Date
July 12, 2025, 11:09 a.m.
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 31.134285] ================================================================== [ 31.134421] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 31.134421] [ 31.134556] Out-of-bounds read at 0x000000007e039535 (105B right of kfence-#186): [ 31.134633] test_kmalloc_aligned_oob_read+0x238/0x468 [ 31.134697] kunit_try_run_case+0x170/0x3f0 [ 31.134749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.134795] kthread+0x328/0x630 [ 31.134859] ret_from_fork+0x10/0x20 [ 31.134906] [ 31.134933] kfence-#186: 0x00000000faf68146-0x00000000a8e80f1c, size=73, cache=kmalloc-96 [ 31.134933] [ 31.134991] allocated by task 324 on cpu 1 at 31.133853s (0.001133s ago): [ 31.135068] test_alloc+0x29c/0x628 [ 31.135113] test_kmalloc_aligned_oob_read+0x100/0x468 [ 31.135159] kunit_try_run_case+0x170/0x3f0 [ 31.135201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.135246] kthread+0x328/0x630 [ 31.135286] ret_from_fork+0x10/0x20 [ 31.135329] [ 31.135381] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 31.135474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.135508] Hardware name: linux,dummy-virt (DT) [ 31.135549] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 26.455316] ================================================================== [ 26.455496] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 26.455496] [ 26.455620] Corrupted memory at 0x00000000b0261689 [ ! . . . . . . . . . . . . . . . ] (in kfence-#141): [ 26.456244] test_corruption+0x278/0x378 [ 26.456352] kunit_try_run_case+0x170/0x3f0 [ 26.456446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.456539] kthread+0x328/0x630 [ 26.456619] ret_from_fork+0x10/0x20 [ 26.456686] [ 26.456717] kfence-#141: 0x000000009de9dd0f-0x000000004e6446db, size=32, cache=kmalloc-32 [ 26.456717] [ 26.456784] allocated by task 312 on cpu 1 at 26.454978s (0.001802s ago): [ 26.456886] test_alloc+0x29c/0x628 [ 26.456933] test_corruption+0xdc/0x378 [ 26.456975] kunit_try_run_case+0x170/0x3f0 [ 26.457018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.457063] kthread+0x328/0x630 [ 26.457100] ret_from_fork+0x10/0x20 [ 26.457166] [ 26.457193] freed by task 312 on cpu 1 at 26.455150s (0.002038s ago): [ 26.457261] test_corruption+0x278/0x378 [ 26.457307] kunit_try_run_case+0x170/0x3f0 [ 26.457351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.457399] kthread+0x328/0x630 [ 26.457439] ret_from_fork+0x10/0x20 [ 26.457483] [ 26.457538] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.457631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.457667] Hardware name: linux,dummy-virt (DT) [ 26.457705] ================================================================== [ 27.078216] ================================================================== [ 27.078414] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 27.078414] [ 27.078552] Corrupted memory at 0x000000007b78827c [ ! . . . . . . . . . . . . . . . ] (in kfence-#147): [ 27.078951] test_corruption+0x120/0x378 [ 27.079013] kunit_try_run_case+0x170/0x3f0 [ 27.079067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.079117] kthread+0x328/0x630 [ 27.079161] ret_from_fork+0x10/0x20 [ 27.079206] [ 27.079235] kfence-#147: 0x00000000674199b2-0x00000000da323e4b, size=32, cache=test [ 27.079235] [ 27.079297] allocated by task 314 on cpu 1 at 27.077957s (0.001336s ago): [ 27.079371] test_alloc+0x230/0x628 [ 27.079419] test_corruption+0xdc/0x378 [ 27.079463] kunit_try_run_case+0x170/0x3f0 [ 27.079508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.079555] kthread+0x328/0x630 [ 27.079595] ret_from_fork+0x10/0x20 [ 27.079638] [ 27.079664] freed by task 314 on cpu 1 at 27.078052s (0.001607s ago): [ 27.079732] test_corruption+0x120/0x378 [ 27.079776] kunit_try_run_case+0x170/0x3f0 [ 27.079833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.079889] kthread+0x328/0x630 [ 27.079932] ret_from_fork+0x10/0x20 [ 27.079973] [ 27.080025] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 27.080112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.080145] Hardware name: linux,dummy-virt (DT) [ 27.080183] ================================================================== [ 27.182231] ================================================================== [ 27.182413] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 27.182413] [ 27.182520] Corrupted memory at 0x0000000045dff007 [ ! ] (in kfence-#148): [ 27.182672] test_corruption+0x1d8/0x378 [ 27.182733] kunit_try_run_case+0x170/0x3f0 [ 27.182784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.182854] kthread+0x328/0x630 [ 27.182903] ret_from_fork+0x10/0x20 [ 27.182948] [ 27.182975] kfence-#148: 0x00000000983f849c-0x0000000036986fd0, size=32, cache=test [ 27.182975] [ 27.183040] allocated by task 314 on cpu 1 at 27.181987s (0.001049s ago): [ 27.183109] test_alloc+0x230/0x628 [ 27.183156] test_corruption+0x198/0x378 [ 27.183201] kunit_try_run_case+0x170/0x3f0 [ 27.183243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.183291] kthread+0x328/0x630 [ 27.183329] ret_from_fork+0x10/0x20 [ 27.183373] [ 27.183399] freed by task 314 on cpu 1 at 27.182079s (0.001315s ago): [ 27.183465] test_corruption+0x1d8/0x378 [ 27.183510] kunit_try_run_case+0x170/0x3f0 [ 27.183552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.183599] kthread+0x328/0x630 [ 27.183637] ret_from_fork+0x10/0x20 [ 27.183681] [ 27.183728] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 27.183813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.183864] Hardware name: linux,dummy-virt (DT) [ 27.183901] ================================================================== [ 26.662522] ================================================================== [ 26.662678] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 26.662678] [ 26.662765] Corrupted memory at 0x000000005209f6ac [ ! ] (in kfence-#143): [ 26.662948] test_corruption+0x284/0x378 [ 26.663011] kunit_try_run_case+0x170/0x3f0 [ 26.663062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.663112] kthread+0x328/0x630 [ 26.663159] ret_from_fork+0x10/0x20 [ 26.663205] [ 26.663235] kfence-#143: 0x00000000885af237-0x000000004a737be7, size=32, cache=kmalloc-32 [ 26.663235] [ 26.663300] allocated by task 312 on cpu 1 at 26.662020s (0.001275s ago): [ 26.663372] test_alloc+0x29c/0x628 [ 26.663417] test_corruption+0x198/0x378 [ 26.663462] kunit_try_run_case+0x170/0x3f0 [ 26.663507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.663554] kthread+0x328/0x630 [ 26.663595] ret_from_fork+0x10/0x20 [ 26.663636] [ 26.663664] freed by task 312 on cpu 1 at 26.662204s (0.001455s ago): [ 26.663730] test_corruption+0x284/0x378 [ 26.663776] kunit_try_run_case+0x170/0x3f0 [ 26.663831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.663888] kthread+0x328/0x630 [ 26.663928] ret_from_fork+0x10/0x20 [ 26.663971] [ 26.664021] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.664109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.664143] Hardware name: linux,dummy-virt (DT) [ 26.664180] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 26.247031] ================================================================== [ 26.247189] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 26.247189] [ 26.247303] Invalid free of 0x00000000f251b62e (in kfence-#139): [ 26.247422] test_invalid_addr_free+0xec/0x238 [ 26.247527] kunit_try_run_case+0x170/0x3f0 [ 26.247627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.247736] kthread+0x328/0x630 [ 26.248120] ret_from_fork+0x10/0x20 [ 26.248228] [ 26.248283] kfence-#139: 0x00000000de78259d-0x000000005363477b, size=32, cache=test [ 26.248283] [ 26.248399] allocated by task 310 on cpu 1 at 26.246797s (0.001595s ago): [ 26.248542] test_alloc+0x230/0x628 [ 26.248631] test_invalid_addr_free+0xd4/0x238 [ 26.248725] kunit_try_run_case+0x170/0x3f0 [ 26.249124] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.249377] kthread+0x328/0x630 [ 26.249553] ret_from_fork+0x10/0x20 [ 26.249761] [ 26.249998] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.250475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.250611] Hardware name: linux,dummy-virt (DT) [ 26.250805] ================================================================== [ 26.143162] ================================================================== [ 26.143320] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 26.143320] [ 26.143444] Invalid free of 0x00000000e5f7e837 (in kfence-#138): [ 26.143578] test_invalid_addr_free+0x1ac/0x238 [ 26.143687] kunit_try_run_case+0x170/0x3f0 [ 26.143781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.143896] kthread+0x328/0x630 [ 26.143985] ret_from_fork+0x10/0x20 [ 26.144069] [ 26.144126] kfence-#138: 0x0000000025f73b2b-0x00000000bcd52939, size=32, cache=kmalloc-32 [ 26.144126] [ 26.144245] allocated by task 308 on cpu 1 at 26.142868s (0.001370s ago): [ 26.144380] test_alloc+0x29c/0x628 [ 26.144473] test_invalid_addr_free+0xd4/0x238 [ 26.144566] kunit_try_run_case+0x170/0x3f0 [ 26.144655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.144751] kthread+0x328/0x630 [ 26.144845] ret_from_fork+0x10/0x20 [ 26.144926] [ 26.145043] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.145253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.145349] Hardware name: linux,dummy-virt (DT) [ 26.145423] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 26.042340] ================================================================== [ 26.042501] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 26.042501] [ 26.043334] Invalid free of 0x000000007859d322 (in kfence-#137): [ 26.043551] test_double_free+0x100/0x238 [ 26.044035] kunit_try_run_case+0x170/0x3f0 [ 26.044320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.044933] kthread+0x328/0x630 [ 26.045494] ret_from_fork+0x10/0x20 [ 26.045768] [ 26.045912] kfence-#137: 0x000000007859d322-0x00000000ad6cd0cf, size=32, cache=test [ 26.045912] [ 26.046296] allocated by task 306 on cpu 1 at 26.041507s (0.004777s ago): [ 26.046552] test_alloc+0x230/0x628 [ 26.046670] test_double_free+0xd4/0x238 [ 26.047061] kunit_try_run_case+0x170/0x3f0 [ 26.047346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.047720] kthread+0x328/0x630 [ 26.048006] ret_from_fork+0x10/0x20 [ 26.048435] [ 26.048533] freed by task 306 on cpu 1 at 26.041625s (0.006898s ago): [ 26.048791] test_double_free+0xf0/0x238 [ 26.048895] kunit_try_run_case+0x170/0x3f0 [ 26.049434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.049554] kthread+0x328/0x630 [ 26.050180] ret_from_fork+0x10/0x20 [ 26.050301] [ 26.050613] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.051488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.051578] Hardware name: linux,dummy-virt (DT) [ 26.051661] ================================================================== [ 25.937048] ================================================================== [ 25.937283] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 25.937283] [ 25.937441] Invalid free of 0x0000000094324d8c (in kfence-#136): [ 25.937676] test_double_free+0x1bc/0x238 [ 25.938233] kunit_try_run_case+0x170/0x3f0 [ 25.938497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.938661] kthread+0x328/0x630 [ 25.938787] ret_from_fork+0x10/0x20 [ 25.938896] [ 25.938959] kfence-#136: 0x0000000094324d8c-0x000000000a15d6bc, size=32, cache=kmalloc-32 [ 25.938959] [ 25.939093] allocated by task 304 on cpu 1 at 25.935798s (0.003279s ago): [ 25.939330] test_alloc+0x29c/0x628 [ 25.939611] test_double_free+0xd4/0x238 [ 25.939817] kunit_try_run_case+0x170/0x3f0 [ 25.939940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.940084] kthread+0x328/0x630 [ 25.940218] ret_from_fork+0x10/0x20 [ 25.940338] [ 25.940397] freed by task 304 on cpu 1 at 25.936341s (0.004047s ago): [ 25.940605] test_double_free+0x1ac/0x238 [ 25.940702] kunit_try_run_case+0x170/0x3f0 [ 25.940815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.940924] kthread+0x328/0x630 [ 25.941006] ret_from_fork+0x10/0x20 [ 25.941361] [ 25.941483] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.941719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.941791] Hardware name: linux,dummy-virt (DT) [ 25.942103] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 25.613989] ================================================================== [ 25.614091] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 25.614091] [ 25.614203] Use-after-free read at 0x00000000a87746b8 (in kfence-#133): [ 25.614264] test_use_after_free_read+0x114/0x248 [ 25.614325] kunit_try_run_case+0x170/0x3f0 [ 25.614377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.614427] kthread+0x328/0x630 [ 25.614471] ret_from_fork+0x10/0x20 [ 25.614517] [ 25.614561] kfence-#133: 0x00000000a87746b8-0x00000000410a09a1, size=32, cache=test [ 25.614561] [ 25.614623] allocated by task 298 on cpu 1 at 25.611663s (0.002955s ago): [ 25.614709] test_alloc+0x230/0x628 [ 25.614759] test_use_after_free_read+0xd0/0x248 [ 25.614805] kunit_try_run_case+0x170/0x3f0 [ 25.614873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.614924] kthread+0x328/0x630 [ 25.614966] ret_from_fork+0x10/0x20 [ 25.615011] [ 25.615038] freed by task 298 on cpu 1 at 25.611784s (0.003249s ago): [ 25.615112] test_use_after_free_read+0xf0/0x248 [ 25.615160] kunit_try_run_case+0x170/0x3f0 [ 25.615205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.615255] kthread+0x328/0x630 [ 25.615296] ret_from_fork+0x10/0x20 [ 25.615339] [ 25.615390] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.615483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.615516] Hardware name: linux,dummy-virt (DT) [ 25.615556] ================================================================== [ 25.507014] ================================================================== [ 25.507199] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 25.507199] [ 25.507389] Use-after-free read at 0x00000000b0219fa1 (in kfence-#132): [ 25.507550] test_use_after_free_read+0x114/0x248 [ 25.507726] kunit_try_run_case+0x170/0x3f0 [ 25.507897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.508049] kthread+0x328/0x630 [ 25.508177] ret_from_fork+0x10/0x20 [ 25.508319] [ 25.508383] kfence-#132: 0x00000000b0219fa1-0x00000000575235aa, size=32, cache=kmalloc-32 [ 25.508383] [ 25.508521] allocated by task 296 on cpu 1 at 25.506339s (0.002169s ago): [ 25.508754] test_alloc+0x29c/0x628 [ 25.509143] test_use_after_free_read+0xd0/0x248 [ 25.509271] kunit_try_run_case+0x170/0x3f0 [ 25.509376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.509577] kthread+0x328/0x630 [ 25.509683] ret_from_fork+0x10/0x20 [ 25.509762] [ 25.509807] freed by task 296 on cpu 1 at 25.506502s (0.003298s ago): [ 25.509981] test_use_after_free_read+0x1c0/0x248 [ 25.510101] kunit_try_run_case+0x170/0x3f0 [ 25.510188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.510285] kthread+0x328/0x630 [ 25.510363] ret_from_fork+0x10/0x20 [ 25.510445] [ 25.510608] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.510898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.510995] Hardware name: linux,dummy-virt (DT) [ 25.511101] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 25.400472] ================================================================== [ 25.400894] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 25.400894] [ 25.401205] Out-of-bounds write at 0x000000009147a610 (1B left of kfence-#131): [ 25.401394] test_out_of_bounds_write+0x100/0x240 [ 25.401494] kunit_try_run_case+0x170/0x3f0 [ 25.401679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.401911] kthread+0x328/0x630 [ 25.402108] ret_from_fork+0x10/0x20 [ 25.402306] [ 25.402363] kfence-#131: 0x00000000fd0a1093-0x0000000071265c43, size=32, cache=test [ 25.402363] [ 25.402471] allocated by task 294 on cpu 1 at 25.399844s (0.002619s ago): [ 25.402633] test_alloc+0x230/0x628 [ 25.403555] test_out_of_bounds_write+0xc8/0x240 [ 25.403661] kunit_try_run_case+0x170/0x3f0 [ 25.403767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.403894] kthread+0x328/0x630 [ 25.403993] ret_from_fork+0x10/0x20 [ 25.404096] [ 25.404195] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.404404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.405315] Hardware name: linux,dummy-virt (DT) [ 25.405505] ================================================================== [ 25.072201] ================================================================== [ 25.072304] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 25.072304] [ 25.072481] Out-of-bounds write at 0x00000000e7947c3f (1B left of kfence-#128): [ 25.072607] test_out_of_bounds_write+0x100/0x240 [ 25.072713] kunit_try_run_case+0x170/0x3f0 [ 25.072812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.073215] kthread+0x328/0x630 [ 25.073473] ret_from_fork+0x10/0x20 [ 25.073579] [ 25.073683] kfence-#128: 0x0000000025440805-0x00000000d89f7037, size=32, cache=kmalloc-32 [ 25.073683] [ 25.073954] allocated by task 292 on cpu 1 at 25.071638s (0.002304s ago): [ 25.074418] test_alloc+0x29c/0x628 [ 25.074512] test_out_of_bounds_write+0xc8/0x240 [ 25.074622] kunit_try_run_case+0x170/0x3f0 [ 25.074790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.075103] kthread+0x328/0x630 [ 25.075268] ret_from_fork+0x10/0x20 [ 25.075373] [ 25.075808] CPU: 1 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.076208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.076273] Hardware name: linux,dummy-virt (DT) [ 25.076348] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 22.355347] ================================================================== [ 22.355543] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 22.355711] Write of size 8 at addr fff00000c3f4d8a8 by task kunit_try_catch/262 [ 22.355859] [ 22.355939] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.356210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.356304] Hardware name: linux,dummy-virt (DT) [ 22.356408] Call trace: [ 22.356480] show_stack+0x20/0x38 (C) [ 22.356619] dump_stack_lvl+0x8c/0xd0 [ 22.356751] print_report+0x118/0x608 [ 22.356969] kasan_report+0xdc/0x128 [ 22.357316] kasan_check_range+0x100/0x1a8 [ 22.357450] __kasan_check_write+0x20/0x30 [ 22.357564] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 22.358609] kasan_save_track+0x20/0x40 [ 22.359599] [ 22.359791] The buggy address is located 8 bytes inside of [ 22.359791] allocated 9-byte region [fff00000c3f4d8a0, fff00000c3f4d8a9) [ 22.360120] The buggy address belongs to the physical page: [ 22.360959] page dumped because: kasan: bad access detected [ 22.361043] [ 22.361115] Memory state around the buggy address: [ 22.361238] fff00000c3f4d780: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 22.361361] fff00000c3f4d800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.361479] >fff00000c3f4d880: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.361603] ^ [ 22.362918] ================================================================== [ 22.376711] ================================================================== [ 22.376834] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 22.377766] Read of size 8 at addr fff00000c3f4d8a8 by task kunit_try_catch/262 [ 22.377928] [ 22.378003] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.378367] Call trace: [ 22.382618] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.387223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 22.163847] ================================================================== [ 22.164467] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 22.164590] Read of size 1 at addr ffff800080ab7c2a by task kunit_try_catch/250 [ 22.164714] [ 22.165550] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.166151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.166226] Hardware name: linux,dummy-virt (DT) [ 22.166370] Call trace: [ 22.166443] show_stack+0x20/0x38 (C) [ 22.166646] dump_stack_lvl+0x8c/0xd0 [ 22.166841] print_report+0x310/0x608 [ 22.167198] kasan_report+0xdc/0x128 [ 22.167574] __asan_report_load1_noabort+0x20/0x30 [ 22.167770] kasan_stack_oob+0x238/0x270 [ 22.167911] kunit_try_run_case+0x170/0x3f0 [ 22.168027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.168153] kthread+0x328/0x630 [ 22.168248] ret_from_fork+0x10/0x20 [ 22.168595] [ 22.169202] The buggy address belongs to stack of task kunit_try_catch/250 [ 22.169520] and is located at offset 138 in frame: [ 22.169590] kasan_stack_oob+0x0/0x270 [ 22.169862] [ 22.169922] This frame has 4 objects: [ 22.170129] [48, 49) '__assertion' [ 22.170211] [64, 72) 'array' [ 22.170285] [96, 112) '__assertion' [ 22.170402] [128, 138) 'stack_array' [ 22.170495] [ 22.170584] The buggy address belongs to the virtual mapping at [ 22.170584] [ffff800080ab0000, ffff800080ab9000) created by: [ 22.170584] kernel_clone+0x150/0x7a8 [ 22.170855] [ 22.170937] The buggy address belongs to the physical page: [ 22.171087] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105953 [ 22.171228] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.171426] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.171639] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.171753] page dumped because: kasan: bad access detected [ 22.171837] [ 22.171886] Memory state around the buggy address: [ 22.171991] ffff800080ab7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.172152] ffff800080ab7b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 22.172310] >ffff800080ab7c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 22.172431] ^ [ 22.172525] ffff800080ab7c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 22.172659] ffff800080ab7d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 22.172806] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 22.136581] ================================================================== [ 22.137102] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 22.137325] Read of size 1 at addr ffff9c38cc34f58d by task kunit_try_catch/246 [ 22.137656] [ 22.138064] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.138349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.138414] Hardware name: linux,dummy-virt (DT) [ 22.138568] Call trace: [ 22.138655] show_stack+0x20/0x38 (C) [ 22.138987] dump_stack_lvl+0x8c/0xd0 [ 22.139114] print_report+0x310/0x608 [ 22.139235] kasan_report+0xdc/0x128 [ 22.139341] __asan_report_load1_noabort+0x20/0x30 [ 22.139464] kasan_global_oob_right+0x230/0x270 [ 22.139576] kunit_try_run_case+0x170/0x3f0 [ 22.139686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.139803] kthread+0x328/0x630 [ 22.140257] ret_from_fork+0x10/0x20 [ 22.140582] [ 22.140811] The buggy address belongs to the variable: [ 22.141029] global_array+0xd/0x40 [ 22.141286] [ 22.141692] The buggy address belongs to the virtual mapping at [ 22.141692] [ffff9c38ca500000, ffff9c38cc401000) created by: [ 22.141692] paging_init+0x66c/0x7d0 [ 22.142017] [ 22.142469] The buggy address belongs to the physical page: [ 22.142557] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 22.143198] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 22.143373] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 22.143625] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.143767] page dumped because: kasan: bad access detected [ 22.143848] [ 22.143888] Memory state around the buggy address: [ 22.143962] ffff9c38cc34f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.144106] ffff9c38cc34f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 22.144239] >ffff9c38cc34f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 22.144329] ^ [ 22.144394] ffff9c38cc34f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 22.144506] ffff9c38cc34f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.144646] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 22.116120] ================================================================== [ 22.116259] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.116388] Free of addr fff00000c79b8001 by task kunit_try_catch/244 [ 22.116489] [ 22.116568] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.116764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.117231] Hardware name: linux,dummy-virt (DT) [ 22.117331] Call trace: [ 22.117404] show_stack+0x20/0x38 (C) [ 22.117525] dump_stack_lvl+0x8c/0xd0 [ 22.117648] print_report+0x118/0x608 [ 22.117795] kasan_report_invalid_free+0xc0/0xe8 [ 22.118187] __kasan_mempool_poison_object+0xfc/0x150 [ 22.118291] mempool_free+0x28c/0x328 [ 22.118595] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.118803] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 22.118952] kunit_try_run_case+0x170/0x3f0 [ 22.119055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.119172] kthread+0x328/0x630 [ 22.119270] ret_from_fork+0x10/0x20 [ 22.119375] [ 22.119419] The buggy address belongs to the physical page: [ 22.119490] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8 [ 22.119615] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.119732] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.119858] page_type: f8(unknown) [ 22.120302] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.120415] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.120530] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.120639] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.120752] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff [ 22.120874] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.120954] page dumped because: kasan: bad access detected [ 22.121175] [ 22.121220] Memory state around the buggy address: [ 22.121867] fff00000c79b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.121967] fff00000c79b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.122064] >fff00000c79b8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.122146] ^ [ 22.122185] fff00000c79b8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.122231] fff00000c79b8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.122270] ================================================================== [ 22.095129] ================================================================== [ 22.095259] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.095376] Free of addr fff00000c5942501 by task kunit_try_catch/242 [ 22.095476] [ 22.095544] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.095739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.095805] Hardware name: linux,dummy-virt (DT) [ 22.096436] Call trace: [ 22.096505] show_stack+0x20/0x38 (C) [ 22.096633] dump_stack_lvl+0x8c/0xd0 [ 22.096746] print_report+0x118/0x608 [ 22.096871] kasan_report_invalid_free+0xc0/0xe8 [ 22.096984] check_slab_allocation+0xfc/0x108 [ 22.097105] __kasan_mempool_poison_object+0x78/0x150 [ 22.097270] mempool_free+0x28c/0x328 [ 22.097619] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 22.097795] mempool_kmalloc_invalid_free+0xc0/0x118 [ 22.097970] kunit_try_run_case+0x170/0x3f0 [ 22.098089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.098333] kthread+0x328/0x630 [ 22.098427] ret_from_fork+0x10/0x20 [ 22.098549] [ 22.098595] Allocated by task 242: [ 22.098723] kasan_save_stack+0x3c/0x68 [ 22.098922] kasan_save_track+0x20/0x40 [ 22.099041] kasan_save_alloc_info+0x40/0x58 [ 22.099216] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.099582] remove_element+0x130/0x1f8 [ 22.099713] mempool_alloc_preallocated+0x58/0xc0 [ 22.099974] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 22.100089] mempool_kmalloc_invalid_free+0xc0/0x118 [ 22.100187] kunit_try_run_case+0x170/0x3f0 [ 22.100277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.100753] kthread+0x328/0x630 [ 22.100963] ret_from_fork+0x10/0x20 [ 22.101109] [ 22.101275] The buggy address belongs to the object at fff00000c5942500 [ 22.101275] which belongs to the cache kmalloc-128 of size 128 [ 22.101693] The buggy address is located 1 bytes inside of [ 22.101693] 128-byte region [fff00000c5942500, fff00000c5942580) [ 22.102042] [ 22.102107] The buggy address belongs to the physical page: [ 22.102397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 22.102768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.102923] page_type: f5(slab) [ 22.103010] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.103137] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.103239] page dumped because: kasan: bad access detected [ 22.103429] [ 22.103480] Memory state around the buggy address: [ 22.103797] fff00000c5942400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.104029] fff00000c5942480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.104127] >fff00000c5942500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.104319] ^ [ 22.104412] fff00000c5942580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.104961] fff00000c5942600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.105283] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 22.078589] ================================================================== [ 22.078728] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 22.078852] Free of addr fff00000c79b8000 by task kunit_try_catch/240 [ 22.078951] [ 22.079021] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.079207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.079272] Hardware name: linux,dummy-virt (DT) [ 22.079346] Call trace: [ 22.079397] show_stack+0x20/0x38 (C) [ 22.079506] dump_stack_lvl+0x8c/0xd0 [ 22.079617] print_report+0x118/0x608 [ 22.079726] kasan_report_invalid_free+0xc0/0xe8 [ 22.080715] __kasan_mempool_poison_pages+0xe0/0xe8 [ 22.080875] mempool_free+0x24c/0x328 [ 22.080976] mempool_double_free_helper+0x150/0x2e8 [ 22.081088] mempool_page_alloc_double_free+0xbc/0x118 [ 22.081240] kunit_try_run_case+0x170/0x3f0 [ 22.081599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.081707] kthread+0x328/0x630 [ 22.081813] ret_from_fork+0x10/0x20 [ 22.081920] [ 22.081962] The buggy address belongs to the physical page: [ 22.082023] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8 [ 22.082347] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.082532] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.082690] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.082799] page dumped because: kasan: bad access detected [ 22.082900] [ 22.082951] Memory state around the buggy address: [ 22.083028] fff00000c79b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.083318] fff00000c79b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.083468] >fff00000c79b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.083584] ^ [ 22.083673] fff00000c79b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.083805] fff00000c79b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.083941] ================================================================== [ 22.016391] ================================================================== [ 22.016526] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 22.016647] Free of addr fff00000c5942100 by task kunit_try_catch/236 [ 22.016741] [ 22.016813] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.019359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.020056] Hardware name: linux,dummy-virt (DT) [ 22.020528] Call trace: [ 22.020779] show_stack+0x20/0x38 (C) [ 22.021431] dump_stack_lvl+0x8c/0xd0 [ 22.021948] print_report+0x118/0x608 [ 22.022178] kasan_report_invalid_free+0xc0/0xe8 [ 22.022891] check_slab_allocation+0xd4/0x108 [ 22.023145] __kasan_mempool_poison_object+0x78/0x150 [ 22.023394] mempool_free+0x28c/0x328 [ 22.024013] mempool_double_free_helper+0x150/0x2e8 [ 22.024711] mempool_kmalloc_double_free+0xc0/0x118 [ 22.025356] kunit_try_run_case+0x170/0x3f0 [ 22.025535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.025645] kthread+0x328/0x630 [ 22.025738] ret_from_fork+0x10/0x20 [ 22.026724] [ 22.026773] Allocated by task 236: [ 22.027389] kasan_save_stack+0x3c/0x68 [ 22.027512] kasan_save_track+0x20/0x40 [ 22.027609] kasan_save_alloc_info+0x40/0x58 [ 22.027703] __kasan_mempool_unpoison_object+0x11c/0x180 [ 22.027803] remove_element+0x130/0x1f8 [ 22.029469] mempool_alloc_preallocated+0x58/0xc0 [ 22.029570] mempool_double_free_helper+0x94/0x2e8 [ 22.030150] mempool_kmalloc_double_free+0xc0/0x118 [ 22.030466] kunit_try_run_case+0x170/0x3f0 [ 22.030640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.030764] kthread+0x328/0x630 [ 22.030854] ret_from_fork+0x10/0x20 [ 22.030945] [ 22.030991] Freed by task 236: [ 22.031412] kasan_save_stack+0x3c/0x68 [ 22.031667] kasan_save_track+0x20/0x40 [ 22.032310] kasan_save_free_info+0x4c/0x78 [ 22.032480] __kasan_mempool_poison_object+0xc0/0x150 [ 22.033258] mempool_free+0x28c/0x328 [ 22.033849] mempool_double_free_helper+0x100/0x2e8 [ 22.034028] mempool_kmalloc_double_free+0xc0/0x118 [ 22.034247] kunit_try_run_case+0x170/0x3f0 [ 22.034341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.034440] kthread+0x328/0x630 [ 22.034509] ret_from_fork+0x10/0x20 [ 22.034604] [ 22.034649] The buggy address belongs to the object at fff00000c5942100 [ 22.034649] which belongs to the cache kmalloc-128 of size 128 [ 22.034793] The buggy address is located 0 bytes inside of [ 22.034793] 128-byte region [fff00000c5942100, fff00000c5942180) [ 22.036912] [ 22.037190] The buggy address belongs to the physical page: [ 22.037274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 22.037408] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.037525] page_type: f5(slab) [ 22.037615] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.037727] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.037785] page dumped because: kasan: bad access detected [ 22.037833] [ 22.037908] Memory state around the buggy address: [ 22.037994] fff00000c5942000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.038093] fff00000c5942080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.038172] >fff00000c5942100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.038649] ^ [ 22.038796] fff00000c5942180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.038929] fff00000c5942200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.039024] ================================================================== [ 22.051529] ================================================================== [ 22.051661] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 22.051781] Free of addr fff00000c79b8000 by task kunit_try_catch/238 [ 22.052484] [ 22.052596] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.052935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.053006] Hardware name: linux,dummy-virt (DT) [ 22.053078] Call trace: [ 22.053129] show_stack+0x20/0x38 (C) [ 22.053247] dump_stack_lvl+0x8c/0xd0 [ 22.053580] print_report+0x118/0x608 [ 22.053722] kasan_report_invalid_free+0xc0/0xe8 [ 22.053857] __kasan_mempool_poison_object+0x14c/0x150 [ 22.053986] mempool_free+0x28c/0x328 [ 22.054092] mempool_double_free_helper+0x150/0x2e8 [ 22.054210] mempool_kmalloc_large_double_free+0xc0/0x118 [ 22.054334] kunit_try_run_case+0x170/0x3f0 [ 22.054446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.054818] kthread+0x328/0x630 [ 22.054918] ret_from_fork+0x10/0x20 [ 22.054975] [ 22.055000] The buggy address belongs to the physical page: [ 22.055037] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8 [ 22.055105] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.055158] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.055220] page_type: f8(unknown) [ 22.055268] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.055327] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.055382] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.055435] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.055489] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff [ 22.055542] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.055585] page dumped because: kasan: bad access detected [ 22.055620] [ 22.055640] Memory state around the buggy address: [ 22.055677] fff00000c79b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.055727] fff00000c79b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.055774] >fff00000c79b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.055815] ^ [ 22.055891] fff00000c79b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.055977] fff00000c79b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.056065] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 19.511180] ================================================================== [ 19.511384] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 19.511555] Write of size 8 at addr fff00000c4569f71 by task kunit_try_catch/177 [ 19.511682] [ 19.511782] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.512012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.512075] Hardware name: linux,dummy-virt (DT) [ 19.512144] Call trace: [ 19.512197] show_stack+0x20/0x38 (C) [ 19.512322] dump_stack_lvl+0x8c/0xd0 [ 19.512451] print_report+0x118/0x608 [ 19.512558] kasan_report+0xdc/0x128 [ 19.512696] kasan_check_range+0x100/0x1a8 [ 19.512813] __asan_memset+0x34/0x78 [ 19.512931] kmalloc_oob_memset_8+0x150/0x2f8 [ 19.513039] kunit_try_run_case+0x170/0x3f0 [ 19.513179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.513277] kthread+0x328/0x630 [ 19.513328] ret_from_fork+0x10/0x20 [ 19.513386] [ 19.513426] Allocated by task 177: [ 19.513466] kasan_save_stack+0x3c/0x68 [ 19.513518] kasan_save_track+0x20/0x40 [ 19.513560] kasan_save_alloc_info+0x40/0x58 [ 19.513603] __kasan_kmalloc+0xd4/0xd8 [ 19.513642] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.513684] kmalloc_oob_memset_8+0xb0/0x2f8 [ 19.513724] kunit_try_run_case+0x170/0x3f0 [ 19.513767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.513812] kthread+0x328/0x630 [ 19.513929] ret_from_fork+0x10/0x20 [ 19.514017] [ 19.514064] The buggy address belongs to the object at fff00000c4569f00 [ 19.514064] which belongs to the cache kmalloc-128 of size 128 [ 19.514185] The buggy address is located 113 bytes inside of [ 19.514185] allocated 120-byte region [fff00000c4569f00, fff00000c4569f78) [ 19.514310] [ 19.514357] The buggy address belongs to the physical page: [ 19.514448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104569 [ 19.514656] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.514794] page_type: f5(slab) [ 19.514909] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.515037] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.515157] page dumped because: kasan: bad access detected [ 19.515236] [ 19.515284] Memory state around the buggy address: [ 19.515379] fff00000c4569e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.515516] fff00000c4569e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.515650] >fff00000c4569f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.515746] ^ [ 19.515871] fff00000c4569f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.515971] fff00000c456a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.516675] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 22.259614] ================================================================== [ 22.259795] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 22.259993] Read of size 1 at addr fff00000c5941e58 by task kunit_try_catch/258 [ 22.260148] [ 22.260232] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.260486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.260549] Hardware name: linux,dummy-virt (DT) [ 22.260629] Call trace: [ 22.260682] show_stack+0x20/0x38 (C) [ 22.260845] dump_stack_lvl+0x8c/0xd0 [ 22.261012] print_report+0x118/0x608 [ 22.261219] kasan_report+0xdc/0x128 [ 22.261352] __asan_report_load1_noabort+0x20/0x30 [ 22.261508] memcmp+0x198/0x1d8 [ 22.261602] kasan_memcmp+0x16c/0x300 [ 22.261724] kunit_try_run_case+0x170/0x3f0 [ 22.261850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.261974] kthread+0x328/0x630 [ 22.262062] ret_from_fork+0x10/0x20 [ 22.262176] [ 22.262219] Allocated by task 258: [ 22.262320] kasan_save_stack+0x3c/0x68 [ 22.262431] kasan_save_track+0x20/0x40 [ 22.262606] kasan_save_alloc_info+0x40/0x58 [ 22.262751] __kasan_kmalloc+0xd4/0xd8 [ 22.262889] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.262984] kasan_memcmp+0xbc/0x300 [ 22.263557] kunit_try_run_case+0x170/0x3f0 [ 22.263708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.264039] kthread+0x328/0x630 [ 22.264350] ret_from_fork+0x10/0x20 [ 22.264445] [ 22.264498] The buggy address belongs to the object at fff00000c5941e40 [ 22.264498] which belongs to the cache kmalloc-32 of size 32 [ 22.264869] The buggy address is located 0 bytes to the right of [ 22.264869] allocated 24-byte region [fff00000c5941e40, fff00000c5941e58) [ 22.265036] [ 22.265087] The buggy address belongs to the physical page: [ 22.265927] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105941 [ 22.266080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.266203] page_type: f5(slab) [ 22.266302] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.266434] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.266550] page dumped because: kasan: bad access detected [ 22.267447] [ 22.267504] Memory state around the buggy address: [ 22.267982] fff00000c5941d00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.268169] fff00000c5941d80: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.268486] >fff00000c5941e00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.268781] ^ [ 22.268960] fff00000c5941e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.269060] fff00000c5941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.269378] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 22.224321] ================================================================== [ 22.224611] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 22.224765] Read of size 1 at addr ffff800080ad7b4a by task kunit_try_catch/254 [ 22.224896] [ 22.224984] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.225419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.225499] Hardware name: linux,dummy-virt (DT) [ 22.225584] Call trace: [ 22.225661] show_stack+0x20/0x38 (C) [ 22.225866] dump_stack_lvl+0x8c/0xd0 [ 22.226023] print_report+0x310/0x608 [ 22.226172] kasan_report+0xdc/0x128 [ 22.226297] __asan_report_load1_noabort+0x20/0x30 [ 22.226405] kasan_alloca_oob_right+0x2dc/0x340 [ 22.226510] kunit_try_run_case+0x170/0x3f0 [ 22.226633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.226736] kthread+0x328/0x630 [ 22.227160] ret_from_fork+0x10/0x20 [ 22.227300] [ 22.227360] The buggy address belongs to stack of task kunit_try_catch/254 [ 22.227488] [ 22.227566] The buggy address belongs to the virtual mapping at [ 22.227566] [ffff800080ad0000, ffff800080ad9000) created by: [ 22.227566] kernel_clone+0x150/0x7a8 [ 22.227798] [ 22.228055] The buggy address belongs to the physical page: [ 22.228275] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592d [ 22.228481] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.228648] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.228895] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.229050] page dumped because: kasan: bad access detected [ 22.229189] [ 22.229231] Memory state around the buggy address: [ 22.229313] ffff800080ad7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.229519] ffff800080ad7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.229635] >ffff800080ad7b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 22.229733] ^ [ 22.230059] ffff800080ad7b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 22.230156] ffff800080ad7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 22.230241] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 22.190231] ================================================================== [ 22.191030] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 22.191275] Read of size 1 at addr ffff800080ad7b5f by task kunit_try_catch/252 [ 22.191490] [ 22.191594] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.191883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.191954] Hardware name: linux,dummy-virt (DT) [ 22.192037] Call trace: [ 22.192090] show_stack+0x20/0x38 (C) [ 22.192212] dump_stack_lvl+0x8c/0xd0 [ 22.192902] print_report+0x310/0x608 [ 22.193073] kasan_report+0xdc/0x128 [ 22.193484] __asan_report_load1_noabort+0x20/0x30 [ 22.194053] kasan_alloca_oob_left+0x2b8/0x310 [ 22.194214] kunit_try_run_case+0x170/0x3f0 [ 22.194328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.194469] kthread+0x328/0x630 [ 22.194588] ret_from_fork+0x10/0x20 [ 22.194739] [ 22.194795] The buggy address belongs to stack of task kunit_try_catch/252 [ 22.195272] [ 22.195334] The buggy address belongs to the virtual mapping at [ 22.195334] [ffff800080ad0000, ffff800080ad9000) created by: [ 22.195334] kernel_clone+0x150/0x7a8 [ 22.195570] [ 22.195627] The buggy address belongs to the physical page: [ 22.195711] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592d [ 22.195868] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.196038] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.196158] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.196269] page dumped because: kasan: bad access detected [ 22.196353] [ 22.196398] Memory state around the buggy address: [ 22.196483] ffff800080ad7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.196594] ffff800080ad7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.196700] >ffff800080ad7b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 22.196804] ^ [ 22.196917] ffff800080ad7b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 22.197021] ffff800080ad7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 22.197121] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.648362] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 22.761578] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 22.680860] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4e4/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 22.525591] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 22.533171] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 22.490121] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 22.363069] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 19.818611] ================================================================== [ 19.818811] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 19.818980] Read of size 1 at addr fff00000c599f278 by task kunit_try_catch/197 [ 19.819143] [ 19.819224] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.819435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.819522] Hardware name: linux,dummy-virt (DT) [ 19.819624] Call trace: [ 19.819688] show_stack+0x20/0x38 (C) [ 19.819850] dump_stack_lvl+0x8c/0xd0 [ 19.819992] print_report+0x118/0x608 [ 19.820096] kasan_report+0xdc/0x128 [ 19.820198] __asan_report_load1_noabort+0x20/0x30 [ 19.820312] ksize_uaf+0x544/0x5f8 [ 19.820414] kunit_try_run_case+0x170/0x3f0 [ 19.820522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.820640] kthread+0x328/0x630 [ 19.820732] ret_from_fork+0x10/0x20 [ 19.820843] [ 19.820879] Allocated by task 197: [ 19.820928] kasan_save_stack+0x3c/0x68 [ 19.821017] kasan_save_track+0x20/0x40 [ 19.821097] kasan_save_alloc_info+0x40/0x58 [ 19.821206] __kasan_kmalloc+0xd4/0xd8 [ 19.821288] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.821371] ksize_uaf+0xb8/0x5f8 [ 19.821444] kunit_try_run_case+0x170/0x3f0 [ 19.821525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.821619] kthread+0x328/0x630 [ 19.821688] ret_from_fork+0x10/0x20 [ 19.821764] [ 19.821810] Freed by task 197: [ 19.821941] kasan_save_stack+0x3c/0x68 [ 19.822061] kasan_save_track+0x20/0x40 [ 19.822145] kasan_save_free_info+0x4c/0x78 [ 19.822228] __kasan_slab_free+0x6c/0x98 [ 19.822302] kfree+0x214/0x3c8 [ 19.822401] ksize_uaf+0x11c/0x5f8 [ 19.822494] kunit_try_run_case+0x170/0x3f0 [ 19.822594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.822723] kthread+0x328/0x630 [ 19.822803] ret_from_fork+0x10/0x20 [ 19.822904] [ 19.822952] The buggy address belongs to the object at fff00000c599f200 [ 19.822952] which belongs to the cache kmalloc-128 of size 128 [ 19.823116] The buggy address is located 120 bytes inside of [ 19.823116] freed 128-byte region [fff00000c599f200, fff00000c599f280) [ 19.823296] [ 19.823359] The buggy address belongs to the physical page: [ 19.823446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599f [ 19.823563] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.823663] page_type: f5(slab) [ 19.823766] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.823889] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.823967] page dumped because: kasan: bad access detected [ 19.824026] [ 19.824059] Memory state around the buggy address: [ 19.824160] fff00000c599f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.824258] fff00000c599f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.824393] >fff00000c599f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.824496] ^ [ 19.824626] fff00000c599f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.824719] fff00000c599f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.824845] ================================================================== [ 19.795845] ================================================================== [ 19.795986] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 19.796393] Read of size 1 at addr fff00000c599f200 by task kunit_try_catch/197 [ 19.796520] [ 19.796604] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.796810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.796889] Hardware name: linux,dummy-virt (DT) [ 19.796961] Call trace: [ 19.797016] show_stack+0x20/0x38 (C) [ 19.797143] dump_stack_lvl+0x8c/0xd0 [ 19.797255] print_report+0x118/0x608 [ 19.797368] kasan_report+0xdc/0x128 [ 19.797478] __kasan_check_byte+0x54/0x70 [ 19.797592] ksize+0x30/0x88 [ 19.797691] ksize_uaf+0x168/0x5f8 [ 19.797789] kunit_try_run_case+0x170/0x3f0 [ 19.797894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.798002] kthread+0x328/0x630 [ 19.798101] ret_from_fork+0x10/0x20 [ 19.798208] [ 19.798248] Allocated by task 197: [ 19.798313] kasan_save_stack+0x3c/0x68 [ 19.798404] kasan_save_track+0x20/0x40 [ 19.798487] kasan_save_alloc_info+0x40/0x58 [ 19.798587] __kasan_kmalloc+0xd4/0xd8 [ 19.799278] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.799478] ksize_uaf+0xb8/0x5f8 [ 19.799568] kunit_try_run_case+0x170/0x3f0 [ 19.799765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.800118] kthread+0x328/0x630 [ 19.800295] ret_from_fork+0x10/0x20 [ 19.800432] [ 19.800493] Freed by task 197: [ 19.800683] kasan_save_stack+0x3c/0x68 [ 19.800936] kasan_save_track+0x20/0x40 [ 19.801173] kasan_save_free_info+0x4c/0x78 [ 19.801358] __kasan_slab_free+0x6c/0x98 [ 19.801707] kfree+0x214/0x3c8 [ 19.801798] ksize_uaf+0x11c/0x5f8 [ 19.801902] kunit_try_run_case+0x170/0x3f0 [ 19.802064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.802215] kthread+0x328/0x630 [ 19.802421] ret_from_fork+0x10/0x20 [ 19.802671] [ 19.802743] The buggy address belongs to the object at fff00000c599f200 [ 19.802743] which belongs to the cache kmalloc-128 of size 128 [ 19.803150] The buggy address is located 0 bytes inside of [ 19.803150] freed 128-byte region [fff00000c599f200, fff00000c599f280) [ 19.803386] [ 19.803696] The buggy address belongs to the physical page: [ 19.803765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599f [ 19.803901] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.804175] page_type: f5(slab) [ 19.804349] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.804500] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.804595] page dumped because: kasan: bad access detected [ 19.804674] [ 19.804716] Memory state around the buggy address: [ 19.804793] fff00000c599f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.804912] fff00000c599f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.805013] >fff00000c599f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.805106] ^ [ 19.805182] fff00000c599f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.805285] fff00000c599f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.805380] ================================================================== [ 19.808209] ================================================================== [ 19.808271] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 19.808328] Read of size 1 at addr fff00000c599f200 by task kunit_try_catch/197 [ 19.808380] [ 19.808411] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.808497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.808524] Hardware name: linux,dummy-virt (DT) [ 19.808555] Call trace: [ 19.808577] show_stack+0x20/0x38 (C) [ 19.808628] dump_stack_lvl+0x8c/0xd0 [ 19.808675] print_report+0x118/0x608 [ 19.808731] kasan_report+0xdc/0x128 [ 19.808782] __asan_report_load1_noabort+0x20/0x30 [ 19.808879] ksize_uaf+0x598/0x5f8 [ 19.808975] kunit_try_run_case+0x170/0x3f0 [ 19.809193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.809474] kthread+0x328/0x630 [ 19.809637] ret_from_fork+0x10/0x20 [ 19.809868] [ 19.809909] Allocated by task 197: [ 19.809974] kasan_save_stack+0x3c/0x68 [ 19.810048] kasan_save_track+0x20/0x40 [ 19.810120] kasan_save_alloc_info+0x40/0x58 [ 19.810195] __kasan_kmalloc+0xd4/0xd8 [ 19.810273] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.810354] ksize_uaf+0xb8/0x5f8 [ 19.810426] kunit_try_run_case+0x170/0x3f0 [ 19.810509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.810626] kthread+0x328/0x630 [ 19.810700] ret_from_fork+0x10/0x20 [ 19.811213] [ 19.811278] Freed by task 197: [ 19.811434] kasan_save_stack+0x3c/0x68 [ 19.811699] kasan_save_track+0x20/0x40 [ 19.811816] kasan_save_free_info+0x4c/0x78 [ 19.812056] __kasan_slab_free+0x6c/0x98 [ 19.812196] kfree+0x214/0x3c8 [ 19.812392] ksize_uaf+0x11c/0x5f8 [ 19.812483] kunit_try_run_case+0x170/0x3f0 [ 19.812680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.813080] kthread+0x328/0x630 [ 19.813258] ret_from_fork+0x10/0x20 [ 19.813505] [ 19.813546] The buggy address belongs to the object at fff00000c599f200 [ 19.813546] which belongs to the cache kmalloc-128 of size 128 [ 19.813733] The buggy address is located 0 bytes inside of [ 19.813733] freed 128-byte region [fff00000c599f200, fff00000c599f280) [ 19.813873] [ 19.813913] The buggy address belongs to the physical page: [ 19.813976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599f [ 19.814561] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.814697] page_type: f5(slab) [ 19.814938] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.815306] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.815573] page dumped because: kasan: bad access detected [ 19.815787] [ 19.815856] Memory state around the buggy address: [ 19.815982] fff00000c599f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.816222] fff00000c599f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.816361] >fff00000c599f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.816456] ^ [ 19.816524] fff00000c599f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817015] fff00000c599f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817283] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 19.770062] ================================================================== [ 19.770175] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 19.770309] Read of size 1 at addr fff00000c599f178 by task kunit_try_catch/195 [ 19.770438] [ 19.770543] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.770813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.770894] Hardware name: linux,dummy-virt (DT) [ 19.770958] Call trace: [ 19.771000] show_stack+0x20/0x38 (C) [ 19.771524] dump_stack_lvl+0x8c/0xd0 [ 19.771901] print_report+0x118/0x608 [ 19.772151] kasan_report+0xdc/0x128 [ 19.772351] __asan_report_load1_noabort+0x20/0x30 [ 19.772553] ksize_unpoisons_memory+0x618/0x740 [ 19.772673] kunit_try_run_case+0x170/0x3f0 [ 19.772786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.772916] kthread+0x328/0x630 [ 19.773011] ret_from_fork+0x10/0x20 [ 19.773124] [ 19.773179] Allocated by task 195: [ 19.773242] kasan_save_stack+0x3c/0x68 [ 19.773339] kasan_save_track+0x20/0x40 [ 19.773427] kasan_save_alloc_info+0x40/0x58 [ 19.773516] __kasan_kmalloc+0xd4/0xd8 [ 19.773600] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.773692] ksize_unpoisons_memory+0xc0/0x740 [ 19.773778] kunit_try_run_case+0x170/0x3f0 [ 19.774933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.775066] kthread+0x328/0x630 [ 19.775147] ret_from_fork+0x10/0x20 [ 19.775223] [ 19.775267] The buggy address belongs to the object at fff00000c599f100 [ 19.775267] which belongs to the cache kmalloc-128 of size 128 [ 19.775397] The buggy address is located 5 bytes to the right of [ 19.775397] allocated 115-byte region [fff00000c599f100, fff00000c599f173) [ 19.775799] [ 19.775935] The buggy address belongs to the physical page: [ 19.776026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599f [ 19.776423] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.776568] page_type: f5(slab) [ 19.776655] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.777046] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.777584] page dumped because: kasan: bad access detected [ 19.777814] [ 19.777882] Memory state around the buggy address: [ 19.777997] fff00000c599f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.778141] fff00000c599f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.778239] >fff00000c599f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.778371] ^ [ 19.778489] fff00000c599f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.778603] fff00000c599f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.778693] ================================================================== [ 19.781545] ================================================================== [ 19.781703] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 19.781864] Read of size 1 at addr fff00000c599f17f by task kunit_try_catch/195 [ 19.781988] [ 19.782050] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.782223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.782276] Hardware name: linux,dummy-virt (DT) [ 19.782338] Call trace: [ 19.782384] show_stack+0x20/0x38 (C) [ 19.782496] dump_stack_lvl+0x8c/0xd0 [ 19.782594] print_report+0x118/0x608 [ 19.782705] kasan_report+0xdc/0x128 [ 19.782854] __asan_report_load1_noabort+0x20/0x30 [ 19.782996] ksize_unpoisons_memory+0x690/0x740 [ 19.783143] kunit_try_run_case+0x170/0x3f0 [ 19.783281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.783432] kthread+0x328/0x630 [ 19.783544] ret_from_fork+0x10/0x20 [ 19.783657] [ 19.783695] Allocated by task 195: [ 19.783750] kasan_save_stack+0x3c/0x68 [ 19.783856] kasan_save_track+0x20/0x40 [ 19.783937] kasan_save_alloc_info+0x40/0x58 [ 19.784016] __kasan_kmalloc+0xd4/0xd8 [ 19.784099] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.784177] ksize_unpoisons_memory+0xc0/0x740 [ 19.784291] kunit_try_run_case+0x170/0x3f0 [ 19.784399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.784529] kthread+0x328/0x630 [ 19.784606] ret_from_fork+0x10/0x20 [ 19.784726] [ 19.784766] The buggy address belongs to the object at fff00000c599f100 [ 19.784766] which belongs to the cache kmalloc-128 of size 128 [ 19.784917] The buggy address is located 12 bytes to the right of [ 19.784917] allocated 115-byte region [fff00000c599f100, fff00000c599f173) [ 19.785061] [ 19.785098] The buggy address belongs to the physical page: [ 19.785200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599f [ 19.785309] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.785401] page_type: f5(slab) [ 19.785475] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.785581] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.785717] page dumped because: kasan: bad access detected [ 19.785798] [ 19.785865] Memory state around the buggy address: [ 19.785960] fff00000c599f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.786060] fff00000c599f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.786161] >fff00000c599f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.786246] ^ [ 19.786330] fff00000c599f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.786416] fff00000c599f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.786495] ================================================================== [ 19.763234] ================================================================== [ 19.763361] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 19.763530] Read of size 1 at addr fff00000c599f173 by task kunit_try_catch/195 [ 19.763700] [ 19.763778] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.763975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.764038] Hardware name: linux,dummy-virt (DT) [ 19.764107] Call trace: [ 19.764172] show_stack+0x20/0x38 (C) [ 19.764305] dump_stack_lvl+0x8c/0xd0 [ 19.764416] print_report+0x118/0x608 [ 19.764527] kasan_report+0xdc/0x128 [ 19.764642] __asan_report_load1_noabort+0x20/0x30 [ 19.764776] ksize_unpoisons_memory+0x628/0x740 [ 19.764917] kunit_try_run_case+0x170/0x3f0 [ 19.765059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.765205] kthread+0x328/0x630 [ 19.765322] ret_from_fork+0x10/0x20 [ 19.765483] [ 19.765538] Allocated by task 195: [ 19.765634] kasan_save_stack+0x3c/0x68 [ 19.765754] kasan_save_track+0x20/0x40 [ 19.765896] kasan_save_alloc_info+0x40/0x58 [ 19.766019] __kasan_kmalloc+0xd4/0xd8 [ 19.766096] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.766182] ksize_unpoisons_memory+0xc0/0x740 [ 19.766276] kunit_try_run_case+0x170/0x3f0 [ 19.766390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.766479] kthread+0x328/0x630 [ 19.766592] ret_from_fork+0x10/0x20 [ 19.766684] [ 19.766732] The buggy address belongs to the object at fff00000c599f100 [ 19.766732] which belongs to the cache kmalloc-128 of size 128 [ 19.766906] The buggy address is located 0 bytes to the right of [ 19.766906] allocated 115-byte region [fff00000c599f100, fff00000c599f173) [ 19.767124] [ 19.767185] The buggy address belongs to the physical page: [ 19.767276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599f [ 19.767394] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.767501] page_type: f5(slab) [ 19.767609] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.767743] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.767911] page dumped because: kasan: bad access detected [ 19.768004] [ 19.768063] Memory state around the buggy address: [ 19.768165] fff00000c599f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.768277] fff00000c599f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.768390] >fff00000c599f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.768514] ^ [ 19.768623] fff00000c599f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.768799] fff00000c599f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.768891] ==================================================================
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 99.315983] Internal error: Oops: 0000000096000005 [#1] SMP [ 99.322170] Modules linked in: [ 99.323124] CPU: 1 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 99.324216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 99.324557] Hardware name: linux,dummy-virt (DT) [ 99.325292] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 99.325832] pc : kunit_test_null_dereference+0x70/0x170 [ 99.326367] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 99.326867] sp : ffff800082007d30 [ 99.327353] x29: ffff800082007d90 x28: 0000000000000000 x27: 0000000000000000 [ 99.328185] x26: 1ffe000018b09701 x25: 0000000000000000 x24: 0000000000000004 [ 99.328876] x23: fff00000c584b80c x22: ffff9c38c5a24938 x21: fff00000c1201588 [ 99.329562] x20: 1ffff00010400fa6 x19: ffff800080087990 x18: 0000000041e62152 [ 99.330356] x17: 0000000040b7aaab x16: 00000000e00472dd x15: 00000000d9b7e892 [ 99.331038] x14: 00000000f0949a80 x13: 1ffe00001b48e989 x12: fffd8000194453a4 [ 99.331738] x11: 1ffe0000194453a3 x10: fffd8000194453a3 x9 : ffff9c38c5a1bda0 [ 99.332447] x8 : ffff800082007c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 99.333195] x5 : ffff700010400fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 99.333863] x2 : dfff800000000000 x1 : fff00000ca229440 x0 : ffff800080087990 [ 99.334622] Call trace: [ 99.335004] kunit_test_null_dereference+0x70/0x170 (P) [ 99.335620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 99.336176] kthread+0x328/0x630 [ 99.336560] ret_from_fork+0x10/0x20 [ 99.337500] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 99.338333] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 52.146887] ================================================================== [ 52.147004] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 52.147004] [ 52.147127] Use-after-free read at 0x000000002c20534d (in kfence-#194): [ 52.147192] test_krealloc+0x51c/0x830 [ 52.147250] kunit_try_run_case+0x170/0x3f0 [ 52.147305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.147356] kthread+0x328/0x630 [ 52.147404] ret_from_fork+0x10/0x20 [ 52.147453] [ 52.147481] kfence-#194: 0x000000002c20534d-0x000000005511dc6f, size=32, cache=kmalloc-32 [ 52.147481] [ 52.147546] allocated by task 338 on cpu 1 at 52.145926s (0.001615s ago): [ 52.147628] test_alloc+0x29c/0x628 [ 52.147677] test_krealloc+0xc0/0x830 [ 52.147723] kunit_try_run_case+0x170/0x3f0 [ 52.147767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.147814] kthread+0x328/0x630 [ 52.147876] ret_from_fork+0x10/0x20 [ 52.147920] [ 52.147946] freed by task 338 on cpu 1 at 52.146344s (0.001597s ago): [ 52.148014] krealloc_noprof+0x148/0x360 [ 52.148056] test_krealloc+0x1dc/0x830 [ 52.148097] kunit_try_run_case+0x170/0x3f0 [ 52.148140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.148184] kthread+0x328/0x630 [ 52.148223] ret_from_fork+0x10/0x20 [ 52.148266] [ 52.148320] CPU: 1 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 52.148411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 52.148444] Hardware name: linux,dummy-virt (DT) [ 52.148483] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.966717] ================================================================== [ 51.966856] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.966856] [ 51.966975] Use-after-free read at 0x00000000de5ee956 (in kfence-#192): [ 51.967036] test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.967092] kunit_try_run_case+0x170/0x3f0 [ 51.967141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.967185] kthread+0x328/0x630 [ 51.967228] ret_from_fork+0x10/0x20 [ 51.967269] [ 51.967297] kfence-#192: 0x00000000de5ee956-0x0000000011c18f82, size=32, cache=test [ 51.967297] [ 51.967355] allocated by task 336 on cpu 0 at 51.940463s (0.026887s ago): [ 51.967432] test_alloc+0x230/0x628 [ 51.967474] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 51.967520] kunit_try_run_case+0x170/0x3f0 [ 51.967562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.967609] kthread+0x328/0x630 [ 51.967650] ret_from_fork+0x10/0x20 [ 51.967689] [ 51.967715] freed by task 336 on cpu 0 at 51.940638s (0.027074s ago): [ 51.967773] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 51.967837] kunit_try_run_case+0x170/0x3f0 [ 51.967887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.967933] kthread+0x328/0x630 [ 51.967972] ret_from_fork+0x10/0x20 [ 51.968013] [ 51.968066] CPU: 0 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 51.968156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.968189] Hardware name: linux,dummy-virt (DT) [ 51.968229] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 31.576945] ================================================================== [ 31.577190] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 31.577190] [ 31.577392] Invalid read at 0x00000000a98ae6db: [ 31.577675] test_invalid_access+0xdc/0x1f0 [ 31.577852] kunit_try_run_case+0x170/0x3f0 [ 31.577977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.578097] kthread+0x328/0x630 [ 31.578214] ret_from_fork+0x10/0x20 [ 31.578346] [ 31.578464] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 31.578696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.578793] Hardware name: linux,dummy-virt (DT) [ 31.578904] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 31.342302] ================================================================== [ 31.342456] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 31.342456] [ 31.342547] Corrupted memory at 0x00000000a7adc3a0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#188): [ 31.342916] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 31.342977] kunit_try_run_case+0x170/0x3f0 [ 31.343025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.343071] kthread+0x328/0x630 [ 31.343112] ret_from_fork+0x10/0x20 [ 31.343154] [ 31.343181] kfence-#188: 0x0000000056220343-0x0000000036027be2, size=73, cache=kmalloc-96 [ 31.343181] [ 31.343243] allocated by task 326 on cpu 0 at 31.341895s (0.001344s ago): [ 31.343314] test_alloc+0x29c/0x628 [ 31.343361] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 31.343411] kunit_try_run_case+0x170/0x3f0 [ 31.343450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.343495] kthread+0x328/0x630 [ 31.343533] ret_from_fork+0x10/0x20 [ 31.343574] [ 31.343599] freed by task 326 on cpu 0 at 31.342129s (0.001466s ago): [ 31.343663] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 31.343708] kunit_try_run_case+0x170/0x3f0 [ 31.343749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.343792] kthread+0x328/0x630 [ 31.343846] ret_from_fork+0x10/0x20 [ 31.343890] [ 31.343940] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 31.344027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.344058] Hardware name: linux,dummy-virt (DT) [ 31.344094] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 24.116736] ================================================================== [ 24.116923] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 24.116923] [ 24.117652] Out-of-bounds read at 0x00000000f57f0b59 (32B right of kfence-#119): [ 24.117814] test_out_of_bounds_read+0x1c8/0x3e0 [ 24.118056] kunit_try_run_case+0x170/0x3f0 [ 24.118230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.118412] kthread+0x328/0x630 [ 24.118591] ret_from_fork+0x10/0x20 [ 24.118699] [ 24.119237] kfence-#119: 0x00000000ba06620a-0x00000000c9e8acfd, size=32, cache=kmalloc-32 [ 24.119237] [ 24.119388] allocated by task 288 on cpu 1 at 24.114882s (0.004497s ago): [ 24.119935] test_alloc+0x29c/0x628 [ 24.120633] test_out_of_bounds_read+0x198/0x3e0 [ 24.120843] kunit_try_run_case+0x170/0x3f0 [ 24.121309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.121498] kthread+0x328/0x630 [ 24.121581] ret_from_fork+0x10/0x20 [ 24.121667] [ 24.121758] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.122400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.122493] Hardware name: linux,dummy-virt (DT) [ 24.123121] ================================================================== [ 24.963579] ================================================================== [ 24.964105] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 24.964105] [ 24.964617] Out-of-bounds read at 0x00000000659b55ef (32B right of kfence-#127): [ 24.964839] test_out_of_bounds_read+0x1c8/0x3e0 [ 24.964954] kunit_try_run_case+0x170/0x3f0 [ 24.965058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.965575] kthread+0x328/0x630 [ 24.965803] ret_from_fork+0x10/0x20 [ 24.966119] [ 24.966262] kfence-#127: 0x00000000b691ab65-0x000000004bb1bd10, size=32, cache=test [ 24.966262] [ 24.966415] allocated by task 290 on cpu 1 at 24.963311s (0.003091s ago): [ 24.966724] test_alloc+0x230/0x628 [ 24.966846] test_out_of_bounds_read+0x198/0x3e0 [ 24.966945] kunit_try_run_case+0x170/0x3f0 [ 24.967485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.967756] kthread+0x328/0x630 [ 24.968016] ret_from_fork+0x10/0x20 [ 24.968350] [ 24.968461] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.968949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.969056] Hardware name: linux,dummy-virt (DT) [ 24.969237] ================================================================== [ 24.008231] ================================================================== [ 24.008446] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 24.008446] [ 24.008718] Out-of-bounds read at 0x00000000a53b6e08 (1B left of kfence-#118): [ 24.011250] test_out_of_bounds_read+0x114/0x3e0 [ 24.012003] kunit_try_run_case+0x170/0x3f0 [ 24.012619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.012782] kthread+0x328/0x630 [ 24.013170] ret_from_fork+0x10/0x20 [ 24.013401] [ 24.013770] kfence-#118: 0x00000000f98050bb-0x0000000089396ebd, size=32, cache=kmalloc-32 [ 24.013770] [ 24.014356] allocated by task 288 on cpu 1 at 24.007622s (0.006678s ago): [ 24.014604] test_alloc+0x29c/0x628 [ 24.014702] test_out_of_bounds_read+0xdc/0x3e0 [ 24.014807] kunit_try_run_case+0x170/0x3f0 [ 24.014915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.015409] kthread+0x328/0x630 [ 24.016070] ret_from_fork+0x10/0x20 [ 24.016674] [ 24.017227] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.017629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.018333] Hardware name: linux,dummy-virt (DT) [ 24.018944] ================================================================== [ 24.324736] ================================================================== [ 24.324904] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 24.324904] [ 24.325072] Out-of-bounds read at 0x00000000c96757fb (1B left of kfence-#121): [ 24.325923] test_out_of_bounds_read+0x114/0x3e0 [ 24.326109] kunit_try_run_case+0x170/0x3f0 [ 24.326324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.326462] kthread+0x328/0x630 [ 24.326673] ret_from_fork+0x10/0x20 [ 24.326799] [ 24.326876] kfence-#121: 0x00000000247ad487-0x00000000a536ff15, size=32, cache=test [ 24.326876] [ 24.327100] allocated by task 290 on cpu 1 at 24.324601s (0.002489s ago): [ 24.327952] test_alloc+0x230/0x628 [ 24.329751] test_out_of_bounds_read+0xdc/0x3e0 [ 24.329901] kunit_try_run_case+0x170/0x3f0 [ 24.329992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.330081] kthread+0x328/0x630 [ 24.330159] ret_from_fork+0x10/0x20 [ 24.330236] [ 24.330326] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.330502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.330579] Hardware name: linux,dummy-virt (DT) [ 24.330651] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-kmem_cache_rcu_uaf
[ 20.822911] ================================================================== [ 20.823131] BUG: KFENCE: use-after-free read in kmem_cache_rcu_uaf+0x1f4/0x468 [ 20.823131] [ 20.823336] Use-after-free read at 0x00000000a6896088 (in kfence-#94): [ 20.823445] kmem_cache_rcu_uaf+0x1f4/0x468 [ 20.823547] kunit_try_run_case+0x170/0x3f0 [ 20.823641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.823740] kthread+0x328/0x630 [ 20.823816] ret_from_fork+0x10/0x20 [ 20.825496] [ 20.825574] kfence-#94: 0x00000000a6896088-0x00000000f606a18e, size=200, cache=test_cache [ 20.825574] [ 20.826009] allocated by task 214 on cpu 0 at 20.676610s (0.149384s ago): [ 20.826508] kmem_cache_rcu_uaf+0x12c/0x468 [ 20.826622] kunit_try_run_case+0x170/0x3f0 [ 20.826714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.826813] kthread+0x328/0x630 [ 20.827287] ret_from_fork+0x10/0x20 [ 20.827557] [ 20.827739] freed by task 214 on cpu 0 at 20.676752s (0.150974s ago): [ 20.828111] kmem_cache_rcu_uaf+0x16c/0x468 [ 20.828196] kunit_try_run_case+0x170/0x3f0 [ 20.828583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.828700] kthread+0x328/0x630 [ 20.828937] ret_from_fork+0x10/0x20 [ 20.829216] [ 20.829533] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.829741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.829805] Hardware name: linux,dummy-virt (DT) [ 20.830198] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 18.870008] ================================================================== [ 18.870173] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x224/0x488 [ 18.870173] [ 18.870325] Corrupted memory at 0x000000001621d226 [ ! . . . . . . . ] (in kfence-#79): [ 18.874938] kmalloc_track_caller_oob_right+0x224/0x488 [ 18.875129] kunit_try_run_case+0x170/0x3f0 [ 18.875225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.875338] kthread+0x328/0x630 [ 18.875448] ret_from_fork+0x10/0x20 [ 18.875593] [ 18.876578] kfence-#79: 0x00000000922502d8-0x00000000fcadf3bb, size=120, cache=kmalloc-128 [ 18.876578] [ 18.877404] allocated by task 143 on cpu 0 at 18.865311s (0.011901s ago): [ 18.878116] kmalloc_track_caller_oob_right+0x184/0x488 [ 18.878293] kunit_try_run_case+0x170/0x3f0 [ 18.878431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.878573] kthread+0x328/0x630 [ 18.878657] ret_from_fork+0x10/0x20 [ 18.878806] [ 18.879202] freed by task 143 on cpu 0 at 18.868657s (0.010280s ago): [ 18.879415] kmalloc_track_caller_oob_right+0x224/0x488 [ 18.879525] kunit_try_run_case+0x170/0x3f0 [ 18.879617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.879720] kthread+0x328/0x630 [ 18.879834] ret_from_fork+0x10/0x20 [ 18.879957] [ 18.880080] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.880271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.880330] Hardware name: linux,dummy-virt (DT) [ 18.880411] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 23.625990] ================================================================== [ 23.626100] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 23.626223] Write of size 121 at addr fff00000c5942a00 by task kunit_try_catch/286 [ 23.626370] [ 23.627069] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.627262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.627371] Hardware name: linux,dummy-virt (DT) [ 23.627529] Call trace: [ 23.627599] show_stack+0x20/0x38 (C) [ 23.627714] dump_stack_lvl+0x8c/0xd0 [ 23.627818] print_report+0x118/0x608 [ 23.628134] kasan_report+0xdc/0x128 [ 23.628240] kasan_check_range+0x100/0x1a8 [ 23.628350] __kasan_check_write+0x20/0x30 [ 23.628465] strncpy_from_user+0x3c/0x2a0 [ 23.628586] copy_user_test_oob+0x5c0/0xec8 [ 23.628722] kunit_try_run_case+0x170/0x3f0 [ 23.628885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.629069] kthread+0x328/0x630 [ 23.629232] ret_from_fork+0x10/0x20 [ 23.629339] [ 23.629593] Allocated by task 286: [ 23.629702] kasan_save_stack+0x3c/0x68 [ 23.629803] kasan_save_track+0x20/0x40 [ 23.629914] kasan_save_alloc_info+0x40/0x58 [ 23.630056] __kasan_kmalloc+0xd4/0xd8 [ 23.630138] __kmalloc_noprof+0x198/0x4c8 [ 23.630251] kunit_kmalloc_array+0x34/0x88 [ 23.630436] copy_user_test_oob+0xac/0xec8 [ 23.630538] kunit_try_run_case+0x170/0x3f0 [ 23.630621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.630724] kthread+0x328/0x630 [ 23.630810] ret_from_fork+0x10/0x20 [ 23.631350] [ 23.631404] The buggy address belongs to the object at fff00000c5942a00 [ 23.631404] which belongs to the cache kmalloc-128 of size 128 [ 23.631547] The buggy address is located 0 bytes inside of [ 23.631547] allocated 120-byte region [fff00000c5942a00, fff00000c5942a78) [ 23.631696] [ 23.631747] The buggy address belongs to the physical page: [ 23.631817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.631957] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.632076] page_type: f5(slab) [ 23.632168] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.632287] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.632387] page dumped because: kasan: bad access detected [ 23.632469] [ 23.632526] Memory state around the buggy address: [ 23.632635] fff00000c5942900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.632793] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.632935] >fff00000c5942a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.633034] ^ [ 23.633174] fff00000c5942a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.633277] fff00000c5942b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.633376] ================================================================== [ 23.634589] ================================================================== [ 23.634717] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 23.634865] Write of size 1 at addr fff00000c5942a78 by task kunit_try_catch/286 [ 23.635048] [ 23.635151] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.635427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.635519] Hardware name: linux,dummy-virt (DT) [ 23.635625] Call trace: [ 23.635698] show_stack+0x20/0x38 (C) [ 23.635806] dump_stack_lvl+0x8c/0xd0 [ 23.635949] print_report+0x118/0x608 [ 23.636110] kasan_report+0xdc/0x128 [ 23.636268] __asan_report_store1_noabort+0x20/0x30 [ 23.636445] strncpy_from_user+0x270/0x2a0 [ 23.636606] copy_user_test_oob+0x5c0/0xec8 [ 23.636750] kunit_try_run_case+0x170/0x3f0 [ 23.636867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.636979] kthread+0x328/0x630 [ 23.637079] ret_from_fork+0x10/0x20 [ 23.637236] [ 23.637286] Allocated by task 286: [ 23.637361] kasan_save_stack+0x3c/0x68 [ 23.637467] kasan_save_track+0x20/0x40 [ 23.637552] kasan_save_alloc_info+0x40/0x58 [ 23.637657] __kasan_kmalloc+0xd4/0xd8 [ 23.637760] __kmalloc_noprof+0x198/0x4c8 [ 23.637878] kunit_kmalloc_array+0x34/0x88 [ 23.637973] copy_user_test_oob+0xac/0xec8 [ 23.638119] kunit_try_run_case+0x170/0x3f0 [ 23.638218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.638344] kthread+0x328/0x630 [ 23.638441] ret_from_fork+0x10/0x20 [ 23.638522] [ 23.638599] The buggy address belongs to the object at fff00000c5942a00 [ 23.638599] which belongs to the cache kmalloc-128 of size 128 [ 23.638745] The buggy address is located 0 bytes to the right of [ 23.638745] allocated 120-byte region [fff00000c5942a00, fff00000c5942a78) [ 23.638912] [ 23.638968] The buggy address belongs to the physical page: [ 23.639045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.639168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.639302] page_type: f5(slab) [ 23.639400] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.639515] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.639601] page dumped because: kasan: bad access detected [ 23.639666] [ 23.639705] Memory state around the buggy address: [ 23.639799] fff00000c5942900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.639896] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.639999] >fff00000c5942a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.640092] ^ [ 23.640192] fff00000c5942a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.640338] fff00000c5942b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.640435] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 23.610426] ================================================================== [ 23.610548] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 23.610671] Write of size 121 at addr fff00000c5942a00 by task kunit_try_catch/286 [ 23.610867] [ 23.610978] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.611266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.611365] Hardware name: linux,dummy-virt (DT) [ 23.611467] Call trace: [ 23.611540] show_stack+0x20/0x38 (C) [ 23.611674] dump_stack_lvl+0x8c/0xd0 [ 23.611808] print_report+0x118/0x608 [ 23.611925] kasan_report+0xdc/0x128 [ 23.612020] kasan_check_range+0x100/0x1a8 [ 23.612175] __kasan_check_write+0x20/0x30 [ 23.612318] copy_user_test_oob+0x434/0xec8 [ 23.612748] kunit_try_run_case+0x170/0x3f0 [ 23.612893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.613317] kthread+0x328/0x630 [ 23.613602] ret_from_fork+0x10/0x20 [ 23.613864] [ 23.613932] Allocated by task 286: [ 23.614038] kasan_save_stack+0x3c/0x68 [ 23.614171] kasan_save_track+0x20/0x40 [ 23.614295] kasan_save_alloc_info+0x40/0x58 [ 23.614400] __kasan_kmalloc+0xd4/0xd8 [ 23.614492] __kmalloc_noprof+0x198/0x4c8 [ 23.614581] kunit_kmalloc_array+0x34/0x88 [ 23.614675] copy_user_test_oob+0xac/0xec8 [ 23.614762] kunit_try_run_case+0x170/0x3f0 [ 23.614863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.614974] kthread+0x328/0x630 [ 23.615052] ret_from_fork+0x10/0x20 [ 23.615152] [ 23.615220] The buggy address belongs to the object at fff00000c5942a00 [ 23.615220] which belongs to the cache kmalloc-128 of size 128 [ 23.615417] The buggy address is located 0 bytes inside of [ 23.615417] allocated 120-byte region [fff00000c5942a00, fff00000c5942a78) [ 23.615588] [ 23.615661] The buggy address belongs to the physical page: [ 23.615758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.615877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.615971] page_type: f5(slab) [ 23.616055] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.616214] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.616663] page dumped because: kasan: bad access detected [ 23.616753] [ 23.616792] Memory state around the buggy address: [ 23.616880] fff00000c5942900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.616990] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.617101] >fff00000c5942a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.617188] ^ [ 23.617324] fff00000c5942a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.617435] fff00000c5942b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.617539] ================================================================== [ 23.598130] ================================================================== [ 23.598320] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 23.598453] Read of size 121 at addr fff00000c5942a00 by task kunit_try_catch/286 [ 23.599024] [ 23.599108] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.599378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.599654] Hardware name: linux,dummy-virt (DT) [ 23.599762] Call trace: [ 23.600077] show_stack+0x20/0x38 (C) [ 23.600228] dump_stack_lvl+0x8c/0xd0 [ 23.600453] print_report+0x118/0x608 [ 23.600564] kasan_report+0xdc/0x128 [ 23.600959] kasan_check_range+0x100/0x1a8 [ 23.601308] __kasan_check_read+0x20/0x30 [ 23.601548] copy_user_test_oob+0x3c8/0xec8 [ 23.601918] kunit_try_run_case+0x170/0x3f0 [ 23.602065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.602191] kthread+0x328/0x630 [ 23.602271] ret_from_fork+0x10/0x20 [ 23.602715] [ 23.602765] Allocated by task 286: [ 23.602860] kasan_save_stack+0x3c/0x68 [ 23.603298] kasan_save_track+0x20/0x40 [ 23.603387] kasan_save_alloc_info+0x40/0x58 [ 23.603679] __kasan_kmalloc+0xd4/0xd8 [ 23.603812] __kmalloc_noprof+0x198/0x4c8 [ 23.604135] kunit_kmalloc_array+0x34/0x88 [ 23.604577] copy_user_test_oob+0xac/0xec8 [ 23.604946] kunit_try_run_case+0x170/0x3f0 [ 23.605194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.605628] kthread+0x328/0x630 [ 23.605792] ret_from_fork+0x10/0x20 [ 23.605892] [ 23.605934] The buggy address belongs to the object at fff00000c5942a00 [ 23.605934] which belongs to the cache kmalloc-128 of size 128 [ 23.606079] The buggy address is located 0 bytes inside of [ 23.606079] allocated 120-byte region [fff00000c5942a00, fff00000c5942a78) [ 23.606240] [ 23.606298] The buggy address belongs to the physical page: [ 23.606377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.606850] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.607151] page_type: f5(slab) [ 23.607312] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.607433] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.607543] page dumped because: kasan: bad access detected [ 23.607622] [ 23.607674] Memory state around the buggy address: [ 23.607748] fff00000c5942900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.607915] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.608047] >fff00000c5942a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.608429] ^ [ 23.608554] fff00000c5942a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.608685] fff00000c5942b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.608929] ================================================================== [ 23.583915] ================================================================== [ 23.584039] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 23.584474] Write of size 121 at addr fff00000c5942a00 by task kunit_try_catch/286 [ 23.584632] [ 23.584722] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.584930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.584997] Hardware name: linux,dummy-virt (DT) [ 23.585152] Call trace: [ 23.585222] show_stack+0x20/0x38 (C) [ 23.585803] dump_stack_lvl+0x8c/0xd0 [ 23.585969] print_report+0x118/0x608 [ 23.586093] kasan_report+0xdc/0x128 [ 23.586240] kasan_check_range+0x100/0x1a8 [ 23.586852] __kasan_check_write+0x20/0x30 [ 23.586991] copy_user_test_oob+0x35c/0xec8 [ 23.587117] kunit_try_run_case+0x170/0x3f0 [ 23.587250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.587456] kthread+0x328/0x630 [ 23.587566] ret_from_fork+0x10/0x20 [ 23.587690] [ 23.587739] Allocated by task 286: [ 23.587805] kasan_save_stack+0x3c/0x68 [ 23.587911] kasan_save_track+0x20/0x40 [ 23.588001] kasan_save_alloc_info+0x40/0x58 [ 23.588099] __kasan_kmalloc+0xd4/0xd8 [ 23.588188] __kmalloc_noprof+0x198/0x4c8 [ 23.588274] kunit_kmalloc_array+0x34/0x88 [ 23.588362] copy_user_test_oob+0xac/0xec8 [ 23.588447] kunit_try_run_case+0x170/0x3f0 [ 23.588540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.588646] kthread+0x328/0x630 [ 23.588722] ret_from_fork+0x10/0x20 [ 23.588855] [ 23.588904] The buggy address belongs to the object at fff00000c5942a00 [ 23.588904] which belongs to the cache kmalloc-128 of size 128 [ 23.589043] The buggy address is located 0 bytes inside of [ 23.589043] allocated 120-byte region [fff00000c5942a00, fff00000c5942a78) [ 23.589177] [ 23.589226] The buggy address belongs to the physical page: [ 23.589300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.591036] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.591438] page_type: f5(slab) [ 23.591578] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.591803] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.592135] page dumped because: kasan: bad access detected [ 23.592236] [ 23.592400] Memory state around the buggy address: [ 23.592495] fff00000c5942900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.592599] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.593222] >fff00000c5942a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.593686] ^ [ 23.593892] fff00000c5942a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.593997] fff00000c5942b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.594081] ================================================================== [ 23.562415] ================================================================== [ 23.565172] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 23.565346] Read of size 121 at addr fff00000c5942a00 by task kunit_try_catch/286 [ 23.565795] [ 23.565988] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.566330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.566496] Hardware name: linux,dummy-virt (DT) [ 23.566604] Call trace: [ 23.566768] show_stack+0x20/0x38 (C) [ 23.566927] dump_stack_lvl+0x8c/0xd0 [ 23.567038] print_report+0x118/0x608 [ 23.567155] kasan_report+0xdc/0x128 [ 23.567273] kasan_check_range+0x100/0x1a8 [ 23.567393] __kasan_check_read+0x20/0x30 [ 23.567503] copy_user_test_oob+0x728/0xec8 [ 23.567624] kunit_try_run_case+0x170/0x3f0 [ 23.568159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.568554] kthread+0x328/0x630 [ 23.568688] ret_from_fork+0x10/0x20 [ 23.568865] [ 23.569079] Allocated by task 286: [ 23.569178] kasan_save_stack+0x3c/0x68 [ 23.569262] kasan_save_track+0x20/0x40 [ 23.569306] kasan_save_alloc_info+0x40/0x58 [ 23.569352] __kasan_kmalloc+0xd4/0xd8 [ 23.569399] __kmalloc_noprof+0x198/0x4c8 [ 23.569471] kunit_kmalloc_array+0x34/0x88 [ 23.569516] copy_user_test_oob+0xac/0xec8 [ 23.569556] kunit_try_run_case+0x170/0x3f0 [ 23.569598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.569642] kthread+0x328/0x630 [ 23.569679] ret_from_fork+0x10/0x20 [ 23.569719] [ 23.569743] The buggy address belongs to the object at fff00000c5942a00 [ 23.569743] which belongs to the cache kmalloc-128 of size 128 [ 23.569806] The buggy address is located 0 bytes inside of [ 23.569806] allocated 120-byte region [fff00000c5942a00, fff00000c5942a78) [ 23.570007] [ 23.570060] The buggy address belongs to the physical page: [ 23.570143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.570245] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.570357] page_type: f5(slab) [ 23.570454] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.570655] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.570773] page dumped because: kasan: bad access detected [ 23.570876] [ 23.570924] Memory state around the buggy address: [ 23.571019] fff00000c5942900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.571170] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.571302] >fff00000c5942a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.571402] ^ [ 23.571546] fff00000c5942a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.571708] fff00000c5942b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.571850] ================================================================== [ 23.536835] ================================================================== [ 23.537009] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 23.537170] Write of size 121 at addr fff00000c5942a00 by task kunit_try_catch/286 [ 23.537288] [ 23.537369] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.537542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.537599] Hardware name: linux,dummy-virt (DT) [ 23.537671] Call trace: [ 23.537730] show_stack+0x20/0x38 (C) [ 23.537873] dump_stack_lvl+0x8c/0xd0 [ 23.537985] print_report+0x118/0x608 [ 23.538084] kasan_report+0xdc/0x128 [ 23.538189] kasan_check_range+0x100/0x1a8 [ 23.539807] __kasan_check_write+0x20/0x30 [ 23.540021] copy_user_test_oob+0x234/0xec8 [ 23.540119] kunit_try_run_case+0x170/0x3f0 [ 23.540221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.540341] kthread+0x328/0x630 [ 23.540452] ret_from_fork+0x10/0x20 [ 23.540569] [ 23.540618] Allocated by task 286: [ 23.540693] kasan_save_stack+0x3c/0x68 [ 23.540797] kasan_save_track+0x20/0x40 [ 23.540900] kasan_save_alloc_info+0x40/0x58 [ 23.540987] __kasan_kmalloc+0xd4/0xd8 [ 23.541076] __kmalloc_noprof+0x198/0x4c8 [ 23.541239] kunit_kmalloc_array+0x34/0x88 [ 23.541328] copy_user_test_oob+0xac/0xec8 [ 23.541421] kunit_try_run_case+0x170/0x3f0 [ 23.541516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.541765] kthread+0x328/0x630 [ 23.541929] ret_from_fork+0x10/0x20 [ 23.542062] [ 23.542110] The buggy address belongs to the object at fff00000c5942a00 [ 23.542110] which belongs to the cache kmalloc-128 of size 128 [ 23.542615] The buggy address is located 0 bytes inside of [ 23.542615] allocated 120-byte region [fff00000c5942a00, fff00000c5942a78) [ 23.542938] [ 23.543157] The buggy address belongs to the physical page: [ 23.543448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.543660] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.544068] page_type: f5(slab) [ 23.544190] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.544316] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.544417] page dumped because: kasan: bad access detected [ 23.544502] [ 23.544554] Memory state around the buggy address: [ 23.544635] fff00000c5942900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.544746] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.544866] >fff00000c5942a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.544958] ^ [ 23.545060] fff00000c5942a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.545806] fff00000c5942b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.545973] ================================================================== [ 23.618890] ================================================================== [ 23.619005] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 23.619119] Read of size 121 at addr fff00000c5942a00 by task kunit_try_catch/286 [ 23.619223] [ 23.619281] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.619469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.619529] Hardware name: linux,dummy-virt (DT) [ 23.619603] Call trace: [ 23.619653] show_stack+0x20/0x38 (C) [ 23.619763] dump_stack_lvl+0x8c/0xd0 [ 23.619880] print_report+0x118/0x608 [ 23.619983] kasan_report+0xdc/0x128 [ 23.620086] kasan_check_range+0x100/0x1a8 [ 23.620198] __kasan_check_read+0x20/0x30 [ 23.620302] copy_user_test_oob+0x4a0/0xec8 [ 23.620406] kunit_try_run_case+0x170/0x3f0 [ 23.620516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.620633] kthread+0x328/0x630 [ 23.620729] ret_from_fork+0x10/0x20 [ 23.620858] [ 23.620898] Allocated by task 286: [ 23.620960] kasan_save_stack+0x3c/0x68 [ 23.621047] kasan_save_track+0x20/0x40 [ 23.621139] kasan_save_alloc_info+0x40/0x58 [ 23.621559] __kasan_kmalloc+0xd4/0xd8 [ 23.621691] __kmalloc_noprof+0x198/0x4c8 [ 23.621775] kunit_kmalloc_array+0x34/0x88 [ 23.621867] copy_user_test_oob+0xac/0xec8 [ 23.621939] kunit_try_run_case+0x170/0x3f0 [ 23.622051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.622172] kthread+0x328/0x630 [ 23.622248] ret_from_fork+0x10/0x20 [ 23.622329] [ 23.622886] The buggy address belongs to the object at fff00000c5942a00 [ 23.622886] which belongs to the cache kmalloc-128 of size 128 [ 23.623331] The buggy address is located 0 bytes inside of [ 23.623331] allocated 120-byte region [fff00000c5942a00, fff00000c5942a78) [ 23.623625] [ 23.623692] The buggy address belongs to the physical page: [ 23.623774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.623920] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.624032] page_type: f5(slab) [ 23.624122] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.624266] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.624372] page dumped because: kasan: bad access detected [ 23.624452] [ 23.624503] Memory state around the buggy address: [ 23.624580] fff00000c5942900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.624691] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.624806] >fff00000c5942a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.624924] ^ [ 23.625033] fff00000c5942a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.625154] fff00000c5942b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.625259] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 23.455135] ================================================================== [ 23.455630] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 23.455814] Read of size 8 at addr fff00000c5942978 by task kunit_try_catch/282 [ 23.456099] [ 23.456301] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.456568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.456640] Hardware name: linux,dummy-virt (DT) [ 23.456722] Call trace: [ 23.456787] show_stack+0x20/0x38 (C) [ 23.457304] dump_stack_lvl+0x8c/0xd0 [ 23.457577] print_report+0x118/0x608 [ 23.457982] kasan_report+0xdc/0x128 [ 23.458115] __asan_report_load8_noabort+0x20/0x30 [ 23.458215] copy_to_kernel_nofault+0x204/0x250 [ 23.458302] copy_to_kernel_nofault_oob+0x158/0x418 [ 23.458398] kunit_try_run_case+0x170/0x3f0 [ 23.458491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.458813] kthread+0x328/0x630 [ 23.459074] ret_from_fork+0x10/0x20 [ 23.459339] [ 23.459411] Allocated by task 282: [ 23.459584] kasan_save_stack+0x3c/0x68 [ 23.459975] kasan_save_track+0x20/0x40 [ 23.460213] kasan_save_alloc_info+0x40/0x58 [ 23.460468] __kasan_kmalloc+0xd4/0xd8 [ 23.460597] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.460812] copy_to_kernel_nofault_oob+0xc8/0x418 [ 23.460921] kunit_try_run_case+0x170/0x3f0 [ 23.461218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.461501] kthread+0x328/0x630 [ 23.461781] ret_from_fork+0x10/0x20 [ 23.461894] [ 23.461962] The buggy address belongs to the object at fff00000c5942900 [ 23.461962] which belongs to the cache kmalloc-128 of size 128 [ 23.462110] The buggy address is located 0 bytes to the right of [ 23.462110] allocated 120-byte region [fff00000c5942900, fff00000c5942978) [ 23.462320] [ 23.462369] The buggy address belongs to the physical page: [ 23.462432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.462568] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.462761] page_type: f5(slab) [ 23.463019] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.463296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.463399] page dumped because: kasan: bad access detected [ 23.463482] [ 23.463524] Memory state around the buggy address: [ 23.463601] fff00000c5942800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.464060] fff00000c5942880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.464356] >fff00000c5942900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.464539] ^ [ 23.464840] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.464955] fff00000c5942a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.465051] ================================================================== [ 23.465931] ================================================================== [ 23.466044] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 23.466158] Write of size 8 at addr fff00000c5942978 by task kunit_try_catch/282 [ 23.466278] [ 23.466673] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.467613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.467694] Hardware name: linux,dummy-virt (DT) [ 23.467766] Call trace: [ 23.467856] show_stack+0x20/0x38 (C) [ 23.468139] dump_stack_lvl+0x8c/0xd0 [ 23.468628] print_report+0x118/0x608 [ 23.469237] kasan_report+0xdc/0x128 [ 23.469365] kasan_check_range+0x100/0x1a8 [ 23.469532] __kasan_check_write+0x20/0x30 [ 23.469747] copy_to_kernel_nofault+0x8c/0x250 [ 23.469879] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 23.469998] kunit_try_run_case+0x170/0x3f0 [ 23.470145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.470280] kthread+0x328/0x630 [ 23.470654] ret_from_fork+0x10/0x20 [ 23.470775] [ 23.470909] Allocated by task 282: [ 23.470989] kasan_save_stack+0x3c/0x68 [ 23.471280] kasan_save_track+0x20/0x40 [ 23.471631] kasan_save_alloc_info+0x40/0x58 [ 23.471809] __kasan_kmalloc+0xd4/0xd8 [ 23.471915] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.472091] copy_to_kernel_nofault_oob+0xc8/0x418 [ 23.472275] kunit_try_run_case+0x170/0x3f0 [ 23.472451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.472624] kthread+0x328/0x630 [ 23.472815] ret_from_fork+0x10/0x20 [ 23.472915] [ 23.472962] The buggy address belongs to the object at fff00000c5942900 [ 23.472962] which belongs to the cache kmalloc-128 of size 128 [ 23.473098] The buggy address is located 0 bytes to the right of [ 23.473098] allocated 120-byte region [fff00000c5942900, fff00000c5942978) [ 23.473232] [ 23.473272] The buggy address belongs to the physical page: [ 23.473328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 23.473437] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.473553] page_type: f5(slab) [ 23.473925] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.474188] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.474403] page dumped because: kasan: bad access detected [ 23.474816] [ 23.474975] Memory state around the buggy address: [ 23.475064] fff00000c5942800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.475559] fff00000c5942880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.475697] >fff00000c5942900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.475815] ^ [ 23.475937] fff00000c5942980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.476050] fff00000c5942a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.476337] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 23.346014] ================================================================== [ 23.347748] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 23.347996] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 23.348117] [ 23.348206] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.348425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.348493] Hardware name: linux,dummy-virt (DT) [ 23.348580] Call trace: [ 23.348640] show_stack+0x20/0x38 (C) [ 23.348808] dump_stack_lvl+0x8c/0xd0 [ 23.350357] print_report+0x310/0x608 [ 23.350892] kasan_report+0xdc/0x128 [ 23.351452] __asan_report_load1_noabort+0x20/0x30 [ 23.352405] vmalloc_oob+0x578/0x5d0 [ 23.352610] kunit_try_run_case+0x170/0x3f0 [ 23.352877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.353175] kthread+0x328/0x630 [ 23.353647] ret_from_fork+0x10/0x20 [ 23.354196] [ 23.354326] The buggy address belongs to the virtual mapping at [ 23.354326] [ffff8000800fe000, ffff800080100000) created by: [ 23.354326] vmalloc_oob+0x98/0x5d0 [ 23.354482] [ 23.354541] The buggy address belongs to the physical page: [ 23.354616] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595b [ 23.354742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.355342] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 23.356027] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.356141] page dumped because: kasan: bad access detected [ 23.356228] [ 23.356277] Memory state around the buggy address: [ 23.356365] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.357216] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.357409] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 23.357511] ^ [ 23.357610] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.357711] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.357809] ================================================================== [ 23.363267] ================================================================== [ 23.363391] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 23.363502] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 23.363625] [ 23.363710] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.363928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.363990] Hardware name: linux,dummy-virt (DT) [ 23.364071] Call trace: [ 23.364126] show_stack+0x20/0x38 (C) [ 23.364237] dump_stack_lvl+0x8c/0xd0 [ 23.364344] print_report+0x310/0x608 [ 23.364456] kasan_report+0xdc/0x128 [ 23.366491] __asan_report_load1_noabort+0x20/0x30 [ 23.367109] vmalloc_oob+0x51c/0x5d0 [ 23.367397] kunit_try_run_case+0x170/0x3f0 [ 23.367522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.368048] kthread+0x328/0x630 [ 23.368444] ret_from_fork+0x10/0x20 [ 23.368606] [ 23.368675] The buggy address belongs to the virtual mapping at [ 23.368675] [ffff8000800fe000, ffff800080100000) created by: [ 23.368675] vmalloc_oob+0x98/0x5d0 [ 23.369100] [ 23.369587] The buggy address belongs to the physical page: [ 23.369741] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595b [ 23.369884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.370019] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 23.370134] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.370230] page dumped because: kasan: bad access detected [ 23.371283] [ 23.371367] Memory state around the buggy address: [ 23.372124] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.372400] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.372784] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 23.373182] ^ [ 23.374072] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.374190] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 23.374285] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 23.133797] ================================================================== [ 23.133948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 23.134211] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.134338] [ 23.134442] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.134668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.134749] Hardware name: linux,dummy-virt (DT) [ 23.134838] Call trace: [ 23.134898] show_stack+0x20/0x38 (C) [ 23.135016] dump_stack_lvl+0x8c/0xd0 [ 23.135120] print_report+0x118/0x608 [ 23.135209] kasan_report+0xdc/0x128 [ 23.135608] kasan_check_range+0x100/0x1a8 [ 23.135726] __kasan_check_write+0x20/0x30 [ 23.135848] kasan_atomics_helper+0x12d8/0x4858 [ 23.135968] kasan_atomics+0x198/0x2e0 [ 23.136087] kunit_try_run_case+0x170/0x3f0 [ 23.136215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.136337] kthread+0x328/0x630 [ 23.136657] ret_from_fork+0x10/0x20 [ 23.136887] [ 23.136946] Allocated by task 266: [ 23.137022] kasan_save_stack+0x3c/0x68 [ 23.137389] kasan_save_track+0x20/0x40 [ 23.137501] kasan_save_alloc_info+0x40/0x58 [ 23.137814] __kasan_kmalloc+0xd4/0xd8 [ 23.137922] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.138003] kasan_atomics+0xb8/0x2e0 [ 23.138080] kunit_try_run_case+0x170/0x3f0 [ 23.138168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.138547] kthread+0x328/0x630 [ 23.138891] ret_from_fork+0x10/0x20 [ 23.139183] [ 23.139232] The buggy address belongs to the object at fff00000c5958200 [ 23.139232] which belongs to the cache kmalloc-64 of size 64 [ 23.139594] The buggy address is located 0 bytes to the right of [ 23.139594] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.140180] [ 23.140306] The buggy address belongs to the physical page: [ 23.140421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.140546] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.140664] page_type: f5(slab) [ 23.140794] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.140983] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.141100] page dumped because: kasan: bad access detected [ 23.141203] [ 23.141247] Memory state around the buggy address: [ 23.141329] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.141429] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.141524] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.141620] ^ [ 23.141705] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.141810] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.141921] ================================================================== [ 23.044157] ================================================================== [ 23.044539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 23.044750] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.045149] [ 23.045455] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.046130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.046195] Hardware name: linux,dummy-virt (DT) [ 23.046269] Call trace: [ 23.046885] show_stack+0x20/0x38 (C) [ 23.047469] dump_stack_lvl+0x8c/0xd0 [ 23.047670] print_report+0x118/0x608 [ 23.047983] kasan_report+0xdc/0x128 [ 23.048282] kasan_check_range+0x100/0x1a8 [ 23.048523] __kasan_check_write+0x20/0x30 [ 23.048953] kasan_atomics_helper+0xf20/0x4858 [ 23.049132] kasan_atomics+0x198/0x2e0 [ 23.049256] kunit_try_run_case+0x170/0x3f0 [ 23.049369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.049491] kthread+0x328/0x630 [ 23.049587] ret_from_fork+0x10/0x20 [ 23.049701] [ 23.049749] Allocated by task 266: [ 23.049815] kasan_save_stack+0x3c/0x68 [ 23.050233] kasan_save_track+0x20/0x40 [ 23.050535] kasan_save_alloc_info+0x40/0x58 [ 23.051315] __kasan_kmalloc+0xd4/0xd8 [ 23.051421] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.051596] kasan_atomics+0xb8/0x2e0 [ 23.051703] kunit_try_run_case+0x170/0x3f0 [ 23.052236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.052387] kthread+0x328/0x630 [ 23.052512] ret_from_fork+0x10/0x20 [ 23.052604] [ 23.053752] The buggy address belongs to the object at fff00000c5958200 [ 23.053752] which belongs to the cache kmalloc-64 of size 64 [ 23.054314] The buggy address is located 0 bytes to the right of [ 23.054314] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.054567] [ 23.054627] The buggy address belongs to the physical page: [ 23.054904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.055118] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.055412] page_type: f5(slab) [ 23.055507] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.055633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.055758] page dumped because: kasan: bad access detected [ 23.055858] [ 23.055919] Memory state around the buggy address: [ 23.056009] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.056123] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.056233] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.056325] ^ [ 23.056412] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.056524] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.056632] ================================================================== [ 23.180277] ================================================================== [ 23.180391] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 23.180515] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.180631] [ 23.180695] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.180901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.180964] Hardware name: linux,dummy-virt (DT) [ 23.181038] Call trace: [ 23.181087] show_stack+0x20/0x38 (C) [ 23.181308] dump_stack_lvl+0x8c/0xd0 [ 23.181515] print_report+0x118/0x608 [ 23.181632] kasan_report+0xdc/0x128 [ 23.181721] kasan_check_range+0x100/0x1a8 [ 23.181852] __kasan_check_write+0x20/0x30 [ 23.181954] kasan_atomics_helper+0x154c/0x4858 [ 23.182076] kasan_atomics+0x198/0x2e0 [ 23.182175] kunit_try_run_case+0x170/0x3f0 [ 23.182277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.182399] kthread+0x328/0x630 [ 23.182459] ret_from_fork+0x10/0x20 [ 23.182516] [ 23.182555] Allocated by task 266: [ 23.182594] kasan_save_stack+0x3c/0x68 [ 23.182645] kasan_save_track+0x20/0x40 [ 23.182690] kasan_save_alloc_info+0x40/0x58 [ 23.182737] __kasan_kmalloc+0xd4/0xd8 [ 23.182779] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.182849] kasan_atomics+0xb8/0x2e0 [ 23.182940] kunit_try_run_case+0x170/0x3f0 [ 23.183031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.183171] kthread+0x328/0x630 [ 23.183334] ret_from_fork+0x10/0x20 [ 23.183448] [ 23.183959] The buggy address belongs to the object at fff00000c5958200 [ 23.183959] which belongs to the cache kmalloc-64 of size 64 [ 23.184329] The buggy address is located 0 bytes to the right of [ 23.184329] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.184911] [ 23.185132] The buggy address belongs to the physical page: [ 23.185211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.185616] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.185785] page_type: f5(slab) [ 23.186398] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.186549] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.186661] page dumped because: kasan: bad access detected [ 23.187689] [ 23.187976] Memory state around the buggy address: [ 23.188431] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.188926] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.189377] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.189495] ^ [ 23.189602] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.189689] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.190210] ================================================================== [ 23.024345] ================================================================== [ 23.024467] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 23.024590] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.024709] [ 23.024773] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.025028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.025087] Hardware name: linux,dummy-virt (DT) [ 23.025200] Call trace: [ 23.025233] show_stack+0x20/0x38 (C) [ 23.025349] dump_stack_lvl+0x8c/0xd0 [ 23.025415] print_report+0x118/0x608 [ 23.025470] kasan_report+0xdc/0x128 [ 23.025542] __asan_report_store8_noabort+0x20/0x30 [ 23.025685] kasan_atomics_helper+0x3e5c/0x4858 [ 23.025972] kasan_atomics+0x198/0x2e0 [ 23.026238] kunit_try_run_case+0x170/0x3f0 [ 23.026343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.026451] kthread+0x328/0x630 [ 23.026536] ret_from_fork+0x10/0x20 [ 23.026624] [ 23.026668] Allocated by task 266: [ 23.026734] kasan_save_stack+0x3c/0x68 [ 23.027211] kasan_save_track+0x20/0x40 [ 23.027347] kasan_save_alloc_info+0x40/0x58 [ 23.027998] __kasan_kmalloc+0xd4/0xd8 [ 23.028365] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.028516] kasan_atomics+0xb8/0x2e0 [ 23.028609] kunit_try_run_case+0x170/0x3f0 [ 23.028938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.029221] kthread+0x328/0x630 [ 23.029312] ret_from_fork+0x10/0x20 [ 23.029455] [ 23.029515] The buggy address belongs to the object at fff00000c5958200 [ 23.029515] which belongs to the cache kmalloc-64 of size 64 [ 23.029874] The buggy address is located 0 bytes to the right of [ 23.029874] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.030273] [ 23.030413] The buggy address belongs to the physical page: [ 23.030765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.030926] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.031035] page_type: f5(slab) [ 23.031102] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.031205] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.031292] page dumped because: kasan: bad access detected [ 23.031361] [ 23.031404] Memory state around the buggy address: [ 23.031482] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.031592] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.031906] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.032519] ^ [ 23.032643] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.032762] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.033280] ================================================================== [ 23.226832] ================================================================== [ 23.226933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 23.227036] Read of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.227145] [ 23.227743] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.228196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.228278] Hardware name: linux,dummy-virt (DT) [ 23.228428] Call trace: [ 23.228497] show_stack+0x20/0x38 (C) [ 23.228887] dump_stack_lvl+0x8c/0xd0 [ 23.229001] print_report+0x118/0x608 [ 23.229104] kasan_report+0xdc/0x128 [ 23.229756] __asan_report_load8_noabort+0x20/0x30 [ 23.229920] kasan_atomics_helper+0x3df4/0x4858 [ 23.230079] kasan_atomics+0x198/0x2e0 [ 23.230173] kunit_try_run_case+0x170/0x3f0 [ 23.230281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.230388] kthread+0x328/0x630 [ 23.230518] ret_from_fork+0x10/0x20 [ 23.230642] [ 23.230687] Allocated by task 266: [ 23.230764] kasan_save_stack+0x3c/0x68 [ 23.230879] kasan_save_track+0x20/0x40 [ 23.231007] kasan_save_alloc_info+0x40/0x58 [ 23.231107] __kasan_kmalloc+0xd4/0xd8 [ 23.231196] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.231333] kasan_atomics+0xb8/0x2e0 [ 23.231417] kunit_try_run_case+0x170/0x3f0 [ 23.231510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.231610] kthread+0x328/0x630 [ 23.231687] ret_from_fork+0x10/0x20 [ 23.231775] [ 23.231833] The buggy address belongs to the object at fff00000c5958200 [ 23.231833] which belongs to the cache kmalloc-64 of size 64 [ 23.231971] The buggy address is located 0 bytes to the right of [ 23.231971] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.232135] [ 23.232205] The buggy address belongs to the physical page: [ 23.232311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.232437] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.232552] page_type: f5(slab) [ 23.232665] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.232795] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.232902] page dumped because: kasan: bad access detected [ 23.233006] [ 23.233055] Memory state around the buggy address: [ 23.233190] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.233311] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.233414] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.233548] ^ [ 23.233635] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.233733] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.233847] ================================================================== [ 23.246239] ================================================================== [ 23.246349] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 23.246447] Read of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.246594] [ 23.246664] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.247320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.247509] Hardware name: linux,dummy-virt (DT) [ 23.247599] Call trace: [ 23.247991] show_stack+0x20/0x38 (C) [ 23.248999] dump_stack_lvl+0x8c/0xd0 [ 23.249269] print_report+0x118/0x608 [ 23.249410] kasan_report+0xdc/0x128 [ 23.249518] __asan_report_load8_noabort+0x20/0x30 [ 23.249626] kasan_atomics_helper+0x3e10/0x4858 [ 23.249716] kasan_atomics+0x198/0x2e0 [ 23.249805] kunit_try_run_case+0x170/0x3f0 [ 23.249922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.250977] kthread+0x328/0x630 [ 23.251206] ret_from_fork+0x10/0x20 [ 23.251317] [ 23.251361] Allocated by task 266: [ 23.251426] kasan_save_stack+0x3c/0x68 [ 23.251525] kasan_save_track+0x20/0x40 [ 23.251611] kasan_save_alloc_info+0x40/0x58 [ 23.252350] __kasan_kmalloc+0xd4/0xd8 [ 23.252577] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.252685] kasan_atomics+0xb8/0x2e0 [ 23.252784] kunit_try_run_case+0x170/0x3f0 [ 23.253314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.253601] kthread+0x328/0x630 [ 23.254024] ret_from_fork+0x10/0x20 [ 23.254405] [ 23.254461] The buggy address belongs to the object at fff00000c5958200 [ 23.254461] which belongs to the cache kmalloc-64 of size 64 [ 23.255001] The buggy address is located 0 bytes to the right of [ 23.255001] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.255355] [ 23.255617] The buggy address belongs to the physical page: [ 23.255867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.255971] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.256459] page_type: f5(slab) [ 23.256838] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.256969] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.257064] page dumped because: kasan: bad access detected [ 23.257655] [ 23.257906] Memory state around the buggy address: [ 23.258002] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.258095] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.258180] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.258262] ^ [ 23.258330] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.258429] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.259142] ================================================================== [ 23.017167] ================================================================== [ 23.017326] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 23.017444] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.017554] [ 23.017625] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.017948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.018049] Hardware name: linux,dummy-virt (DT) [ 23.018163] Call trace: [ 23.018242] show_stack+0x20/0x38 (C) [ 23.018413] dump_stack_lvl+0x8c/0xd0 [ 23.018533] print_report+0x118/0x608 [ 23.018673] kasan_report+0xdc/0x128 [ 23.018842] kasan_check_range+0x100/0x1a8 [ 23.018935] __kasan_check_write+0x20/0x30 [ 23.019032] kasan_atomics_helper+0xe44/0x4858 [ 23.019194] kasan_atomics+0x198/0x2e0 [ 23.019290] kunit_try_run_case+0x170/0x3f0 [ 23.019385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.019495] kthread+0x328/0x630 [ 23.019598] ret_from_fork+0x10/0x20 [ 23.019692] [ 23.019763] Allocated by task 266: [ 23.019856] kasan_save_stack+0x3c/0x68 [ 23.019958] kasan_save_track+0x20/0x40 [ 23.020091] kasan_save_alloc_info+0x40/0x58 [ 23.020322] __kasan_kmalloc+0xd4/0xd8 [ 23.020985] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.021232] kasan_atomics+0xb8/0x2e0 [ 23.021353] kunit_try_run_case+0x170/0x3f0 [ 23.021448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.021571] kthread+0x328/0x630 [ 23.021690] ret_from_fork+0x10/0x20 [ 23.021771] [ 23.021815] The buggy address belongs to the object at fff00000c5958200 [ 23.021815] which belongs to the cache kmalloc-64 of size 64 [ 23.021955] The buggy address is located 0 bytes to the right of [ 23.021955] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.022105] [ 23.022177] The buggy address belongs to the physical page: [ 23.022252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.022467] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.022584] page_type: f5(slab) [ 23.022708] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.022874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.022960] page dumped because: kasan: bad access detected [ 23.023039] [ 23.023089] Memory state around the buggy address: [ 23.023206] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.023358] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.023512] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.023646] ^ [ 23.023724] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.023835] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.023927] ================================================================== [ 22.993364] ================================================================== [ 22.993474] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 22.993634] Read of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 22.993746] [ 22.993853] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.994073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.994173] Hardware name: linux,dummy-virt (DT) [ 22.994239] Call trace: [ 22.994289] show_stack+0x20/0x38 (C) [ 22.994461] dump_stack_lvl+0x8c/0xd0 [ 22.994579] print_report+0x118/0x608 [ 22.994737] kasan_report+0xdc/0x128 [ 22.994851] kasan_check_range+0x100/0x1a8 [ 22.994947] __kasan_check_read+0x20/0x30 [ 22.995086] kasan_atomics_helper+0xdd4/0x4858 [ 22.995194] kasan_atomics+0x198/0x2e0 [ 22.995291] kunit_try_run_case+0x170/0x3f0 [ 22.995379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.995477] kthread+0x328/0x630 [ 22.995569] ret_from_fork+0x10/0x20 [ 22.995685] [ 22.995752] Allocated by task 266: [ 22.995859] kasan_save_stack+0x3c/0x68 [ 22.995989] kasan_save_track+0x20/0x40 [ 22.996109] kasan_save_alloc_info+0x40/0x58 [ 22.996233] __kasan_kmalloc+0xd4/0xd8 [ 22.996327] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.996418] kasan_atomics+0xb8/0x2e0 [ 22.996534] kunit_try_run_case+0x170/0x3f0 [ 22.996622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.996740] kthread+0x328/0x630 [ 22.996817] ret_from_fork+0x10/0x20 [ 22.997538] [ 22.997634] The buggy address belongs to the object at fff00000c5958200 [ 22.997634] which belongs to the cache kmalloc-64 of size 64 [ 22.998474] The buggy address is located 0 bytes to the right of [ 22.998474] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.998665] [ 22.998715] The buggy address belongs to the physical page: [ 22.999298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.999755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.999896] page_type: f5(slab) [ 22.999980] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.000078] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.000153] page dumped because: kasan: bad access detected [ 23.000219] [ 23.000262] Memory state around the buggy address: [ 23.000319] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.000402] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.000496] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.000578] ^ [ 23.000649] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.000742] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.000846] ================================================================== [ 23.066923] ================================================================== [ 23.067035] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 23.067162] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.067290] [ 23.067726] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.068195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.068303] Hardware name: linux,dummy-virt (DT) [ 23.068408] Call trace: [ 23.068483] show_stack+0x20/0x38 (C) [ 23.068596] dump_stack_lvl+0x8c/0xd0 [ 23.068724] print_report+0x118/0x608 [ 23.068934] kasan_report+0xdc/0x128 [ 23.069085] kasan_check_range+0x100/0x1a8 [ 23.069380] __kasan_check_write+0x20/0x30 [ 23.069527] kasan_atomics_helper+0xff0/0x4858 [ 23.069746] kasan_atomics+0x198/0x2e0 [ 23.070018] kunit_try_run_case+0x170/0x3f0 [ 23.070195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.070381] kthread+0x328/0x630 [ 23.070498] ret_from_fork+0x10/0x20 [ 23.070629] [ 23.070674] Allocated by task 266: [ 23.070932] kasan_save_stack+0x3c/0x68 [ 23.071112] kasan_save_track+0x20/0x40 [ 23.071387] kasan_save_alloc_info+0x40/0x58 [ 23.071838] __kasan_kmalloc+0xd4/0xd8 [ 23.072210] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.072320] kasan_atomics+0xb8/0x2e0 [ 23.072419] kunit_try_run_case+0x170/0x3f0 [ 23.072523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.072639] kthread+0x328/0x630 [ 23.073363] ret_from_fork+0x10/0x20 [ 23.073805] [ 23.073987] The buggy address belongs to the object at fff00000c5958200 [ 23.073987] which belongs to the cache kmalloc-64 of size 64 [ 23.074914] The buggy address is located 0 bytes to the right of [ 23.074914] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.075123] [ 23.075181] The buggy address belongs to the physical page: [ 23.075263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.075387] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.075507] page_type: f5(slab) [ 23.075608] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.075755] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.075876] page dumped because: kasan: bad access detected [ 23.075967] [ 23.076044] Memory state around the buggy address: [ 23.076166] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.076328] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.076488] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.076593] ^ [ 23.076678] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.076789] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.076899] ================================================================== [ 23.148856] ================================================================== [ 23.148999] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 23.149121] Read of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.149262] [ 23.149327] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.149519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.149586] Hardware name: linux,dummy-virt (DT) [ 23.149692] Call trace: [ 23.149757] show_stack+0x20/0x38 (C) [ 23.149892] dump_stack_lvl+0x8c/0xd0 [ 23.150041] print_report+0x118/0x608 [ 23.150215] kasan_report+0xdc/0x128 [ 23.150371] __asan_report_load8_noabort+0x20/0x30 [ 23.150571] kasan_atomics_helper+0x3f04/0x4858 [ 23.150690] kasan_atomics+0x198/0x2e0 [ 23.150783] kunit_try_run_case+0x170/0x3f0 [ 23.150927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.151055] kthread+0x328/0x630 [ 23.151195] ret_from_fork+0x10/0x20 [ 23.151367] [ 23.151420] Allocated by task 266: [ 23.151520] kasan_save_stack+0x3c/0x68 [ 23.151663] kasan_save_track+0x20/0x40 [ 23.151756] kasan_save_alloc_info+0x40/0x58 [ 23.151857] __kasan_kmalloc+0xd4/0xd8 [ 23.151933] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.152018] kasan_atomics+0xb8/0x2e0 [ 23.152104] kunit_try_run_case+0x170/0x3f0 [ 23.152196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.152369] kthread+0x328/0x630 [ 23.152492] ret_from_fork+0x10/0x20 [ 23.152568] [ 23.152616] The buggy address belongs to the object at fff00000c5958200 [ 23.152616] which belongs to the cache kmalloc-64 of size 64 [ 23.152770] The buggy address is located 0 bytes to the right of [ 23.152770] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.152960] [ 23.153037] The buggy address belongs to the physical page: [ 23.153156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.153320] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.153428] page_type: f5(slab) [ 23.153517] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.153685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.153800] page dumped because: kasan: bad access detected [ 23.153889] [ 23.153935] Memory state around the buggy address: [ 23.154016] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.154125] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.154268] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.154416] ^ [ 23.154548] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.154713] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.154860] ================================================================== [ 23.275090] ================================================================== [ 23.275214] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 23.275338] Read of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.277171] [ 23.277307] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.277662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.277875] Hardware name: linux,dummy-virt (DT) [ 23.277965] Call trace: [ 23.278025] show_stack+0x20/0x38 (C) [ 23.278135] dump_stack_lvl+0x8c/0xd0 [ 23.278238] print_report+0x118/0x608 [ 23.278344] kasan_report+0xdc/0x128 [ 23.278448] __asan_report_load8_noabort+0x20/0x30 [ 23.279236] kasan_atomics_helper+0x3e20/0x4858 [ 23.279386] kasan_atomics+0x198/0x2e0 [ 23.279503] kunit_try_run_case+0x170/0x3f0 [ 23.280580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.281126] kthread+0x328/0x630 [ 23.281382] ret_from_fork+0x10/0x20 [ 23.281522] [ 23.281579] Allocated by task 266: [ 23.281701] kasan_save_stack+0x3c/0x68 [ 23.281807] kasan_save_track+0x20/0x40 [ 23.281932] kasan_save_alloc_info+0x40/0x58 [ 23.282055] __kasan_kmalloc+0xd4/0xd8 [ 23.282159] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.282247] kasan_atomics+0xb8/0x2e0 [ 23.282319] kunit_try_run_case+0x170/0x3f0 [ 23.282621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.282744] kthread+0x328/0x630 [ 23.283122] ret_from_fork+0x10/0x20 [ 23.283232] [ 23.283435] The buggy address belongs to the object at fff00000c5958200 [ 23.283435] which belongs to the cache kmalloc-64 of size 64 [ 23.283580] The buggy address is located 0 bytes to the right of [ 23.283580] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.284345] [ 23.284402] The buggy address belongs to the physical page: [ 23.284670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.285186] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.285350] page_type: f5(slab) [ 23.285460] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.285621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.285803] page dumped because: kasan: bad access detected [ 23.286035] [ 23.286074] Memory state around the buggy address: [ 23.286170] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.286275] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.286410] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.286514] ^ [ 23.286864] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.287014] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.287163] ================================================================== [ 23.090386] ================================================================== [ 23.090447] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 23.090513] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.090583] [ 23.090617] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.090711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.090744] Hardware name: linux,dummy-virt (DT) [ 23.090782] Call trace: [ 23.090811] show_stack+0x20/0x38 (C) [ 23.090933] dump_stack_lvl+0x8c/0xd0 [ 23.091042] print_report+0x118/0x608 [ 23.091137] kasan_report+0xdc/0x128 [ 23.091242] kasan_check_range+0x100/0x1a8 [ 23.091352] __kasan_check_write+0x20/0x30 [ 23.091770] kasan_atomics_helper+0x10c0/0x4858 [ 23.092103] kasan_atomics+0x198/0x2e0 [ 23.092392] kunit_try_run_case+0x170/0x3f0 [ 23.092517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.092647] kthread+0x328/0x630 [ 23.092891] ret_from_fork+0x10/0x20 [ 23.093013] [ 23.093062] Allocated by task 266: [ 23.093299] kasan_save_stack+0x3c/0x68 [ 23.093733] kasan_save_track+0x20/0x40 [ 23.093874] kasan_save_alloc_info+0x40/0x58 [ 23.093986] __kasan_kmalloc+0xd4/0xd8 [ 23.094283] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.094468] kasan_atomics+0xb8/0x2e0 [ 23.094671] kunit_try_run_case+0x170/0x3f0 [ 23.094773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.095365] kthread+0x328/0x630 [ 23.095730] ret_from_fork+0x10/0x20 [ 23.095908] [ 23.095981] The buggy address belongs to the object at fff00000c5958200 [ 23.095981] which belongs to the cache kmalloc-64 of size 64 [ 23.096137] The buggy address is located 0 bytes to the right of [ 23.096137] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.096291] [ 23.096701] The buggy address belongs to the physical page: [ 23.096920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.097204] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.097365] page_type: f5(slab) [ 23.097470] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.097608] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.097729] page dumped because: kasan: bad access detected [ 23.098031] [ 23.098081] Memory state around the buggy address: [ 23.098151] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.098275] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.098575] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.098890] ^ [ 23.099168] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.099357] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.099455] ================================================================== [ 23.259750] ================================================================== [ 23.259867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 23.260844] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.262707] [ 23.262839] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.263050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.263118] Hardware name: linux,dummy-virt (DT) [ 23.263178] Call trace: [ 23.263260] show_stack+0x20/0x38 (C) [ 23.263390] dump_stack_lvl+0x8c/0xd0 [ 23.264085] print_report+0x118/0x608 [ 23.264627] kasan_report+0xdc/0x128 [ 23.264768] kasan_check_range+0x100/0x1a8 [ 23.265163] __kasan_check_write+0x20/0x30 [ 23.265551] kasan_atomics_helper+0x175c/0x4858 [ 23.266455] kasan_atomics+0x198/0x2e0 [ 23.266611] kunit_try_run_case+0x170/0x3f0 [ 23.266722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.266856] kthread+0x328/0x630 [ 23.266946] ret_from_fork+0x10/0x20 [ 23.267056] [ 23.267104] Allocated by task 266: [ 23.267165] kasan_save_stack+0x3c/0x68 [ 23.267253] kasan_save_track+0x20/0x40 [ 23.267335] kasan_save_alloc_info+0x40/0x58 [ 23.267417] __kasan_kmalloc+0xd4/0xd8 [ 23.267494] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.267584] kasan_atomics+0xb8/0x2e0 [ 23.267667] kunit_try_run_case+0x170/0x3f0 [ 23.267748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.267874] kthread+0x328/0x630 [ 23.267963] ret_from_fork+0x10/0x20 [ 23.268057] [ 23.268109] The buggy address belongs to the object at fff00000c5958200 [ 23.268109] which belongs to the cache kmalloc-64 of size 64 [ 23.268254] The buggy address is located 0 bytes to the right of [ 23.268254] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.268395] [ 23.268437] The buggy address belongs to the physical page: [ 23.268501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.268596] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.268699] page_type: f5(slab) [ 23.268816] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.272991] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.273097] page dumped because: kasan: bad access detected [ 23.273185] [ 23.273225] Memory state around the buggy address: [ 23.273305] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.273406] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.273499] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.273589] ^ [ 23.273703] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.273795] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.273943] ================================================================== [ 23.203349] ================================================================== [ 23.203459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 23.203728] Read of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.203983] [ 23.204116] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.204630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.204785] Hardware name: linux,dummy-virt (DT) [ 23.204923] Call trace: [ 23.205038] show_stack+0x20/0x38 (C) [ 23.205325] dump_stack_lvl+0x8c/0xd0 [ 23.205424] print_report+0x118/0x608 [ 23.205520] kasan_report+0xdc/0x128 [ 23.205622] __asan_report_load8_noabort+0x20/0x30 [ 23.206624] kasan_atomics_helper+0x3db0/0x4858 [ 23.206959] kasan_atomics+0x198/0x2e0 [ 23.207196] kunit_try_run_case+0x170/0x3f0 [ 23.207433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.207558] kthread+0x328/0x630 [ 23.207937] ret_from_fork+0x10/0x20 [ 23.208102] [ 23.208148] Allocated by task 266: [ 23.208212] kasan_save_stack+0x3c/0x68 [ 23.208308] kasan_save_track+0x20/0x40 [ 23.208394] kasan_save_alloc_info+0x40/0x58 [ 23.208710] __kasan_kmalloc+0xd4/0xd8 [ 23.208937] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.209157] kasan_atomics+0xb8/0x2e0 [ 23.209245] kunit_try_run_case+0x170/0x3f0 [ 23.209336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.209643] kthread+0x328/0x630 [ 23.209736] ret_from_fork+0x10/0x20 [ 23.209872] [ 23.209917] The buggy address belongs to the object at fff00000c5958200 [ 23.209917] which belongs to the cache kmalloc-64 of size 64 [ 23.210064] The buggy address is located 0 bytes to the right of [ 23.210064] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.210222] [ 23.210278] The buggy address belongs to the physical page: [ 23.210354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.210475] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.210600] page_type: f5(slab) [ 23.210701] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.210872] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.211039] page dumped because: kasan: bad access detected [ 23.211158] [ 23.211223] Memory state around the buggy address: [ 23.211336] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.211469] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.211592] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.211742] ^ [ 23.211889] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.211997] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.212564] ================================================================== [ 23.287754] ================================================================== [ 23.288199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 23.288331] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.288510] [ 23.288605] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.288875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.288936] Hardware name: linux,dummy-virt (DT) [ 23.289015] Call trace: [ 23.289092] show_stack+0x20/0x38 (C) [ 23.289260] dump_stack_lvl+0x8c/0xd0 [ 23.289368] print_report+0x118/0x608 [ 23.289865] kasan_report+0xdc/0x128 [ 23.290111] kasan_check_range+0x100/0x1a8 [ 23.290244] __kasan_check_write+0x20/0x30 [ 23.290374] kasan_atomics_helper+0x17ec/0x4858 [ 23.290496] kasan_atomics+0x198/0x2e0 [ 23.290609] kunit_try_run_case+0x170/0x3f0 [ 23.290705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.290840] kthread+0x328/0x630 [ 23.290947] ret_from_fork+0x10/0x20 [ 23.291515] [ 23.291935] Allocated by task 266: [ 23.292040] kasan_save_stack+0x3c/0x68 [ 23.292355] kasan_save_track+0x20/0x40 [ 23.292559] kasan_save_alloc_info+0x40/0x58 [ 23.292657] __kasan_kmalloc+0xd4/0xd8 [ 23.293099] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.293230] kasan_atomics+0xb8/0x2e0 [ 23.293760] kunit_try_run_case+0x170/0x3f0 [ 23.293906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.294489] kthread+0x328/0x630 [ 23.294991] ret_from_fork+0x10/0x20 [ 23.295108] [ 23.295255] The buggy address belongs to the object at fff00000c5958200 [ 23.295255] which belongs to the cache kmalloc-64 of size 64 [ 23.295515] The buggy address is located 0 bytes to the right of [ 23.295515] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.296076] [ 23.296234] The buggy address belongs to the physical page: [ 23.296323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.296466] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.296597] page_type: f5(slab) [ 23.297213] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.297431] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.297633] page dumped because: kasan: bad access detected [ 23.297710] [ 23.297762] Memory state around the buggy address: [ 23.298031] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.298202] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.298437] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.298660] ^ [ 23.298852] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.298974] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.299634] ================================================================== [ 23.059040] ================================================================== [ 23.059157] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 23.059261] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.059391] [ 23.059464] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.059949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.060015] Hardware name: linux,dummy-virt (DT) [ 23.060092] Call trace: [ 23.060145] show_stack+0x20/0x38 (C) [ 23.060279] dump_stack_lvl+0x8c/0xd0 [ 23.060493] print_report+0x118/0x608 [ 23.060630] kasan_report+0xdc/0x128 [ 23.060746] kasan_check_range+0x100/0x1a8 [ 23.060881] __kasan_check_write+0x20/0x30 [ 23.061000] kasan_atomics_helper+0xf88/0x4858 [ 23.061112] kasan_atomics+0x198/0x2e0 [ 23.061257] kunit_try_run_case+0x170/0x3f0 [ 23.061419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.061548] kthread+0x328/0x630 [ 23.061638] ret_from_fork+0x10/0x20 [ 23.061757] [ 23.061808] Allocated by task 266: [ 23.061952] kasan_save_stack+0x3c/0x68 [ 23.062069] kasan_save_track+0x20/0x40 [ 23.062310] kasan_save_alloc_info+0x40/0x58 [ 23.062418] __kasan_kmalloc+0xd4/0xd8 [ 23.062560] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.062715] kasan_atomics+0xb8/0x2e0 [ 23.062809] kunit_try_run_case+0x170/0x3f0 [ 23.062927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.063270] kthread+0x328/0x630 [ 23.063553] ret_from_fork+0x10/0x20 [ 23.063651] [ 23.063702] The buggy address belongs to the object at fff00000c5958200 [ 23.063702] which belongs to the cache kmalloc-64 of size 64 [ 23.063863] The buggy address is located 0 bytes to the right of [ 23.063863] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.064008] [ 23.064277] The buggy address belongs to the physical page: [ 23.064752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.065066] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.065231] page_type: f5(slab) [ 23.065287] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.065393] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.065500] page dumped because: kasan: bad access detected [ 23.065570] [ 23.065614] Memory state around the buggy address: [ 23.065691] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.065804] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.065978] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.066118] ^ [ 23.066244] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.066391] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.066494] ================================================================== [ 23.162173] ================================================================== [ 23.162261] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 23.162374] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.162486] [ 23.162561] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.162746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.162814] Hardware name: linux,dummy-virt (DT) [ 23.162914] Call trace: [ 23.162965] show_stack+0x20/0x38 (C) [ 23.163076] dump_stack_lvl+0x8c/0xd0 [ 23.163180] print_report+0x118/0x608 [ 23.163292] kasan_report+0xdc/0x128 [ 23.163395] kasan_check_range+0x100/0x1a8 [ 23.163514] __kasan_check_write+0x20/0x30 [ 23.163612] kasan_atomics_helper+0x147c/0x4858 [ 23.163769] kasan_atomics+0x198/0x2e0 [ 23.164007] kunit_try_run_case+0x170/0x3f0 [ 23.164131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.164247] kthread+0x328/0x630 [ 23.164345] ret_from_fork+0x10/0x20 [ 23.164438] [ 23.164480] Allocated by task 266: [ 23.164550] kasan_save_stack+0x3c/0x68 [ 23.164677] kasan_save_track+0x20/0x40 [ 23.164770] kasan_save_alloc_info+0x40/0x58 [ 23.164892] __kasan_kmalloc+0xd4/0xd8 [ 23.164996] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.165086] kasan_atomics+0xb8/0x2e0 [ 23.165341] kunit_try_run_case+0x170/0x3f0 [ 23.165443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.165549] kthread+0x328/0x630 [ 23.165631] ret_from_fork+0x10/0x20 [ 23.165718] [ 23.165766] The buggy address belongs to the object at fff00000c5958200 [ 23.165766] which belongs to the cache kmalloc-64 of size 64 [ 23.166320] The buggy address is located 0 bytes to the right of [ 23.166320] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.167108] [ 23.167181] The buggy address belongs to the physical page: [ 23.167257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.167629] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.168191] page_type: f5(slab) [ 23.168295] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.168431] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.168544] page dumped because: kasan: bad access detected [ 23.168631] [ 23.168806] Memory state around the buggy address: [ 23.168917] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.169946] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.170270] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.170362] ^ [ 23.170433] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.170537] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.170638] ================================================================== [ 22.830038] ================================================================== [ 22.830168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 22.830288] Write of size 4 at addr fff00000c5958230 by task kunit_try_catch/266 [ 22.830398] [ 22.830458] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.830726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.830849] Hardware name: linux,dummy-virt (DT) [ 22.830971] Call trace: [ 22.831065] show_stack+0x20/0x38 (C) [ 22.831189] dump_stack_lvl+0x8c/0xd0 [ 22.831356] print_report+0x118/0x608 [ 22.831478] kasan_report+0xdc/0x128 [ 22.831598] kasan_check_range+0x100/0x1a8 [ 22.831730] __kasan_check_write+0x20/0x30 [ 22.831863] kasan_atomics_helper+0xa6c/0x4858 [ 22.831984] kasan_atomics+0x198/0x2e0 [ 22.832129] kunit_try_run_case+0x170/0x3f0 [ 22.832250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.832402] kthread+0x328/0x630 [ 22.832515] ret_from_fork+0x10/0x20 [ 22.832645] [ 22.832704] Allocated by task 266: [ 22.832803] kasan_save_stack+0x3c/0x68 [ 22.832924] kasan_save_track+0x20/0x40 [ 22.833021] kasan_save_alloc_info+0x40/0x58 [ 22.833231] __kasan_kmalloc+0xd4/0xd8 [ 22.833331] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.833521] kasan_atomics+0xb8/0x2e0 [ 22.833735] kunit_try_run_case+0x170/0x3f0 [ 22.834106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.834241] kthread+0x328/0x630 [ 22.834343] ret_from_fork+0x10/0x20 [ 22.834447] [ 22.834638] The buggy address belongs to the object at fff00000c5958200 [ 22.834638] which belongs to the cache kmalloc-64 of size 64 [ 22.835316] The buggy address is located 0 bytes to the right of [ 22.835316] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.835501] [ 22.835566] The buggy address belongs to the physical page: [ 22.835742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.835921] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.836043] page_type: f5(slab) [ 22.836144] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.836283] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.836393] page dumped because: kasan: bad access detected [ 22.837262] [ 22.837680] Memory state around the buggy address: [ 22.838114] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.838752] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.839291] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.839933] ^ [ 22.840372] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.840966] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.843051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.848962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.850640] __kasan_kmalloc+0xd4/0xd8 [ 22.850741] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.850865] kasan_atomics+0xb8/0x2e0 [ 22.850969] kunit_try_run_case+0x170/0x3f0 [ 22.851073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.852642] kthread+0x328/0x630 [ 22.854270] ret_from_fork+0x10/0x20 [ 22.854584] [ 22.854643] The buggy address belongs to the object at fff00000c5958200 [ 22.854643] which belongs to the cache kmalloc-64 of size 64 [ 22.855449] The buggy address is located 0 bytes to the right of [ 22.855449] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.857033] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.858383] [ 22.860044] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.863262] [ 22.864526] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.869941] kasan_atomics+0x198/0x2e0 [ 22.875502] kasan_atomics+0xb8/0x2e0 [ 22.875611] kunit_try_run_case+0x170/0x3f0 [ 22.875714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.875842] kthread+0x328/0x630 [ 22.875937] ret_from_fork+0x10/0x20 [ 22.876019] [ 22.876066] The buggy address belongs to the object at fff00000c5958200 [ 22.876066] which belongs to the cache kmalloc-64 of size 64 [ 22.876659] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.880018] [ 22.881506] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.882682] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.892733] __kasan_check_write+0x20/0x30 [ 22.898415] kasan_atomics+0xb8/0x2e0 [ 22.900868] kthread+0x328/0x630 [ 22.904133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.908662] ^ [ 22.917321] kasan_report+0xdc/0x128 [ 22.924399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.928107] page_type: f5(slab) [ 22.930774] [ 22.933611] ================================================================== [ 22.986865] ================================================================== [ 22.986975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 22.987159] Read of size 4 at addr fff00000c5958230 by task kunit_try_catch/266 [ 22.987284] [ 22.987356] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.987565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.987640] Hardware name: linux,dummy-virt (DT) [ 22.987723] Call trace: [ 22.987779] show_stack+0x20/0x38 (C) [ 22.987925] dump_stack_lvl+0x8c/0xd0 [ 22.988030] print_report+0x118/0x608 [ 22.988151] kasan_report+0xdc/0x128 [ 22.988250] __asan_report_load4_noabort+0x20/0x30 [ 22.988439] kasan_atomics_helper+0x3e04/0x4858 [ 22.988548] kasan_atomics+0x198/0x2e0 [ 22.988654] kunit_try_run_case+0x170/0x3f0 [ 22.988806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.989015] kthread+0x328/0x630 [ 22.989208] ret_from_fork+0x10/0x20 [ 22.989379] [ 22.989420] Allocated by task 266: [ 22.989485] kasan_save_stack+0x3c/0x68 [ 22.989658] kasan_save_track+0x20/0x40 [ 22.989793] kasan_save_alloc_info+0x40/0x58 [ 22.989955] __kasan_kmalloc+0xd4/0xd8 [ 22.990076] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.990171] kasan_atomics+0xb8/0x2e0 [ 22.990264] kunit_try_run_case+0x170/0x3f0 [ 22.990381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.990467] kthread+0x328/0x630 [ 22.990532] ret_from_fork+0x10/0x20 [ 22.990618] [ 22.990665] The buggy address belongs to the object at fff00000c5958200 [ 22.990665] which belongs to the cache kmalloc-64 of size 64 [ 22.990806] The buggy address is located 0 bytes to the right of [ 22.990806] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.991004] [ 22.991055] The buggy address belongs to the physical page: [ 22.991171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.991299] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.991415] page_type: f5(slab) [ 22.991532] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.991660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.991753] page dumped because: kasan: bad access detected [ 22.991846] [ 22.991892] Memory state around the buggy address: [ 22.991965] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.992079] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.992177] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.992306] ^ [ 22.992380] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.992510] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.992630] ================================================================== [ 22.782312] ================================================================== [ 22.782430] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 22.782567] Read of size 4 at addr fff00000c5958230 by task kunit_try_catch/266 [ 22.782702] [ 22.782783] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.783005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.783083] Hardware name: linux,dummy-virt (DT) [ 22.783167] Call trace: [ 22.783228] show_stack+0x20/0x38 (C) [ 22.783355] dump_stack_lvl+0x8c/0xd0 [ 22.783479] print_report+0x118/0x608 [ 22.783602] kasan_report+0xdc/0x128 [ 22.783718] __asan_report_load4_noabort+0x20/0x30 [ 22.785898] kasan_atomics_helper+0x42d8/0x4858 [ 22.786743] kasan_atomics+0x198/0x2e0 [ 22.787398] kunit_try_run_case+0x170/0x3f0 [ 22.787671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.788057] kthread+0x328/0x630 [ 22.788702] ret_from_fork+0x10/0x20 [ 22.789281] [ 22.789395] Allocated by task 266: [ 22.789464] kasan_save_stack+0x3c/0x68 [ 22.789562] kasan_save_track+0x20/0x40 [ 22.789639] kasan_save_alloc_info+0x40/0x58 [ 22.789730] __kasan_kmalloc+0xd4/0xd8 [ 22.789830] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.790755] kasan_atomics+0xb8/0x2e0 [ 22.791212] kunit_try_run_case+0x170/0x3f0 [ 22.791585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.792048] kthread+0x328/0x630 [ 22.792186] ret_from_fork+0x10/0x20 [ 22.792503] [ 22.792861] The buggy address belongs to the object at fff00000c5958200 [ 22.792861] which belongs to the cache kmalloc-64 of size 64 [ 22.793099] The buggy address is located 0 bytes to the right of [ 22.793099] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.793412] [ 22.793575] The buggy address belongs to the physical page: [ 22.794088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.794457] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.794785] page_type: f5(slab) [ 22.794937] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.795165] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.795639] page dumped because: kasan: bad access detected [ 22.795807] [ 22.795870] Memory state around the buggy address: [ 22.795955] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.796065] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.796169] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.796271] ^ [ 22.796361] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.797621] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.797741] ================================================================== [ 23.119128] ================================================================== [ 23.119232] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 23.119376] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.119496] [ 23.119556] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.119718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.119778] Hardware name: linux,dummy-virt (DT) [ 23.122615] Call trace: [ 23.122697] show_stack+0x20/0x38 (C) [ 23.122854] dump_stack_lvl+0x8c/0xd0 [ 23.122964] print_report+0x118/0x608 [ 23.123069] kasan_report+0xdc/0x128 [ 23.123169] kasan_check_range+0x100/0x1a8 [ 23.123274] __kasan_check_write+0x20/0x30 [ 23.123381] kasan_atomics_helper+0x126c/0x4858 [ 23.123498] kasan_atomics+0x198/0x2e0 [ 23.123612] kunit_try_run_case+0x170/0x3f0 [ 23.123713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.123843] kthread+0x328/0x630 [ 23.123929] ret_from_fork+0x10/0x20 [ 23.124029] [ 23.124072] Allocated by task 266: [ 23.124134] kasan_save_stack+0x3c/0x68 [ 23.124229] kasan_save_track+0x20/0x40 [ 23.124315] kasan_save_alloc_info+0x40/0x58 [ 23.124752] __kasan_kmalloc+0xd4/0xd8 [ 23.124952] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.125514] kasan_atomics+0xb8/0x2e0 [ 23.125867] kunit_try_run_case+0x170/0x3f0 [ 23.126856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.127038] kthread+0x328/0x630 [ 23.127132] ret_from_fork+0x10/0x20 [ 23.127295] [ 23.127356] The buggy address belongs to the object at fff00000c5958200 [ 23.127356] which belongs to the cache kmalloc-64 of size 64 [ 23.127546] The buggy address is located 0 bytes to the right of [ 23.127546] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.127970] [ 23.128036] The buggy address belongs to the physical page: [ 23.128128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.128503] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.129152] page_type: f5(slab) [ 23.129267] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.129401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.129507] page dumped because: kasan: bad access detected [ 23.129811] [ 23.129881] Memory state around the buggy address: [ 23.130145] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.130836] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.130978] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.131079] ^ [ 23.131156] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.132141] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.132653] ================================================================== [ 23.100466] ================================================================== [ 23.100710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 23.101034] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.101207] [ 23.101279] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.101479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.101556] Hardware name: linux,dummy-virt (DT) [ 23.101628] Call trace: [ 23.101683] show_stack+0x20/0x38 (C) [ 23.101797] dump_stack_lvl+0x8c/0xd0 [ 23.101921] print_report+0x118/0x608 [ 23.102054] kasan_report+0xdc/0x128 [ 23.102223] kasan_check_range+0x100/0x1a8 [ 23.102348] __kasan_check_write+0x20/0x30 [ 23.102464] kasan_atomics_helper+0x1128/0x4858 [ 23.102603] kasan_atomics+0x198/0x2e0 [ 23.102722] kunit_try_run_case+0x170/0x3f0 [ 23.102870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.103066] kthread+0x328/0x630 [ 23.103210] ret_from_fork+0x10/0x20 [ 23.103325] [ 23.103385] Allocated by task 266: [ 23.103490] kasan_save_stack+0x3c/0x68 [ 23.103636] kasan_save_track+0x20/0x40 [ 23.103766] kasan_save_alloc_info+0x40/0x58 [ 23.103895] __kasan_kmalloc+0xd4/0xd8 [ 23.103978] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.104069] kasan_atomics+0xb8/0x2e0 [ 23.104168] kunit_try_run_case+0x170/0x3f0 [ 23.104285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.104389] kthread+0x328/0x630 [ 23.104464] ret_from_fork+0x10/0x20 [ 23.104556] [ 23.104611] The buggy address belongs to the object at fff00000c5958200 [ 23.104611] which belongs to the cache kmalloc-64 of size 64 [ 23.104787] The buggy address is located 0 bytes to the right of [ 23.104787] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.104960] [ 23.105011] The buggy address belongs to the physical page: [ 23.105091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.105302] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.105422] page_type: f5(slab) [ 23.105502] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.105618] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.105715] page dumped because: kasan: bad access detected [ 23.105810] [ 23.105870] Memory state around the buggy address: [ 23.105943] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.106040] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.106175] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.106271] ^ [ 23.106361] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.106459] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.106580] ================================================================== [ 23.155344] ================================================================== [ 23.155615] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 23.155814] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.155986] [ 23.156059] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.156250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.156314] Hardware name: linux,dummy-virt (DT) [ 23.156394] Call trace: [ 23.156450] show_stack+0x20/0x38 (C) [ 23.156555] dump_stack_lvl+0x8c/0xd0 [ 23.156655] print_report+0x118/0x608 [ 23.156805] kasan_report+0xdc/0x128 [ 23.156939] kasan_check_range+0x100/0x1a8 [ 23.157053] __kasan_check_write+0x20/0x30 [ 23.157195] kasan_atomics_helper+0x1414/0x4858 [ 23.157355] kasan_atomics+0x198/0x2e0 [ 23.157502] kunit_try_run_case+0x170/0x3f0 [ 23.157664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.157840] kthread+0x328/0x630 [ 23.157940] ret_from_fork+0x10/0x20 [ 23.158049] [ 23.158095] Allocated by task 266: [ 23.158155] kasan_save_stack+0x3c/0x68 [ 23.158238] kasan_save_track+0x20/0x40 [ 23.158304] kasan_save_alloc_info+0x40/0x58 [ 23.158402] __kasan_kmalloc+0xd4/0xd8 [ 23.158476] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.158568] kasan_atomics+0xb8/0x2e0 [ 23.158661] kunit_try_run_case+0x170/0x3f0 [ 23.158845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.158954] kthread+0x328/0x630 [ 23.159023] ret_from_fork+0x10/0x20 [ 23.159088] [ 23.159145] The buggy address belongs to the object at fff00000c5958200 [ 23.159145] which belongs to the cache kmalloc-64 of size 64 [ 23.159259] The buggy address is located 0 bytes to the right of [ 23.159259] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.159405] [ 23.159460] The buggy address belongs to the physical page: [ 23.159534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.159654] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.159781] page_type: f5(slab) [ 23.159894] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.160015] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.160113] page dumped because: kasan: bad access detected [ 23.160189] [ 23.160234] Memory state around the buggy address: [ 23.160309] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.160417] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.160527] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.160666] ^ [ 23.160773] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.161681] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.161787] ================================================================== [ 23.033788] ================================================================== [ 23.033920] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 23.034045] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.034157] [ 23.034217] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.034397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.034464] Hardware name: linux,dummy-virt (DT) [ 23.034555] Call trace: [ 23.034618] show_stack+0x20/0x38 (C) [ 23.034748] dump_stack_lvl+0x8c/0xd0 [ 23.034883] print_report+0x118/0x608 [ 23.035006] kasan_report+0xdc/0x128 [ 23.035121] kasan_check_range+0x100/0x1a8 [ 23.035245] __kasan_check_write+0x20/0x30 [ 23.035371] kasan_atomics_helper+0xeb8/0x4858 [ 23.035548] kasan_atomics+0x198/0x2e0 [ 23.035668] kunit_try_run_case+0x170/0x3f0 [ 23.035791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.035926] kthread+0x328/0x630 [ 23.036021] ret_from_fork+0x10/0x20 [ 23.036133] [ 23.036187] Allocated by task 266: [ 23.036250] kasan_save_stack+0x3c/0x68 [ 23.036354] kasan_save_track+0x20/0x40 [ 23.036450] kasan_save_alloc_info+0x40/0x58 [ 23.036555] __kasan_kmalloc+0xd4/0xd8 [ 23.036646] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.036746] kasan_atomics+0xb8/0x2e0 [ 23.036852] kunit_try_run_case+0x170/0x3f0 [ 23.037404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.037650] kthread+0x328/0x630 [ 23.037713] ret_from_fork+0x10/0x20 [ 23.037759] [ 23.037787] The buggy address belongs to the object at fff00000c5958200 [ 23.037787] which belongs to the cache kmalloc-64 of size 64 [ 23.037909] The buggy address is located 0 bytes to the right of [ 23.037909] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.038071] [ 23.038117] The buggy address belongs to the physical page: [ 23.038174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.038577] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.038713] page_type: f5(slab) [ 23.038808] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.039617] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.039752] page dumped because: kasan: bad access detected [ 23.040084] [ 23.040326] Memory state around the buggy address: [ 23.040557] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.040679] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.040782] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.040892] ^ [ 23.041674] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.042420] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.042979] ================================================================== [ 22.821764] ================================================================== [ 22.821897] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 22.822005] Write of size 4 at addr fff00000c5958230 by task kunit_try_catch/266 [ 22.822118] [ 22.822197] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.822413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.822490] Hardware name: linux,dummy-virt (DT) [ 22.822586] Call trace: [ 22.822651] show_stack+0x20/0x38 (C) [ 22.823795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.824256] Allocated by task 266: [ 22.824327] kasan_save_stack+0x3c/0x68 [ 22.824627] kasan_save_track+0x20/0x40 [ 22.824849] kasan_save_alloc_info+0x40/0x58 [ 22.825185] __kasan_kmalloc+0xd4/0xd8 [ 22.825494] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.825592] kasan_atomics+0xb8/0x2e0 [ 22.825675] kunit_try_run_case+0x170/0x3f0 [ 22.826011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.826140] kthread+0x328/0x630 [ 22.826254] ret_from_fork+0x10/0x20 [ 22.826349] [ 22.826465] The buggy address belongs to the object at fff00000c5958200 [ 22.826465] which belongs to the cache kmalloc-64 of size 64 [ 22.826633] The buggy address is located 0 bytes to the right of [ 22.826633] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.826799] [ 22.826893] The buggy address belongs to the physical page: [ 22.827005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.827196] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.827369] page_type: f5(slab) [ 22.827476] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.827655] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.827813] page dumped because: kasan: bad access detected [ 22.827958] [ 22.828010] Memory state around the buggy address: [ 22.828091] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.828202] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.828309] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.828410] ^ [ 22.828494] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.828604] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.828704] ================================================================== [ 23.001222] ================================================================== [ 23.001312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 23.001405] Read of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.001498] [ 23.001550] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.001728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.001787] Hardware name: linux,dummy-virt (DT) [ 23.005997] Call trace: [ 23.006065] show_stack+0x20/0x38 (C) [ 23.006176] dump_stack_lvl+0x8c/0xd0 [ 23.006283] print_report+0x118/0x608 [ 23.006384] kasan_report+0xdc/0x128 [ 23.006482] __asan_report_load8_noabort+0x20/0x30 [ 23.006617] kasan_atomics_helper+0x3f58/0x4858 [ 23.006737] kasan_atomics+0x198/0x2e0 [ 23.006865] kunit_try_run_case+0x170/0x3f0 [ 23.006977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.007108] kthread+0x328/0x630 [ 23.007210] ret_from_fork+0x10/0x20 [ 23.007318] [ 23.007367] Allocated by task 266: [ 23.007441] kasan_save_stack+0x3c/0x68 [ 23.007541] kasan_save_track+0x20/0x40 [ 23.007633] kasan_save_alloc_info+0x40/0x58 [ 23.007731] __kasan_kmalloc+0xd4/0xd8 [ 23.008912] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.009062] kasan_atomics+0xb8/0x2e0 [ 23.009467] kunit_try_run_case+0x170/0x3f0 [ 23.009855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.009978] kthread+0x328/0x630 [ 23.010516] ret_from_fork+0x10/0x20 [ 23.010649] [ 23.010714] The buggy address belongs to the object at fff00000c5958200 [ 23.010714] which belongs to the cache kmalloc-64 of size 64 [ 23.011119] The buggy address is located 0 bytes to the right of [ 23.011119] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.011850] [ 23.011922] The buggy address belongs to the physical page: [ 23.012008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.012727] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.013229] page_type: f5(slab) [ 23.013339] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.013474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.013560] page dumped because: kasan: bad access detected [ 23.014127] [ 23.014195] Memory state around the buggy address: [ 23.014721] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.014896] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.015018] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.015360] ^ [ 23.015680] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.016203] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.016414] ================================================================== [ 23.213397] ================================================================== [ 23.213511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 23.213631] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.213757] [ 23.213845] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.214042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.214111] Hardware name: linux,dummy-virt (DT) [ 23.214183] Call trace: [ 23.214241] show_stack+0x20/0x38 (C) [ 23.214352] dump_stack_lvl+0x8c/0xd0 [ 23.214462] print_report+0x118/0x608 [ 23.214588] kasan_report+0xdc/0x128 [ 23.214717] kasan_check_range+0x100/0x1a8 [ 23.214866] __kasan_check_write+0x20/0x30 [ 23.214968] kasan_atomics_helper+0x1644/0x4858 [ 23.215109] kasan_atomics+0x198/0x2e0 [ 23.215247] kunit_try_run_case+0x170/0x3f0 [ 23.215370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.215498] kthread+0x328/0x630 [ 23.215604] ret_from_fork+0x10/0x20 [ 23.215877] [ 23.215934] Allocated by task 266: [ 23.216336] kasan_save_stack+0x3c/0x68 [ 23.216446] kasan_save_track+0x20/0x40 [ 23.216651] kasan_save_alloc_info+0x40/0x58 [ 23.216879] __kasan_kmalloc+0xd4/0xd8 [ 23.217367] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.217879] kasan_atomics+0xb8/0x2e0 [ 23.217978] kunit_try_run_case+0x170/0x3f0 [ 23.218072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.218175] kthread+0x328/0x630 [ 23.218255] ret_from_fork+0x10/0x20 [ 23.218331] [ 23.218373] The buggy address belongs to the object at fff00000c5958200 [ 23.218373] which belongs to the cache kmalloc-64 of size 64 [ 23.218695] The buggy address is located 0 bytes to the right of [ 23.218695] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.219553] [ 23.219926] The buggy address belongs to the physical page: [ 23.220276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.220683] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.220948] page_type: f5(slab) [ 23.221524] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.222107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.222199] page dumped because: kasan: bad access detected [ 23.222938] [ 23.223118] Memory state around the buggy address: [ 23.223287] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.223400] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.223908] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.224519] ^ [ 23.224675] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.225299] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.225736] ================================================================== [ 22.811941] ================================================================== [ 22.812049] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 22.812163] Write of size 4 at addr fff00000c5958230 by task kunit_try_catch/266 [ 22.812284] [ 22.812358] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.812558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.812630] Hardware name: linux,dummy-virt (DT) [ 22.812713] Call trace: [ 22.812768] show_stack+0x20/0x38 (C) [ 22.812902] dump_stack_lvl+0x8c/0xd0 [ 22.813007] print_report+0x118/0x608 [ 22.813123] kasan_report+0xdc/0x128 [ 22.813877] kasan_check_range+0x100/0x1a8 [ 22.814031] __kasan_check_write+0x20/0x30 [ 22.814115] kasan_atomics_helper+0x99c/0x4858 [ 22.814198] kasan_atomics+0x198/0x2e0 [ 22.814292] kunit_try_run_case+0x170/0x3f0 [ 22.814374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.814475] kthread+0x328/0x630 [ 22.814568] ret_from_fork+0x10/0x20 [ 22.814673] [ 22.814721] Allocated by task 266: [ 22.814800] kasan_save_stack+0x3c/0x68 [ 22.814952] kasan_save_track+0x20/0x40 [ 22.815065] kasan_save_alloc_info+0x40/0x58 [ 22.815166] __kasan_kmalloc+0xd4/0xd8 [ 22.815258] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.815355] kasan_atomics+0xb8/0x2e0 [ 22.815448] kunit_try_run_case+0x170/0x3f0 [ 22.815550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.815662] kthread+0x328/0x630 [ 22.815748] ret_from_fork+0x10/0x20 [ 22.815855] [ 22.815911] The buggy address belongs to the object at fff00000c5958200 [ 22.815911] which belongs to the cache kmalloc-64 of size 64 [ 22.816061] The buggy address is located 0 bytes to the right of [ 22.816061] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.816226] [ 22.816279] The buggy address belongs to the physical page: [ 22.816374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.816496] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.817182] page_type: f5(slab) [ 22.817328] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.817500] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.817639] page dumped because: kasan: bad access detected [ 22.817717] [ 22.817760] Memory state around the buggy address: [ 22.817843] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.818257] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.818432] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.818572] ^ [ 22.820908] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.821004] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.821057] ================================================================== [ 22.973084] ================================================================== [ 22.973217] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 22.973375] Read of size 4 at addr fff00000c5958230 by task kunit_try_catch/266 [ 22.973503] [ 22.973593] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.973798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.973891] Hardware name: linux,dummy-virt (DT) [ 22.973975] Call trace: [ 22.974032] show_stack+0x20/0x38 (C) [ 22.974152] dump_stack_lvl+0x8c/0xd0 [ 22.974273] print_report+0x118/0x608 [ 22.974388] kasan_report+0xdc/0x128 [ 22.974508] __asan_report_load4_noabort+0x20/0x30 [ 22.974655] kasan_atomics_helper+0x3dd8/0x4858 [ 22.974780] kasan_atomics+0x198/0x2e0 [ 22.974941] kunit_try_run_case+0x170/0x3f0 [ 22.975058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.975181] kthread+0x328/0x630 [ 22.975435] ret_from_fork+0x10/0x20 [ 22.975594] [ 22.975635] Allocated by task 266: [ 22.975716] kasan_save_stack+0x3c/0x68 [ 22.975848] kasan_save_track+0x20/0x40 [ 22.975958] kasan_save_alloc_info+0x40/0x58 [ 22.976056] __kasan_kmalloc+0xd4/0xd8 [ 22.976161] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.976304] kasan_atomics+0xb8/0x2e0 [ 22.976400] kunit_try_run_case+0x170/0x3f0 [ 22.976587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.976731] kthread+0x328/0x630 [ 22.976835] ret_from_fork+0x10/0x20 [ 22.977024] [ 22.977095] The buggy address belongs to the object at fff00000c5958200 [ 22.977095] which belongs to the cache kmalloc-64 of size 64 [ 22.977244] The buggy address is located 0 bytes to the right of [ 22.977244] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.977407] [ 22.977453] The buggy address belongs to the physical page: [ 22.977520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.977622] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.977772] page_type: f5(slab) [ 22.977967] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.978090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.978179] page dumped because: kasan: bad access detected [ 22.978234] [ 22.978266] Memory state around the buggy address: [ 22.978329] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.978433] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.978558] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.978652] ^ [ 22.978814] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.978967] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.979156] ================================================================== [ 22.979794] ================================================================== [ 22.980000] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 22.980180] Write of size 4 at addr fff00000c5958230 by task kunit_try_catch/266 [ 22.980357] [ 22.980470] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.980709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.980778] Hardware name: linux,dummy-virt (DT) [ 22.980862] Call trace: [ 22.980922] show_stack+0x20/0x38 (C) [ 22.981022] dump_stack_lvl+0x8c/0xd0 [ 22.981427] print_report+0x118/0x608 [ 22.981732] kasan_report+0xdc/0x128 [ 22.982161] kasan_check_range+0x100/0x1a8 [ 22.982463] __kasan_check_write+0x20/0x30 [ 22.982745] kasan_atomics_helper+0xd3c/0x4858 [ 22.983161] kasan_atomics+0x198/0x2e0 [ 22.983307] kunit_try_run_case+0x170/0x3f0 [ 22.983417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.983580] kthread+0x328/0x630 [ 22.983715] ret_from_fork+0x10/0x20 [ 22.983849] [ 22.983905] Allocated by task 266: [ 22.983985] kasan_save_stack+0x3c/0x68 [ 22.984095] kasan_save_track+0x20/0x40 [ 22.984210] kasan_save_alloc_info+0x40/0x58 [ 22.984353] __kasan_kmalloc+0xd4/0xd8 [ 22.984489] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.984590] kasan_atomics+0xb8/0x2e0 [ 22.984682] kunit_try_run_case+0x170/0x3f0 [ 22.984776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.984886] kthread+0x328/0x630 [ 22.984968] ret_from_fork+0x10/0x20 [ 22.985165] [ 22.985266] The buggy address belongs to the object at fff00000c5958200 [ 22.985266] which belongs to the cache kmalloc-64 of size 64 [ 22.985395] The buggy address is located 0 bytes to the right of [ 22.985395] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.985562] [ 22.985626] The buggy address belongs to the physical page: [ 22.985715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.985844] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.985950] page_type: f5(slab) [ 22.986052] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.986128] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.986179] page dumped because: kasan: bad access detected [ 22.986216] [ 22.986240] Memory state around the buggy address: [ 22.986280] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.986328] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.986378] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.986421] ^ [ 22.986462] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.986512] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.986571] ================================================================== [ 23.142733] ================================================================== [ 23.142857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 23.142961] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.143065] [ 23.143129] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.143314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.143380] Hardware name: linux,dummy-virt (DT) [ 23.143451] Call trace: [ 23.143510] show_stack+0x20/0x38 (C) [ 23.143617] dump_stack_lvl+0x8c/0xd0 [ 23.143730] print_report+0x118/0x608 [ 23.143859] kasan_report+0xdc/0x128 [ 23.143977] kasan_check_range+0x100/0x1a8 [ 23.144093] __kasan_check_write+0x20/0x30 [ 23.144208] kasan_atomics_helper+0x1384/0x4858 [ 23.144320] kasan_atomics+0x198/0x2e0 [ 23.144432] kunit_try_run_case+0x170/0x3f0 [ 23.144552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.144681] kthread+0x328/0x630 [ 23.144791] ret_from_fork+0x10/0x20 [ 23.144905] [ 23.144949] Allocated by task 266: [ 23.145098] kasan_save_stack+0x3c/0x68 [ 23.145240] kasan_save_track+0x20/0x40 [ 23.145325] kasan_save_alloc_info+0x40/0x58 [ 23.145420] __kasan_kmalloc+0xd4/0xd8 [ 23.145599] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.145730] kasan_atomics+0xb8/0x2e0 [ 23.145870] kunit_try_run_case+0x170/0x3f0 [ 23.146001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.146128] kthread+0x328/0x630 [ 23.146201] ret_from_fork+0x10/0x20 [ 23.146273] [ 23.146312] The buggy address belongs to the object at fff00000c5958200 [ 23.146312] which belongs to the cache kmalloc-64 of size 64 [ 23.146465] The buggy address is located 0 bytes to the right of [ 23.146465] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.146639] [ 23.146697] The buggy address belongs to the physical page: [ 23.146773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.146914] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.147094] page_type: f5(slab) [ 23.147197] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.147341] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.147451] page dumped because: kasan: bad access detected [ 23.147529] [ 23.147577] Memory state around the buggy address: [ 23.147661] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.147774] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.147911] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.148032] ^ [ 23.148117] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.148280] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.148410] ================================================================== [ 22.798554] ================================================================== [ 22.798672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x934/0x4858 [ 22.798778] Write of size 4 at addr fff00000c5958230 by task kunit_try_catch/266 [ 22.798916] [ 22.798993] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.799192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.799342] Call trace: [ 22.799508] dump_stack_lvl+0x8c/0xd0 [ 22.799621] print_report+0x118/0x608 [ 22.799728] kasan_report+0xdc/0x128 [ 22.802042] kasan_check_range+0x100/0x1a8 [ 22.802255] __kasan_check_write+0x20/0x30 [ 22.802431] kasan_atomics_helper+0x934/0x4858 [ 22.802785] kasan_atomics+0x198/0x2e0 [ 22.803066] kunit_try_run_case+0x170/0x3f0 [ 22.803255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.803995] kthread+0x328/0x630 [ 22.804307] ret_from_fork+0x10/0x20 [ 22.804439] [ 22.804495] Allocated by task 266: [ 22.804570] kasan_save_stack+0x3c/0x68 [ 22.804677] kasan_save_track+0x20/0x40 [ 22.804772] kasan_save_alloc_info+0x40/0x58 [ 22.804895] __kasan_kmalloc+0xd4/0xd8 [ 22.804991] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.805092] kasan_atomics+0xb8/0x2e0 [ 22.805173] kunit_try_run_case+0x170/0x3f0 [ 22.805261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.805351] kthread+0x328/0x630 [ 22.805430] ret_from_fork+0x10/0x20 [ 22.805522] [ 22.805577] The buggy address belongs to the object at fff00000c5958200 [ 22.805577] which belongs to the cache kmalloc-64 of size 64 [ 22.808039] The buggy address is located 0 bytes to the right of [ 22.808039] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 22.808734] [ 22.808789] The buggy address belongs to the physical page: [ 22.809359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 22.809609] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.809705] page_type: f5(slab) [ 22.810066] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.810229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.810388] page dumped because: kasan: bad access detected [ 22.810508] [ 22.810576] Memory state around the buggy address: [ 22.810703] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.810815] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.810948] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.811047] ^ [ 22.811133] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.811241] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.811338] ================================================================== [ 23.112618] ================================================================== [ 23.112723] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 23.112856] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.112967] [ 23.113047] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.113400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.113463] Hardware name: linux,dummy-virt (DT) [ 23.113528] Call trace: [ 23.113584] show_stack+0x20/0x38 (C) [ 23.113719] dump_stack_lvl+0x8c/0xd0 [ 23.113841] print_report+0x118/0x608 [ 23.113955] kasan_report+0xdc/0x128 [ 23.114075] kasan_check_range+0x100/0x1a8 [ 23.114175] __kasan_check_write+0x20/0x30 [ 23.114304] kasan_atomics_helper+0x11f8/0x4858 [ 23.114418] kasan_atomics+0x198/0x2e0 [ 23.114509] kunit_try_run_case+0x170/0x3f0 [ 23.114620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.114750] kthread+0x328/0x630 [ 23.114858] ret_from_fork+0x10/0x20 [ 23.114991] [ 23.115061] Allocated by task 266: [ 23.115172] kasan_save_stack+0x3c/0x68 [ 23.115305] kasan_save_track+0x20/0x40 [ 23.115431] kasan_save_alloc_info+0x40/0x58 [ 23.115571] __kasan_kmalloc+0xd4/0xd8 [ 23.115708] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.115865] kasan_atomics+0xb8/0x2e0 [ 23.115966] kunit_try_run_case+0x170/0x3f0 [ 23.116102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.116207] kthread+0x328/0x630 [ 23.116290] ret_from_fork+0x10/0x20 [ 23.116393] [ 23.116440] The buggy address belongs to the object at fff00000c5958200 [ 23.116440] which belongs to the cache kmalloc-64 of size 64 [ 23.116583] The buggy address is located 0 bytes to the right of [ 23.116583] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.116812] [ 23.116906] The buggy address belongs to the physical page: [ 23.116977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.117083] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.117581] page_type: f5(slab) [ 23.117673] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.117799] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.117915] page dumped because: kasan: bad access detected [ 23.117992] [ 23.118031] Memory state around the buggy address: [ 23.118096] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.118181] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.118264] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.118348] ^ [ 23.118424] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.118525] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.118610] ================================================================== [ 23.107041] ================================================================== [ 23.107187] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 23.107282] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.107389] [ 23.107520] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.107794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.107899] Hardware name: linux,dummy-virt (DT) [ 23.108006] Call trace: [ 23.108079] show_stack+0x20/0x38 (C) [ 23.108242] dump_stack_lvl+0x8c/0xd0 [ 23.108386] print_report+0x118/0x608 [ 23.108538] kasan_report+0xdc/0x128 [ 23.108678] kasan_check_range+0x100/0x1a8 [ 23.108862] __kasan_check_write+0x20/0x30 [ 23.108964] kasan_atomics_helper+0x1190/0x4858 [ 23.109081] kasan_atomics+0x198/0x2e0 [ 23.109199] kunit_try_run_case+0x170/0x3f0 [ 23.109306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.109469] kthread+0x328/0x630 [ 23.109570] ret_from_fork+0x10/0x20 [ 23.109672] [ 23.109723] Allocated by task 266: [ 23.109788] kasan_save_stack+0x3c/0x68 [ 23.109914] kasan_save_track+0x20/0x40 [ 23.110000] kasan_save_alloc_info+0x40/0x58 [ 23.110088] __kasan_kmalloc+0xd4/0xd8 [ 23.110154] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.110227] kasan_atomics+0xb8/0x2e0 [ 23.110295] kunit_try_run_case+0x170/0x3f0 [ 23.110374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.110421] kthread+0x328/0x630 [ 23.110456] ret_from_fork+0x10/0x20 [ 23.110494] [ 23.110521] The buggy address belongs to the object at fff00000c5958200 [ 23.110521] which belongs to the cache kmalloc-64 of size 64 [ 23.110605] The buggy address is located 0 bytes to the right of [ 23.110605] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.110677] [ 23.110699] The buggy address belongs to the physical page: [ 23.110732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.110785] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.110870] page_type: f5(slab) [ 23.110959] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.111077] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.111216] page dumped because: kasan: bad access detected [ 23.111300] [ 23.111343] Memory state around the buggy address: [ 23.111438] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.111586] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.111726] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.111874] ^ [ 23.111952] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.112051] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.112138] ================================================================== [ 23.191568] ================================================================== [ 23.191704] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 23.192148] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.192270] [ 23.192338] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.193277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.193377] Hardware name: linux,dummy-virt (DT) [ 23.193515] Call trace: [ 23.193580] show_stack+0x20/0x38 (C) [ 23.193749] dump_stack_lvl+0x8c/0xd0 [ 23.194046] print_report+0x118/0x608 [ 23.194407] kasan_report+0xdc/0x128 [ 23.194543] kasan_check_range+0x100/0x1a8 [ 23.194674] __kasan_check_write+0x20/0x30 [ 23.195225] kasan_atomics_helper+0x15b4/0x4858 [ 23.195790] kasan_atomics+0x198/0x2e0 [ 23.196138] kunit_try_run_case+0x170/0x3f0 [ 23.196295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.196435] kthread+0x328/0x630 [ 23.196551] ret_from_fork+0x10/0x20 [ 23.196672] [ 23.196803] Allocated by task 266: [ 23.196909] kasan_save_stack+0x3c/0x68 [ 23.197067] kasan_save_track+0x20/0x40 [ 23.197545] kasan_save_alloc_info+0x40/0x58 [ 23.197940] __kasan_kmalloc+0xd4/0xd8 [ 23.198388] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.198534] kasan_atomics+0xb8/0x2e0 [ 23.198738] kunit_try_run_case+0x170/0x3f0 [ 23.198894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.199007] kthread+0x328/0x630 [ 23.199244] ret_from_fork+0x10/0x20 [ 23.199342] [ 23.199630] The buggy address belongs to the object at fff00000c5958200 [ 23.199630] which belongs to the cache kmalloc-64 of size 64 [ 23.200314] The buggy address is located 0 bytes to the right of [ 23.200314] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.200480] [ 23.200532] The buggy address belongs to the physical page: [ 23.200599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.200711] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.200838] page_type: f5(slab) [ 23.200927] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.201104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.201237] page dumped because: kasan: bad access detected [ 23.201312] [ 23.201361] Memory state around the buggy address: [ 23.201442] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.201894] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.202269] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.202372] ^ [ 23.202457] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.202581] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.202722] ================================================================== [ 23.078093] ================================================================== [ 23.078202] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 23.078309] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.078416] [ 23.078486] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.079202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.079314] Hardware name: linux,dummy-virt (DT) [ 23.079427] Call trace: [ 23.079520] show_stack+0x20/0x38 (C) [ 23.079694] dump_stack_lvl+0x8c/0xd0 [ 23.080194] print_report+0x118/0x608 [ 23.080340] kasan_report+0xdc/0x128 [ 23.080460] kasan_check_range+0x100/0x1a8 [ 23.080792] __kasan_check_write+0x20/0x30 [ 23.080968] kasan_atomics_helper+0x1058/0x4858 [ 23.081171] kasan_atomics+0x198/0x2e0 [ 23.081373] kunit_try_run_case+0x170/0x3f0 [ 23.081494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.081992] kthread+0x328/0x630 [ 23.082200] ret_from_fork+0x10/0x20 [ 23.082538] [ 23.082590] Allocated by task 266: [ 23.082671] kasan_save_stack+0x3c/0x68 [ 23.082877] kasan_save_track+0x20/0x40 [ 23.082975] kasan_save_alloc_info+0x40/0x58 [ 23.083362] __kasan_kmalloc+0xd4/0xd8 [ 23.083847] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.084104] kasan_atomics+0xb8/0x2e0 [ 23.084243] kunit_try_run_case+0x170/0x3f0 [ 23.084486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.084754] kthread+0x328/0x630 [ 23.084859] ret_from_fork+0x10/0x20 [ 23.084955] [ 23.085010] The buggy address belongs to the object at fff00000c5958200 [ 23.085010] which belongs to the cache kmalloc-64 of size 64 [ 23.085192] The buggy address is located 0 bytes to the right of [ 23.085192] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.085972] [ 23.086148] The buggy address belongs to the physical page: [ 23.086416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.086558] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.086682] page_type: f5(slab) [ 23.086923] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.087218] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.087647] page dumped because: kasan: bad access detected [ 23.087760] [ 23.087809] Memory state around the buggy address: [ 23.088241] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.088371] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.088693] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.089016] ^ [ 23.089098] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.089231] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.089968] ================================================================== [ 23.234282] ================================================================== [ 23.234342] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 23.234425] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.234548] [ 23.234633] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.234840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.234905] Hardware name: linux,dummy-virt (DT) [ 23.235278] Call trace: [ 23.235561] show_stack+0x20/0x38 (C) [ 23.235691] dump_stack_lvl+0x8c/0xd0 [ 23.235804] print_report+0x118/0x608 [ 23.235926] kasan_report+0xdc/0x128 [ 23.236030] kasan_check_range+0x100/0x1a8 [ 23.236141] __kasan_check_write+0x20/0x30 [ 23.236247] kasan_atomics_helper+0x16d0/0x4858 [ 23.237003] kasan_atomics+0x198/0x2e0 [ 23.237645] kunit_try_run_case+0x170/0x3f0 [ 23.238261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.238485] kthread+0x328/0x630 [ 23.239056] ret_from_fork+0x10/0x20 [ 23.239236] [ 23.239298] Allocated by task 266: [ 23.239727] kasan_save_stack+0x3c/0x68 [ 23.239847] kasan_save_track+0x20/0x40 [ 23.239940] kasan_save_alloc_info+0x40/0x58 [ 23.240083] __kasan_kmalloc+0xd4/0xd8 [ 23.240180] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.240709] kasan_atomics+0xb8/0x2e0 [ 23.241016] kunit_try_run_case+0x170/0x3f0 [ 23.241294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.241515] kthread+0x328/0x630 [ 23.241605] ret_from_fork+0x10/0x20 [ 23.241707] [ 23.242128] The buggy address belongs to the object at fff00000c5958200 [ 23.242128] which belongs to the cache kmalloc-64 of size 64 [ 23.242282] The buggy address is located 0 bytes to the right of [ 23.242282] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.242488] [ 23.242549] The buggy address belongs to the physical page: [ 23.242732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.242934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.243068] page_type: f5(slab) [ 23.243151] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.243274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.243380] page dumped because: kasan: bad access detected [ 23.243462] [ 23.243508] Memory state around the buggy address: [ 23.243592] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.243709] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.243834] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.243938] ^ [ 23.244027] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.244134] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.244234] ================================================================== [ 23.173092] ================================================================== [ 23.173257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 23.173412] Write of size 8 at addr fff00000c5958230 by task kunit_try_catch/266 [ 23.173508] [ 23.173584] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.173761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.173839] Hardware name: linux,dummy-virt (DT) [ 23.174312] Call trace: [ 23.174409] show_stack+0x20/0x38 (C) [ 23.174950] dump_stack_lvl+0x8c/0xd0 [ 23.175218] print_report+0x118/0x608 [ 23.175328] kasan_report+0xdc/0x128 [ 23.175476] kasan_check_range+0x100/0x1a8 [ 23.175647] __kasan_check_write+0x20/0x30 [ 23.175805] kasan_atomics_helper+0x14e4/0x4858 [ 23.176044] kasan_atomics+0x198/0x2e0 [ 23.176198] kunit_try_run_case+0x170/0x3f0 [ 23.176312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.176432] kthread+0x328/0x630 [ 23.176532] ret_from_fork+0x10/0x20 [ 23.176631] [ 23.176676] Allocated by task 266: [ 23.176743] kasan_save_stack+0x3c/0x68 [ 23.176854] kasan_save_track+0x20/0x40 [ 23.176949] kasan_save_alloc_info+0x40/0x58 [ 23.177054] __kasan_kmalloc+0xd4/0xd8 [ 23.177201] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.177297] kasan_atomics+0xb8/0x2e0 [ 23.177454] kunit_try_run_case+0x170/0x3f0 [ 23.177559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.177663] kthread+0x328/0x630 [ 23.177746] ret_from_fork+0x10/0x20 [ 23.177857] [ 23.177914] The buggy address belongs to the object at fff00000c5958200 [ 23.177914] which belongs to the cache kmalloc-64 of size 64 [ 23.178106] The buggy address is located 0 bytes to the right of [ 23.178106] allocated 48-byte region [fff00000c5958200, fff00000c5958230) [ 23.178286] [ 23.178340] The buggy address belongs to the physical page: [ 23.178418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105958 [ 23.178551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.178690] page_type: f5(slab) [ 23.178832] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.178948] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.179036] page dumped because: kasan: bad access detected [ 23.179099] [ 23.179169] Memory state around the buggy address: [ 23.179240] fff00000c5958100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.179343] fff00000c5958180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.179449] >fff00000c5958200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.179545] ^ [ 23.179626] fff00000c5958280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.179728] fff00000c5958300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.179817] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 22.327758] ================================================================== [ 22.327887] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 22.327996] Read of size 1 at addr fff00000c5941f90 by task kunit_try_catch/260 [ 22.328118] [ 22.328190] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.328379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.328444] Hardware name: linux,dummy-virt (DT) [ 22.328516] Call trace: [ 22.328575] show_stack+0x20/0x38 (C) [ 22.328684] dump_stack_lvl+0x8c/0xd0 [ 22.328785] print_report+0x118/0x608 [ 22.328897] kasan_report+0xdc/0x128 [ 22.328999] __asan_report_load1_noabort+0x20/0x30 [ 22.330237] strnlen+0x80/0x88 [ 22.330481] kasan_strings+0x478/0xb00 [ 22.331291] kunit_try_run_case+0x170/0x3f0 [ 22.331437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.331558] kthread+0x328/0x630 [ 22.332341] ret_from_fork+0x10/0x20 [ 22.332492] [ 22.332543] Allocated by task 260: [ 22.332607] kasan_save_stack+0x3c/0x68 [ 22.333052] kasan_save_track+0x20/0x40 [ 22.333306] kasan_save_alloc_info+0x40/0x58 [ 22.333553] __kasan_kmalloc+0xd4/0xd8 [ 22.333651] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.333749] kasan_strings+0xc8/0xb00 [ 22.333835] kunit_try_run_case+0x170/0x3f0 [ 22.333911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.334385] kthread+0x328/0x630 [ 22.335397] ret_from_fork+0x10/0x20 [ 22.335485] [ 22.335518] Freed by task 260: [ 22.335555] kasan_save_stack+0x3c/0x68 [ 22.335623] kasan_save_track+0x20/0x40 [ 22.335681] kasan_save_free_info+0x4c/0x78 [ 22.335729] __kasan_slab_free+0x6c/0x98 [ 22.335773] kfree+0x214/0x3c8 [ 22.335817] kasan_strings+0x24c/0xb00 [ 22.335923] kunit_try_run_case+0x170/0x3f0 [ 22.336205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.336406] kthread+0x328/0x630 [ 22.336577] ret_from_fork+0x10/0x20 [ 22.336776] [ 22.336851] The buggy address belongs to the object at fff00000c5941f80 [ 22.336851] which belongs to the cache kmalloc-32 of size 32 [ 22.337553] The buggy address is located 16 bytes inside of [ 22.337553] freed 32-byte region [fff00000c5941f80, fff00000c5941fa0) [ 22.337885] [ 22.337954] The buggy address belongs to the physical page: [ 22.338023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105941 [ 22.338124] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.339278] page_type: f5(slab) [ 22.339458] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.339577] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 22.339679] page dumped because: kasan: bad access detected [ 22.339789] [ 22.339850] Memory state around the buggy address: [ 22.339937] fff00000c5941e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.340046] fff00000c5941f00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.340151] >fff00000c5941f80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.340244] ^ [ 22.340318] fff00000c5942000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.340423] fff00000c5942080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.340518] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 22.317788] ================================================================== [ 22.317902] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 22.318008] Read of size 1 at addr fff00000c5941f90 by task kunit_try_catch/260 [ 22.318107] [ 22.318170] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.318330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.318625] Hardware name: linux,dummy-virt (DT) [ 22.318722] Call trace: [ 22.318789] show_stack+0x20/0x38 (C) [ 22.318934] dump_stack_lvl+0x8c/0xd0 [ 22.319046] print_report+0x118/0x608 [ 22.319211] kasan_report+0xdc/0x128 [ 22.319326] __asan_report_load1_noabort+0x20/0x30 [ 22.319656] strlen+0xa8/0xb0 [ 22.319810] kasan_strings+0x418/0xb00 [ 22.319976] kunit_try_run_case+0x170/0x3f0 [ 22.320087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.320214] kthread+0x328/0x630 [ 22.320322] ret_from_fork+0x10/0x20 [ 22.320436] [ 22.320485] Allocated by task 260: [ 22.320552] kasan_save_stack+0x3c/0x68 [ 22.320652] kasan_save_track+0x20/0x40 [ 22.320744] kasan_save_alloc_info+0x40/0x58 [ 22.320864] __kasan_kmalloc+0xd4/0xd8 [ 22.320974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.321074] kasan_strings+0xc8/0xb00 [ 22.321166] kunit_try_run_case+0x170/0x3f0 [ 22.321261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.321373] kthread+0x328/0x630 [ 22.321461] ret_from_fork+0x10/0x20 [ 22.321557] [ 22.321606] Freed by task 260: [ 22.321671] kasan_save_stack+0x3c/0x68 [ 22.321759] kasan_save_track+0x20/0x40 [ 22.321863] kasan_save_free_info+0x4c/0x78 [ 22.321968] __kasan_slab_free+0x6c/0x98 [ 22.322068] kfree+0x214/0x3c8 [ 22.322156] kasan_strings+0x24c/0xb00 [ 22.322244] kunit_try_run_case+0x170/0x3f0 [ 22.322338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.322451] kthread+0x328/0x630 [ 22.322546] ret_from_fork+0x10/0x20 [ 22.322645] [ 22.322700] The buggy address belongs to the object at fff00000c5941f80 [ 22.322700] which belongs to the cache kmalloc-32 of size 32 [ 22.323152] The buggy address is located 16 bytes inside of [ 22.323152] freed 32-byte region [fff00000c5941f80, fff00000c5941fa0) [ 22.323312] [ 22.323355] The buggy address belongs to the physical page: [ 22.324389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105941 [ 22.324573] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.324750] page_type: f5(slab) [ 22.324860] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.325037] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 22.325186] page dumped because: kasan: bad access detected [ 22.325260] [ 22.325308] Memory state around the buggy address: [ 22.325386] fff00000c5941e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.325838] fff00000c5941f00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.326097] >fff00000c5941f80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.326189] ^ [ 22.326264] fff00000c5942000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.326359] fff00000c5942080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.326436] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 22.304554] ================================================================== [ 22.304670] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 22.304777] Read of size 1 at addr fff00000c5941f90 by task kunit_try_catch/260 [ 22.305294] [ 22.305476] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.306004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.306285] Hardware name: linux,dummy-virt (DT) [ 22.306567] Call trace: [ 22.306814] show_stack+0x20/0x38 (C) [ 22.307164] dump_stack_lvl+0x8c/0xd0 [ 22.307292] print_report+0x118/0x608 [ 22.307422] kasan_report+0xdc/0x128 [ 22.307547] __asan_report_load1_noabort+0x20/0x30 [ 22.307680] kasan_strings+0x95c/0xb00 [ 22.307791] kunit_try_run_case+0x170/0x3f0 [ 22.308385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.308683] kthread+0x328/0x630 [ 22.309029] ret_from_fork+0x10/0x20 [ 22.309363] [ 22.309423] Allocated by task 260: [ 22.309511] kasan_save_stack+0x3c/0x68 [ 22.309607] kasan_save_track+0x20/0x40 [ 22.309693] kasan_save_alloc_info+0x40/0x58 [ 22.309915] __kasan_kmalloc+0xd4/0xd8 [ 22.310257] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.310464] kasan_strings+0xc8/0xb00 [ 22.310655] kunit_try_run_case+0x170/0x3f0 [ 22.310879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.311049] kthread+0x328/0x630 [ 22.311240] ret_from_fork+0x10/0x20 [ 22.311366] [ 22.311424] Freed by task 260: [ 22.311776] kasan_save_stack+0x3c/0x68 [ 22.311893] kasan_save_track+0x20/0x40 [ 22.311992] kasan_save_free_info+0x4c/0x78 [ 22.312091] __kasan_slab_free+0x6c/0x98 [ 22.312185] kfree+0x214/0x3c8 [ 22.312268] kasan_strings+0x24c/0xb00 [ 22.312349] kunit_try_run_case+0x170/0x3f0 [ 22.312449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.312550] kthread+0x328/0x630 [ 22.313002] ret_from_fork+0x10/0x20 [ 22.313213] [ 22.313280] The buggy address belongs to the object at fff00000c5941f80 [ 22.313280] which belongs to the cache kmalloc-32 of size 32 [ 22.313423] The buggy address is located 16 bytes inside of [ 22.313423] freed 32-byte region [fff00000c5941f80, fff00000c5941fa0) [ 22.313587] [ 22.313651] The buggy address belongs to the physical page: [ 22.313728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105941 [ 22.313839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.313943] page_type: f5(slab) [ 22.314051] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.314159] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 22.314369] page dumped because: kasan: bad access detected [ 22.314480] [ 22.314546] Memory state around the buggy address: [ 22.314796] fff00000c5941e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.314997] fff00000c5941f00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.315243] >fff00000c5941f80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.315459] ^ [ 22.315559] fff00000c5942000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.315670] fff00000c5942080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.315769] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 22.292572] ================================================================== [ 22.292719] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 22.292849] Read of size 1 at addr fff00000c5941f90 by task kunit_try_catch/260 [ 22.292951] [ 22.293033] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.293286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.293357] Hardware name: linux,dummy-virt (DT) [ 22.293480] Call trace: [ 22.293608] show_stack+0x20/0x38 (C) [ 22.293722] dump_stack_lvl+0x8c/0xd0 [ 22.293839] print_report+0x118/0x608 [ 22.293959] kasan_report+0xdc/0x128 [ 22.294070] __asan_report_load1_noabort+0x20/0x30 [ 22.294211] strcmp+0xc0/0xc8 [ 22.294314] kasan_strings+0x340/0xb00 [ 22.294410] kunit_try_run_case+0x170/0x3f0 [ 22.294509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.294640] kthread+0x328/0x630 [ 22.294778] ret_from_fork+0x10/0x20 [ 22.294950] [ 22.295023] Allocated by task 260: [ 22.295099] kasan_save_stack+0x3c/0x68 [ 22.295243] kasan_save_track+0x20/0x40 [ 22.295366] kasan_save_alloc_info+0x40/0x58 [ 22.295500] __kasan_kmalloc+0xd4/0xd8 [ 22.295611] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.295709] kasan_strings+0xc8/0xb00 [ 22.295788] kunit_try_run_case+0x170/0x3f0 [ 22.295899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.296011] kthread+0x328/0x630 [ 22.296123] ret_from_fork+0x10/0x20 [ 22.296245] [ 22.296312] Freed by task 260: [ 22.296375] kasan_save_stack+0x3c/0x68 [ 22.296467] kasan_save_track+0x20/0x40 [ 22.296553] kasan_save_free_info+0x4c/0x78 [ 22.296650] __kasan_slab_free+0x6c/0x98 [ 22.296742] kfree+0x214/0x3c8 [ 22.296860] kasan_strings+0x24c/0xb00 [ 22.296989] kunit_try_run_case+0x170/0x3f0 [ 22.297120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.297264] kthread+0x328/0x630 [ 22.297344] ret_from_fork+0x10/0x20 [ 22.297436] [ 22.297775] The buggy address belongs to the object at fff00000c5941f80 [ 22.297775] which belongs to the cache kmalloc-32 of size 32 [ 22.297953] The buggy address is located 16 bytes inside of [ 22.297953] freed 32-byte region [fff00000c5941f80, fff00000c5941fa0) [ 22.298111] [ 22.298188] The buggy address belongs to the physical page: [ 22.298274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105941 [ 22.298580] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.298732] page_type: f5(slab) [ 22.298883] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.299003] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 22.299150] page dumped because: kasan: bad access detected [ 22.299363] [ 22.299438] Memory state around the buggy address: [ 22.299574] fff00000c5941e80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.299699] fff00000c5941f00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.299806] >fff00000c5941f80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.299911] ^ [ 22.300478] fff00000c5942000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.300649] fff00000c5942080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.300854] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 21.979359] ================================================================== [ 21.979498] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.979624] Read of size 1 at addr fff00000c79b4000 by task kunit_try_catch/234 [ 21.979740] [ 21.979835] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.980032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.981247] Hardware name: linux,dummy-virt (DT) [ 21.982313] Call trace: [ 21.982386] show_stack+0x20/0x38 (C) [ 21.982551] dump_stack_lvl+0x8c/0xd0 [ 21.982714] print_report+0x118/0x608 [ 21.982859] kasan_report+0xdc/0x128 [ 21.982956] __asan_report_load1_noabort+0x20/0x30 [ 21.983737] mempool_uaf_helper+0x314/0x340 [ 21.983899] mempool_page_alloc_uaf+0xc0/0x118 [ 21.984019] kunit_try_run_case+0x170/0x3f0 [ 21.984136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.984250] kthread+0x328/0x630 [ 21.984358] ret_from_fork+0x10/0x20 [ 21.984472] [ 21.984533] The buggy address belongs to the physical page: [ 21.984610] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 21.984733] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.985287] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.985770] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.986161] page dumped because: kasan: bad access detected [ 21.986240] [ 21.986281] Memory state around the buggy address: [ 21.986363] fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.986470] fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.986584] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.986681] ^ [ 21.987087] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.987481] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.988069] ================================================================== [ 21.891767] ================================================================== [ 21.891931] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.892059] Read of size 1 at addr fff00000c79b4000 by task kunit_try_catch/230 [ 21.892165] [ 21.892239] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.892424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.892487] Hardware name: linux,dummy-virt (DT) [ 21.892553] Call trace: [ 21.892603] show_stack+0x20/0x38 (C) [ 21.893250] dump_stack_lvl+0x8c/0xd0 [ 21.893438] print_report+0x118/0x608 [ 21.893558] kasan_report+0xdc/0x128 [ 21.893728] __asan_report_load1_noabort+0x20/0x30 [ 21.893852] mempool_uaf_helper+0x314/0x340 [ 21.893952] mempool_kmalloc_large_uaf+0xc4/0x120 [ 21.894056] kunit_try_run_case+0x170/0x3f0 [ 21.894148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.894245] kthread+0x328/0x630 [ 21.894327] ret_from_fork+0x10/0x20 [ 21.894432] [ 21.894477] The buggy address belongs to the physical page: [ 21.894776] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 21.895030] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.895155] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.895290] page_type: f8(unknown) [ 21.895834] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.895974] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.896405] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.896661] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.897081] head: 0bfffe0000000002 ffffc1ffc31e6d01 00000000ffffffff 00000000ffffffff [ 21.897322] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.897537] page dumped because: kasan: bad access detected [ 21.897638] [ 21.897686] Memory state around the buggy address: [ 21.898102] fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.898214] fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.898549] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.898940] ^ [ 21.899017] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.899342] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.899580] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 21.922008] ================================================================== [ 21.922148] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.922348] Read of size 1 at addr fff00000c5943240 by task kunit_try_catch/232 [ 21.922460] [ 21.922855] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.923165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.923302] Hardware name: linux,dummy-virt (DT) [ 21.923388] Call trace: [ 21.923441] show_stack+0x20/0x38 (C) [ 21.923801] dump_stack_lvl+0x8c/0xd0 [ 21.923987] print_report+0x118/0x608 [ 21.924103] kasan_report+0xdc/0x128 [ 21.924313] __asan_report_load1_noabort+0x20/0x30 [ 21.924434] mempool_uaf_helper+0x314/0x340 [ 21.924622] mempool_slab_uaf+0xc0/0x118 [ 21.924806] kunit_try_run_case+0x170/0x3f0 [ 21.924931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.925392] kthread+0x328/0x630 [ 21.925615] ret_from_fork+0x10/0x20 [ 21.925751] [ 21.925801] Allocated by task 232: [ 21.925983] kasan_save_stack+0x3c/0x68 [ 21.926071] kasan_save_track+0x20/0x40 [ 21.926370] kasan_save_alloc_info+0x40/0x58 [ 21.926695] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.926815] remove_element+0x16c/0x1f8 [ 21.926911] mempool_alloc_preallocated+0x58/0xc0 [ 21.926993] mempool_uaf_helper+0xa4/0x340 [ 21.927068] mempool_slab_uaf+0xc0/0x118 [ 21.927424] kunit_try_run_case+0x170/0x3f0 [ 21.927661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.927872] kthread+0x328/0x630 [ 21.928041] ret_from_fork+0x10/0x20 [ 21.928285] [ 21.928388] Freed by task 232: [ 21.928480] kasan_save_stack+0x3c/0x68 [ 21.928656] kasan_save_track+0x20/0x40 [ 21.928868] kasan_save_free_info+0x4c/0x78 [ 21.928962] __kasan_mempool_poison_object+0xc0/0x150 [ 21.929132] mempool_free+0x28c/0x328 [ 21.929207] mempool_uaf_helper+0x104/0x340 [ 21.929302] mempool_slab_uaf+0xc0/0x118 [ 21.929380] kunit_try_run_case+0x170/0x3f0 [ 21.929449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.929521] kthread+0x328/0x630 [ 21.929581] ret_from_fork+0x10/0x20 [ 21.929652] [ 21.929983] The buggy address belongs to the object at fff00000c5943240 [ 21.929983] which belongs to the cache test_cache of size 123 [ 21.930365] The buggy address is located 0 bytes inside of [ 21.930365] freed 123-byte region [fff00000c5943240, fff00000c59432bb) [ 21.930542] [ 21.930683] The buggy address belongs to the physical page: [ 21.930746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105943 [ 21.931116] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.931294] page_type: f5(slab) [ 21.931397] raw: 0bfffe0000000000 fff00000c3eaa500 dead000000000122 0000000000000000 [ 21.932202] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.932519] page dumped because: kasan: bad access detected [ 21.932604] [ 21.932657] Memory state around the buggy address: [ 21.932737] fff00000c5943100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.932946] fff00000c5943180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.933060] >fff00000c5943200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.933330] ^ [ 21.933858] fff00000c5943280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.934026] fff00000c5943300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.934272] ================================================================== [ 21.863521] ================================================================== [ 21.863630] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.863726] Read of size 1 at addr fff00000c6595d00 by task kunit_try_catch/228 [ 21.863786] [ 21.863858] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.863958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.863989] Hardware name: linux,dummy-virt (DT) [ 21.864026] Call trace: [ 21.864054] show_stack+0x20/0x38 (C) [ 21.864116] dump_stack_lvl+0x8c/0xd0 [ 21.864173] print_report+0x118/0x608 [ 21.864228] kasan_report+0xdc/0x128 [ 21.864278] __asan_report_load1_noabort+0x20/0x30 [ 21.864335] mempool_uaf_helper+0x314/0x340 [ 21.864385] mempool_kmalloc_uaf+0xc4/0x120 [ 21.864437] kunit_try_run_case+0x170/0x3f0 [ 21.864491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.864550] kthread+0x328/0x630 [ 21.864598] ret_from_fork+0x10/0x20 [ 21.864656] [ 21.864677] Allocated by task 228: [ 21.864709] kasan_save_stack+0x3c/0x68 [ 21.864758] kasan_save_track+0x20/0x40 [ 21.864800] kasan_save_alloc_info+0x40/0x58 [ 21.864862] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.864910] remove_element+0x130/0x1f8 [ 21.864953] mempool_alloc_preallocated+0x58/0xc0 [ 21.864994] mempool_uaf_helper+0xa4/0x340 [ 21.865035] mempool_kmalloc_uaf+0xc4/0x120 [ 21.865075] kunit_try_run_case+0x170/0x3f0 [ 21.865117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.865236] kthread+0x328/0x630 [ 21.865302] ret_from_fork+0x10/0x20 [ 21.865377] [ 21.865415] Freed by task 228: [ 21.865466] kasan_save_stack+0x3c/0x68 [ 21.865540] kasan_save_track+0x20/0x40 [ 21.865609] kasan_save_free_info+0x4c/0x78 [ 21.865693] __kasan_mempool_poison_object+0xc0/0x150 [ 21.865782] mempool_free+0x28c/0x328 [ 21.865878] mempool_uaf_helper+0x104/0x340 [ 21.865962] mempool_kmalloc_uaf+0xc4/0x120 [ 21.866035] kunit_try_run_case+0x170/0x3f0 [ 21.866078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.866126] kthread+0x328/0x630 [ 21.866162] ret_from_fork+0x10/0x20 [ 21.866203] [ 21.866227] The buggy address belongs to the object at fff00000c6595d00 [ 21.866227] which belongs to the cache kmalloc-128 of size 128 [ 21.866294] The buggy address is located 0 bytes inside of [ 21.866294] freed 128-byte region [fff00000c6595d00, fff00000c6595d80) [ 21.866361] [ 21.866385] The buggy address belongs to the physical page: [ 21.866420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106595 [ 21.866483] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.866557] page_type: f5(slab) [ 21.866611] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.866670] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.866718] page dumped because: kasan: bad access detected [ 21.866753] [ 21.866774] Memory state around the buggy address: [ 21.866813] fff00000c6595c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.866885] fff00000c6595c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.866935] >fff00000c6595d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.866979] ^ [ 21.867012] fff00000c6595d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.867059] fff00000c6595e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.867101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 21.759605] ================================================================== [ 21.759732] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.759862] Read of size 1 at addr fff00000c79b2001 by task kunit_try_catch/224 [ 21.759923] [ 21.759975] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.760078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.760109] Hardware name: linux,dummy-virt (DT) [ 21.760147] Call trace: [ 21.760175] show_stack+0x20/0x38 (C) [ 21.760238] dump_stack_lvl+0x8c/0xd0 [ 21.760295] print_report+0x118/0x608 [ 21.760348] kasan_report+0xdc/0x128 [ 21.760397] __asan_report_load1_noabort+0x20/0x30 [ 21.760454] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.760505] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 21.760560] kunit_try_run_case+0x170/0x3f0 [ 21.760614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.760672] kthread+0x328/0x630 [ 21.760720] ret_from_fork+0x10/0x20 [ 21.760778] [ 21.760805] The buggy address belongs to the physical page: [ 21.760861] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b0 [ 21.760927] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.760980] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.761047] page_type: f8(unknown) [ 21.761097] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.761241] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.761351] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.761466] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.761567] head: 0bfffe0000000002 ffffc1ffc31e6c01 00000000ffffffff 00000000ffffffff [ 21.761663] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.761784] page dumped because: kasan: bad access detected [ 21.761878] [ 21.761913] Memory state around the buggy address: [ 21.761989] fff00000c79b1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.762094] fff00000c79b1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.762189] >fff00000c79b2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.762255] ^ [ 21.762292] fff00000c79b2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.762340] fff00000c79b2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.762383] ================================================================== [ 21.702635] ================================================================== [ 21.702881] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.702993] Read of size 1 at addr fff00000c599f673 by task kunit_try_catch/222 [ 21.703055] [ 21.703104] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.703203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.703233] Hardware name: linux,dummy-virt (DT) [ 21.703271] Call trace: [ 21.703299] show_stack+0x20/0x38 (C) [ 21.703361] dump_stack_lvl+0x8c/0xd0 [ 21.703418] print_report+0x118/0x608 [ 21.703473] kasan_report+0xdc/0x128 [ 21.703524] __asan_report_load1_noabort+0x20/0x30 [ 21.703581] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.703636] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.703689] kunit_try_run_case+0x170/0x3f0 [ 21.703747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.703806] kthread+0x328/0x630 [ 21.703884] ret_from_fork+0x10/0x20 [ 21.703942] [ 21.703965] Allocated by task 222: [ 21.704001] kasan_save_stack+0x3c/0x68 [ 21.704054] kasan_save_track+0x20/0x40 [ 21.704097] kasan_save_alloc_info+0x40/0x58 [ 21.704143] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.704194] remove_element+0x130/0x1f8 [ 21.704238] mempool_alloc_preallocated+0x58/0xc0 [ 21.704282] mempool_oob_right_helper+0x98/0x2f0 [ 21.704326] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.704368] kunit_try_run_case+0x170/0x3f0 [ 21.704412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.704461] kthread+0x328/0x630 [ 21.704497] ret_from_fork+0x10/0x20 [ 21.704539] [ 21.704563] The buggy address belongs to the object at fff00000c599f600 [ 21.704563] which belongs to the cache kmalloc-128 of size 128 [ 21.704630] The buggy address is located 0 bytes to the right of [ 21.704630] allocated 115-byte region [fff00000c599f600, fff00000c599f673) [ 21.704701] [ 21.704728] The buggy address belongs to the physical page: [ 21.704766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599f [ 21.704853] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.704918] page_type: f5(slab) [ 21.704971] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.705030] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.705074] page dumped because: kasan: bad access detected [ 21.705110] [ 21.705147] Memory state around the buggy address: [ 21.705208] fff00000c599f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.705259] fff00000c599f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.705305] >fff00000c599f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.705347] ^ [ 21.705391] fff00000c599f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.705439] fff00000c599f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.705480] ================================================================== [ 21.788081] ================================================================== [ 21.788359] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.788709] Read of size 1 at addr fff00000c59442bb by task kunit_try_catch/226 [ 21.788909] [ 21.789001] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.789197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.789255] Hardware name: linux,dummy-virt (DT) [ 21.789343] Call trace: [ 21.789762] show_stack+0x20/0x38 (C) [ 21.789960] dump_stack_lvl+0x8c/0xd0 [ 21.790079] print_report+0x118/0x608 [ 21.790217] kasan_report+0xdc/0x128 [ 21.790353] __asan_report_load1_noabort+0x20/0x30 [ 21.790480] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.790604] mempool_slab_oob_right+0xc0/0x118 [ 21.790692] kunit_try_run_case+0x170/0x3f0 [ 21.790783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.791490] kthread+0x328/0x630 [ 21.792106] ret_from_fork+0x10/0x20 [ 21.792716] [ 21.792779] Allocated by task 226: [ 21.792874] kasan_save_stack+0x3c/0x68 [ 21.792992] kasan_save_track+0x20/0x40 [ 21.793082] kasan_save_alloc_info+0x40/0x58 [ 21.793174] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.793259] remove_element+0x16c/0x1f8 [ 21.793326] mempool_alloc_preallocated+0x58/0xc0 [ 21.794162] mempool_oob_right_helper+0x98/0x2f0 [ 21.794445] mempool_slab_oob_right+0xc0/0x118 [ 21.794658] kunit_try_run_case+0x170/0x3f0 [ 21.795319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.795471] kthread+0x328/0x630 [ 21.795568] ret_from_fork+0x10/0x20 [ 21.795659] [ 21.795717] The buggy address belongs to the object at fff00000c5944240 [ 21.795717] which belongs to the cache test_cache of size 123 [ 21.795874] The buggy address is located 0 bytes to the right of [ 21.795874] allocated 123-byte region [fff00000c5944240, fff00000c59442bb) [ 21.796048] [ 21.796128] The buggy address belongs to the physical page: [ 21.796243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105944 [ 21.796443] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.796626] page_type: f5(slab) [ 21.796725] raw: 0bfffe0000000000 fff00000c3eaa3c0 dead000000000122 0000000000000000 [ 21.796866] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.796977] page dumped because: kasan: bad access detected [ 21.797059] [ 21.797106] Memory state around the buggy address: [ 21.797182] fff00000c5944180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.797283] fff00000c5944200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 21.797875] >fff00000c5944280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 21.798038] ^ [ 21.798166] fff00000c5944300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.798672] fff00000c5944380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.798807] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 21.094953] ================================================================== [ 21.095223] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 21.095401] Read of size 1 at addr fff00000c5801b40 by task kunit_try_catch/216 [ 21.095529] [ 21.095620] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.095847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.095918] Hardware name: linux,dummy-virt (DT) [ 21.095997] Call trace: [ 21.096058] show_stack+0x20/0x38 (C) [ 21.096177] dump_stack_lvl+0x8c/0xd0 [ 21.096304] print_report+0x118/0x608 [ 21.096417] kasan_report+0xdc/0x128 [ 21.096530] __kasan_check_byte+0x54/0x70 [ 21.096641] kmem_cache_destroy+0x34/0x218 [ 21.096761] kmem_cache_double_destroy+0x174/0x300 [ 21.098133] kunit_try_run_case+0x170/0x3f0 [ 21.098416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.098534] kthread+0x328/0x630 [ 21.098620] ret_from_fork+0x10/0x20 [ 21.098724] [ 21.098810] Allocated by task 216: [ 21.098899] kasan_save_stack+0x3c/0x68 [ 21.098993] kasan_save_track+0x20/0x40 [ 21.099405] kasan_save_alloc_info+0x40/0x58 [ 21.099617] __kasan_slab_alloc+0xa8/0xb0 [ 21.099736] kmem_cache_alloc_noprof+0x10c/0x398 [ 21.099856] __kmem_cache_create_args+0x178/0x280 [ 21.099964] kmem_cache_double_destroy+0xc0/0x300 [ 21.100085] kunit_try_run_case+0x170/0x3f0 [ 21.100176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.100310] kthread+0x328/0x630 [ 21.100441] ret_from_fork+0x10/0x20 [ 21.100537] [ 21.100590] Freed by task 216: [ 21.100661] kasan_save_stack+0x3c/0x68 [ 21.100766] kasan_save_track+0x20/0x40 [ 21.100980] kasan_save_free_info+0x4c/0x78 [ 21.101265] __kasan_slab_free+0x6c/0x98 [ 21.101791] kmem_cache_free+0x260/0x468 [ 21.101961] slab_kmem_cache_release+0x38/0x50 [ 21.102062] kmem_cache_release+0x1c/0x30 [ 21.102144] kobject_put+0x17c/0x420 [ 21.102220] sysfs_slab_release+0x1c/0x30 [ 21.102301] kmem_cache_destroy+0x118/0x218 [ 21.102394] kmem_cache_double_destroy+0x128/0x300 [ 21.102499] kunit_try_run_case+0x170/0x3f0 [ 21.102642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.102746] kthread+0x328/0x630 [ 21.103503] ret_from_fork+0x10/0x20 [ 21.103650] [ 21.103711] The buggy address belongs to the object at fff00000c5801b40 [ 21.103711] which belongs to the cache kmem_cache of size 208 [ 21.104096] The buggy address is located 0 bytes inside of [ 21.104096] freed 208-byte region [fff00000c5801b40, fff00000c5801c10) [ 21.104294] [ 21.104698] The buggy address belongs to the physical page: [ 21.104790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105801 [ 21.105229] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.105387] page_type: f5(slab) [ 21.105486] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 21.106180] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 21.106334] page dumped because: kasan: bad access detected [ 21.106442] [ 21.106488] Memory state around the buggy address: [ 21.106570] fff00000c5801a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.106661] fff00000c5801a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 21.106787] >fff00000c5801b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.106924] ^ [ 21.107014] fff00000c5801b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.107129] fff00000c5801c00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.107230] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 20.193996] ================================================================== [ 20.194142] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 20.194316] Free of addr fff00000c59ad001 by task kunit_try_catch/212 [ 20.194433] [ 20.194627] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.195183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.195318] Hardware name: linux,dummy-virt (DT) [ 20.195563] Call trace: [ 20.195644] show_stack+0x20/0x38 (C) [ 20.195782] dump_stack_lvl+0x8c/0xd0 [ 20.195915] print_report+0x118/0x608 [ 20.196311] kasan_report_invalid_free+0xc0/0xe8 [ 20.196483] check_slab_allocation+0xfc/0x108 [ 20.196599] __kasan_slab_pre_free+0x2c/0x48 [ 20.196716] kmem_cache_free+0xf0/0x468 [ 20.197326] kmem_cache_invalid_free+0x184/0x3c8 [ 20.197565] kunit_try_run_case+0x170/0x3f0 [ 20.197848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.198013] kthread+0x328/0x630 [ 20.198124] ret_from_fork+0x10/0x20 [ 20.198227] [ 20.198267] Allocated by task 212: [ 20.198354] kasan_save_stack+0x3c/0x68 [ 20.198447] kasan_save_track+0x20/0x40 [ 20.198612] kasan_save_alloc_info+0x40/0x58 [ 20.198754] __kasan_slab_alloc+0xa8/0xb0 [ 20.198859] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.198962] kmem_cache_invalid_free+0x12c/0x3c8 [ 20.199097] kunit_try_run_case+0x170/0x3f0 [ 20.199190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.199322] kthread+0x328/0x630 [ 20.199409] ret_from_fork+0x10/0x20 [ 20.199500] [ 20.199543] The buggy address belongs to the object at fff00000c59ad000 [ 20.199543] which belongs to the cache test_cache of size 200 [ 20.199735] The buggy address is located 1 bytes inside of [ 20.199735] 200-byte region [fff00000c59ad000, fff00000c59ad0c8) [ 20.199889] [ 20.199960] The buggy address belongs to the physical page: [ 20.200071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ad [ 20.200245] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.200365] page_type: f5(slab) [ 20.200452] raw: 0bfffe0000000000 fff00000c58018c0 dead000000000122 0000000000000000 [ 20.200576] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.200708] page dumped because: kasan: bad access detected [ 20.200808] [ 20.200860] Memory state around the buggy address: [ 20.200925] fff00000c59acf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.201120] fff00000c59acf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.201262] >fff00000c59ad000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.201361] ^ [ 20.201427] fff00000c59ad080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.201575] fff00000c59ad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.201671] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 20.123780] ================================================================== [ 20.124102] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 20.124451] Free of addr fff00000c59ab000 by task kunit_try_catch/210 [ 20.124928] [ 20.125128] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.125649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.125908] Hardware name: linux,dummy-virt (DT) [ 20.126035] Call trace: [ 20.126181] show_stack+0x20/0x38 (C) [ 20.126411] dump_stack_lvl+0x8c/0xd0 [ 20.126759] print_report+0x118/0x608 [ 20.126941] kasan_report_invalid_free+0xc0/0xe8 [ 20.127185] check_slab_allocation+0xd4/0x108 [ 20.127327] __kasan_slab_pre_free+0x2c/0x48 [ 20.127450] kmem_cache_free+0xf0/0x468 [ 20.127668] kmem_cache_double_free+0x190/0x3c8 [ 20.127981] kunit_try_run_case+0x170/0x3f0 [ 20.128207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.128460] kthread+0x328/0x630 [ 20.128681] ret_from_fork+0x10/0x20 [ 20.128856] [ 20.128897] Allocated by task 210: [ 20.128965] kasan_save_stack+0x3c/0x68 [ 20.129066] kasan_save_track+0x20/0x40 [ 20.129543] kasan_save_alloc_info+0x40/0x58 [ 20.129731] __kasan_slab_alloc+0xa8/0xb0 [ 20.129803] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.129898] kmem_cache_double_free+0x12c/0x3c8 [ 20.129972] kunit_try_run_case+0x170/0x3f0 [ 20.130127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.130324] kthread+0x328/0x630 [ 20.130469] ret_from_fork+0x10/0x20 [ 20.130575] [ 20.130619] Freed by task 210: [ 20.131025] kasan_save_stack+0x3c/0x68 [ 20.131165] kasan_save_track+0x20/0x40 [ 20.131285] kasan_save_free_info+0x4c/0x78 [ 20.131372] __kasan_slab_free+0x6c/0x98 [ 20.131457] kmem_cache_free+0x260/0x468 [ 20.131541] kmem_cache_double_free+0x140/0x3c8 [ 20.131625] kunit_try_run_case+0x170/0x3f0 [ 20.131706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.131801] kthread+0x328/0x630 [ 20.131885] ret_from_fork+0x10/0x20 [ 20.131967] [ 20.132007] The buggy address belongs to the object at fff00000c59ab000 [ 20.132007] which belongs to the cache test_cache of size 200 [ 20.132539] The buggy address is located 0 bytes inside of [ 20.132539] 200-byte region [fff00000c59ab000, fff00000c59ab0c8) [ 20.132712] [ 20.132768] The buggy address belongs to the physical page: [ 20.132863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ab [ 20.133129] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.133355] page_type: f5(slab) [ 20.133567] raw: 0bfffe0000000000 fff00000c5801780 dead000000000122 0000000000000000 [ 20.133982] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.134123] page dumped because: kasan: bad access detected [ 20.134303] [ 20.134369] Memory state around the buggy address: [ 20.134544] fff00000c59aaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.135151] fff00000c59aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.135367] >fff00000c59ab000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.135452] ^ [ 20.135883] fff00000c59ab080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.136196] fff00000c59ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.136436] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 20.014643] ================================================================== [ 20.014896] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 20.015119] Read of size 1 at addr fff00000c59aa0c8 by task kunit_try_catch/208 [ 20.015301] [ 20.015426] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.015666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.015770] Hardware name: linux,dummy-virt (DT) [ 20.015872] Call trace: [ 20.015920] show_stack+0x20/0x38 (C) [ 20.016040] dump_stack_lvl+0x8c/0xd0 [ 20.016318] print_report+0x118/0x608 [ 20.016644] kasan_report+0xdc/0x128 [ 20.016887] __asan_report_load1_noabort+0x20/0x30 [ 20.017049] kmem_cache_oob+0x344/0x430 [ 20.017237] kunit_try_run_case+0x170/0x3f0 [ 20.017371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.017502] kthread+0x328/0x630 [ 20.017795] ret_from_fork+0x10/0x20 [ 20.017915] [ 20.017942] Allocated by task 208: [ 20.017981] kasan_save_stack+0x3c/0x68 [ 20.018034] kasan_save_track+0x20/0x40 [ 20.018078] kasan_save_alloc_info+0x40/0x58 [ 20.018122] __kasan_slab_alloc+0xa8/0xb0 [ 20.018166] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.018210] kmem_cache_oob+0x12c/0x430 [ 20.018251] kunit_try_run_case+0x170/0x3f0 [ 20.018294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.018343] kthread+0x328/0x630 [ 20.018379] ret_from_fork+0x10/0x20 [ 20.018419] [ 20.018440] The buggy address belongs to the object at fff00000c59aa000 [ 20.018440] which belongs to the cache test_cache of size 200 [ 20.018504] The buggy address is located 0 bytes to the right of [ 20.018504] allocated 200-byte region [fff00000c59aa000, fff00000c59aa0c8) [ 20.018589] [ 20.018614] The buggy address belongs to the physical page: [ 20.018650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 20.018743] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.018808] page_type: f5(slab) [ 20.018929] raw: 0bfffe0000000000 fff00000c5801640 dead000000000122 0000000000000000 [ 20.019069] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.019856] page dumped because: kasan: bad access detected [ 20.019926] [ 20.019964] Memory state around the buggy address: [ 20.020037] fff00000c59a9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.020199] fff00000c59aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.020498] >fff00000c59aa080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.020649] ^ [ 20.020926] fff00000c59aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.021031] fff00000c59aa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.021124] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 19.952251] ================================================================== [ 19.952442] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 19.952922] Read of size 8 at addr fff00000c599ef80 by task kunit_try_catch/201 [ 19.953070] [ 19.953174] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.953385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.953457] Hardware name: linux,dummy-virt (DT) [ 19.953522] Call trace: [ 19.953570] show_stack+0x20/0x38 (C) [ 19.953724] dump_stack_lvl+0x8c/0xd0 [ 19.953853] print_report+0x118/0x608 [ 19.953956] kasan_report+0xdc/0x128 [ 19.954058] __asan_report_load8_noabort+0x20/0x30 [ 19.954193] workqueue_uaf+0x480/0x4a8 [ 19.954356] kunit_try_run_case+0x170/0x3f0 [ 19.954515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.954710] kthread+0x328/0x630 [ 19.954816] ret_from_fork+0x10/0x20 [ 19.954932] [ 19.954976] Allocated by task 201: [ 19.955044] kasan_save_stack+0x3c/0x68 [ 19.955161] kasan_save_track+0x20/0x40 [ 19.955254] kasan_save_alloc_info+0x40/0x58 [ 19.955360] __kasan_kmalloc+0xd4/0xd8 [ 19.955437] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.955560] workqueue_uaf+0x13c/0x4a8 [ 19.955673] kunit_try_run_case+0x170/0x3f0 [ 19.955798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.955918] kthread+0x328/0x630 [ 19.955998] ret_from_fork+0x10/0x20 [ 19.956082] [ 19.956123] Freed by task 9: [ 19.956184] kasan_save_stack+0x3c/0x68 [ 19.956283] kasan_save_track+0x20/0x40 [ 19.956371] kasan_save_free_info+0x4c/0x78 [ 19.956462] __kasan_slab_free+0x6c/0x98 [ 19.956572] kfree+0x214/0x3c8 [ 19.956662] workqueue_uaf_work+0x18/0x30 [ 19.956770] process_one_work+0x530/0xf98 [ 19.956904] worker_thread+0x618/0xf38 [ 19.957006] kthread+0x328/0x630 [ 19.957088] ret_from_fork+0x10/0x20 [ 19.957177] [ 19.957223] Last potentially related work creation: [ 19.957289] kasan_save_stack+0x3c/0x68 [ 19.957387] kasan_record_aux_stack+0xb4/0xc8 [ 19.957519] __queue_work+0x65c/0x1008 [ 19.957604] queue_work_on+0xbc/0xf8 [ 19.957680] workqueue_uaf+0x210/0x4a8 [ 19.957783] kunit_try_run_case+0x170/0x3f0 [ 19.957885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.958027] kthread+0x328/0x630 [ 19.958102] ret_from_fork+0x10/0x20 [ 19.958221] [ 19.958261] The buggy address belongs to the object at fff00000c599ef80 [ 19.958261] which belongs to the cache kmalloc-32 of size 32 [ 19.958407] The buggy address is located 0 bytes inside of [ 19.958407] freed 32-byte region [fff00000c599ef80, fff00000c599efa0) [ 19.958572] [ 19.958634] The buggy address belongs to the physical page: [ 19.958756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599e [ 19.958888] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.959003] page_type: f5(slab) [ 19.959132] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.959288] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.959416] page dumped because: kasan: bad access detected [ 19.959499] [ 19.959558] Memory state around the buggy address: [ 19.959640] fff00000c599ee80: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.959760] fff00000c599ef00: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 19.959920] >fff00000c599ef80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.960016] ^ [ 19.960081] fff00000c599f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.960175] fff00000c599f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.960272] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 19.902951] ================================================================== [ 19.903902] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 19.904262] Read of size 4 at addr fff00000c599ed80 by task swapper/0/0 [ 19.904534] [ 19.904815] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.905370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.905435] Hardware name: linux,dummy-virt (DT) [ 19.905499] Call trace: [ 19.905541] show_stack+0x20/0x38 (C) [ 19.905650] dump_stack_lvl+0x8c/0xd0 [ 19.905752] print_report+0x118/0x608 [ 19.906247] kasan_report+0xdc/0x128 [ 19.906547] __asan_report_load4_noabort+0x20/0x30 [ 19.907150] rcu_uaf_reclaim+0x64/0x70 [ 19.907480] rcu_core+0x9f4/0x1e20 [ 19.908127] rcu_core_si+0x18/0x30 [ 19.908877] handle_softirqs+0x374/0xb28 [ 19.909153] __do_softirq+0x1c/0x28 [ 19.909609] ____do_softirq+0x18/0x30 [ 19.909708] call_on_irq_stack+0x24/0x30 [ 19.910179] do_softirq_own_stack+0x24/0x38 [ 19.910396] __irq_exit_rcu+0x1fc/0x318 [ 19.910502] irq_exit_rcu+0x1c/0x80 [ 19.910617] el1_interrupt+0x38/0x58 [ 19.911200] el1h_64_irq_handler+0x18/0x28 [ 19.911961] el1h_64_irq+0x6c/0x70 [ 19.912595] arch_local_irq_enable+0x4/0x8 (P) [ 19.912837] do_idle+0x384/0x4e8 [ 19.913409] cpu_startup_entry+0x68/0x80 [ 19.913519] rest_init+0x160/0x188 [ 19.914065] start_kernel+0x30c/0x3d0 [ 19.914467] __primary_switched+0x8c/0xa0 [ 19.914775] [ 19.914848] Allocated by task 199: [ 19.915302] kasan_save_stack+0x3c/0x68 [ 19.915438] kasan_save_track+0x20/0x40 [ 19.915747] kasan_save_alloc_info+0x40/0x58 [ 19.916002] __kasan_kmalloc+0xd4/0xd8 [ 19.916262] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.916568] rcu_uaf+0xb0/0x2d8 [ 19.916701] kunit_try_run_case+0x170/0x3f0 [ 19.917008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.917215] kthread+0x328/0x630 [ 19.917488] ret_from_fork+0x10/0x20 [ 19.917583] [ 19.917625] Freed by task 0: [ 19.918070] kasan_save_stack+0x3c/0x68 [ 19.918172] kasan_save_track+0x20/0x40 [ 19.918275] kasan_save_free_info+0x4c/0x78 [ 19.918370] __kasan_slab_free+0x6c/0x98 [ 19.918451] kfree+0x214/0x3c8 [ 19.918536] rcu_uaf_reclaim+0x28/0x70 [ 19.918634] rcu_core+0x9f4/0x1e20 [ 19.918717] rcu_core_si+0x18/0x30 [ 19.919459] handle_softirqs+0x374/0xb28 [ 19.919912] __do_softirq+0x1c/0x28 [ 19.920116] [ 19.920468] Last potentially related work creation: [ 19.920818] kasan_save_stack+0x3c/0x68 [ 19.921091] kasan_record_aux_stack+0xb4/0xc8 [ 19.921228] __call_rcu_common.constprop.0+0x74/0x8c8 [ 19.921475] call_rcu+0x18/0x30 [ 19.921579] rcu_uaf+0x14c/0x2d8 [ 19.921649] kunit_try_run_case+0x170/0x3f0 [ 19.921732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.921841] kthread+0x328/0x630 [ 19.922260] ret_from_fork+0x10/0x20 [ 19.922845] [ 19.922922] The buggy address belongs to the object at fff00000c599ed80 [ 19.922922] which belongs to the cache kmalloc-32 of size 32 [ 19.923068] The buggy address is located 0 bytes inside of [ 19.923068] freed 32-byte region [fff00000c599ed80, fff00000c599eda0) [ 19.923236] [ 19.923309] The buggy address belongs to the physical page: [ 19.923426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599e [ 19.923617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.923781] page_type: f5(slab) [ 19.923905] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.924023] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.924121] page dumped because: kasan: bad access detected [ 19.924200] [ 19.924243] Memory state around the buggy address: [ 19.924320] fff00000c599ec80: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 19.924443] fff00000c599ed00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.924585] >fff00000c599ed80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 19.924713] ^ [ 19.924807] fff00000c599ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.924923] fff00000c599ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.925021] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 19.744994] ================================================================== [ 19.745127] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 19.745233] Free of addr fff00000c4561b20 by task kunit_try_catch/193 [ 19.745322] [ 19.745391] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.745572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.745631] Hardware name: linux,dummy-virt (DT) [ 19.745706] Call trace: [ 19.745772] show_stack+0x20/0x38 (C) [ 19.745942] dump_stack_lvl+0x8c/0xd0 [ 19.746041] print_report+0x118/0x608 [ 19.746174] kasan_report_invalid_free+0xc0/0xe8 [ 19.746328] check_slab_allocation+0xd4/0x108 [ 19.746479] __kasan_slab_pre_free+0x2c/0x48 [ 19.746641] kfree+0xe8/0x3c8 [ 19.746787] kfree_sensitive+0x3c/0xb0 [ 19.747167] kmalloc_double_kzfree+0x168/0x308 [ 19.747460] kunit_try_run_case+0x170/0x3f0 [ 19.747694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.747815] kthread+0x328/0x630 [ 19.747927] ret_from_fork+0x10/0x20 [ 19.748076] [ 19.748183] Allocated by task 193: [ 19.748294] kasan_save_stack+0x3c/0x68 [ 19.748568] kasan_save_track+0x20/0x40 [ 19.748673] kasan_save_alloc_info+0x40/0x58 [ 19.748764] __kasan_kmalloc+0xd4/0xd8 [ 19.748968] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.749165] kmalloc_double_kzfree+0xb8/0x308 [ 19.749256] kunit_try_run_case+0x170/0x3f0 [ 19.749456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.749579] kthread+0x328/0x630 [ 19.749654] ret_from_fork+0x10/0x20 [ 19.749735] [ 19.749782] Freed by task 193: [ 19.749856] kasan_save_stack+0x3c/0x68 [ 19.750097] kasan_save_track+0x20/0x40 [ 19.750386] kasan_save_free_info+0x4c/0x78 [ 19.750559] __kasan_slab_free+0x6c/0x98 [ 19.750673] kfree+0x214/0x3c8 [ 19.750749] kfree_sensitive+0x80/0xb0 [ 19.750842] kmalloc_double_kzfree+0x11c/0x308 [ 19.750973] kunit_try_run_case+0x170/0x3f0 [ 19.751184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.751442] kthread+0x328/0x630 [ 19.751551] ret_from_fork+0x10/0x20 [ 19.751798] [ 19.752006] The buggy address belongs to the object at fff00000c4561b20 [ 19.752006] which belongs to the cache kmalloc-16 of size 16 [ 19.752245] The buggy address is located 0 bytes inside of [ 19.752245] 16-byte region [fff00000c4561b20, fff00000c4561b30) [ 19.752393] [ 19.752439] The buggy address belongs to the physical page: [ 19.752630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104561 [ 19.753073] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.753249] page_type: f5(slab) [ 19.753385] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.753559] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.753693] page dumped because: kasan: bad access detected [ 19.753778] [ 19.753832] Memory state around the buggy address: [ 19.753916] fff00000c4561a00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 19.754059] fff00000c4561a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.754173] >fff00000c4561b00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 19.754250] ^ [ 19.754336] fff00000c4561b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.754423] fff00000c4561c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.754508] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 19.727968] ================================================================== [ 19.728038] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 19.728100] Read of size 1 at addr fff00000c4561b20 by task kunit_try_catch/193 [ 19.728151] [ 19.728186] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.728272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.728298] Hardware name: linux,dummy-virt (DT) [ 19.728331] Call trace: [ 19.728353] show_stack+0x20/0x38 (C) [ 19.728406] dump_stack_lvl+0x8c/0xd0 [ 19.728453] print_report+0x118/0x608 [ 19.728501] kasan_report+0xdc/0x128 [ 19.728545] __kasan_check_byte+0x54/0x70 [ 19.728593] kfree_sensitive+0x30/0xb0 [ 19.728640] kmalloc_double_kzfree+0x168/0x308 [ 19.728686] kunit_try_run_case+0x170/0x3f0 [ 19.728751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.728801] kthread+0x328/0x630 [ 19.729005] ret_from_fork+0x10/0x20 [ 19.729126] [ 19.729252] Allocated by task 193: [ 19.729445] kasan_save_stack+0x3c/0x68 [ 19.729784] kasan_save_track+0x20/0x40 [ 19.730207] kasan_save_alloc_info+0x40/0x58 [ 19.730400] __kasan_kmalloc+0xd4/0xd8 [ 19.731106] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.731630] kmalloc_double_kzfree+0xb8/0x308 [ 19.731726] kunit_try_run_case+0x170/0x3f0 [ 19.732466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.732979] kthread+0x328/0x630 [ 19.733074] ret_from_fork+0x10/0x20 [ 19.733355] [ 19.733701] Freed by task 193: [ 19.733786] kasan_save_stack+0x3c/0x68 [ 19.734214] kasan_save_track+0x20/0x40 [ 19.734686] kasan_save_free_info+0x4c/0x78 [ 19.734944] __kasan_slab_free+0x6c/0x98 [ 19.735128] kfree+0x214/0x3c8 [ 19.735218] kfree_sensitive+0x80/0xb0 [ 19.735310] kmalloc_double_kzfree+0x11c/0x308 [ 19.735403] kunit_try_run_case+0x170/0x3f0 [ 19.735502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.735606] kthread+0x328/0x630 [ 19.736566] ret_from_fork+0x10/0x20 [ 19.737182] [ 19.737691] The buggy address belongs to the object at fff00000c4561b20 [ 19.737691] which belongs to the cache kmalloc-16 of size 16 [ 19.738189] The buggy address is located 0 bytes inside of [ 19.738189] freed 16-byte region [fff00000c4561b20, fff00000c4561b30) [ 19.738446] [ 19.738491] The buggy address belongs to the physical page: [ 19.738569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104561 [ 19.738702] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.739591] page_type: f5(slab) [ 19.739817] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.740177] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.740628] page dumped because: kasan: bad access detected [ 19.740858] [ 19.740988] Memory state around the buggy address: [ 19.741106] fff00000c4561a00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 19.741200] fff00000c4561a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.741283] >fff00000c4561b00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 19.741351] ^ [ 19.742063] fff00000c4561b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.742305] fff00000c4561c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.742407] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 19.690415] ================================================================== [ 19.690554] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 19.690658] Read of size 1 at addr fff00000c59a1328 by task kunit_try_catch/189 [ 19.690761] [ 19.690844] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.690998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.691056] Hardware name: linux,dummy-virt (DT) [ 19.691125] Call trace: [ 19.691169] show_stack+0x20/0x38 (C) [ 19.691272] dump_stack_lvl+0x8c/0xd0 [ 19.691376] print_report+0x118/0x608 [ 19.691474] kasan_report+0xdc/0x128 [ 19.691576] __asan_report_load1_noabort+0x20/0x30 [ 19.691689] kmalloc_uaf2+0x3f4/0x468 [ 19.691784] kunit_try_run_case+0x170/0x3f0 [ 19.691898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.692005] kthread+0x328/0x630 [ 19.692102] ret_from_fork+0x10/0x20 [ 19.692286] [ 19.692412] Allocated by task 189: [ 19.692622] kasan_save_stack+0x3c/0x68 [ 19.692791] kasan_save_track+0x20/0x40 [ 19.692882] kasan_save_alloc_info+0x40/0x58 [ 19.693209] __kasan_kmalloc+0xd4/0xd8 [ 19.693277] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.693361] kmalloc_uaf2+0xc4/0x468 [ 19.693695] kunit_try_run_case+0x170/0x3f0 [ 19.693790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.693902] kthread+0x328/0x630 [ 19.693989] ret_from_fork+0x10/0x20 [ 19.694072] [ 19.694118] Freed by task 189: [ 19.694173] kasan_save_stack+0x3c/0x68 [ 19.694256] kasan_save_track+0x20/0x40 [ 19.694358] kasan_save_free_info+0x4c/0x78 [ 19.694487] __kasan_slab_free+0x6c/0x98 [ 19.694581] kfree+0x214/0x3c8 [ 19.694698] kmalloc_uaf2+0x134/0x468 [ 19.694798] kunit_try_run_case+0x170/0x3f0 [ 19.694896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.695029] kthread+0x328/0x630 [ 19.695136] ret_from_fork+0x10/0x20 [ 19.695214] [ 19.695257] The buggy address belongs to the object at fff00000c59a1300 [ 19.695257] which belongs to the cache kmalloc-64 of size 64 [ 19.695399] The buggy address is located 40 bytes inside of [ 19.695399] freed 64-byte region [fff00000c59a1300, fff00000c59a1340) [ 19.695589] [ 19.695638] The buggy address belongs to the physical page: [ 19.695703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059a1 [ 19.695832] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.695938] page_type: f5(slab) [ 19.696028] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.696175] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.696278] page dumped because: kasan: bad access detected [ 19.696376] [ 19.696427] Memory state around the buggy address: [ 19.696494] fff00000c59a1200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.696597] fff00000c59a1280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.696692] >fff00000c59a1300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.696778] ^ [ 19.696866] fff00000c59a1380: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 19.696953] fff00000c59a1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.697035] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 19.663899] ================================================================== [ 19.664029] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 19.664139] Write of size 33 at addr fff00000c59a1180 by task kunit_try_catch/187 [ 19.664257] [ 19.664327] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.664504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.664569] Hardware name: linux,dummy-virt (DT) [ 19.664652] Call trace: [ 19.664695] show_stack+0x20/0x38 (C) [ 19.664800] dump_stack_lvl+0x8c/0xd0 [ 19.664920] print_report+0x118/0x608 [ 19.665238] kasan_report+0xdc/0x128 [ 19.665564] kasan_check_range+0x100/0x1a8 [ 19.665788] __asan_memset+0x34/0x78 [ 19.665887] kmalloc_uaf_memset+0x170/0x310 [ 19.665973] kunit_try_run_case+0x170/0x3f0 [ 19.666069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.666331] kthread+0x328/0x630 [ 19.666421] ret_from_fork+0x10/0x20 [ 19.666536] [ 19.666585] Allocated by task 187: [ 19.666656] kasan_save_stack+0x3c/0x68 [ 19.666747] kasan_save_track+0x20/0x40 [ 19.666845] kasan_save_alloc_info+0x40/0x58 [ 19.667292] __kasan_kmalloc+0xd4/0xd8 [ 19.667559] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.667934] kmalloc_uaf_memset+0xb8/0x310 [ 19.668064] kunit_try_run_case+0x170/0x3f0 [ 19.668159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.668297] kthread+0x328/0x630 [ 19.668372] ret_from_fork+0x10/0x20 [ 19.668450] [ 19.668492] Freed by task 187: [ 19.668552] kasan_save_stack+0x3c/0x68 [ 19.668636] kasan_save_track+0x20/0x40 [ 19.668748] kasan_save_free_info+0x4c/0x78 [ 19.668851] __kasan_slab_free+0x6c/0x98 [ 19.668926] kfree+0x214/0x3c8 [ 19.668993] kmalloc_uaf_memset+0x11c/0x310 [ 19.669166] kunit_try_run_case+0x170/0x3f0 [ 19.669256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.669701] kthread+0x328/0x630 [ 19.669782] ret_from_fork+0x10/0x20 [ 19.670425] [ 19.670553] The buggy address belongs to the object at fff00000c59a1180 [ 19.670553] which belongs to the cache kmalloc-64 of size 64 [ 19.670742] The buggy address is located 0 bytes inside of [ 19.670742] freed 64-byte region [fff00000c59a1180, fff00000c59a11c0) [ 19.670973] [ 19.671021] The buggy address belongs to the physical page: [ 19.671105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059a1 [ 19.671235] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.671340] page_type: f5(slab) [ 19.671652] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.671855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.672329] page dumped because: kasan: bad access detected [ 19.672414] [ 19.672847] Memory state around the buggy address: [ 19.673095] fff00000c59a1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.673201] fff00000c59a1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.673281] >fff00000c59a1180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.673362] ^ [ 19.673421] fff00000c59a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.674236] fff00000c59a1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.674408] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 19.641083] ================================================================== [ 19.641614] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 19.641727] Read of size 1 at addr fff00000c4561b08 by task kunit_try_catch/185 [ 19.642059] [ 19.642228] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.642525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.642611] Hardware name: linux,dummy-virt (DT) [ 19.642786] Call trace: [ 19.642920] show_stack+0x20/0x38 (C) [ 19.643117] dump_stack_lvl+0x8c/0xd0 [ 19.643307] print_report+0x118/0x608 [ 19.643417] kasan_report+0xdc/0x128 [ 19.643786] __asan_report_load1_noabort+0x20/0x30 [ 19.643961] kmalloc_uaf+0x300/0x338 [ 19.644075] kunit_try_run_case+0x170/0x3f0 [ 19.644273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.644477] kthread+0x328/0x630 [ 19.644570] ret_from_fork+0x10/0x20 [ 19.644936] [ 19.645321] Allocated by task 185: [ 19.645500] kasan_save_stack+0x3c/0x68 [ 19.645706] kasan_save_track+0x20/0x40 [ 19.645858] kasan_save_alloc_info+0x40/0x58 [ 19.645990] __kasan_kmalloc+0xd4/0xd8 [ 19.646072] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.646182] kmalloc_uaf+0xb8/0x338 [ 19.646261] kunit_try_run_case+0x170/0x3f0 [ 19.646334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.646414] kthread+0x328/0x630 [ 19.646481] ret_from_fork+0x10/0x20 [ 19.646573] [ 19.646623] Freed by task 185: [ 19.646696] kasan_save_stack+0x3c/0x68 [ 19.646784] kasan_save_track+0x20/0x40 [ 19.646893] kasan_save_free_info+0x4c/0x78 [ 19.647030] __kasan_slab_free+0x6c/0x98 [ 19.647144] kfree+0x214/0x3c8 [ 19.647230] kmalloc_uaf+0x11c/0x338 [ 19.647312] kunit_try_run_case+0x170/0x3f0 [ 19.647404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.647510] kthread+0x328/0x630 [ 19.647627] ret_from_fork+0x10/0x20 [ 19.647754] [ 19.647832] The buggy address belongs to the object at fff00000c4561b00 [ 19.647832] which belongs to the cache kmalloc-16 of size 16 [ 19.647959] The buggy address is located 8 bytes inside of [ 19.647959] freed 16-byte region [fff00000c4561b00, fff00000c4561b10) [ 19.648193] [ 19.648240] The buggy address belongs to the physical page: [ 19.648306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104561 [ 19.648439] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.648562] page_type: f5(slab) [ 19.648754] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.648955] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.649092] page dumped because: kasan: bad access detected [ 19.649250] [ 19.649311] Memory state around the buggy address: [ 19.649399] fff00000c4561a00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 19.649491] fff00000c4561a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.649572] >fff00000c4561b00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.649657] ^ [ 19.649716] fff00000c4561b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.649875] fff00000c4561c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.649975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 19.605165] ================================================================== [ 19.605354] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.605488] Read of size 64 at addr fff00000c5999e84 by task kunit_try_catch/183 [ 19.605607] [ 19.605684] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.605907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.605971] Hardware name: linux,dummy-virt (DT) [ 19.606041] Call trace: [ 19.606107] show_stack+0x20/0x38 (C) [ 19.606237] dump_stack_lvl+0x8c/0xd0 [ 19.606384] print_report+0x118/0x608 [ 19.606566] kasan_report+0xdc/0x128 [ 19.606721] kasan_check_range+0x100/0x1a8 [ 19.607295] __asan_memmove+0x3c/0x98 [ 19.607579] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.607861] kunit_try_run_case+0x170/0x3f0 [ 19.607973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.608091] kthread+0x328/0x630 [ 19.608189] ret_from_fork+0x10/0x20 [ 19.609020] [ 19.609495] Allocated by task 183: [ 19.609583] kasan_save_stack+0x3c/0x68 [ 19.609877] kasan_save_track+0x20/0x40 [ 19.610101] kasan_save_alloc_info+0x40/0x58 [ 19.610264] __kasan_kmalloc+0xd4/0xd8 [ 19.610359] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.610457] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 19.610568] kunit_try_run_case+0x170/0x3f0 [ 19.610663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.610773] kthread+0x328/0x630 [ 19.610870] ret_from_fork+0x10/0x20 [ 19.610955] [ 19.611000] The buggy address belongs to the object at fff00000c5999e80 [ 19.611000] which belongs to the cache kmalloc-64 of size 64 [ 19.611136] The buggy address is located 4 bytes inside of [ 19.611136] allocated 64-byte region [fff00000c5999e80, fff00000c5999ec0) [ 19.611277] [ 19.611328] The buggy address belongs to the physical page: [ 19.613692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105999 [ 19.614687] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.615172] page_type: f5(slab) [ 19.615577] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.616143] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.616345] page dumped because: kasan: bad access detected [ 19.617120] [ 19.617217] Memory state around the buggy address: [ 19.617635] fff00000c5999d80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.617747] fff00000c5999e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.617849] >fff00000c5999e80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.617938] ^ [ 19.618899] fff00000c5999f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.619366] fff00000c5999f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.619898] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 19.579573] ================================================================== [ 19.579752] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.579898] Read of size 18446744073709551614 at addr fff00000c5999d04 by task kunit_try_catch/181 [ 19.580065] [ 19.580149] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.580355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.580430] Hardware name: linux,dummy-virt (DT) [ 19.580569] Call trace: [ 19.580633] show_stack+0x20/0x38 (C) [ 19.580762] dump_stack_lvl+0x8c/0xd0 [ 19.580883] print_report+0x118/0x608 [ 19.580992] kasan_report+0xdc/0x128 [ 19.581096] kasan_check_range+0x100/0x1a8 [ 19.582065] __asan_memmove+0x3c/0x98 [ 19.582280] kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.583520] kunit_try_run_case+0x170/0x3f0 [ 19.583863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.584435] kthread+0x328/0x630 [ 19.584569] ret_from_fork+0x10/0x20 [ 19.584718] [ 19.584763] Allocated by task 181: [ 19.584844] kasan_save_stack+0x3c/0x68 [ 19.584942] kasan_save_track+0x20/0x40 [ 19.585028] kasan_save_alloc_info+0x40/0x58 [ 19.585117] __kasan_kmalloc+0xd4/0xd8 [ 19.586520] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.587322] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 19.587639] kunit_try_run_case+0x170/0x3f0 [ 19.587987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.588170] kthread+0x328/0x630 [ 19.588615] ret_from_fork+0x10/0x20 [ 19.588719] [ 19.588864] The buggy address belongs to the object at fff00000c5999d00 [ 19.588864] which belongs to the cache kmalloc-64 of size 64 [ 19.589172] The buggy address is located 4 bytes inside of [ 19.589172] 64-byte region [fff00000c5999d00, fff00000c5999d40) [ 19.589538] [ 19.589592] The buggy address belongs to the physical page: [ 19.589666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105999 [ 19.590448] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.590789] page_type: f5(slab) [ 19.591018] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.591226] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.592093] page dumped because: kasan: bad access detected [ 19.593316] [ 19.593566] Memory state around the buggy address: [ 19.593754] fff00000c5999c00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 19.594052] fff00000c5999c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.594162] >fff00000c5999d00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.594236] ^ [ 19.594295] fff00000c5999d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.594386] fff00000c5999e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.594476] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 19.538957] ================================================================== [ 19.539111] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 19.539596] Write of size 16 at addr fff00000c599f069 by task kunit_try_catch/179 [ 19.539729] [ 19.540364] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.540734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.540799] Hardware name: linux,dummy-virt (DT) [ 19.541291] Call trace: [ 19.541371] show_stack+0x20/0x38 (C) [ 19.541618] dump_stack_lvl+0x8c/0xd0 [ 19.542175] print_report+0x118/0x608 [ 19.542695] kasan_report+0xdc/0x128 [ 19.542914] kasan_check_range+0x100/0x1a8 [ 19.543125] __asan_memset+0x34/0x78 [ 19.543230] kmalloc_oob_memset_16+0x150/0x2f8 [ 19.543761] kunit_try_run_case+0x170/0x3f0 [ 19.543985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.544118] kthread+0x328/0x630 [ 19.544215] ret_from_fork+0x10/0x20 [ 19.544324] [ 19.544370] Allocated by task 179: [ 19.544862] kasan_save_stack+0x3c/0x68 [ 19.545063] kasan_save_track+0x20/0x40 [ 19.545174] kasan_save_alloc_info+0x40/0x58 [ 19.545458] __kasan_kmalloc+0xd4/0xd8 [ 19.545536] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.545632] kmalloc_oob_memset_16+0xb0/0x2f8 [ 19.545721] kunit_try_run_case+0x170/0x3f0 [ 19.546188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.546409] kthread+0x328/0x630 [ 19.546498] ret_from_fork+0x10/0x20 [ 19.546605] [ 19.546655] The buggy address belongs to the object at fff00000c599f000 [ 19.546655] which belongs to the cache kmalloc-128 of size 128 [ 19.547197] The buggy address is located 105 bytes inside of [ 19.547197] allocated 120-byte region [fff00000c599f000, fff00000c599f078) [ 19.547420] [ 19.547467] The buggy address belongs to the physical page: [ 19.547979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10599f [ 19.548130] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.548358] page_type: f5(slab) [ 19.548452] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.548984] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.549196] page dumped because: kasan: bad access detected [ 19.549282] [ 19.549419] Memory state around the buggy address: [ 19.549509] fff00000c599ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.549614] fff00000c599ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.549693] >fff00000c599f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.550054] ^ [ 19.550354] fff00000c599f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.550552] fff00000c599f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.550651] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 19.469379] ================================================================== [ 19.469669] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 19.470239] Write of size 4 at addr fff00000c4569e75 by task kunit_try_catch/175 [ 19.470365] [ 19.470457] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.470633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.470682] Hardware name: linux,dummy-virt (DT) [ 19.470993] Call trace: [ 19.471052] show_stack+0x20/0x38 (C) [ 19.471870] dump_stack_lvl+0x8c/0xd0 [ 19.472073] print_report+0x118/0x608 [ 19.472278] kasan_report+0xdc/0x128 [ 19.472392] kasan_check_range+0x100/0x1a8 [ 19.472759] __asan_memset+0x34/0x78 [ 19.473078] kmalloc_oob_memset_4+0x150/0x300 [ 19.473348] kunit_try_run_case+0x170/0x3f0 [ 19.473690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.473837] kthread+0x328/0x630 [ 19.473939] ret_from_fork+0x10/0x20 [ 19.474378] [ 19.474443] Allocated by task 175: [ 19.474536] kasan_save_stack+0x3c/0x68 [ 19.474717] kasan_save_track+0x20/0x40 [ 19.474811] kasan_save_alloc_info+0x40/0x58 [ 19.474997] __kasan_kmalloc+0xd4/0xd8 [ 19.475500] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.475620] kmalloc_oob_memset_4+0xb0/0x300 [ 19.475794] kunit_try_run_case+0x170/0x3f0 [ 19.475914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.476098] kthread+0x328/0x630 [ 19.476194] ret_from_fork+0x10/0x20 [ 19.476698] [ 19.476756] The buggy address belongs to the object at fff00000c4569e00 [ 19.476756] which belongs to the cache kmalloc-128 of size 128 [ 19.477176] The buggy address is located 117 bytes inside of [ 19.477176] allocated 120-byte region [fff00000c4569e00, fff00000c4569e78) [ 19.477645] [ 19.477721] The buggy address belongs to the physical page: [ 19.477814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104569 [ 19.477960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.478058] page_type: f5(slab) [ 19.478387] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.478575] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.478879] page dumped because: kasan: bad access detected [ 19.479040] [ 19.479110] Memory state around the buggy address: [ 19.479221] fff00000c4569d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.479581] fff00000c4569d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.479950] >fff00000c4569e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.480050] ^ [ 19.480229] fff00000c4569e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.480347] fff00000c4569f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.480436] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 19.432005] ================================================================== [ 19.432171] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 19.432878] Write of size 2 at addr fff00000c4569d77 by task kunit_try_catch/173 [ 19.433106] [ 19.433227] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.433524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.433603] Hardware name: linux,dummy-virt (DT) [ 19.433755] Call trace: [ 19.433973] show_stack+0x20/0x38 (C) [ 19.434437] dump_stack_lvl+0x8c/0xd0 [ 19.434677] print_report+0x118/0x608 [ 19.434842] kasan_report+0xdc/0x128 [ 19.434961] kasan_check_range+0x100/0x1a8 [ 19.435181] __asan_memset+0x34/0x78 [ 19.435735] kmalloc_oob_memset_2+0x150/0x2f8 [ 19.435914] kunit_try_run_case+0x170/0x3f0 [ 19.436146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.436297] kthread+0x328/0x630 [ 19.436844] ret_from_fork+0x10/0x20 [ 19.437100] [ 19.437153] Allocated by task 173: [ 19.437320] kasan_save_stack+0x3c/0x68 [ 19.437443] kasan_save_track+0x20/0x40 [ 19.437743] kasan_save_alloc_info+0x40/0x58 [ 19.437848] __kasan_kmalloc+0xd4/0xd8 [ 19.437944] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.438068] kmalloc_oob_memset_2+0xb0/0x2f8 [ 19.438416] kunit_try_run_case+0x170/0x3f0 [ 19.438520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.438642] kthread+0x328/0x630 [ 19.438720] ret_from_fork+0x10/0x20 [ 19.438852] [ 19.438924] The buggy address belongs to the object at fff00000c4569d00 [ 19.438924] which belongs to the cache kmalloc-128 of size 128 [ 19.439345] The buggy address is located 119 bytes inside of [ 19.439345] allocated 120-byte region [fff00000c4569d00, fff00000c4569d78) [ 19.439972] [ 19.440035] The buggy address belongs to the physical page: [ 19.440367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104569 [ 19.440685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.440837] page_type: f5(slab) [ 19.440936] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.441059] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.441792] page dumped because: kasan: bad access detected [ 19.441905] [ 19.442419] Memory state around the buggy address: [ 19.442518] fff00000c4569c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.442644] fff00000c4569c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.442755] >fff00000c4569d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.443476] ^ [ 19.443786] fff00000c4569d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444498] fff00000c4569e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444614] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 19.401135] ================================================================== [ 19.401660] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 19.401873] Write of size 128 at addr fff00000c4569c00 by task kunit_try_catch/171 [ 19.402022] [ 19.402117] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.402746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.402876] Hardware name: linux,dummy-virt (DT) [ 19.402962] Call trace: [ 19.403023] show_stack+0x20/0x38 (C) [ 19.403144] dump_stack_lvl+0x8c/0xd0 [ 19.403258] print_report+0x118/0x608 [ 19.403369] kasan_report+0xdc/0x128 [ 19.403478] kasan_check_range+0x100/0x1a8 [ 19.403602] __asan_memset+0x34/0x78 [ 19.403705] kmalloc_oob_in_memset+0x144/0x2d0 [ 19.403811] kunit_try_run_case+0x170/0x3f0 [ 19.404668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.404814] kthread+0x328/0x630 [ 19.404936] ret_from_fork+0x10/0x20 [ 19.405298] [ 19.405364] Allocated by task 171: [ 19.405761] kasan_save_stack+0x3c/0x68 [ 19.406108] kasan_save_track+0x20/0x40 [ 19.406213] kasan_save_alloc_info+0x40/0x58 [ 19.406312] __kasan_kmalloc+0xd4/0xd8 [ 19.406815] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.407141] kmalloc_oob_in_memset+0xb0/0x2d0 [ 19.407268] kunit_try_run_case+0x170/0x3f0 [ 19.407372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.407476] kthread+0x328/0x630 [ 19.407920] ret_from_fork+0x10/0x20 [ 19.408107] [ 19.408155] The buggy address belongs to the object at fff00000c4569c00 [ 19.408155] which belongs to the cache kmalloc-128 of size 128 [ 19.408495] The buggy address is located 0 bytes inside of [ 19.408495] allocated 120-byte region [fff00000c4569c00, fff00000c4569c78) [ 19.409102] [ 19.409183] The buggy address belongs to the physical page: [ 19.409389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104569 [ 19.409514] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.409606] page_type: f5(slab) [ 19.409919] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.410273] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.410596] page dumped because: kasan: bad access detected [ 19.410846] [ 19.410958] Memory state around the buggy address: [ 19.411067] fff00000c4569b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.411173] fff00000c4569b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.411465] >fff00000c4569c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.411624] ^ [ 19.411966] fff00000c4569c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.412076] fff00000c4569d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.412535] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 19.376399] ================================================================== [ 19.376636] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 19.376757] Read of size 16 at addr fff00000c4561ae0 by task kunit_try_catch/169 [ 19.376987] [ 19.377161] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.377474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.377798] Hardware name: linux,dummy-virt (DT) [ 19.377892] Call trace: [ 19.377951] show_stack+0x20/0x38 (C) [ 19.378072] dump_stack_lvl+0x8c/0xd0 [ 19.378177] print_report+0x118/0x608 [ 19.378386] kasan_report+0xdc/0x128 [ 19.378613] __asan_report_load16_noabort+0x20/0x30 [ 19.378832] kmalloc_uaf_16+0x3bc/0x438 [ 19.378951] kunit_try_run_case+0x170/0x3f0 [ 19.379067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.379184] kthread+0x328/0x630 [ 19.379538] ret_from_fork+0x10/0x20 [ 19.379758] [ 19.379815] Allocated by task 169: [ 19.379979] kasan_save_stack+0x3c/0x68 [ 19.380083] kasan_save_track+0x20/0x40 [ 19.380192] kasan_save_alloc_info+0x40/0x58 [ 19.380278] __kasan_kmalloc+0xd4/0xd8 [ 19.380356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.380447] kmalloc_uaf_16+0x140/0x438 [ 19.380529] kunit_try_run_case+0x170/0x3f0 [ 19.381036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.381164] kthread+0x328/0x630 [ 19.381303] ret_from_fork+0x10/0x20 [ 19.381475] [ 19.381725] Freed by task 169: [ 19.381815] kasan_save_stack+0x3c/0x68 [ 19.381927] kasan_save_track+0x20/0x40 [ 19.382007] kasan_save_free_info+0x4c/0x78 [ 19.382230] __kasan_slab_free+0x6c/0x98 [ 19.382374] kfree+0x214/0x3c8 [ 19.382454] kmalloc_uaf_16+0x190/0x438 [ 19.382686] kunit_try_run_case+0x170/0x3f0 [ 19.382832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.383071] kthread+0x328/0x630 [ 19.383141] ret_from_fork+0x10/0x20 [ 19.383550] [ 19.383618] The buggy address belongs to the object at fff00000c4561ae0 [ 19.383618] which belongs to the cache kmalloc-16 of size 16 [ 19.383761] The buggy address is located 0 bytes inside of [ 19.383761] freed 16-byte region [fff00000c4561ae0, fff00000c4561af0) [ 19.383920] [ 19.383967] The buggy address belongs to the physical page: [ 19.384035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104561 [ 19.384158] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.384265] page_type: f5(slab) [ 19.384355] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.384474] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.384568] page dumped because: kasan: bad access detected [ 19.384638] [ 19.385112] Memory state around the buggy address: [ 19.385288] fff00000c4561980: fa fb fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.385396] fff00000c4561a00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 19.385503] >fff00000c4561a80: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 19.385598] ^ [ 19.386074] fff00000c4561b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386460] fff00000c4561b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386604] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 19.356178] ================================================================== [ 19.356319] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 19.356427] Write of size 16 at addr fff00000c4561a80 by task kunit_try_catch/167 [ 19.356539] [ 19.356609] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.356776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.356853] Hardware name: linux,dummy-virt (DT) [ 19.356924] Call trace: [ 19.356971] show_stack+0x20/0x38 (C) [ 19.357093] dump_stack_lvl+0x8c/0xd0 [ 19.357244] print_report+0x118/0x608 [ 19.357397] kasan_report+0xdc/0x128 [ 19.357541] __asan_report_store16_noabort+0x20/0x30 [ 19.357702] kmalloc_oob_16+0x3a0/0x3f8 [ 19.357848] kunit_try_run_case+0x170/0x3f0 [ 19.357947] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.358098] kthread+0x328/0x630 [ 19.358575] ret_from_fork+0x10/0x20 [ 19.359015] [ 19.359066] Allocated by task 167: [ 19.359126] kasan_save_stack+0x3c/0x68 [ 19.359238] kasan_save_track+0x20/0x40 [ 19.359363] kasan_save_alloc_info+0x40/0x58 [ 19.359449] __kasan_kmalloc+0xd4/0xd8 [ 19.359534] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.359617] kmalloc_oob_16+0xb4/0x3f8 [ 19.359700] kunit_try_run_case+0x170/0x3f0 [ 19.359786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.359901] kthread+0x328/0x630 [ 19.359977] ret_from_fork+0x10/0x20 [ 19.360059] [ 19.360102] The buggy address belongs to the object at fff00000c4561a80 [ 19.360102] which belongs to the cache kmalloc-16 of size 16 [ 19.360229] The buggy address is located 0 bytes inside of [ 19.360229] allocated 13-byte region [fff00000c4561a80, fff00000c4561a8d) [ 19.360373] [ 19.360420] The buggy address belongs to the physical page: [ 19.360487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104561 [ 19.360620] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.360725] page_type: f5(slab) [ 19.360888] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.361024] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.361272] page dumped because: kasan: bad access detected [ 19.361360] [ 19.361488] Memory state around the buggy address: [ 19.361590] fff00000c4561980: fa fb fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.361724] fff00000c4561a00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 19.361810] >fff00000c4561a80: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.361898] ^ [ 19.361951] fff00000c4561b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.362465] fff00000c4561b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.362577] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 19.332301] ================================================================== [ 19.332474] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 19.332655] Read of size 1 at addr fff00000c440ac00 by task kunit_try_catch/165 [ 19.332812] [ 19.332911] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.333085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.333143] Hardware name: linux,dummy-virt (DT) [ 19.333243] Call trace: [ 19.333304] show_stack+0x20/0x38 (C) [ 19.333413] dump_stack_lvl+0x8c/0xd0 [ 19.333560] print_report+0x118/0x608 [ 19.333703] kasan_report+0xdc/0x128 [ 19.333859] __asan_report_load1_noabort+0x20/0x30 [ 19.334021] krealloc_uaf+0x4c8/0x520 [ 19.334141] kunit_try_run_case+0x170/0x3f0 [ 19.334254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.334394] kthread+0x328/0x630 [ 19.334541] ret_from_fork+0x10/0x20 [ 19.334704] [ 19.334768] Allocated by task 165: [ 19.334848] kasan_save_stack+0x3c/0x68 [ 19.334935] kasan_save_track+0x20/0x40 [ 19.335048] kasan_save_alloc_info+0x40/0x58 [ 19.335181] __kasan_kmalloc+0xd4/0xd8 [ 19.335284] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.335383] krealloc_uaf+0xc8/0x520 [ 19.335469] kunit_try_run_case+0x170/0x3f0 [ 19.335549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.335634] kthread+0x328/0x630 [ 19.335697] ret_from_fork+0x10/0x20 [ 19.335765] [ 19.335803] Freed by task 165: [ 19.335879] kasan_save_stack+0x3c/0x68 [ 19.335991] kasan_save_track+0x20/0x40 [ 19.336100] kasan_save_free_info+0x4c/0x78 [ 19.336209] __kasan_slab_free+0x6c/0x98 [ 19.336353] kfree+0x214/0x3c8 [ 19.336436] krealloc_uaf+0x12c/0x520 [ 19.336511] kunit_try_run_case+0x170/0x3f0 [ 19.336593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.336689] kthread+0x328/0x630 [ 19.336760] ret_from_fork+0x10/0x20 [ 19.336852] [ 19.336896] The buggy address belongs to the object at fff00000c440ac00 [ 19.336896] which belongs to the cache kmalloc-256 of size 256 [ 19.337032] The buggy address is located 0 bytes inside of [ 19.337032] freed 256-byte region [fff00000c440ac00, fff00000c440ad00) [ 19.337170] [ 19.337215] The buggy address belongs to the physical page: [ 19.337284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10440a [ 19.337388] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.337482] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.337616] page_type: f5(slab) [ 19.337696] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.337854] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.338005] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.338123] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.338245] head: 0bfffe0000000001 ffffc1ffc3110281 00000000ffffffff 00000000ffffffff [ 19.338363] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.338452] page dumped because: kasan: bad access detected [ 19.338522] [ 19.338584] Memory state around the buggy address: [ 19.338654] fff00000c440ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.338796] fff00000c440ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.338901] >fff00000c440ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.338975] ^ [ 19.339035] fff00000c440ac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.339125] fff00000c440ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.339204] ================================================================== [ 19.322741] ================================================================== [ 19.322993] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 19.323168] Read of size 1 at addr fff00000c440ac00 by task kunit_try_catch/165 [ 19.323305] [ 19.323434] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.323715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.323793] Hardware name: linux,dummy-virt (DT) [ 19.323869] Call trace: [ 19.323911] show_stack+0x20/0x38 (C) [ 19.324005] dump_stack_lvl+0x8c/0xd0 [ 19.324098] print_report+0x118/0x608 [ 19.324230] kasan_report+0xdc/0x128 [ 19.324340] __kasan_check_byte+0x54/0x70 [ 19.324439] krealloc_noprof+0x44/0x360 [ 19.324540] krealloc_uaf+0x180/0x520 [ 19.324650] kunit_try_run_case+0x170/0x3f0 [ 19.324754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.324925] kthread+0x328/0x630 [ 19.325047] ret_from_fork+0x10/0x20 [ 19.325722] [ 19.325775] Allocated by task 165: [ 19.325816] kasan_save_stack+0x3c/0x68 [ 19.325927] kasan_save_track+0x20/0x40 [ 19.326015] kasan_save_alloc_info+0x40/0x58 [ 19.326141] __kasan_kmalloc+0xd4/0xd8 [ 19.326353] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.326506] krealloc_uaf+0xc8/0x520 [ 19.326637] kunit_try_run_case+0x170/0x3f0 [ 19.326873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.327015] kthread+0x328/0x630 [ 19.327132] ret_from_fork+0x10/0x20 [ 19.327248] [ 19.327313] Freed by task 165: [ 19.327403] kasan_save_stack+0x3c/0x68 [ 19.327498] kasan_save_track+0x20/0x40 [ 19.327597] kasan_save_free_info+0x4c/0x78 [ 19.327691] __kasan_slab_free+0x6c/0x98 [ 19.327786] kfree+0x214/0x3c8 [ 19.327916] krealloc_uaf+0x12c/0x520 [ 19.328059] kunit_try_run_case+0x170/0x3f0 [ 19.328151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.328250] kthread+0x328/0x630 [ 19.328328] ret_from_fork+0x10/0x20 [ 19.328412] [ 19.328455] The buggy address belongs to the object at fff00000c440ac00 [ 19.328455] which belongs to the cache kmalloc-256 of size 256 [ 19.328666] The buggy address is located 0 bytes inside of [ 19.328666] freed 256-byte region [fff00000c440ac00, fff00000c440ad00) [ 19.328910] [ 19.328967] The buggy address belongs to the physical page: [ 19.329053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10440a [ 19.329186] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.329302] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.329443] page_type: f5(slab) [ 19.329571] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.329688] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.329789] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.329945] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.330066] head: 0bfffe0000000001 ffffc1ffc3110281 00000000ffffffff 00000000ffffffff [ 19.330173] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.330253] page dumped because: kasan: bad access detected [ 19.330321] [ 19.330366] Memory state around the buggy address: [ 19.330449] fff00000c440ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.330553] fff00000c440ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.330627] >fff00000c440ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.330712] ^ [ 19.330785] fff00000c440ac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.330939] fff00000c440ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.331062] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 19.259693] ================================================================== [ 19.260040] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.260709] Write of size 1 at addr fff00000c79060ea by task kunit_try_catch/163 [ 19.260848] [ 19.260937] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.261199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.261290] Hardware name: linux,dummy-virt (DT) [ 19.261641] Call trace: [ 19.261933] show_stack+0x20/0x38 (C) [ 19.262138] dump_stack_lvl+0x8c/0xd0 [ 19.262277] print_report+0x118/0x608 [ 19.262445] kasan_report+0xdc/0x128 [ 19.262628] __asan_report_store1_noabort+0x20/0x30 [ 19.262784] krealloc_less_oob_helper+0xae4/0xc50 [ 19.263206] krealloc_large_less_oob+0x20/0x38 [ 19.263361] kunit_try_run_case+0x170/0x3f0 [ 19.263662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.263885] kthread+0x328/0x630 [ 19.264376] ret_from_fork+0x10/0x20 [ 19.264578] [ 19.264645] The buggy address belongs to the physical page: [ 19.264736] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107904 [ 19.264964] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.265152] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.265541] page_type: f8(unknown) [ 19.265811] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.265966] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.266189] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.266380] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.266575] head: 0bfffe0000000002 ffffc1ffc31e4101 00000000ffffffff 00000000ffffffff [ 19.267121] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.267301] page dumped because: kasan: bad access detected [ 19.267407] [ 19.267462] Memory state around the buggy address: [ 19.267623] fff00000c7905f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.267758] fff00000c7906000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.268111] >fff00000c7906080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.268502] ^ [ 19.268662] fff00000c7906100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.268816] fff00000c7906180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.268931] ================================================================== [ 19.219640] ================================================================== [ 19.219788] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.219951] Write of size 1 at addr fff00000c79060c9 by task kunit_try_catch/163 [ 19.220072] [ 19.220160] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.220358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.220420] Hardware name: linux,dummy-virt (DT) [ 19.220493] Call trace: [ 19.220545] show_stack+0x20/0x38 (C) [ 19.220664] dump_stack_lvl+0x8c/0xd0 [ 19.220773] print_report+0x118/0x608 [ 19.221161] kasan_report+0xdc/0x128 [ 19.221294] __asan_report_store1_noabort+0x20/0x30 [ 19.221421] krealloc_less_oob_helper+0xa48/0xc50 [ 19.221681] krealloc_large_less_oob+0x20/0x38 [ 19.221844] kunit_try_run_case+0x170/0x3f0 [ 19.221958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.222060] kthread+0x328/0x630 [ 19.222416] ret_from_fork+0x10/0x20 [ 19.222570] [ 19.222631] The buggy address belongs to the physical page: [ 19.222715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107904 [ 19.222862] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.223058] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.223441] page_type: f8(unknown) [ 19.223549] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.224004] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.224218] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.224548] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.224723] head: 0bfffe0000000002 ffffc1ffc31e4101 00000000ffffffff 00000000ffffffff [ 19.224910] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.225102] page dumped because: kasan: bad access detected [ 19.225204] [ 19.225252] Memory state around the buggy address: [ 19.225320] fff00000c7905f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.225410] fff00000c7906000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.225495] >fff00000c7906080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.225574] ^ [ 19.225659] fff00000c7906100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.225763] fff00000c7906180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.226203] ================================================================== [ 19.242715] ================================================================== [ 19.244291] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.244883] Write of size 1 at addr fff00000c79060da by task kunit_try_catch/163 [ 19.245482] [ 19.245978] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.246779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.246867] Hardware name: linux,dummy-virt (DT) [ 19.247483] Call trace: [ 19.247547] show_stack+0x20/0x38 (C) [ 19.247740] dump_stack_lvl+0x8c/0xd0 [ 19.248405] print_report+0x118/0x608 [ 19.249006] kasan_report+0xdc/0x128 [ 19.249186] __asan_report_store1_noabort+0x20/0x30 [ 19.249566] krealloc_less_oob_helper+0xa80/0xc50 [ 19.249969] krealloc_large_less_oob+0x20/0x38 [ 19.250115] kunit_try_run_case+0x170/0x3f0 [ 19.251014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.251240] kthread+0x328/0x630 [ 19.251815] ret_from_fork+0x10/0x20 [ 19.252331] [ 19.252505] The buggy address belongs to the physical page: [ 19.252711] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107904 [ 19.252942] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.253056] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.253190] page_type: f8(unknown) [ 19.253951] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.254214] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.254479] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.254833] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.255350] head: 0bfffe0000000002 ffffc1ffc31e4101 00000000ffffffff 00000000ffffffff [ 19.255664] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.256109] page dumped because: kasan: bad access detected [ 19.256335] [ 19.256452] Memory state around the buggy address: [ 19.256540] fff00000c7905f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.256723] fff00000c7906000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.256858] >fff00000c7906080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.257298] ^ [ 19.257472] fff00000c7906100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.257640] fff00000c7906180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.257793] ================================================================== [ 19.227875] ================================================================== [ 19.228015] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.228185] Write of size 1 at addr fff00000c79060d0 by task kunit_try_catch/163 [ 19.228344] [ 19.228426] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.229158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.229244] Hardware name: linux,dummy-virt (DT) [ 19.229314] Call trace: [ 19.229367] show_stack+0x20/0x38 (C) [ 19.229490] dump_stack_lvl+0x8c/0xd0 [ 19.230245] print_report+0x118/0x608 [ 19.230482] kasan_report+0xdc/0x128 [ 19.230610] __asan_report_store1_noabort+0x20/0x30 [ 19.230723] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.230845] krealloc_large_less_oob+0x20/0x38 [ 19.231663] kunit_try_run_case+0x170/0x3f0 [ 19.232457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.232765] kthread+0x328/0x630 [ 19.232990] ret_from_fork+0x10/0x20 [ 19.233188] [ 19.233306] The buggy address belongs to the physical page: [ 19.233751] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107904 [ 19.234360] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.234558] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.234703] page_type: f8(unknown) [ 19.234804] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.234999] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.235812] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.236098] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.236625] head: 0bfffe0000000002 ffffc1ffc31e4101 00000000ffffffff 00000000ffffffff [ 19.236876] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.237106] page dumped because: kasan: bad access detected [ 19.237177] [ 19.237219] Memory state around the buggy address: [ 19.237289] fff00000c7905f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.237369] fff00000c7906000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.237458] >fff00000c7906080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.237544] ^ [ 19.238675] fff00000c7906100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.239269] fff00000c7906180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.239882] ================================================================== [ 19.146790] ================================================================== [ 19.146917] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.147395] Write of size 1 at addr fff00000c440aaea by task kunit_try_catch/159 [ 19.147587] [ 19.147676] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.147884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.147943] Hardware name: linux,dummy-virt (DT) [ 19.148008] Call trace: [ 19.148059] show_stack+0x20/0x38 (C) [ 19.148167] dump_stack_lvl+0x8c/0xd0 [ 19.148268] print_report+0x118/0x608 [ 19.148369] kasan_report+0xdc/0x128 [ 19.148468] __asan_report_store1_noabort+0x20/0x30 [ 19.148581] krealloc_less_oob_helper+0xae4/0xc50 [ 19.148693] krealloc_less_oob+0x20/0x38 [ 19.150426] kunit_try_run_case+0x170/0x3f0 [ 19.150757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.151576] kthread+0x328/0x630 [ 19.151850] ret_from_fork+0x10/0x20 [ 19.152087] [ 19.152191] Allocated by task 159: [ 19.152277] kasan_save_stack+0x3c/0x68 [ 19.152377] kasan_save_track+0x20/0x40 [ 19.152768] kasan_save_alloc_info+0x40/0x58 [ 19.153168] __kasan_krealloc+0x118/0x178 [ 19.153518] krealloc_noprof+0x128/0x360 [ 19.153597] krealloc_less_oob_helper+0x168/0xc50 [ 19.153971] krealloc_less_oob+0x20/0x38 [ 19.154333] kunit_try_run_case+0x170/0x3f0 [ 19.154421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.155294] kthread+0x328/0x630 [ 19.155718] ret_from_fork+0x10/0x20 [ 19.155909] [ 19.155965] The buggy address belongs to the object at fff00000c440aa00 [ 19.155965] which belongs to the cache kmalloc-256 of size 256 [ 19.156109] The buggy address is located 33 bytes to the right of [ 19.156109] allocated 201-byte region [fff00000c440aa00, fff00000c440aac9) [ 19.156398] [ 19.156464] The buggy address belongs to the physical page: [ 19.156868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10440a [ 19.157476] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.158216] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.158486] page_type: f5(slab) [ 19.158606] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.158768] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.158899] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.159010] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.159120] head: 0bfffe0000000001 ffffc1ffc3110281 00000000ffffffff 00000000ffffffff [ 19.159228] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.159318] page dumped because: kasan: bad access detected [ 19.160699] [ 19.161057] Memory state around the buggy address: [ 19.161285] fff00000c440a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.161853] fff00000c440aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.162710] >fff00000c440aa80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.162811] ^ [ 19.163273] fff00000c440ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.163900] fff00000c440ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.164245] ================================================================== [ 19.166639] ================================================================== [ 19.166707] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.166783] Write of size 1 at addr fff00000c440aaeb by task kunit_try_catch/159 [ 19.166927] [ 19.167033] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.167272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.167354] Hardware name: linux,dummy-virt (DT) [ 19.167438] Call trace: [ 19.167491] show_stack+0x20/0x38 (C) [ 19.167801] dump_stack_lvl+0x8c/0xd0 [ 19.168244] print_report+0x118/0x608 [ 19.168357] kasan_report+0xdc/0x128 [ 19.168456] __asan_report_store1_noabort+0x20/0x30 [ 19.168568] krealloc_less_oob_helper+0xa58/0xc50 [ 19.168680] krealloc_less_oob+0x20/0x38 [ 19.168844] kunit_try_run_case+0x170/0x3f0 [ 19.168952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.169064] kthread+0x328/0x630 [ 19.169193] ret_from_fork+0x10/0x20 [ 19.169289] [ 19.169329] Allocated by task 159: [ 19.169684] kasan_save_stack+0x3c/0x68 [ 19.169791] kasan_save_track+0x20/0x40 [ 19.169894] kasan_save_alloc_info+0x40/0x58 [ 19.169967] __kasan_krealloc+0x118/0x178 [ 19.170031] krealloc_noprof+0x128/0x360 [ 19.170127] krealloc_less_oob_helper+0x168/0xc50 [ 19.170219] krealloc_less_oob+0x20/0x38 [ 19.170295] kunit_try_run_case+0x170/0x3f0 [ 19.170374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.170634] kthread+0x328/0x630 [ 19.170719] ret_from_fork+0x10/0x20 [ 19.170813] [ 19.170881] The buggy address belongs to the object at fff00000c440aa00 [ 19.170881] which belongs to the cache kmalloc-256 of size 256 [ 19.171051] The buggy address is located 34 bytes to the right of [ 19.171051] allocated 201-byte region [fff00000c440aa00, fff00000c440aac9) [ 19.171274] [ 19.171345] The buggy address belongs to the physical page: [ 19.171459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10440a [ 19.171586] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.171698] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.171876] page_type: f5(slab) [ 19.171964] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.172479] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.172643] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.172806] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.172932] head: 0bfffe0000000001 ffffc1ffc3110281 00000000ffffffff 00000000ffffffff [ 19.173074] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.173175] page dumped because: kasan: bad access detected [ 19.173258] [ 19.173320] Memory state around the buggy address: [ 19.173421] fff00000c440a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.173541] fff00000c440aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.173688] >fff00000c440aa80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.173785] ^ [ 19.173896] fff00000c440ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.174001] fff00000c440ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.174101] ================================================================== [ 19.111143] ================================================================== [ 19.111475] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.111615] Write of size 1 at addr fff00000c440aad0 by task kunit_try_catch/159 [ 19.111733] [ 19.111808] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.112014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.112084] Hardware name: linux,dummy-virt (DT) [ 19.112156] Call trace: [ 19.112204] show_stack+0x20/0x38 (C) [ 19.112440] dump_stack_lvl+0x8c/0xd0 [ 19.112779] print_report+0x118/0x608 [ 19.112906] kasan_report+0xdc/0x128 [ 19.113007] __asan_report_store1_noabort+0x20/0x30 [ 19.113209] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.113576] krealloc_less_oob+0x20/0x38 [ 19.113687] kunit_try_run_case+0x170/0x3f0 [ 19.113792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.113910] kthread+0x328/0x630 [ 19.114013] ret_from_fork+0x10/0x20 [ 19.114119] [ 19.114156] Allocated by task 159: [ 19.114214] kasan_save_stack+0x3c/0x68 [ 19.114297] kasan_save_track+0x20/0x40 [ 19.114383] kasan_save_alloc_info+0x40/0x58 [ 19.114722] __kasan_krealloc+0x118/0x178 [ 19.114848] krealloc_noprof+0x128/0x360 [ 19.114947] krealloc_less_oob_helper+0x168/0xc50 [ 19.115034] krealloc_less_oob+0x20/0x38 [ 19.115112] kunit_try_run_case+0x170/0x3f0 [ 19.115505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.115653] kthread+0x328/0x630 [ 19.115732] ret_from_fork+0x10/0x20 [ 19.115839] [ 19.115910] The buggy address belongs to the object at fff00000c440aa00 [ 19.115910] which belongs to the cache kmalloc-256 of size 256 [ 19.116036] The buggy address is located 7 bytes to the right of [ 19.116036] allocated 201-byte region [fff00000c440aa00, fff00000c440aac9) [ 19.116430] [ 19.116490] The buggy address belongs to the physical page: [ 19.116580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10440a [ 19.116711] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.116832] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.116949] page_type: f5(slab) [ 19.117160] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.117298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.117433] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.117657] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.117885] head: 0bfffe0000000001 ffffc1ffc3110281 00000000ffffffff 00000000ffffffff [ 19.118174] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.118509] page dumped because: kasan: bad access detected [ 19.118652] [ 19.118755] Memory state around the buggy address: [ 19.118861] fff00000c440a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.119020] fff00000c440aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.119335] >fff00000c440aa80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.119441] ^ [ 19.119530] fff00000c440ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.119725] fff00000c440ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.120274] ================================================================== [ 19.095558] ================================================================== [ 19.095693] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.096654] Write of size 1 at addr fff00000c440aac9 by task kunit_try_catch/159 [ 19.096871] [ 19.097027] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.097319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.097497] Hardware name: linux,dummy-virt (DT) [ 19.097569] Call trace: [ 19.097615] show_stack+0x20/0x38 (C) [ 19.098306] dump_stack_lvl+0x8c/0xd0 [ 19.098746] print_report+0x118/0x608 [ 19.098913] kasan_report+0xdc/0x128 [ 19.099029] __asan_report_store1_noabort+0x20/0x30 [ 19.099145] krealloc_less_oob_helper+0xa48/0xc50 [ 19.099264] krealloc_less_oob+0x20/0x38 [ 19.099372] kunit_try_run_case+0x170/0x3f0 [ 19.099484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.100459] kthread+0x328/0x630 [ 19.100660] ret_from_fork+0x10/0x20 [ 19.100867] [ 19.100909] Allocated by task 159: [ 19.101431] kasan_save_stack+0x3c/0x68 [ 19.101975] kasan_save_track+0x20/0x40 [ 19.102192] kasan_save_alloc_info+0x40/0x58 [ 19.102391] __kasan_krealloc+0x118/0x178 [ 19.102498] krealloc_noprof+0x128/0x360 [ 19.102658] krealloc_less_oob_helper+0x168/0xc50 [ 19.102760] krealloc_less_oob+0x20/0x38 [ 19.102869] kunit_try_run_case+0x170/0x3f0 [ 19.102959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.103483] kthread+0x328/0x630 [ 19.103642] ret_from_fork+0x10/0x20 [ 19.103729] [ 19.103781] The buggy address belongs to the object at fff00000c440aa00 [ 19.103781] which belongs to the cache kmalloc-256 of size 256 [ 19.103923] The buggy address is located 0 bytes to the right of [ 19.103923] allocated 201-byte region [fff00000c440aa00, fff00000c440aac9) [ 19.104084] [ 19.104137] The buggy address belongs to the physical page: [ 19.104212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10440a [ 19.104348] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.104467] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.104602] page_type: f5(slab) [ 19.104698] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.104830] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.104954] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.105071] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.106172] head: 0bfffe0000000001 ffffc1ffc3110281 00000000ffffffff 00000000ffffffff [ 19.107576] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.108223] page dumped because: kasan: bad access detected [ 19.108312] [ 19.108362] Memory state around the buggy address: [ 19.108438] fff00000c440a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.108544] fff00000c440aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.108648] >fff00000c440aa80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.109125] ^ [ 19.109579] fff00000c440ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.109698] fff00000c440ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.109855] ================================================================== [ 19.123375] ================================================================== [ 19.123486] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.123597] Write of size 1 at addr fff00000c440aada by task kunit_try_catch/159 [ 19.123712] [ 19.123788] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.123998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.124061] Hardware name: linux,dummy-virt (DT) [ 19.124132] Call trace: [ 19.124181] show_stack+0x20/0x38 (C) [ 19.124294] dump_stack_lvl+0x8c/0xd0 [ 19.125572] print_report+0x118/0x608 [ 19.127152] kasan_report+0xdc/0x128 [ 19.127675] __asan_report_store1_noabort+0x20/0x30 [ 19.128142] krealloc_less_oob_helper+0xa80/0xc50 [ 19.128556] krealloc_less_oob+0x20/0x38 [ 19.129021] kunit_try_run_case+0x170/0x3f0 [ 19.129520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.129744] kthread+0x328/0x630 [ 19.130218] ret_from_fork+0x10/0x20 [ 19.130603] [ 19.130649] Allocated by task 159: [ 19.131115] kasan_save_stack+0x3c/0x68 [ 19.131650] kasan_save_track+0x20/0x40 [ 19.132130] kasan_save_alloc_info+0x40/0x58 [ 19.132302] __kasan_krealloc+0x118/0x178 [ 19.132386] krealloc_noprof+0x128/0x360 [ 19.132744] krealloc_less_oob_helper+0x168/0xc50 [ 19.133367] krealloc_less_oob+0x20/0x38 [ 19.133756] kunit_try_run_case+0x170/0x3f0 [ 19.133892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.133997] kthread+0x328/0x630 [ 19.134073] ret_from_fork+0x10/0x20 [ 19.134508] [ 19.134753] The buggy address belongs to the object at fff00000c440aa00 [ 19.134753] which belongs to the cache kmalloc-256 of size 256 [ 19.134889] The buggy address is located 17 bytes to the right of [ 19.134889] allocated 201-byte region [fff00000c440aa00, fff00000c440aac9) [ 19.135708] [ 19.135903] The buggy address belongs to the physical page: [ 19.136143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10440a [ 19.136274] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.136376] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.136503] page_type: f5(slab) [ 19.136593] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.136711] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.137709] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.138026] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.138310] head: 0bfffe0000000001 ffffc1ffc3110281 00000000ffffffff 00000000ffffffff [ 19.138596] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.139164] page dumped because: kasan: bad access detected [ 19.139413] [ 19.139759] Memory state around the buggy address: [ 19.139962] fff00000c440a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.140281] fff00000c440aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.140685] >fff00000c440aa80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.140783] ^ [ 19.141088] fff00000c440ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.141426] fff00000c440ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.141785] ================================================================== [ 19.270861] ================================================================== [ 19.271472] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.272075] Write of size 1 at addr fff00000c79060eb by task kunit_try_catch/163 [ 19.272200] [ 19.272287] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.272481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.272546] Hardware name: linux,dummy-virt (DT) [ 19.272621] Call trace: [ 19.272674] show_stack+0x20/0x38 (C) [ 19.272792] dump_stack_lvl+0x8c/0xd0 [ 19.273159] print_report+0x118/0x608 [ 19.273314] kasan_report+0xdc/0x128 [ 19.273411] __asan_report_store1_noabort+0x20/0x30 [ 19.274300] krealloc_less_oob_helper+0xa58/0xc50 [ 19.274455] krealloc_large_less_oob+0x20/0x38 [ 19.274810] kunit_try_run_case+0x170/0x3f0 [ 19.275036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.275181] kthread+0x328/0x630 [ 19.275285] ret_from_fork+0x10/0x20 [ 19.275666] [ 19.276015] The buggy address belongs to the physical page: [ 19.276144] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107904 [ 19.276327] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.276630] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.276989] page_type: f8(unknown) [ 19.277108] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.277686] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.277842] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.278806] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.279016] head: 0bfffe0000000002 ffffc1ffc31e4101 00000000ffffffff 00000000ffffffff [ 19.279696] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.279791] page dumped because: kasan: bad access detected [ 19.279893] [ 19.279939] Memory state around the buggy address: [ 19.280228] fff00000c7905f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.280392] fff00000c7906000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.280739] >fff00000c7906080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.280849] ^ [ 19.280946] fff00000c7906100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.281285] fff00000c7906180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.282227] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 19.063880] ================================================================== [ 19.064024] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.064226] Write of size 1 at addr fff00000c440a8f0 by task kunit_try_catch/157 [ 19.064513] [ 19.064627] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.064923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.064996] Hardware name: linux,dummy-virt (DT) [ 19.065104] Call trace: [ 19.065173] show_stack+0x20/0x38 (C) [ 19.065282] dump_stack_lvl+0x8c/0xd0 [ 19.065437] print_report+0x118/0x608 [ 19.065551] kasan_report+0xdc/0x128 [ 19.065661] __asan_report_store1_noabort+0x20/0x30 [ 19.065784] krealloc_more_oob_helper+0x5c0/0x678 [ 19.065920] krealloc_more_oob+0x20/0x38 [ 19.066036] kunit_try_run_case+0x170/0x3f0 [ 19.066160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.066341] kthread+0x328/0x630 [ 19.066488] ret_from_fork+0x10/0x20 [ 19.066673] [ 19.066739] Allocated by task 157: [ 19.066872] kasan_save_stack+0x3c/0x68 [ 19.066959] kasan_save_track+0x20/0x40 [ 19.067345] kasan_save_alloc_info+0x40/0x58 [ 19.067475] __kasan_krealloc+0x118/0x178 [ 19.067667] krealloc_noprof+0x128/0x360 [ 19.067766] krealloc_more_oob_helper+0x168/0x678 [ 19.067870] krealloc_more_oob+0x20/0x38 [ 19.067956] kunit_try_run_case+0x170/0x3f0 [ 19.068058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.068142] kthread+0x328/0x630 [ 19.068209] ret_from_fork+0x10/0x20 [ 19.068285] [ 19.068326] The buggy address belongs to the object at fff00000c440a800 [ 19.068326] which belongs to the cache kmalloc-256 of size 256 [ 19.068701] The buggy address is located 5 bytes to the right of [ 19.068701] allocated 235-byte region [fff00000c440a800, fff00000c440a8eb) [ 19.068923] [ 19.068974] The buggy address belongs to the physical page: [ 19.069047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10440a [ 19.069172] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.069286] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.069406] page_type: f5(slab) [ 19.069498] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.069621] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.069742] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.070143] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.070879] head: 0bfffe0000000001 ffffc1ffc3110281 00000000ffffffff 00000000ffffffff [ 19.071111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.071217] page dumped because: kasan: bad access detected [ 19.071290] [ 19.071335] Memory state around the buggy address: [ 19.071411] fff00000c440a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.071538] fff00000c440a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.071641] >fff00000c440a880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.071726] ^ [ 19.071835] fff00000c440a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.071944] fff00000c440a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.072042] ================================================================== [ 19.193034] ================================================================== [ 19.193325] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.193437] Write of size 1 at addr fff00000c79060f0 by task kunit_try_catch/161 [ 19.193546] [ 19.193640] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.193811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.193894] Hardware name: linux,dummy-virt (DT) [ 19.193954] Call trace: [ 19.193994] show_stack+0x20/0x38 (C) [ 19.194098] dump_stack_lvl+0x8c/0xd0 [ 19.194150] print_report+0x118/0x608 [ 19.194205] kasan_report+0xdc/0x128 [ 19.194254] __asan_report_store1_noabort+0x20/0x30 [ 19.194309] krealloc_more_oob_helper+0x5c0/0x678 [ 19.194361] krealloc_large_more_oob+0x20/0x38 [ 19.194412] kunit_try_run_case+0x170/0x3f0 [ 19.194462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.194517] kthread+0x328/0x630 [ 19.194580] ret_from_fork+0x10/0x20 [ 19.194634] [ 19.194658] The buggy address belongs to the physical page: [ 19.194693] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107904 [ 19.194749] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.194797] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.194901] page_type: f8(unknown) [ 19.194986] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.195142] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.195347] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.195528] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.195709] head: 0bfffe0000000002 ffffc1ffc31e4101 00000000ffffffff 00000000ffffffff [ 19.196666] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.197245] page dumped because: kasan: bad access detected [ 19.197334] [ 19.197455] Memory state around the buggy address: [ 19.197544] fff00000c7905f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.197721] fff00000c7906000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.197840] >fff00000c7906080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.197917] ^ [ 19.197990] fff00000c7906100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.198069] fff00000c7906180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.198136] ================================================================== [ 19.186225] ================================================================== [ 19.186418] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.186597] Write of size 1 at addr fff00000c79060eb by task kunit_try_catch/161 [ 19.186707] [ 19.186780] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.186955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.187016] Hardware name: linux,dummy-virt (DT) [ 19.187087] Call trace: [ 19.187134] show_stack+0x20/0x38 (C) [ 19.187248] dump_stack_lvl+0x8c/0xd0 [ 19.187402] print_report+0x118/0x608 [ 19.187552] kasan_report+0xdc/0x128 [ 19.187695] __asan_report_store1_noabort+0x20/0x30 [ 19.187856] krealloc_more_oob_helper+0x60c/0x678 [ 19.187951] krealloc_large_more_oob+0x20/0x38 [ 19.188055] kunit_try_run_case+0x170/0x3f0 [ 19.188363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.188480] kthread+0x328/0x630 [ 19.188578] ret_from_fork+0x10/0x20 [ 19.188674] [ 19.188748] The buggy address belongs to the physical page: [ 19.189461] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107904 [ 19.189592] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.189700] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.189830] page_type: f8(unknown) [ 19.189912] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.190007] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.190130] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.190232] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.190325] head: 0bfffe0000000002 ffffc1ffc31e4101 00000000ffffffff 00000000ffffffff [ 19.190424] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.190503] page dumped because: kasan: bad access detected [ 19.190860] [ 19.190915] Memory state around the buggy address: [ 19.191007] fff00000c7905f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.191164] fff00000c7906000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.191307] >fff00000c7906080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.191435] ^ [ 19.191569] fff00000c7906100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.191674] fff00000c7906180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.191807] ================================================================== [ 19.052428] ================================================================== [ 19.052711] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.053131] Write of size 1 at addr fff00000c440a8eb by task kunit_try_catch/157 [ 19.053308] [ 19.053389] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.053553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.053605] Hardware name: linux,dummy-virt (DT) [ 19.053668] Call trace: [ 19.053715] show_stack+0x20/0x38 (C) [ 19.053843] dump_stack_lvl+0x8c/0xd0 [ 19.054392] print_report+0x118/0x608 [ 19.054755] kasan_report+0xdc/0x128 [ 19.055106] __asan_report_store1_noabort+0x20/0x30 [ 19.055347] krealloc_more_oob_helper+0x60c/0x678 [ 19.055625] krealloc_more_oob+0x20/0x38 [ 19.055754] kunit_try_run_case+0x170/0x3f0 [ 19.055874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.055992] kthread+0x328/0x630 [ 19.056230] ret_from_fork+0x10/0x20 [ 19.056682] [ 19.056745] Allocated by task 157: [ 19.056992] kasan_save_stack+0x3c/0x68 [ 19.057104] kasan_save_track+0x20/0x40 [ 19.057430] kasan_save_alloc_info+0x40/0x58 [ 19.057665] __kasan_krealloc+0x118/0x178 [ 19.057929] krealloc_noprof+0x128/0x360 [ 19.058067] krealloc_more_oob_helper+0x168/0x678 [ 19.058177] krealloc_more_oob+0x20/0x38 [ 19.058263] kunit_try_run_case+0x170/0x3f0 [ 19.058353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.058438] kthread+0x328/0x630 [ 19.058500] ret_from_fork+0x10/0x20 [ 19.059045] [ 19.059104] The buggy address belongs to the object at fff00000c440a800 [ 19.059104] which belongs to the cache kmalloc-256 of size 256 [ 19.059180] The buggy address is located 0 bytes to the right of [ 19.059180] allocated 235-byte region [fff00000c440a800, fff00000c440a8eb) [ 19.059246] [ 19.059270] The buggy address belongs to the physical page: [ 19.059305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10440a [ 19.059367] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.059418] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.059478] page_type: f5(slab) [ 19.059525] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.059578] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.059630] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.059683] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.059734] head: 0bfffe0000000001 ffffc1ffc3110281 00000000ffffffff 00000000ffffffff [ 19.059783] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.059854] page dumped because: kasan: bad access detected [ 19.059928] [ 19.059977] Memory state around the buggy address: [ 19.060071] fff00000c440a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.060171] fff00000c440a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.060272] >fff00000c440a880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.060361] ^ [ 19.060453] fff00000c440a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.060583] fff00000c440a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.060662] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 19.026483] ================================================================== [ 19.026632] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 19.026774] Read of size 1 at addr fff00000c7920000 by task kunit_try_catch/155 [ 19.026915] [ 19.027002] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.027207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.027274] Hardware name: linux,dummy-virt (DT) [ 19.027350] Call trace: [ 19.027404] show_stack+0x20/0x38 (C) [ 19.027525] dump_stack_lvl+0x8c/0xd0 [ 19.027642] print_report+0x118/0x608 [ 19.027771] kasan_report+0xdc/0x128 [ 19.028373] __asan_report_load1_noabort+0x20/0x30 [ 19.028542] page_alloc_uaf+0x328/0x350 [ 19.028645] kunit_try_run_case+0x170/0x3f0 [ 19.028794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.029158] kthread+0x328/0x630 [ 19.029346] ret_from_fork+0x10/0x20 [ 19.029671] [ 19.029726] The buggy address belongs to the physical page: [ 19.029793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107920 [ 19.029935] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.030058] page_type: f0(buddy) [ 19.030419] raw: 0bfffe0000000000 fff00000ff616108 fff00000ff616108 0000000000000000 [ 19.030702] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 19.030889] page dumped because: kasan: bad access detected [ 19.030972] [ 19.031068] Memory state around the buggy address: [ 19.031144] fff00000c791ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.031474] fff00000c791ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.031596] >fff00000c7920000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.033548] ^ [ 19.033764] fff00000c7920080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.034340] fff00000c7920100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.034718] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 18.975081] ================================================================== [ 18.975632] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 18.975889] Free of addr fff00000c66a4001 by task kunit_try_catch/151 [ 18.976083] [ 18.976238] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.976496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.976785] Hardware name: linux,dummy-virt (DT) [ 18.976885] Call trace: [ 18.977040] show_stack+0x20/0x38 (C) [ 18.977254] dump_stack_lvl+0x8c/0xd0 [ 18.977392] print_report+0x118/0x608 [ 18.977492] kasan_report_invalid_free+0xc0/0xe8 [ 18.977587] __kasan_kfree_large+0x5c/0xa8 [ 18.977690] free_large_kmalloc+0x64/0x190 [ 18.978047] kfree+0x270/0x3c8 [ 18.978159] kmalloc_large_invalid_free+0x108/0x270 [ 18.978352] kunit_try_run_case+0x170/0x3f0 [ 18.978551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.979132] kthread+0x328/0x630 [ 18.979390] ret_from_fork+0x10/0x20 [ 18.979721] [ 18.979881] The buggy address belongs to the physical page: [ 18.980023] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066a4 [ 18.980162] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.980557] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.980796] page_type: f8(unknown) [ 18.981004] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.981248] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.981504] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.981891] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.982025] head: 0bfffe0000000002 ffffc1ffc319a901 00000000ffffffff 00000000ffffffff [ 18.982149] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.982249] page dumped because: kasan: bad access detected [ 18.982375] [ 18.982449] Memory state around the buggy address: [ 18.982660] fff00000c66a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.982905] fff00000c66a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.982994] >fff00000c66a4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.983403] ^ [ 18.983477] fff00000c66a4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.983655] fff00000c66a4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.984007] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 18.951446] ================================================================== [ 18.951727] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 18.952030] Read of size 1 at addr fff00000c66a4000 by task kunit_try_catch/149 [ 18.952427] [ 18.952617] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.953731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.953837] Hardware name: linux,dummy-virt (DT) [ 18.953948] Call trace: [ 18.954028] show_stack+0x20/0x38 (C) [ 18.954402] dump_stack_lvl+0x8c/0xd0 [ 18.954510] print_report+0x118/0x608 [ 18.954624] kasan_report+0xdc/0x128 [ 18.954764] __asan_report_load1_noabort+0x20/0x30 [ 18.954901] kmalloc_large_uaf+0x2cc/0x2f8 [ 18.955087] kunit_try_run_case+0x170/0x3f0 [ 18.955393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.955597] kthread+0x328/0x630 [ 18.955977] ret_from_fork+0x10/0x20 [ 18.956112] [ 18.956171] The buggy address belongs to the physical page: [ 18.956249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066a4 [ 18.956378] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.956542] raw: 0bfffe0000000000 ffffc1ffc31e4008 fff00000da456c40 0000000000000000 [ 18.956708] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.956809] page dumped because: kasan: bad access detected [ 18.956897] [ 18.956943] Memory state around the buggy address: [ 18.957020] fff00000c66a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.957123] fff00000c66a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.957262] >fff00000c66a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.957392] ^ [ 18.957514] fff00000c66a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.957666] fff00000c66a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.957757] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 18.929040] ================================================================== [ 18.929261] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 18.929394] Write of size 1 at addr fff00000c66a600a by task kunit_try_catch/147 [ 18.929509] [ 18.929594] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.929789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.929858] Hardware name: linux,dummy-virt (DT) [ 18.929921] Call trace: [ 18.930000] show_stack+0x20/0x38 (C) [ 18.930116] dump_stack_lvl+0x8c/0xd0 [ 18.930214] print_report+0x118/0x608 [ 18.930311] kasan_report+0xdc/0x128 [ 18.930411] __asan_report_store1_noabort+0x20/0x30 [ 18.930523] kmalloc_large_oob_right+0x278/0x2b8 [ 18.930626] kunit_try_run_case+0x170/0x3f0 [ 18.930723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.930871] kthread+0x328/0x630 [ 18.931014] ret_from_fork+0x10/0x20 [ 18.931172] [ 18.931269] The buggy address belongs to the physical page: [ 18.931343] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066a4 [ 18.931468] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.931564] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.931711] page_type: f8(unknown) [ 18.931801] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.931944] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.932148] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.932291] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.932413] head: 0bfffe0000000002 ffffc1ffc319a901 00000000ffffffff 00000000ffffffff [ 18.932526] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.932617] page dumped because: kasan: bad access detected [ 18.933449] [ 18.933535] Memory state around the buggy address: [ 18.933753] fff00000c66a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.934334] fff00000c66a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.934570] >fff00000c66a6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.934721] ^ [ 18.934945] fff00000c66a6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.935084] fff00000c66a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.935272] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 18.896940] ================================================================== [ 18.897086] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 18.898332] Write of size 1 at addr fff00000c78e9f00 by task kunit_try_catch/145 [ 18.898520] [ 18.899109] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.899745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.900249] Hardware name: linux,dummy-virt (DT) [ 18.900340] Call trace: [ 18.900395] show_stack+0x20/0x38 (C) [ 18.900521] dump_stack_lvl+0x8c/0xd0 [ 18.901526] print_report+0x118/0x608 [ 18.901750] kasan_report+0xdc/0x128 [ 18.901857] __asan_report_store1_noabort+0x20/0x30 [ 18.901963] kmalloc_big_oob_right+0x2a4/0x2f0 [ 18.903135] kunit_try_run_case+0x170/0x3f0 [ 18.903352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.903476] kthread+0x328/0x630 [ 18.903577] ret_from_fork+0x10/0x20 [ 18.903691] [ 18.903735] Allocated by task 145: [ 18.904992] kasan_save_stack+0x3c/0x68 [ 18.905390] kasan_save_track+0x20/0x40 [ 18.905467] kasan_save_alloc_info+0x40/0x58 [ 18.906150] __kasan_kmalloc+0xd4/0xd8 [ 18.906407] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.907061] kmalloc_big_oob_right+0xb8/0x2f0 [ 18.907240] kunit_try_run_case+0x170/0x3f0 [ 18.907656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.907847] kthread+0x328/0x630 [ 18.907928] ret_from_fork+0x10/0x20 [ 18.908288] [ 18.908475] The buggy address belongs to the object at fff00000c78e8000 [ 18.908475] which belongs to the cache kmalloc-8k of size 8192 [ 18.909134] The buggy address is located 0 bytes to the right of [ 18.909134] allocated 7936-byte region [fff00000c78e8000, fff00000c78e9f00) [ 18.909805] [ 18.909904] The buggy address belongs to the physical page: [ 18.910542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e8 [ 18.910726] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.910880] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.911033] page_type: f5(slab) [ 18.911142] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 18.912879] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 18.913016] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 18.913151] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 18.913265] head: 0bfffe0000000003 ffffc1ffc31e3a01 00000000ffffffff 00000000ffffffff [ 18.913319] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.913363] page dumped because: kasan: bad access detected [ 18.913397] [ 18.913418] Memory state around the buggy address: [ 18.913458] fff00000c78e9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.913503] fff00000c78e9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.913547] >fff00000c78e9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.913586] ^ [ 18.913617] fff00000c78e9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.913660] fff00000c78ea000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.913699] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 18.854411] ================================================================== [ 18.854661] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.854868] Write of size 1 at addr fff00000c4569a78 by task kunit_try_catch/143 [ 18.854973] [ 18.855089] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.855328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.855399] Hardware name: linux,dummy-virt (DT) [ 18.855486] Call trace: [ 18.855541] show_stack+0x20/0x38 (C) [ 18.855676] dump_stack_lvl+0x8c/0xd0 [ 18.855800] print_report+0x118/0x608 [ 18.855929] kasan_report+0xdc/0x128 [ 18.856061] __asan_report_store1_noabort+0x20/0x30 [ 18.856168] kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.856317] kunit_try_run_case+0x170/0x3f0 [ 18.856446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.856554] kthread+0x328/0x630 [ 18.856632] ret_from_fork+0x10/0x20 [ 18.856729] [ 18.856767] Allocated by task 143: [ 18.856845] kasan_save_stack+0x3c/0x68 [ 18.856951] kasan_save_track+0x20/0x40 [ 18.857072] kasan_save_alloc_info+0x40/0x58 [ 18.857210] __kasan_kmalloc+0xd4/0xd8 [ 18.857261] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.857320] kmalloc_track_caller_oob_right+0xa8/0x488 [ 18.857438] kunit_try_run_case+0x170/0x3f0 [ 18.857634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.857840] kthread+0x328/0x630 [ 18.857916] ret_from_fork+0x10/0x20 [ 18.857986] [ 18.858025] The buggy address belongs to the object at fff00000c4569a00 [ 18.858025] which belongs to the cache kmalloc-128 of size 128 [ 18.858157] The buggy address is located 0 bytes to the right of [ 18.858157] allocated 120-byte region [fff00000c4569a00, fff00000c4569a78) [ 18.858760] [ 18.859070] The buggy address belongs to the physical page: [ 18.859162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104569 [ 18.859494] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.859788] page_type: f5(slab) [ 18.859968] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.860351] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.860524] page dumped because: kasan: bad access detected [ 18.860725] [ 18.860782] Memory state around the buggy address: [ 18.860871] fff00000c4569900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.861998] fff00000c4569980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.862070] >fff00000c4569a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.862115] ^ [ 18.862164] fff00000c4569a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.862210] fff00000c4569b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.862250] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 18.813019] ================================================================== [ 18.813429] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 18.813623] Read of size 1 at addr fff00000c5ecf000 by task kunit_try_catch/141 [ 18.813847] [ 18.814000] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.814162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.814814] Hardware name: linux,dummy-virt (DT) [ 18.815143] Call trace: [ 18.815196] show_stack+0x20/0x38 (C) [ 18.815586] dump_stack_lvl+0x8c/0xd0 [ 18.816139] print_report+0x118/0x608 [ 18.816611] kasan_report+0xdc/0x128 [ 18.817073] __asan_report_load1_noabort+0x20/0x30 [ 18.818159] kmalloc_node_oob_right+0x2f4/0x330 [ 18.818921] kunit_try_run_case+0x170/0x3f0 [ 18.819069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.819726] kthread+0x328/0x630 [ 18.820001] ret_from_fork+0x10/0x20 [ 18.820349] [ 18.820599] Allocated by task 141: [ 18.820750] kasan_save_stack+0x3c/0x68 [ 18.820876] kasan_save_track+0x20/0x40 [ 18.820970] kasan_save_alloc_info+0x40/0x58 [ 18.821068] __kasan_kmalloc+0xd4/0xd8 [ 18.822471] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 18.822703] kmalloc_node_oob_right+0xbc/0x330 [ 18.822978] kunit_try_run_case+0x170/0x3f0 [ 18.823209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.823397] kthread+0x328/0x630 [ 18.823483] ret_from_fork+0x10/0x20 [ 18.823566] [ 18.823612] The buggy address belongs to the object at fff00000c5ece000 [ 18.823612] which belongs to the cache kmalloc-4k of size 4096 [ 18.823754] The buggy address is located 0 bytes to the right of [ 18.823754] allocated 4096-byte region [fff00000c5ece000, fff00000c5ecf000) [ 18.823925] [ 18.823975] The buggy address belongs to the physical page: [ 18.824142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ec8 [ 18.825962] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.826120] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.826706] page_type: f5(slab) [ 18.826923] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.827125] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.827291] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.827408] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.827533] head: 0bfffe0000000003 ffffc1ffc317b201 00000000ffffffff 00000000ffffffff [ 18.827664] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.827772] page dumped because: kasan: bad access detected [ 18.827864] [ 18.827909] Memory state around the buggy address: [ 18.827987] fff00000c5ecef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.828093] fff00000c5ecef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.828200] >fff00000c5ecf000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.828293] ^ [ 18.828364] fff00000c5ecf080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.828477] fff00000c5ecf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.828578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 18.783721] ================================================================== [ 18.784023] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 18.784262] Read of size 1 at addr fff00000c4561a5f by task kunit_try_catch/139 [ 18.784457] [ 18.784629] CPU: 0 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.785194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.785309] Hardware name: linux,dummy-virt (DT) [ 18.785394] Call trace: [ 18.785451] show_stack+0x20/0x38 (C) [ 18.785585] dump_stack_lvl+0x8c/0xd0 [ 18.785700] print_report+0x118/0x608 [ 18.785815] kasan_report+0xdc/0x128 [ 18.785945] __asan_report_load1_noabort+0x20/0x30 [ 18.786293] kmalloc_oob_left+0x2ec/0x320 [ 18.786546] kunit_try_run_case+0x170/0x3f0 [ 18.786950] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.787369] kthread+0x328/0x630 [ 18.787872] ret_from_fork+0x10/0x20 [ 18.788183] [ 18.788241] Allocated by task 26: [ 18.788315] kasan_save_stack+0x3c/0x68 [ 18.788792] kasan_save_track+0x20/0x40 [ 18.789153] kasan_save_alloc_info+0x40/0x58 [ 18.789378] __kasan_kmalloc+0xd4/0xd8 [ 18.789466] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.790695] kstrdup+0x54/0xc8 [ 18.790781] devtmpfs_work_loop+0x6f8/0xa58 [ 18.791448] devtmpfsd+0x50/0x58 [ 18.791574] kthread+0x328/0x630 [ 18.791672] ret_from_fork+0x10/0x20 [ 18.791807] [ 18.791918] Freed by task 26: [ 18.792010] kasan_save_stack+0x3c/0x68 [ 18.792932] kasan_save_track+0x20/0x40 [ 18.793073] kasan_save_free_info+0x4c/0x78 [ 18.793269] __kasan_slab_free+0x6c/0x98 [ 18.793364] kfree+0x214/0x3c8 [ 18.793570] devtmpfs_work_loop+0x804/0xa58 [ 18.793649] devtmpfsd+0x50/0x58 [ 18.793708] kthread+0x328/0x630 [ 18.794198] ret_from_fork+0x10/0x20 [ 18.794364] [ 18.794481] The buggy address belongs to the object at fff00000c4561a40 [ 18.794481] which belongs to the cache kmalloc-16 of size 16 [ 18.794634] The buggy address is located 15 bytes to the right of [ 18.794634] allocated 16-byte region [fff00000c4561a40, fff00000c4561a50) [ 18.794991] [ 18.795045] The buggy address belongs to the physical page: [ 18.795129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104561 [ 18.795448] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.795673] page_type: f5(slab) [ 18.796026] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.796236] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.796447] page dumped because: kasan: bad access detected [ 18.796535] [ 18.796579] Memory state around the buggy address: [ 18.796668] fff00000c4561900: 00 00 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 18.797055] fff00000c4561980: fa fb fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 18.797358] >fff00000c4561a00: fa fb fc fc 00 05 fc fc fa fb fc fc 00 07 fc fc [ 18.797480] ^ [ 18.797566] fff00000c4561a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.797669] fff00000c4561b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.797749] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 18.737171] ================================================================== [ 18.737273] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 18.737929] Read of size 1 at addr fff00000c4569980 by task kunit_try_catch/137 [ 18.738097] [ 18.738238] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.738441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.738498] Hardware name: linux,dummy-virt (DT) [ 18.738566] Call trace: [ 18.738607] show_stack+0x20/0x38 (C) [ 18.738748] dump_stack_lvl+0x8c/0xd0 [ 18.738874] print_report+0x118/0x608 [ 18.738977] kasan_report+0xdc/0x128 [ 18.739083] __asan_report_load1_noabort+0x20/0x30 [ 18.739205] kmalloc_oob_right+0x5d0/0x660 [ 18.739313] kunit_try_run_case+0x170/0x3f0 [ 18.739426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.739555] kthread+0x328/0x630 [ 18.739656] ret_from_fork+0x10/0x20 [ 18.739768] [ 18.739809] Allocated by task 137: [ 18.740372] kasan_save_stack+0x3c/0x68 [ 18.740550] kasan_save_track+0x20/0x40 [ 18.740686] kasan_save_alloc_info+0x40/0x58 [ 18.740896] __kasan_kmalloc+0xd4/0xd8 [ 18.740978] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.741256] kmalloc_oob_right+0xb0/0x660 [ 18.741341] kunit_try_run_case+0x170/0x3f0 [ 18.741522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.741697] kthread+0x328/0x630 [ 18.741790] ret_from_fork+0x10/0x20 [ 18.741875] [ 18.741910] The buggy address belongs to the object at fff00000c4569900 [ 18.741910] which belongs to the cache kmalloc-128 of size 128 [ 18.742035] The buggy address is located 13 bytes to the right of [ 18.742035] allocated 115-byte region [fff00000c4569900, fff00000c4569973) [ 18.742485] [ 18.742562] The buggy address belongs to the physical page: [ 18.742732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104569 [ 18.742873] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.742986] page_type: f5(slab) [ 18.743079] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.743209] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.743303] page dumped because: kasan: bad access detected [ 18.743392] [ 18.743458] Memory state around the buggy address: [ 18.743548] fff00000c4569880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.743692] fff00000c4569900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.743789] >fff00000c4569980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.743915] ^ [ 18.743986] fff00000c4569a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.744129] fff00000c4569a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.744257] ================================================================== [ 18.721008] ================================================================== [ 18.721601] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 18.723087] Write of size 1 at addr fff00000c4569973 by task kunit_try_catch/137 [ 18.723222] [ 18.724216] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 18.724396] Tainted: [N]=TEST [ 18.724437] Hardware name: linux,dummy-virt (DT) [ 18.724714] Call trace: [ 18.724945] show_stack+0x20/0x38 (C) [ 18.725118] dump_stack_lvl+0x8c/0xd0 [ 18.725227] print_report+0x118/0x608 [ 18.725319] kasan_report+0xdc/0x128 [ 18.725410] __asan_report_store1_noabort+0x20/0x30 [ 18.725511] kmalloc_oob_right+0x5a4/0x660 [ 18.725593] kunit_try_run_case+0x170/0x3f0 [ 18.725648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.725703] kthread+0x328/0x630 [ 18.725750] ret_from_fork+0x10/0x20 [ 18.725967] [ 18.726013] Allocated by task 137: [ 18.726147] kasan_save_stack+0x3c/0x68 [ 18.726228] kasan_save_track+0x20/0x40 [ 18.726273] kasan_save_alloc_info+0x40/0x58 [ 18.726317] __kasan_kmalloc+0xd4/0xd8 [ 18.726356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.726399] kmalloc_oob_right+0xb0/0x660 [ 18.726437] kunit_try_run_case+0x170/0x3f0 [ 18.726477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.726521] kthread+0x328/0x630 [ 18.726571] ret_from_fork+0x10/0x20 [ 18.726633] [ 18.726704] The buggy address belongs to the object at fff00000c4569900 [ 18.726704] which belongs to the cache kmalloc-128 of size 128 [ 18.726811] The buggy address is located 0 bytes to the right of [ 18.726811] allocated 115-byte region [fff00000c4569900, fff00000c4569973) [ 18.726907] [ 18.727004] The buggy address belongs to the physical page: [ 18.727291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104569 [ 18.727638] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.728019] page_type: f5(slab) [ 18.728399] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.728472] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.728599] page dumped because: kasan: bad access detected [ 18.728643] [ 18.728671] Memory state around the buggy address: [ 18.728949] fff00000c4569800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.729027] fff00000c4569880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.729086] >fff00000c4569900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.729167] ^ [ 18.729348] fff00000c4569980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.729445] fff00000c4569a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.729572] ================================================================== [ 18.731169] ================================================================== [ 18.731299] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 18.731456] Write of size 1 at addr fff00000c4569978 by task kunit_try_catch/137 [ 18.731579] [ 18.731654] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.731936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.732023] Hardware name: linux,dummy-virt (DT) [ 18.732120] Call trace: [ 18.732187] show_stack+0x20/0x38 (C) [ 18.732340] dump_stack_lvl+0x8c/0xd0 [ 18.732491] print_report+0x118/0x608 [ 18.732640] kasan_report+0xdc/0x128 [ 18.732763] __asan_report_store1_noabort+0x20/0x30 [ 18.732890] kmalloc_oob_right+0x538/0x660 [ 18.732986] kunit_try_run_case+0x170/0x3f0 [ 18.733093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.733249] kthread+0x328/0x630 [ 18.733335] ret_from_fork+0x10/0x20 [ 18.733448] [ 18.733494] Allocated by task 137: [ 18.733558] kasan_save_stack+0x3c/0x68 [ 18.733640] kasan_save_track+0x20/0x40 [ 18.733713] kasan_save_alloc_info+0x40/0x58 [ 18.733791] __kasan_kmalloc+0xd4/0xd8 [ 18.733888] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.733964] kmalloc_oob_right+0xb0/0x660 [ 18.734045] kunit_try_run_case+0x170/0x3f0 [ 18.734123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.734204] kthread+0x328/0x630 [ 18.734267] ret_from_fork+0x10/0x20 [ 18.734337] [ 18.734377] The buggy address belongs to the object at fff00000c4569900 [ 18.734377] which belongs to the cache kmalloc-128 of size 128 [ 18.734513] The buggy address is located 5 bytes to the right of [ 18.734513] allocated 115-byte region [fff00000c4569900, fff00000c4569973) [ 18.734711] [ 18.734782] The buggy address belongs to the physical page: [ 18.734901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104569 [ 18.735037] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.735160] page_type: f5(slab) [ 18.735291] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.735462] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.735608] page dumped because: kasan: bad access detected [ 18.735875] [ 18.735921] Memory state around the buggy address: [ 18.735994] fff00000c4569800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.736105] fff00000c4569880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.736192] >fff00000c4569900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.736273] ^ [ 18.736353] fff00000c4569980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.736444] fff00000c4569a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.736533] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 100.619344] WARNING: CPU: 0 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 100.620443] Modules linked in: [ 100.620758] CPU: 0 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 100.622185] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 100.622695] Hardware name: linux,dummy-virt (DT) [ 100.623239] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 100.623855] pc : intlog10+0x38/0x48 [ 100.624256] lr : intlog10_test+0xe4/0x200 [ 100.624659] sp : ffff8000823a7c10 [ 100.624982] x29: ffff8000823a7c90 x28: 0000000000000000 x27: 0000000000000000 [ 100.625924] x26: 1ffe0000195bde01 x25: 0000000000000000 x24: ffff8000823a7ce0 [ 100.626612] x23: ffff8000823a7d00 x22: 0000000000000000 x21: 1ffff00010474f82 [ 100.627244] x20: ffff9c38c8489e80 x19: ffff800080087990 x18: 0000000082fe4f90 [ 100.627939] x17: 000000000b5cb71a x16: fff00000c097583c x15: fff00000ff616b08 [ 100.628521] x14: 0000000000018fff x13: 1ffe00001b48a589 x12: ffff738719863379 [ 100.629106] x11: 1ffff38719863378 x10: ffff738719863378 x9 : ffff9c38c5a3735c [ 100.629857] x8 : ffff9c38cc319bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 100.630624] x5 : ffff700010474f82 x4 : 1ffff00010010f3a x3 : 1ffff387190913d0 [ 100.631261] x2 : 1ffff387190913d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 100.631932] Call trace: [ 100.632171] intlog10+0x38/0x48 (P) [ 100.632530] kunit_try_run_case+0x170/0x3f0 [ 100.633017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 100.633499] kthread+0x328/0x630 [ 100.633876] ret_from_fork+0x10/0x20 [ 100.634311] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 100.544167] WARNING: CPU: 0 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 100.545733] Modules linked in: [ 100.546201] CPU: 0 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 100.547759] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 100.548135] Hardware name: linux,dummy-virt (DT) [ 100.548730] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 100.549492] pc : intlog2+0xd8/0xf8 [ 100.549759] lr : intlog2_test+0xe4/0x200 [ 100.550084] sp : ffff800082327c10 [ 100.550309] x29: ffff800082327c90 x28: 0000000000000000 x27: 0000000000000000 [ 100.550803] x26: 1ffe000019618001 x25: 0000000000000000 x24: ffff800082327ce0 [ 100.551798] x23: ffff800082327d00 x22: 0000000000000000 x21: 1ffff00010464f82 [ 100.552498] x20: ffff9c38c8489d80 x19: ffff800080087990 x18: 00000000f25e43c8 [ 100.553588] x17: 0000000058c2a34a x16: 0000000000000100 x15: 0000000053202242 [ 100.554128] x14: 00000000883cf921 x13: 1ffe00001b48a589 x12: ffff738719863379 [ 100.554662] x11: 1ffff38719863378 x10: ffff738719863378 x9 : ffff9c38c5a3755c [ 100.555451] x8 : ffff9c38cc319bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 100.556131] x5 : ffff700010464f82 x4 : 1ffff00010010f3a x3 : 1ffff387190913b0 [ 100.556565] x2 : 1ffff387190913b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 100.557414] Call trace: [ 100.557762] intlog2+0xd8/0xf8 (P) [ 100.558162] kunit_try_run_case+0x170/0x3f0 [ 100.558576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 100.559127] kthread+0x328/0x630 [ 100.559514] ret_from_fork+0x10/0x20 [ 100.560067] ---[ end trace 0000000000000000 ]---