] fff00000c6519f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.395422] >fff00000c651a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.395459] ^ [ 16.395488] fff00000c651a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.395528] fff00000c651a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.395565] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.370098] ================================================================== [ 16.370157] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.370205] Write of size 1 at addr fff00000c77d9f00 by task kunit_try_catch/145 [ 16.370252] [ 16.370556] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.370650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.370676] Hardware name: linux,dummy-virt (DT) [ 16.370738] Call trace: [ 16.370833] show_stack+0x20/0x38 (C) [ 16.371438] dump_stack_lvl+0x8c/0xd0 [ 16.371518] print_report+0x118/0x608 [ 16.371592] kasan_report+0xdc/0x128 [ 16.371638] __asan_report_store1_noabort+0x20/0x30 [ 16.371794] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.372043] kunit_try_run_case+0x170/0x3f0 [ 16.372090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.372141] kthread+0x328/0x630 [ 16.372182] ret_from_fork+0x10/0x20 [ 16.372228] [ 16.372247] Allocated by task 145: [ 16.372274] kasan_save_stack+0x3c/0x68 [ 16.372314] kasan_save_track+0x20/0x40 [ 16.372358] kasan_save_alloc_info+0x40/0x58 [ 16.372541] __kasan_kmalloc+0xd4/0xd8 [ 16.372718] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.372815] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.372862] kunit_try_run_case+0x170/0x3f0 [ 16.372938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.373046] kthread+0x328/0x630 [ 16.373151] ret_from_fork+0x10/0x20 [ 16.373198] [ 16.373222] The buggy address belongs to the object at fff00000c77d8000 [ 16.373222] which belongs to the cache kmalloc-8k of size 8192 [ 16.373405] The buggy address is located 0 bytes to the right of [ 16.373405] allocated 7936-byte region [fff00000c77d8000, fff00000c77d9f00) [ 16.373521] [ 16.373621] The buggy address belongs to the physical page: [ 16.373685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 16.373775] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.373836] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.374658] page_type: f5(slab) [ 16.374782] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.375149] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.375394] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.375445] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.375529] head: 0bfffe0000000003 ffffc1ffc31df601 00000000ffffffff 00000000ffffffff [ 16.375800] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.375911] page dumped because: kasan: bad access detected [ 16.375975] [ 16.376016] Memory state around the buggy address: [ 16.376048] fff00000c77d9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.376090] fff00000c77d9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.376131] >fff00000c77d9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.376168] ^ [ 16.376195] fff00000c77d9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.376291] fff00000c77da000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.376372] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.358461] ================================================================== [ 16.358507] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.358564] Write of size 1 at addr fff00000c6f3f378 by task kunit_try_catch/143 [ 16.358642] [ 16.358777] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.358905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.358932] Hardware name: linux,dummy-virt (DT) [ 16.358962] Call trace: [ 16.358982] show_stack+0x20/0x38 (C) [ 16.359476] dump_stack_lvl+0x8c/0xd0 [ 16.359987] print_report+0x118/0x608 [ 16.360275] kasan_report+0xdc/0x128 [ 16.360326] __asan_report_store1_noabort+0x20/0x30 [ 16.360583] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.360640] kunit_try_run_case+0x170/0x3f0 [ 16.360724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.360909] kthread+0x328/0x630 [ 16.361000] ret_from_fork+0x10/0x20 [ 16.361048] [ 16.361066] Allocated by task 143: [ 16.361103] kasan_save_stack+0x3c/0x68 [ 16.361259] kasan_save_track+0x20/0x40 [ 16.361321] kasan_save_alloc_info+0x40/0x58 [ 16.361403] __kasan_kmalloc+0xd4/0xd8 [ 16.361449] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.361491] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.361688] kunit_try_run_case+0x170/0x3f0 [ 16.361755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.361900] kthread+0x328/0x630 [ 16.361953] ret_from_fork+0x10/0x20 [ 16.362045] [ 16.362063] The buggy address belongs to the object at fff00000c6f3f300 [ 16.362063] which belongs to the cache kmalloc-128 of size 128 [ 16.362154] The buggy address is located 0 bytes to the right of [ 16.362154] allocated 120-byte region [fff00000c6f3f300, fff00000c6f3f378) [ 16.362381] [ 16.362403] The buggy address belongs to the physical page: [ 16.362433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.362506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.362738] page_type: f5(slab) [ 16.362936] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.362985] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.363035] page dumped because: kasan: bad access detected [ 16.363120] [ 16.363148] Memory state around the buggy address: [ 16.363178] fff00000c6f3f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.363220] fff00000c6f3f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.363261] >fff00000c6f3f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.363297] ^ [ 16.363344] fff00000c6f3f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.363593] fff00000c6f3f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.363807] ================================================================== [ 16.352576] ================================================================== [ 16.352808] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.353033] Write of size 1 at addr fff00000c6f3f278 by task kunit_try_catch/143 [ 16.353083] [ 16.353114] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.353451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.353481] Hardware name: linux,dummy-virt (DT) [ 16.353510] Call trace: [ 16.353695] show_stack+0x20/0x38 (C) [ 16.353798] dump_stack_lvl+0x8c/0xd0 [ 16.353899] print_report+0x118/0x608 [ 16.353945] kasan_report+0xdc/0x128 [ 16.353991] __asan_report_store1_noabort+0x20/0x30 [ 16.354041] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.354091] kunit_try_run_case+0x170/0x3f0 [ 16.354137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.354189] kthread+0x328/0x630 [ 16.354230] ret_from_fork+0x10/0x20 [ 16.354276] [ 16.354300] Allocated by task 143: [ 16.354372] kasan_save_stack+0x3c/0x68 [ 16.354456] kasan_save_track+0x20/0x40 [ 16.354492] kasan_save_alloc_info+0x40/0x58 [ 16.354530] __kasan_kmalloc+0xd4/0xd8 [ 16.354571] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.354729] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.354807] kunit_try_run_case+0x170/0x3f0 [ 16.354853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.354931] kthread+0x328/0x630 [ 16.354963] ret_from_fork+0x10/0x20 [ 16.354998] [ 16.355426] The buggy address belongs to the object at fff00000c6f3f200 [ 16.355426] which belongs to the cache kmalloc-128 of size 128 [ 16.355519] The buggy address is located 0 bytes to the right of [ 16.355519] allocated 120-byte region [fff00000c6f3f200, fff00000c6f3f278) [ 16.355583] [ 16.355602] The buggy address belongs to the physical page: [ 16.355913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.356042] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.356091] page_type: f5(slab) [ 16.356134] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.356576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.356630] page dumped because: kasan: bad access detected [ 16.356695] [ 16.356712] Memory state around the buggy address: [ 16.356757] fff00000c6f3f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.357054] fff00000c6f3f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.357224] >fff00000c6f3f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.357278] ^ [ 16.357318] fff00000c6f3f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.357358] fff00000c6f3f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.357538] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.337388] ================================================================== [ 16.337455] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.337513] Read of size 1 at addr fff00000c6503000 by task kunit_try_catch/141 [ 16.338073] [ 16.338425] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.338666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.338825] Hardware name: linux,dummy-virt (DT) [ 16.338879] Call trace: [ 16.338902] show_stack+0x20/0x38 (C) [ 16.338956] dump_stack_lvl+0x8c/0xd0 [ 16.339002] print_report+0x118/0x608 [ 16.339048] kasan_report+0xdc/0x128 [ 16.339092] __asan_report_load1_noabort+0x20/0x30 [ 16.339143] kmalloc_node_oob_right+0x2f4/0x330 [ 16.339190] kunit_try_run_case+0x170/0x3f0 [ 16.339238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.339293] kthread+0x328/0x630 [ 16.339340] ret_from_fork+0x10/0x20 [ 16.339412] [ 16.339431] Allocated by task 141: [ 16.339459] kasan_save_stack+0x3c/0x68 [ 16.339778] kasan_save_track+0x20/0x40 [ 16.339818] kasan_save_alloc_info+0x40/0x58 [ 16.339868] __kasan_kmalloc+0xd4/0xd8 [ 16.339903] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.339943] kmalloc_node_oob_right+0xbc/0x330 [ 16.340355] kunit_try_run_case+0x170/0x3f0 [ 16.340465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.340508] kthread+0x328/0x630 [ 16.340556] ret_from_fork+0x10/0x20 [ 16.340636] [ 16.340720] The buggy address belongs to the object at fff00000c6502000 [ 16.340720] which belongs to the cache kmalloc-4k of size 4096 [ 16.340778] The buggy address is located 0 bytes to the right of [ 16.340778] allocated 4096-byte region [fff00000c6502000, fff00000c6503000) [ 16.341080] [ 16.341201] The buggy address belongs to the physical page: [ 16.341286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 16.341626] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.341898] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.342334] page_type: f5(slab) [ 16.342374] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.342509] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.342786] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.342890] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.342964] head: 0bfffe0000000003 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 16.343011] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.343071] page dumped because: kasan: bad access detected [ 16.343339] [ 16.343518] Memory state around the buggy address: [ 16.343555] fff00000c6502f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.343875] fff00000c6502f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.344051] >fff00000c6503000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.344291] ^ [ 16.344392] fff00000c6503080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.344437] fff00000c6503100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.344475] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.307365] ================================================================== [ 16.307427] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.307481] Read of size 1 at addr fff00000c3f2f57f by task kunit_try_catch/139 [ 16.307560] [ 16.307602] CPU: 0 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.307742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.307769] Hardware name: linux,dummy-virt (DT) [ 16.307859] Call trace: [ 16.307884] show_stack+0x20/0x38 (C) [ 16.308044] dump_stack_lvl+0x8c/0xd0 [ 16.308120] print_report+0x118/0x608 [ 16.308166] kasan_report+0xdc/0x128 [ 16.308218] __asan_report_load1_noabort+0x20/0x30 [ 16.308484] kmalloc_oob_left+0x2ec/0x320 [ 16.308530] kunit_try_run_case+0x170/0x3f0 [ 16.308577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.308629] kthread+0x328/0x630 [ 16.308670] ret_from_fork+0x10/0x20 [ 16.308726] [ 16.308821] Allocated by task 10: [ 16.308989] kasan_save_stack+0x3c/0x68 [ 16.309103] kasan_save_track+0x20/0x40 [ 16.309199] kasan_save_alloc_info+0x40/0x58 [ 16.309395] __kasan_kmalloc+0xd4/0xd8 [ 16.309513] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.309555] kvasprintf+0xe0/0x180 [ 16.309591] __kthread_create_on_node+0x16c/0x350 [ 16.309629] kthread_create_on_node+0xe4/0x130 [ 16.309664] create_worker+0x380/0x6b8 [ 16.309698] worker_thread+0x808/0xf38 [ 16.309738] kthread+0x328/0x630 [ 16.310121] ret_from_fork+0x10/0x20 [ 16.310267] [ 16.310413] The buggy address belongs to the object at fff00000c3f2f560 [ 16.310413] which belongs to the cache kmalloc-16 of size 16 [ 16.310672] The buggy address is located 19 bytes to the right of [ 16.310672] allocated 12-byte region [fff00000c3f2f560, fff00000c3f2f56c) [ 16.311218] [ 16.311294] The buggy address belongs to the physical page: [ 16.311348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2f [ 16.311437] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.311533] page_type: f5(slab) [ 16.311611] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.311659] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.311698] page dumped because: kasan: bad access detected [ 16.311728] [ 16.311745] Memory state around the buggy address: [ 16.312025] fff00000c3f2f400: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 16.312169] fff00000c3f2f480: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.312212] >fff00000c3f2f500: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.312249] ^ [ 16.312362] fff00000c3f2f580: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.312404] fff00000c3f2f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.312486] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.292142] ================================================================== [ 16.292183] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.292268] Write of size 1 at addr fff00000c6f3f178 by task kunit_try_catch/137 [ 16.292318] [ 16.292350] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.292581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.292629] Hardware name: linux,dummy-virt (DT) [ 16.292677] Call trace: [ 16.292712] show_stack+0x20/0x38 (C) [ 16.292787] dump_stack_lvl+0x8c/0xd0 [ 16.292835] print_report+0x118/0x608 [ 16.293086] kasan_report+0xdc/0x128 [ 16.293146] __asan_report_store1_noabort+0x20/0x30 [ 16.293205] kmalloc_oob_right+0x538/0x660 [ 16.293308] kunit_try_run_case+0x170/0x3f0 [ 16.293374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.293426] kthread+0x328/0x630 [ 16.293468] ret_from_fork+0x10/0x20 [ 16.293674] [ 16.293701] Allocated by task 137: [ 16.293761] kasan_save_stack+0x3c/0x68 [ 16.293870] kasan_save_track+0x20/0x40 [ 16.293919] kasan_save_alloc_info+0x40/0x58 [ 16.293976] __kasan_kmalloc+0xd4/0xd8 [ 16.294012] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.294108] kmalloc_oob_right+0xb0/0x660 [ 16.294153] kunit_try_run_case+0x170/0x3f0 [ 16.294190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.294252] kthread+0x328/0x630 [ 16.294284] ret_from_fork+0x10/0x20 [ 16.294411] [ 16.294604] The buggy address belongs to the object at fff00000c6f3f100 [ 16.294604] which belongs to the cache kmalloc-128 of size 128 [ 16.294697] The buggy address is located 5 bytes to the right of [ 16.294697] allocated 115-byte region [fff00000c6f3f100, fff00000c6f3f173) [ 16.294930] [ 16.294951] The buggy address belongs to the physical page: [ 16.294981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.295050] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.295097] page_type: f5(slab) [ 16.295135] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.295183] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.295453] page dumped because: kasan: bad access detected [ 16.295490] [ 16.295507] Memory state around the buggy address: [ 16.295597] fff00000c6f3f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.295663] fff00000c6f3f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.295712] >fff00000c6f3f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.295747] ^ [ 16.295785] fff00000c6f3f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.295826] fff00000c6f3f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.295882] ================================================================== [ 16.296612] ================================================================== [ 16.296734] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.296788] Read of size 1 at addr fff00000c6f3f180 by task kunit_try_catch/137 [ 16.296836] [ 16.296916] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.297016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.297056] Hardware name: linux,dummy-virt (DT) [ 16.297103] Call trace: [ 16.297142] show_stack+0x20/0x38 (C) [ 16.297189] dump_stack_lvl+0x8c/0xd0 [ 16.297357] print_report+0x118/0x608 [ 16.297536] kasan_report+0xdc/0x128 [ 16.297630] __asan_report_load1_noabort+0x20/0x30 [ 16.297682] kmalloc_oob_right+0x5d0/0x660 [ 16.297727] kunit_try_run_case+0x170/0x3f0 [ 16.297773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.297909] kthread+0x328/0x630 [ 16.297977] ret_from_fork+0x10/0x20 [ 16.298115] [ 16.298167] Allocated by task 137: [ 16.298225] kasan_save_stack+0x3c/0x68 [ 16.298294] kasan_save_track+0x20/0x40 [ 16.298359] kasan_save_alloc_info+0x40/0x58 [ 16.298399] __kasan_kmalloc+0xd4/0xd8 [ 16.298665] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.298771] kmalloc_oob_right+0xb0/0x660 [ 16.298814] kunit_try_run_case+0x170/0x3f0 [ 16.298878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.298920] kthread+0x328/0x630 [ 16.298951] ret_from_fork+0x10/0x20 [ 16.298985] [ 16.299004] The buggy address belongs to the object at fff00000c6f3f100 [ 16.299004] which belongs to the cache kmalloc-128 of size 128 [ 16.299059] The buggy address is located 13 bytes to the right of [ 16.299059] allocated 115-byte region [fff00000c6f3f100, fff00000c6f3f173) [ 16.299121] [ 16.299139] The buggy address belongs to the physical page: [ 16.299167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.299216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.299261] page_type: f5(slab) [ 16.299297] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.299574] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.299686] page dumped because: kasan: bad access detected [ 16.299800] [ 16.299849] Memory state around the buggy address: [ 16.299894] fff00000c6f3f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.299963] fff00000c6f3f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.300005] >fff00000c6f3f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300041] ^ [ 16.300068] fff00000c6f3f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300121] fff00000c6f3f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300171] ================================================================== [ 16.275951] ================================================================== [ 16.276434] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.277526] Write of size 1 at addr fff00000c6f3f173 by task kunit_try_catch/137 [ 16.277689] [ 16.278490] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 16.278634] Tainted: [N]=TEST [ 16.278666] Hardware name: linux,dummy-virt (DT) [ 16.279276] Call trace: [ 16.280043] show_stack+0x20/0x38 (C) [ 16.280415] dump_stack_lvl+0x8c/0xd0 [ 16.280767] print_report+0x118/0x608 [ 16.280831] kasan_report+0xdc/0x128 [ 16.280888] __asan_report_store1_noabort+0x20/0x30 [ 16.280939] kmalloc_oob_right+0x5a4/0x660 [ 16.280985] kunit_try_run_case+0x170/0x3f0 [ 16.281036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.281089] kthread+0x328/0x630 [ 16.281170] ret_from_fork+0x10/0x20 [ 16.281585] [ 16.281641] Allocated by task 137: [ 16.282079] kasan_save_stack+0x3c/0x68 [ 16.282260] kasan_save_track+0x20/0x40 [ 16.282341] kasan_save_alloc_info+0x40/0x58 [ 16.282381] __kasan_kmalloc+0xd4/0xd8 [ 16.282632] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.282747] kmalloc_oob_right+0xb0/0x660 [ 16.282824] kunit_try_run_case+0x170/0x3f0 [ 16.282874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.282916] kthread+0x328/0x630 [ 16.282964] ret_from_fork+0x10/0x20 [ 16.283427] [ 16.283662] The buggy address belongs to the object at fff00000c6f3f100 [ 16.283662] which belongs to the cache kmalloc-128 of size 128 [ 16.284185] The buggy address is located 0 bytes to the right of [ 16.284185] allocated 115-byte region [fff00000c6f3f100, fff00000c6f3f173) [ 16.284293] [ 16.284773] The buggy address belongs to the physical page: [ 16.285499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f3f [ 16.286563] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.287396] page_type: f5(slab) [ 16.288283] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.288503] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.288935] page dumped because: kasan: bad access detected [ 16.289032] [ 16.289102] Memory state around the buggy address: [ 16.289824] fff00000c6f3f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.290327] fff00000c6f3f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.290449] >fff00000c6f3f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.290643] ^ [ 16.290907] fff00000c6f3f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.290962] fff00000c6f3f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.291034] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.088097] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.089707] Modules linked in: [ 95.089951] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 95.090335] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.090557] Hardware name: linux,dummy-virt (DT) [ 95.090890] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.091702] pc : intlog10+0x38/0x48 [ 95.092281] lr : intlog10_test+0xe4/0x200 [ 95.092850] sp : ffff800082307c10 [ 95.093294] x29: ffff800082307c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.094130] x26: 1ffe00001947db41 x25: 0000000000000000 x24: ffff800082307ce0 [ 95.095001] x23: ffff800082307d00 x22: 0000000000000000 x21: 1ffff00010460f82 [ 95.095822] x20: ffffaa4961e89e80 x19: ffff800080087990 x18: 00000000e2445e7b [ 95.096688] x17: 000000007db07001 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 95.097422] x14: 0000000000018fff x13: 1ffe00001b48a7cd x12: ffff75492cba3379 [ 95.098308] x11: 1ffff5492cba3378 x10: ffff75492cba3378 x9 : ffffaa495f4366dc [ 95.099185] x8 : ffffaa4965d19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.099554] x5 : ffff700010460f82 x4 : 1ffff00010010f3a x3 : 1ffff5492c3d13d0 [ 95.099907] x2 : 1ffff5492c3d13d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.100252] Call trace: [ 95.100392] intlog10+0x38/0x48 (P) [ 95.100590] kunit_try_run_case+0x170/0x3f0 [ 95.100793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.101353] kthread+0x328/0x630 [ 95.101719] ret_from_fork+0x10/0x20 [ 95.102122] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.044436] WARNING: CPU: 0 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.045162] Modules linked in: [ 95.045390] CPU: 0 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 95.045773] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.045987] Hardware name: linux,dummy-virt (DT) [ 95.046188] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.046464] pc : intlog2+0xd8/0xf8 [ 95.046638] lr : intlog2_test+0xe4/0x200 [ 95.046857] sp : ffff800082237c10 [ 95.047018] x29: ffff800082237c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.047370] x26: 1ffe000019470641 x25: 0000000000000000 x24: ffff800082237ce0 [ 95.047895] x23: ffff800082237d00 x22: 0000000000000000 x21: 1ffff00010446f82 [ 95.049130] x20: ffffaa4961e89d80 x19: ffff800080087990 x18: 00000000a64a52c0 [ 95.049922] x17: 00000000e15deaf8 x16: fff00000c097583c x15: fff00000ff616b08 [ 95.050657] x14: 0000000000018fff x13: 1ffe00001b48ebcd x12: ffff75492cba3379 [ 95.052480] x11: 1ffff5492cba3378 x10: ffff75492cba3378 x9 : ffffaa495f4368dc [ 95.053232] x8 : ffffaa4965d19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.053987] x5 : ffff700010446f82 x4 : 1ffff00010010f3a x3 : 1ffff5492c3d13b0 [ 95.054677] x2 : 1ffff5492c3d13b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.055393] Call trace: [ 95.055534] intlog2+0xd8/0xf8 (P) [ 95.055729] kunit_try_run_case+0x170/0x3f0 [ 95.055949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.056263] kthread+0x328/0x630 [ 95.056486] ret_from_fork+0x10/0x20 [ 95.056733] ---[ end trace 0000000000000000 ]---