Date
July 12, 2025, 11:09 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.073618] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858 [ 19.061350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 19.032582] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 19.055727] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 18.931064] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 18.913803] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 96.863061] Internal error: Oops: 0000000096000005 [#1] SMP [ 96.868770] Modules linked in: [ 96.869857] CPU: 1 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 96.870914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 96.871559] Hardware name: linux,dummy-virt (DT) [ 96.872311] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.872928] pc : kunit_test_null_dereference+0x70/0x170 [ 96.873224] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.873478] sp : ffff800080f67d30 [ 96.873658] x29: ffff800080f67d90 x28: 0000000000000000 x27: 0000000000000000 [ 96.874083] x26: 1ffe0000188be461 x25: 0000000000000000 x24: 0000000000000004 [ 96.874900] x23: fff00000c45f230c x22: ffff9433e2a22478 x21: fff00000c1349688 [ 96.875920] x20: 1ffff000101ecfa6 x19: ffff800080087990 x18: 000000006bfaedf0 [ 96.876584] x17: 000000006366d49e x16: fff00000c0975c3c x15: fff00000ff616b08 [ 96.877246] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: fffd800019287dc4 [ 96.877852] x11: 1ffe000019287dc3 x10: fffd800019287dc3 x9 : ffff9433e2a198e0 [ 96.878359] x8 : ffff800080f67c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 96.878777] x5 : ffff7000101ecfa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 96.879236] x2 : dfff800000000000 x1 : fff00000c943e540 x0 : ffff800080087990 [ 96.879867] Call trace: [ 96.880082] kunit_test_null_dereference+0x70/0x170 (P) [ 96.880433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.880727] kthread+0x328/0x630 [ 96.880966] ret_from_fork+0x10/0x20 [ 96.881477] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 96.882045] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.044305] ================================================================== [ 51.044389] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 51.044389] [ 51.044484] Use-after-free read at 0x000000007bd00904 (in kfence-#165): [ 51.044539] test_krealloc+0x51c/0x830 [ 51.044583] kunit_try_run_case+0x170/0x3f0 [ 51.044629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.044673] kthread+0x328/0x630 [ 51.044712] ret_from_fork+0x10/0x20 [ 51.044753] [ 51.044777] kfence-#165: 0x000000007bd00904-0x00000000488faae2, size=32, cache=kmalloc-32 [ 51.044777] [ 51.044832] allocated by task 337 on cpu 1 at 51.043650s (0.001178s ago): [ 51.044901] test_alloc+0x29c/0x628 [ 51.044941] test_krealloc+0xc0/0x830 [ 51.044981] kunit_try_run_case+0x170/0x3f0 [ 51.045021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.045063] kthread+0x328/0x630 [ 51.045100] ret_from_fork+0x10/0x20 [ 51.045137] [ 51.045160] freed by task 337 on cpu 1 at 51.043888s (0.001268s ago): [ 51.045235] krealloc_noprof+0x148/0x360 [ 51.045274] test_krealloc+0x1dc/0x830 [ 51.045314] kunit_try_run_case+0x170/0x3f0 [ 51.045354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.045397] kthread+0x328/0x630 [ 51.045433] ret_from_fork+0x10/0x20 [ 51.045473] [ 51.045521] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 51.045600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.045630] Hardware name: linux,dummy-virt (DT) [ 51.045665] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.955774] ================================================================== [ 50.955876] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.955876] [ 50.955980] Use-after-free read at 0x000000000c9c00fd (in kfence-#164): [ 50.956037] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.956088] kunit_try_run_case+0x170/0x3f0 [ 50.956135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.956199] kthread+0x328/0x630 [ 50.956241] ret_from_fork+0x10/0x20 [ 50.956283] [ 50.956310] kfence-#164: 0x000000000c9c00fd-0x00000000b8a4b685, size=32, cache=test [ 50.956310] [ 50.956367] allocated by task 335 on cpu 0 at 50.943611s (0.012752s ago): [ 50.956437] test_alloc+0x230/0x628 [ 50.956479] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.956523] kunit_try_run_case+0x170/0x3f0 [ 50.956563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.956607] kthread+0x328/0x630 [ 50.956641] ret_from_fork+0x10/0x20 [ 50.956681] [ 50.956705] freed by task 335 on cpu 0 at 50.943706s (0.012996s ago): [ 50.956763] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.956805] kunit_try_run_case+0x170/0x3f0 [ 50.956845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.956887] kthread+0x328/0x630 [ 50.956921] ret_from_fork+0x10/0x20 [ 50.956962] [ 50.957010] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 50.957087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.957118] Hardware name: linux,dummy-virt (DT) [ 50.957152] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 28.496142] ================================================================== [ 28.496328] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 28.496328] [ 28.496435] Invalid read at 0x00000000d00038e2: [ 28.496560] test_invalid_access+0xdc/0x1f0 [ 28.496662] kunit_try_run_case+0x170/0x3f0 [ 28.496715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.496766] kthread+0x328/0x630 [ 28.497516] ret_from_fork+0x10/0x20 [ 28.498427] [ 28.498487] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 28.498577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.498614] Hardware name: linux,dummy-virt (DT) [ 28.498656] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 28.263852] ================================================================== [ 28.263947] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.263947] [ 28.264014] Corrupted memory at 0x000000006a56e803 [ ! . . . . . . . . . . . . . . . ] (in kfence-#159): [ 28.264344] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.264396] kunit_try_run_case+0x170/0x3f0 [ 28.264442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.264486] kthread+0x328/0x630 [ 28.264524] ret_from_fork+0x10/0x20 [ 28.264562] [ 28.264588] kfence-#159: 0x00000000bd5aa47a-0x0000000073311de0, size=73, cache=kmalloc-96 [ 28.264588] [ 28.264644] allocated by task 325 on cpu 1 at 28.263616s (0.001025s ago): [ 28.264707] test_alloc+0x29c/0x628 [ 28.264747] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 28.264791] kunit_try_run_case+0x170/0x3f0 [ 28.264831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.264875] kthread+0x328/0x630 [ 28.264911] ret_from_fork+0x10/0x20 [ 28.264951] [ 28.264975] freed by task 325 on cpu 1 at 28.263761s (0.001211s ago): [ 28.265037] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.265079] kunit_try_run_case+0x170/0x3f0 [ 28.265119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.265164] kthread+0x328/0x630 [ 28.265209] ret_from_fork+0x10/0x20 [ 28.265249] [ 28.265291] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 28.265369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.265399] Hardware name: linux,dummy-virt (DT) [ 28.265432] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 28.160840] ================================================================== [ 28.160921] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.160921] [ 28.161014] Out-of-bounds read at 0x000000006b59401d (105B right of kfence-#158): [ 28.161075] test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.161127] kunit_try_run_case+0x170/0x3f0 [ 28.161188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.161234] kthread+0x328/0x630 [ 28.161276] ret_from_fork+0x10/0x20 [ 28.161317] [ 28.161342] kfence-#158: 0x00000000a9a8d6f2-0x00000000654845a3, size=73, cache=kmalloc-96 [ 28.161342] [ 28.161398] allocated by task 323 on cpu 1 at 28.160624s (0.000770s ago): [ 28.161468] test_alloc+0x29c/0x628 [ 28.161509] test_kmalloc_aligned_oob_read+0x100/0x468 [ 28.161554] kunit_try_run_case+0x170/0x3f0 [ 28.161596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.161640] kthread+0x328/0x630 [ 28.161676] ret_from_fork+0x10/0x20 [ 28.161717] [ 28.161762] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 28.161842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.161872] Hardware name: linux,dummy-virt (DT) [ 28.161908] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 23.167776] ================================================================== [ 23.167868] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 23.167868] [ 23.167933] Corrupted memory at 0x0000000031e7d11f [ ! . . . . . . . . . . . . . . . ] (in kfence-#110): [ 23.168262] test_corruption+0x120/0x378 [ 23.168312] kunit_try_run_case+0x170/0x3f0 [ 23.168357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.168402] kthread+0x328/0x630 [ 23.168443] ret_from_fork+0x10/0x20 [ 23.168484] [ 23.168507] kfence-#110: 0x000000003a697f67-0x0000000077268aae, size=32, cache=test [ 23.168507] [ 23.168563] allocated by task 313 on cpu 1 at 23.167626s (0.000933s ago): [ 23.168625] test_alloc+0x230/0x628 [ 23.168666] test_corruption+0xdc/0x378 [ 23.168707] kunit_try_run_case+0x170/0x3f0 [ 23.168747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.168792] kthread+0x328/0x630 [ 23.168828] ret_from_fork+0x10/0x20 [ 23.168868] [ 23.168891] freed by task 313 on cpu 1 at 23.167688s (0.001199s ago): [ 23.168952] test_corruption+0x120/0x378 [ 23.168992] kunit_try_run_case+0x170/0x3f0 [ 23.169032] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.169075] kthread+0x328/0x630 [ 23.169111] ret_from_fork+0x10/0x20 [ 23.169153] [ 23.169204] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.169283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.169311] Hardware name: linux,dummy-virt (DT) [ 23.169345] ================================================================== [ 22.543922] ================================================================== [ 22.544029] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 22.544029] [ 22.544098] Corrupted memory at 0x000000007642cf89 [ ! . . . . . . . . . . . . . . . ] (in kfence-#104): [ 22.545228] test_corruption+0x278/0x378 [ 22.545281] kunit_try_run_case+0x170/0x3f0 [ 22.545329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.545374] kthread+0x328/0x630 [ 22.545413] ret_from_fork+0x10/0x20 [ 22.545453] [ 22.545479] kfence-#104: 0x00000000e6d0eb5b-0x00000000c8013148, size=32, cache=kmalloc-32 [ 22.545479] [ 22.545536] allocated by task 311 on cpu 1 at 22.543638s (0.001895s ago): [ 22.545598] test_alloc+0x29c/0x628 [ 22.545638] test_corruption+0xdc/0x378 [ 22.545680] kunit_try_run_case+0x170/0x3f0 [ 22.545720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.545764] kthread+0x328/0x630 [ 22.545801] ret_from_fork+0x10/0x20 [ 22.545840] [ 22.545863] freed by task 311 on cpu 1 at 22.543741s (0.002119s ago): [ 22.545924] test_corruption+0x278/0x378 [ 22.545970] kunit_try_run_case+0x170/0x3f0 [ 22.546010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.546052] kthread+0x328/0x630 [ 22.546088] ret_from_fork+0x10/0x20 [ 22.546128] [ 22.546186] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.546266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.546297] Hardware name: linux,dummy-virt (DT) [ 22.546331] ================================================================== [ 23.064001] ================================================================== [ 23.064104] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 23.064104] [ 23.064188] Corrupted memory at 0x00000000c1811305 [ ! ] (in kfence-#109): [ 23.064322] test_corruption+0x284/0x378 [ 23.064372] kunit_try_run_case+0x170/0x3f0 [ 23.064417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.064463] kthread+0x328/0x630 [ 23.064505] ret_from_fork+0x10/0x20 [ 23.064546] [ 23.064570] kfence-#109: 0x0000000019e31bc6-0x00000000d611350c, size=32, cache=kmalloc-32 [ 23.064570] [ 23.064629] allocated by task 311 on cpu 1 at 23.063719s (0.000906s ago): [ 23.064691] test_alloc+0x29c/0x628 [ 23.064733] test_corruption+0x198/0x378 [ 23.064772] kunit_try_run_case+0x170/0x3f0 [ 23.064813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.064856] kthread+0x328/0x630 [ 23.064892] ret_from_fork+0x10/0x20 [ 23.064933] [ 23.064961] freed by task 311 on cpu 1 at 23.063822s (0.001134s ago): [ 23.065025] test_corruption+0x284/0x378 [ 23.065064] kunit_try_run_case+0x170/0x3f0 [ 23.065104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.065148] kthread+0x328/0x630 [ 23.065195] ret_from_fork+0x10/0x20 [ 23.065235] [ 23.065280] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.065358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.065388] Hardware name: linux,dummy-virt (DT) [ 23.065423] ================================================================== [ 23.479854] ================================================================== [ 23.479953] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.479953] [ 23.480018] Corrupted memory at 0x00000000249053b0 [ ! ] (in kfence-#113): [ 23.480139] test_corruption+0x1d8/0x378 [ 23.480200] kunit_try_run_case+0x170/0x3f0 [ 23.480245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480289] kthread+0x328/0x630 [ 23.480330] ret_from_fork+0x10/0x20 [ 23.480373] [ 23.480398] kfence-#113: 0x00000000e80203ec-0x000000002416f695, size=32, cache=test [ 23.480398] [ 23.480454] allocated by task 313 on cpu 1 at 23.479683s (0.000767s ago): [ 23.480518] test_alloc+0x230/0x628 [ 23.480558] test_corruption+0x198/0x378 [ 23.480607] kunit_try_run_case+0x170/0x3f0 [ 23.480646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480690] kthread+0x328/0x630 [ 23.480726] ret_from_fork+0x10/0x20 [ 23.480764] [ 23.480789] freed by task 313 on cpu 1 at 23.479744s (0.001042s ago): [ 23.480848] test_corruption+0x1d8/0x378 [ 23.480888] kunit_try_run_case+0x170/0x3f0 [ 23.480929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480970] kthread+0x328/0x630 [ 23.481007] ret_from_fork+0x10/0x20 [ 23.481044] [ 23.481087] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.481165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.481203] Hardware name: linux,dummy-virt (DT) [ 23.481235] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.439776] ================================================================== [ 22.439869] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 22.439869] [ 22.439934] Invalid free of 0x00000000b86aba00 (in kfence-#103): [ 22.439991] test_invalid_addr_free+0xec/0x238 [ 22.440037] kunit_try_run_case+0x170/0x3f0 [ 22.440079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.440124] kthread+0x328/0x630 [ 22.440163] ret_from_fork+0x10/0x20 [ 22.440217] [ 22.440243] kfence-#103: 0x000000008cba047b-0x000000004ee814ed, size=32, cache=test [ 22.440243] [ 22.440297] allocated by task 309 on cpu 1 at 22.439653s (0.000640s ago): [ 22.440359] test_alloc+0x230/0x628 [ 22.440401] test_invalid_addr_free+0xd4/0x238 [ 22.440444] kunit_try_run_case+0x170/0x3f0 [ 22.440484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.440527] kthread+0x328/0x630 [ 22.440563] ret_from_fork+0x10/0x20 [ 22.440603] [ 22.440646] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.440726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.440756] Hardware name: linux,dummy-virt (DT) [ 22.440789] ================================================================== [ 22.335664] ================================================================== [ 22.335753] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 22.335753] [ 22.335817] Invalid free of 0x0000000011e13ab6 (in kfence-#102): [ 22.335875] test_invalid_addr_free+0x1ac/0x238 [ 22.335924] kunit_try_run_case+0x170/0x3f0 [ 22.335969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.336016] kthread+0x328/0x630 [ 22.336054] ret_from_fork+0x10/0x20 [ 22.336095] [ 22.336118] kfence-#102: 0x0000000013e9460a-0x000000005367d546, size=32, cache=kmalloc-32 [ 22.336118] [ 22.336190] allocated by task 307 on cpu 1 at 22.335520s (0.000666s ago): [ 22.336255] test_alloc+0x29c/0x628 [ 22.336296] test_invalid_addr_free+0xd4/0x238 [ 22.336338] kunit_try_run_case+0x170/0x3f0 [ 22.336379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.336425] kthread+0x328/0x630 [ 22.336460] ret_from_fork+0x10/0x20 [ 22.336500] [ 22.336545] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.336626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.336656] Hardware name: linux,dummy-virt (DT) [ 22.336691] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 22.127983] ================================================================== [ 22.128103] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 22.128103] [ 22.128191] Invalid free of 0x00000000c26167d0 (in kfence-#100): [ 22.128260] test_double_free+0x1bc/0x238 [ 22.128307] kunit_try_run_case+0x170/0x3f0 [ 22.128354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.128398] kthread+0x328/0x630 [ 22.128437] ret_from_fork+0x10/0x20 [ 22.128478] [ 22.128502] kfence-#100: 0x00000000c26167d0-0x0000000020be4278, size=32, cache=kmalloc-32 [ 22.128502] [ 22.128558] allocated by task 303 on cpu 0 at 22.127671s (0.000883s ago): [ 22.128621] test_alloc+0x29c/0x628 [ 22.128662] test_double_free+0xd4/0x238 [ 22.128702] kunit_try_run_case+0x170/0x3f0 [ 22.128742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.128785] kthread+0x328/0x630 [ 22.128823] ret_from_fork+0x10/0x20 [ 22.128861] [ 22.128884] freed by task 303 on cpu 0 at 22.127751s (0.001129s ago): [ 22.128945] test_double_free+0x1ac/0x238 [ 22.128986] kunit_try_run_case+0x170/0x3f0 [ 22.129026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.129070] kthread+0x328/0x630 [ 22.129105] ret_from_fork+0x10/0x20 [ 22.129145] [ 22.129204] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.129285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.129315] Hardware name: linux,dummy-virt (DT) [ 22.129350] ================================================================== [ 22.231864] ================================================================== [ 22.231956] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 22.231956] [ 22.232020] Invalid free of 0x00000000cca947ba (in kfence-#101): [ 22.232076] test_double_free+0x100/0x238 [ 22.232121] kunit_try_run_case+0x170/0x3f0 [ 22.232166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.232230] kthread+0x328/0x630 [ 22.232267] ret_from_fork+0x10/0x20 [ 22.232306] [ 22.232330] kfence-#101: 0x00000000cca947ba-0x000000002cbd5294, size=32, cache=test [ 22.232330] [ 22.232385] allocated by task 305 on cpu 0 at 22.231667s (0.000714s ago): [ 22.232445] test_alloc+0x230/0x628 [ 22.232487] test_double_free+0xd4/0x238 [ 22.232527] kunit_try_run_case+0x170/0x3f0 [ 22.232567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.232612] kthread+0x328/0x630 [ 22.232647] ret_from_fork+0x10/0x20 [ 22.232687] [ 22.232710] freed by task 305 on cpu 0 at 22.231726s (0.000980s ago): [ 22.232771] test_double_free+0xf0/0x238 [ 22.232812] kunit_try_run_case+0x170/0x3f0 [ 22.232851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.232895] kthread+0x328/0x630 [ 22.232931] ret_from_fork+0x10/0x20 [ 22.232971] [ 22.233013] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.233092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.233120] Hardware name: linux,dummy-virt (DT) [ 22.233154] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.711981] ================================================================== [ 21.712093] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.712093] [ 21.712226] Use-after-free read at 0x0000000077cadbe0 (in kfence-#96): [ 21.712279] test_use_after_free_read+0x114/0x248 [ 21.712330] kunit_try_run_case+0x170/0x3f0 [ 21.712376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.712420] kthread+0x328/0x630 [ 21.712461] ret_from_fork+0x10/0x20 [ 21.712500] [ 21.712525] kfence-#96: 0x0000000077cadbe0-0x0000000057cd61f1, size=32, cache=kmalloc-32 [ 21.712525] [ 21.712579] allocated by task 295 on cpu 0 at 21.711672s (0.000903s ago): [ 21.712649] test_alloc+0x29c/0x628 [ 21.712691] test_use_after_free_read+0xd0/0x248 [ 21.712732] kunit_try_run_case+0x170/0x3f0 [ 21.712772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.712814] kthread+0x328/0x630 [ 21.712851] ret_from_fork+0x10/0x20 [ 21.712893] [ 21.713018] freed by task 295 on cpu 0 at 21.711746s (0.001194s ago): [ 21.713126] test_use_after_free_read+0x1c0/0x248 [ 21.713168] kunit_try_run_case+0x170/0x3f0 [ 21.713222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.713264] kthread+0x328/0x630 [ 21.713301] ret_from_fork+0x10/0x20 [ 21.713354] [ 21.713405] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.713484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.713515] Hardware name: linux,dummy-virt (DT) [ 21.713548] ================================================================== [ 21.815794] ================================================================== [ 21.815899] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.815899] [ 21.815995] Use-after-free read at 0x00000000f3e8baca (in kfence-#97): [ 21.816049] test_use_after_free_read+0x114/0x248 [ 21.816098] kunit_try_run_case+0x170/0x3f0 [ 21.816142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.816204] kthread+0x328/0x630 [ 21.816245] ret_from_fork+0x10/0x20 [ 21.816287] [ 21.816312] kfence-#97: 0x00000000f3e8baca-0x0000000048a361ae, size=32, cache=test [ 21.816312] [ 21.816364] allocated by task 297 on cpu 0 at 21.815608s (0.000752s ago): [ 21.816436] test_alloc+0x230/0x628 [ 21.816476] test_use_after_free_read+0xd0/0x248 [ 21.816518] kunit_try_run_case+0x170/0x3f0 [ 21.816559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.816603] kthread+0x328/0x630 [ 21.816640] ret_from_fork+0x10/0x20 [ 21.816681] [ 21.816708] freed by task 297 on cpu 0 at 21.815667s (0.001037s ago): [ 21.816811] test_use_after_free_read+0xf0/0x248 [ 21.816855] kunit_try_run_case+0x170/0x3f0 [ 21.816895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.816939] kthread+0x328/0x630 [ 21.816974] ret_from_fork+0x10/0x20 [ 21.817014] [ 21.817060] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.817139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.817167] Hardware name: linux,dummy-virt (DT) [ 21.817213] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 21.192276] ================================================================== [ 21.192360] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.192360] [ 21.192474] Out-of-bounds write at 0x000000008d7a1cea (1B left of kfence-#91): [ 21.192571] test_out_of_bounds_write+0x100/0x240 [ 21.192620] kunit_try_run_case+0x170/0x3f0 [ 21.192682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.192757] kthread+0x328/0x630 [ 21.192797] ret_from_fork+0x10/0x20 [ 21.192839] [ 21.193084] kfence-#91: 0x0000000067512477-0x000000003c35f06c, size=32, cache=kmalloc-32 [ 21.193084] [ 21.193247] allocated by task 291 on cpu 1 at 21.192021s (0.001193s ago): [ 21.193323] test_alloc+0x29c/0x628 [ 21.193381] test_out_of_bounds_write+0xc8/0x240 [ 21.193425] kunit_try_run_case+0x170/0x3f0 [ 21.193464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.193558] kthread+0x328/0x630 [ 21.193603] ret_from_fork+0x10/0x20 [ 21.193644] [ 21.193690] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.193944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.193981] Hardware name: linux,dummy-virt (DT) [ 21.194066] ================================================================== [ 21.607773] ================================================================== [ 21.607888] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.607888] [ 21.607984] Out-of-bounds write at 0x000000000641e4d8 (1B left of kfence-#95): [ 21.608042] test_out_of_bounds_write+0x100/0x240 [ 21.608093] kunit_try_run_case+0x170/0x3f0 [ 21.608138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.608199] kthread+0x328/0x630 [ 21.608239] ret_from_fork+0x10/0x20 [ 21.608280] [ 21.608304] kfence-#95: 0x00000000ce43c094-0x000000000c775c71, size=32, cache=test [ 21.608304] [ 21.608358] allocated by task 293 on cpu 1 at 21.607678s (0.000675s ago): [ 21.608431] test_alloc+0x230/0x628 [ 21.608472] test_out_of_bounds_write+0xc8/0x240 [ 21.608512] kunit_try_run_case+0x170/0x3f0 [ 21.608553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.608598] kthread+0x328/0x630 [ 21.608634] ret_from_fork+0x10/0x20 [ 21.608674] [ 21.608719] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.608801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.608831] Hardware name: linux,dummy-virt (DT) [ 21.608865] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.698413] ================================================================== [ 18.698482] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 18.698537] Read of size 1 at addr ffff800080907b4a by task kunit_try_catch/253 [ 18.698590] [ 18.698648] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.698737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.698766] Hardware name: linux,dummy-virt (DT) [ 18.698816] Call trace: [ 18.698842] show_stack+0x20/0x38 (C) [ 18.698898] dump_stack_lvl+0x8c/0xd0 [ 18.698949] print_report+0x310/0x5d0 [ 18.698996] kasan_report+0xdc/0x128 [ 18.699043] __asan_report_load1_noabort+0x20/0x30 [ 18.699096] kasan_alloca_oob_right+0x2dc/0x340 [ 18.699150] kunit_try_run_case+0x170/0x3f0 [ 18.699213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.699498] kthread+0x328/0x630 [ 18.699766] ret_from_fork+0x10/0x20 [ 18.699927] [ 18.699987] The buggy address belongs to stack of task kunit_try_catch/253 [ 18.700073] [ 18.700218] The buggy address ffff800080907b4a belongs to a vmalloc virtual mapping [ 18.700294] The buggy address belongs to the physical page: [ 18.700344] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065fb [ 18.700773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.700966] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.701070] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.701205] page dumped because: kasan: bad access detected [ 18.701241] [ 18.701261] Memory state around the buggy address: [ 18.701333] ffff800080907a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.701809] ffff800080907a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.701888] >ffff800080907b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.702004] ^ [ 18.702104] ffff800080907b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.702188] ffff800080907c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.702500] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.980618] ================================================================== [ 20.980877] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.980877] [ 20.981107] Out-of-bounds read at 0x00000000fbfe17bd (32B right of kfence-#89): [ 20.981180] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.981285] kunit_try_run_case+0x170/0x3f0 [ 20.981335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.981380] kthread+0x328/0x630 [ 20.981686] ret_from_fork+0x10/0x20 [ 20.981764] [ 20.981885] kfence-#89: 0x00000000b7d470b1-0x00000000a0364ba2, size=32, cache=test [ 20.981885] [ 20.981985] allocated by task 289 on cpu 1 at 20.980307s (0.001636s ago): [ 20.982133] test_alloc+0x230/0x628 [ 20.982187] test_out_of_bounds_read+0x198/0x3e0 [ 20.982245] kunit_try_run_case+0x170/0x3f0 [ 20.982288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.982640] kthread+0x328/0x630 [ 20.982770] ret_from_fork+0x10/0x20 [ 20.982816] [ 20.982859] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.982949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.983097] Hardware name: linux,dummy-virt (DT) [ 20.983161] ================================================================== [ 20.766258] ================================================================== [ 20.766575] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.766575] [ 20.766746] Out-of-bounds read at 0x00000000a94d937c (1B left of kfence-#87): [ 20.766817] test_out_of_bounds_read+0x114/0x3e0 [ 20.767053] kunit_try_run_case+0x170/0x3f0 [ 20.767244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.767296] kthread+0x328/0x630 [ 20.767629] ret_from_fork+0x10/0x20 [ 20.767832] [ 20.767908] kfence-#87: 0x000000005320d6dc-0x0000000039747b52, size=32, cache=test [ 20.767908] [ 20.768393] allocated by task 289 on cpu 1 at 20.765678s (0.002708s ago): [ 20.769008] test_alloc+0x230/0x628 [ 20.769139] test_out_of_bounds_read+0xdc/0x3e0 [ 20.769345] kunit_try_run_case+0x170/0x3f0 [ 20.769517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.769782] kthread+0x328/0x630 [ 20.770013] ret_from_fork+0x10/0x20 [ 20.770063] [ 20.770123] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.770218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.770286] Hardware name: linux,dummy-virt (DT) [ 20.770337] ================================================================== [ 19.805847] ================================================================== [ 19.805980] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.805980] [ 19.806686] Out-of-bounds read at 0x00000000440e1c52 (1B left of kfence-#78): [ 19.807344] test_out_of_bounds_read+0x114/0x3e0 [ 19.807435] kunit_try_run_case+0x170/0x3f0 [ 19.808165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.808319] kthread+0x328/0x630 [ 19.808368] ret_from_fork+0x10/0x20 [ 19.808445] [ 19.808828] kfence-#78: 0x0000000094fb7790-0x0000000061cefd74, size=32, cache=kmalloc-32 [ 19.808828] [ 19.809306] allocated by task 287 on cpu 1 at 19.804540s (0.004674s ago): [ 19.810211] test_alloc+0x29c/0x628 [ 19.810289] test_out_of_bounds_read+0xdc/0x3e0 [ 19.810333] kunit_try_run_case+0x170/0x3f0 [ 19.810500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.810740] kthread+0x328/0x630 [ 19.810777] ret_from_fork+0x10/0x20 [ 19.810876] [ 19.811202] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.811364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.811393] Hardware name: linux,dummy-virt (DT) [ 19.811438] ================================================================== [ 19.912366] ================================================================== [ 19.912447] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.912447] [ 19.912545] Out-of-bounds read at 0x000000000f60866f (32B right of kfence-#79): [ 19.912842] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.912894] kunit_try_run_case+0x170/0x3f0 [ 19.912943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.913018] kthread+0x328/0x630 [ 19.913186] ret_from_fork+0x10/0x20 [ 19.913248] [ 19.913368] kfence-#79: 0x00000000e7d02f80-0x00000000297c95ee, size=32, cache=kmalloc-32 [ 19.913368] [ 19.913451] allocated by task 287 on cpu 1 at 19.912038s (0.001403s ago): [ 19.913536] test_alloc+0x29c/0x628 [ 19.913576] test_out_of_bounds_read+0x198/0x3e0 [ 19.913618] kunit_try_run_case+0x170/0x3f0 [ 19.913676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.913722] kthread+0x328/0x630 [ 19.913758] ret_from_fork+0x10/0x20 [ 19.913804] [ 19.914025] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.914257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.914372] Hardware name: linux,dummy-virt (DT) [ 19.914411] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.661508] ================================================================== [ 19.661568] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 19.661618] Write of size 1 at addr fff00000c7897b78 by task kunit_try_catch/285 [ 19.661672] [ 19.661704] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.661789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.661816] Hardware name: linux,dummy-virt (DT) [ 19.661847] Call trace: [ 19.661872] show_stack+0x20/0x38 (C) [ 19.661920] dump_stack_lvl+0x8c/0xd0 [ 19.661973] print_report+0x118/0x5d0 [ 19.662019] kasan_report+0xdc/0x128 [ 19.662067] __asan_report_store1_noabort+0x20/0x30 [ 19.662118] strncpy_from_user+0x270/0x2a0 [ 19.662168] copy_user_test_oob+0x5c0/0xec8 [ 19.662260] kunit_try_run_case+0x170/0x3f0 [ 19.662337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.662529] kthread+0x328/0x630 [ 19.662655] ret_from_fork+0x10/0x20 [ 19.662711] [ 19.662796] Allocated by task 285: [ 19.662873] kasan_save_stack+0x3c/0x68 [ 19.662970] kasan_save_track+0x20/0x40 [ 19.663016] kasan_save_alloc_info+0x40/0x58 [ 19.663060] __kasan_kmalloc+0xd4/0xd8 [ 19.663098] __kmalloc_noprof+0x198/0x4c8 [ 19.663138] kunit_kmalloc_array+0x34/0x88 [ 19.663318] copy_user_test_oob+0xac/0xec8 [ 19.663367] kunit_try_run_case+0x170/0x3f0 [ 19.663955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.664070] kthread+0x328/0x630 [ 19.664240] ret_from_fork+0x10/0x20 [ 19.664358] [ 19.664491] The buggy address belongs to the object at fff00000c7897b00 [ 19.664491] which belongs to the cache kmalloc-128 of size 128 [ 19.664591] The buggy address is located 0 bytes to the right of [ 19.664591] allocated 120-byte region [fff00000c7897b00, fff00000c7897b78) [ 19.664688] [ 19.664709] The buggy address belongs to the physical page: [ 19.664744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.665095] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.665233] page_type: f5(slab) [ 19.665435] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.665649] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.665698] page dumped because: kasan: bad access detected [ 19.665732] [ 19.666068] Memory state around the buggy address: [ 19.666198] fff00000c7897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.666304] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.666497] >fff00000c7897b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.666696] ^ [ 19.666761] fff00000c7897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.666883] fff00000c7897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.666940] ================================================================== [ 19.656011] ================================================================== [ 19.656111] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 19.656190] Write of size 121 at addr fff00000c7897b00 by task kunit_try_catch/285 [ 19.656454] [ 19.656511] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.656628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.656684] Hardware name: linux,dummy-virt (DT) [ 19.656720] Call trace: [ 19.656742] show_stack+0x20/0x38 (C) [ 19.656793] dump_stack_lvl+0x8c/0xd0 [ 19.657040] print_report+0x118/0x5d0 [ 19.657107] kasan_report+0xdc/0x128 [ 19.657154] kasan_check_range+0x100/0x1a8 [ 19.657257] __kasan_check_write+0x20/0x30 [ 19.657323] strncpy_from_user+0x3c/0x2a0 [ 19.657375] copy_user_test_oob+0x5c0/0xec8 [ 19.657424] kunit_try_run_case+0x170/0x3f0 [ 19.657621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.657688] kthread+0x328/0x630 [ 19.657731] ret_from_fork+0x10/0x20 [ 19.657779] [ 19.658033] Allocated by task 285: [ 19.658096] kasan_save_stack+0x3c/0x68 [ 19.658149] kasan_save_track+0x20/0x40 [ 19.658201] kasan_save_alloc_info+0x40/0x58 [ 19.658389] __kasan_kmalloc+0xd4/0xd8 [ 19.658443] __kmalloc_noprof+0x198/0x4c8 [ 19.658525] kunit_kmalloc_array+0x34/0x88 [ 19.658639] copy_user_test_oob+0xac/0xec8 [ 19.658696] kunit_try_run_case+0x170/0x3f0 [ 19.658775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.658827] kthread+0x328/0x630 [ 19.658927] ret_from_fork+0x10/0x20 [ 19.658984] [ 19.659023] The buggy address belongs to the object at fff00000c7897b00 [ 19.659023] which belongs to the cache kmalloc-128 of size 128 [ 19.659086] The buggy address is located 0 bytes inside of [ 19.659086] allocated 120-byte region [fff00000c7897b00, fff00000c7897b78) [ 19.659154] [ 19.659300] The buggy address belongs to the physical page: [ 19.659338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.659499] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.659644] page_type: f5(slab) [ 19.659726] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.659975] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.660131] page dumped because: kasan: bad access detected [ 19.660300] [ 19.660395] Memory state around the buggy address: [ 19.660531] fff00000c7897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.660675] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660804] >fff00000c7897b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.660871] ^ [ 19.660916] fff00000c7897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660990] fff00000c7897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.661033] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.634059] ================================================================== [ 19.634218] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.634281] Write of size 121 at addr fff00000c7897b00 by task kunit_try_catch/285 [ 19.634336] [ 19.634369] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.634456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.634485] Hardware name: linux,dummy-virt (DT) [ 19.634641] Call trace: [ 19.634689] show_stack+0x20/0x38 (C) [ 19.634760] dump_stack_lvl+0x8c/0xd0 [ 19.634814] print_report+0x118/0x5d0 [ 19.635082] kasan_report+0xdc/0x128 [ 19.635154] kasan_check_range+0x100/0x1a8 [ 19.635252] __kasan_check_write+0x20/0x30 [ 19.635312] copy_user_test_oob+0x35c/0xec8 [ 19.635362] kunit_try_run_case+0x170/0x3f0 [ 19.635426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.635481] kthread+0x328/0x630 [ 19.635802] ret_from_fork+0x10/0x20 [ 19.635891] [ 19.635922] Allocated by task 285: [ 19.635967] kasan_save_stack+0x3c/0x68 [ 19.636020] kasan_save_track+0x20/0x40 [ 19.636061] kasan_save_alloc_info+0x40/0x58 [ 19.636103] __kasan_kmalloc+0xd4/0xd8 [ 19.636150] __kmalloc_noprof+0x198/0x4c8 [ 19.636203] kunit_kmalloc_array+0x34/0x88 [ 19.636244] copy_user_test_oob+0xac/0xec8 [ 19.636285] kunit_try_run_case+0x170/0x3f0 [ 19.636324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.636565] kthread+0x328/0x630 [ 19.636763] ret_from_fork+0x10/0x20 [ 19.636983] [ 19.637060] The buggy address belongs to the object at fff00000c7897b00 [ 19.637060] which belongs to the cache kmalloc-128 of size 128 [ 19.637238] The buggy address is located 0 bytes inside of [ 19.637238] allocated 120-byte region [fff00000c7897b00, fff00000c7897b78) [ 19.637362] [ 19.637465] The buggy address belongs to the physical page: [ 19.637570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.637627] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.637677] page_type: f5(slab) [ 19.637757] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.637916] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.637979] page dumped because: kasan: bad access detected [ 19.638111] [ 19.638191] Memory state around the buggy address: [ 19.638244] fff00000c7897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.638335] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.638593] >fff00000c7897b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.638700] ^ [ 19.639007] fff00000c7897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.639113] fff00000c7897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.639157] ================================================================== [ 19.644498] ================================================================== [ 19.644553] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.644602] Write of size 121 at addr fff00000c7897b00 by task kunit_try_catch/285 [ 19.644821] [ 19.644888] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.644976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.645026] Hardware name: linux,dummy-virt (DT) [ 19.645086] Call trace: [ 19.645109] show_stack+0x20/0x38 (C) [ 19.645160] dump_stack_lvl+0x8c/0xd0 [ 19.645217] print_report+0x118/0x5d0 [ 19.645359] kasan_report+0xdc/0x128 [ 19.645571] kasan_check_range+0x100/0x1a8 [ 19.645665] __kasan_check_write+0x20/0x30 [ 19.645714] copy_user_test_oob+0x434/0xec8 [ 19.645856] kunit_try_run_case+0x170/0x3f0 [ 19.645986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.646051] kthread+0x328/0x630 [ 19.646095] ret_from_fork+0x10/0x20 [ 19.646369] [ 19.646431] Allocated by task 285: [ 19.646466] kasan_save_stack+0x3c/0x68 [ 19.646552] kasan_save_track+0x20/0x40 [ 19.646621] kasan_save_alloc_info+0x40/0x58 [ 19.646695] __kasan_kmalloc+0xd4/0xd8 [ 19.646860] __kmalloc_noprof+0x198/0x4c8 [ 19.646905] kunit_kmalloc_array+0x34/0x88 [ 19.646944] copy_user_test_oob+0xac/0xec8 [ 19.647060] kunit_try_run_case+0x170/0x3f0 [ 19.647106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.647249] kthread+0x328/0x630 [ 19.647348] ret_from_fork+0x10/0x20 [ 19.647431] [ 19.647499] The buggy address belongs to the object at fff00000c7897b00 [ 19.647499] which belongs to the cache kmalloc-128 of size 128 [ 19.647644] The buggy address is located 0 bytes inside of [ 19.647644] allocated 120-byte region [fff00000c7897b00, fff00000c7897b78) [ 19.647785] [ 19.647836] The buggy address belongs to the physical page: [ 19.647871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.647929] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.647979] page_type: f5(slab) [ 19.648298] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.648505] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.648613] page dumped because: kasan: bad access detected [ 19.648668] [ 19.648688] Memory state around the buggy address: [ 19.648723] fff00000c7897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.648976] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.649084] >fff00000c7897b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.649253] ^ [ 19.649339] fff00000c7897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.649499] fff00000c7897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.649629] ================================================================== [ 19.624524] ================================================================== [ 19.624585] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.624663] Read of size 121 at addr fff00000c7897b00 by task kunit_try_catch/285 [ 19.624720] [ 19.624771] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.624859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.624999] Hardware name: linux,dummy-virt (DT) [ 19.625121] Call trace: [ 19.625169] show_stack+0x20/0x38 (C) [ 19.625238] dump_stack_lvl+0x8c/0xd0 [ 19.625332] print_report+0x118/0x5d0 [ 19.625406] kasan_report+0xdc/0x128 [ 19.625537] kasan_check_range+0x100/0x1a8 [ 19.625697] __kasan_check_read+0x20/0x30 [ 19.625754] copy_user_test_oob+0x728/0xec8 [ 19.625805] kunit_try_run_case+0x170/0x3f0 [ 19.625853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.625906] kthread+0x328/0x630 [ 19.625953] ret_from_fork+0x10/0x20 [ 19.626000] [ 19.626019] Allocated by task 285: [ 19.626051] kasan_save_stack+0x3c/0x68 [ 19.626094] kasan_save_track+0x20/0x40 [ 19.626318] kasan_save_alloc_info+0x40/0x58 [ 19.626398] __kasan_kmalloc+0xd4/0xd8 [ 19.626449] __kmalloc_noprof+0x198/0x4c8 [ 19.626491] kunit_kmalloc_array+0x34/0x88 [ 19.626550] copy_user_test_oob+0xac/0xec8 [ 19.626591] kunit_try_run_case+0x170/0x3f0 [ 19.626640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.626687] kthread+0x328/0x630 [ 19.626720] ret_from_fork+0x10/0x20 [ 19.626758] [ 19.626780] The buggy address belongs to the object at fff00000c7897b00 [ 19.626780] which belongs to the cache kmalloc-128 of size 128 [ 19.626850] The buggy address is located 0 bytes inside of [ 19.626850] allocated 120-byte region [fff00000c7897b00, fff00000c7897b78) [ 19.626916] [ 19.626937] The buggy address belongs to the physical page: [ 19.626969] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.627025] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.627083] page_type: f5(slab) [ 19.627131] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.627377] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.627676] page dumped because: kasan: bad access detected [ 19.627763] [ 19.627830] Memory state around the buggy address: [ 19.627869] fff00000c7897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.627917] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.627963] >fff00000c7897b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.628005] ^ [ 19.628050] fff00000c7897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.628096] fff00000c7897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.628138] ================================================================== [ 19.650124] ================================================================== [ 19.650189] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 19.650238] Read of size 121 at addr fff00000c7897b00 by task kunit_try_catch/285 [ 19.650291] [ 19.650454] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.650713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.650750] Hardware name: linux,dummy-virt (DT) [ 19.650808] Call trace: [ 19.650899] show_stack+0x20/0x38 (C) [ 19.651097] dump_stack_lvl+0x8c/0xd0 [ 19.651183] print_report+0x118/0x5d0 [ 19.651322] kasan_report+0xdc/0x128 [ 19.651418] kasan_check_range+0x100/0x1a8 [ 19.651469] __kasan_check_read+0x20/0x30 [ 19.651534] copy_user_test_oob+0x4a0/0xec8 [ 19.651584] kunit_try_run_case+0x170/0x3f0 [ 19.651748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.651813] kthread+0x328/0x630 [ 19.651892] ret_from_fork+0x10/0x20 [ 19.652042] [ 19.652109] Allocated by task 285: [ 19.652238] kasan_save_stack+0x3c/0x68 [ 19.652321] kasan_save_track+0x20/0x40 [ 19.652558] kasan_save_alloc_info+0x40/0x58 [ 19.652680] __kasan_kmalloc+0xd4/0xd8 [ 19.652797] __kmalloc_noprof+0x198/0x4c8 [ 19.652944] kunit_kmalloc_array+0x34/0x88 [ 19.653071] copy_user_test_oob+0xac/0xec8 [ 19.653214] kunit_try_run_case+0x170/0x3f0 [ 19.653256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.653311] kthread+0x328/0x630 [ 19.653347] ret_from_fork+0x10/0x20 [ 19.653385] [ 19.653417] The buggy address belongs to the object at fff00000c7897b00 [ 19.653417] which belongs to the cache kmalloc-128 of size 128 [ 19.653479] The buggy address is located 0 bytes inside of [ 19.653479] allocated 120-byte region [fff00000c7897b00, fff00000c7897b78) [ 19.653581] [ 19.653613] The buggy address belongs to the physical page: [ 19.653660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.653717] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.653778] page_type: f5(slab) [ 19.653833] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.653896] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.653953] page dumped because: kasan: bad access detected [ 19.653995] [ 19.654016] Memory state around the buggy address: [ 19.654051] fff00000c7897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.654097] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.654142] >fff00000c7897b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.654668] ^ [ 19.654850] fff00000c7897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.655023] fff00000c7897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.655133] ================================================================== [ 19.640013] ================================================================== [ 19.640067] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.640511] Read of size 121 at addr fff00000c7897b00 by task kunit_try_catch/285 [ 19.640591] [ 19.640625] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.640830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.640937] Hardware name: linux,dummy-virt (DT) [ 19.640972] Call trace: [ 19.640996] show_stack+0x20/0x38 (C) [ 19.641046] dump_stack_lvl+0x8c/0xd0 [ 19.641094] print_report+0x118/0x5d0 [ 19.641154] kasan_report+0xdc/0x128 [ 19.641213] kasan_check_range+0x100/0x1a8 [ 19.641264] __kasan_check_read+0x20/0x30 [ 19.641308] copy_user_test_oob+0x3c8/0xec8 [ 19.641358] kunit_try_run_case+0x170/0x3f0 [ 19.641406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.641459] kthread+0x328/0x630 [ 19.641503] ret_from_fork+0x10/0x20 [ 19.641551] [ 19.641571] Allocated by task 285: [ 19.641601] kasan_save_stack+0x3c/0x68 [ 19.641642] kasan_save_track+0x20/0x40 [ 19.641681] kasan_save_alloc_info+0x40/0x58 [ 19.641735] __kasan_kmalloc+0xd4/0xd8 [ 19.641776] __kmalloc_noprof+0x198/0x4c8 [ 19.641815] kunit_kmalloc_array+0x34/0x88 [ 19.641871] copy_user_test_oob+0xac/0xec8 [ 19.641912] kunit_try_run_case+0x170/0x3f0 [ 19.641956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.642282] kthread+0x328/0x630 [ 19.642320] ret_from_fork+0x10/0x20 [ 19.642574] [ 19.642664] The buggy address belongs to the object at fff00000c7897b00 [ 19.642664] which belongs to the cache kmalloc-128 of size 128 [ 19.642772] The buggy address is located 0 bytes inside of [ 19.642772] allocated 120-byte region [fff00000c7897b00, fff00000c7897b78) [ 19.642887] [ 19.642937] The buggy address belongs to the physical page: [ 19.642976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.643040] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.643121] page_type: f5(slab) [ 19.643198] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.643260] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.643304] page dumped because: kasan: bad access detected [ 19.643358] [ 19.643452] Memory state around the buggy address: [ 19.643488] fff00000c7897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.643577] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.643624] >fff00000c7897b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.643665] ^ [ 19.643710] fff00000c7897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.643755] fff00000c7897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.643933] ================================================================== [ 19.615091] ================================================================== [ 19.615262] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.615383] Write of size 121 at addr fff00000c7897b00 by task kunit_try_catch/285 [ 19.615440] [ 19.615505] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.615639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.615670] Hardware name: linux,dummy-virt (DT) [ 19.615864] Call trace: [ 19.615897] show_stack+0x20/0x38 (C) [ 19.616057] dump_stack_lvl+0x8c/0xd0 [ 19.616210] print_report+0x118/0x5d0 [ 19.616281] kasan_report+0xdc/0x128 [ 19.616360] kasan_check_range+0x100/0x1a8 [ 19.616458] __kasan_check_write+0x20/0x30 [ 19.616633] copy_user_test_oob+0x234/0xec8 [ 19.616704] kunit_try_run_case+0x170/0x3f0 [ 19.616757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.616812] kthread+0x328/0x630 [ 19.616855] ret_from_fork+0x10/0x20 [ 19.616906] [ 19.617145] Allocated by task 285: [ 19.617198] kasan_save_stack+0x3c/0x68 [ 19.617277] kasan_save_track+0x20/0x40 [ 19.617317] kasan_save_alloc_info+0x40/0x58 [ 19.617361] __kasan_kmalloc+0xd4/0xd8 [ 19.617399] __kmalloc_noprof+0x198/0x4c8 [ 19.617462] kunit_kmalloc_array+0x34/0x88 [ 19.617628] copy_user_test_oob+0xac/0xec8 [ 19.617697] kunit_try_run_case+0x170/0x3f0 [ 19.617800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.617959] kthread+0x328/0x630 [ 19.618100] ret_from_fork+0x10/0x20 [ 19.618203] [ 19.618235] The buggy address belongs to the object at fff00000c7897b00 [ 19.618235] which belongs to the cache kmalloc-128 of size 128 [ 19.618308] The buggy address is located 0 bytes inside of [ 19.618308] allocated 120-byte region [fff00000c7897b00, fff00000c7897b78) [ 19.618405] [ 19.618448] The buggy address belongs to the physical page: [ 19.618484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.618573] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.618791] page_type: f5(slab) [ 19.618889] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.618944] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.619005] page dumped because: kasan: bad access detected [ 19.619040] [ 19.619060] Memory state around the buggy address: [ 19.619315] fff00000c7897a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.619406] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.619493] >fff00000c7897b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.619543] ^ [ 19.619598] fff00000c7897b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.619672] fff00000c7897c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.619769] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.575330] ================================================================== [ 19.575408] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.575718] Read of size 8 at addr fff00000c7897a78 by task kunit_try_catch/281 [ 19.575853] [ 19.575898] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.576032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.576071] Hardware name: linux,dummy-virt (DT) [ 19.576138] Call trace: [ 19.576166] show_stack+0x20/0x38 (C) [ 19.576472] dump_stack_lvl+0x8c/0xd0 [ 19.576625] print_report+0x118/0x5d0 [ 19.576736] kasan_report+0xdc/0x128 [ 19.576905] __asan_report_load8_noabort+0x20/0x30 [ 19.576975] copy_to_kernel_nofault+0x204/0x250 [ 19.577091] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.577250] kunit_try_run_case+0x170/0x3f0 [ 19.577327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.577612] kthread+0x328/0x630 [ 19.577855] ret_from_fork+0x10/0x20 [ 19.577929] [ 19.577954] Allocated by task 281: [ 19.578374] kasan_save_stack+0x3c/0x68 [ 19.578437] kasan_save_track+0x20/0x40 [ 19.578546] kasan_save_alloc_info+0x40/0x58 [ 19.578644] __kasan_kmalloc+0xd4/0xd8 [ 19.578796] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.578890] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.579026] kunit_try_run_case+0x170/0x3f0 [ 19.579117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.579295] kthread+0x328/0x630 [ 19.579594] ret_from_fork+0x10/0x20 [ 19.579730] [ 19.579766] The buggy address belongs to the object at fff00000c7897a00 [ 19.579766] which belongs to the cache kmalloc-128 of size 128 [ 19.579832] The buggy address is located 0 bytes to the right of [ 19.579832] allocated 120-byte region [fff00000c7897a00, fff00000c7897a78) [ 19.579909] [ 19.579932] The buggy address belongs to the physical page: [ 19.580082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.580150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.580309] page_type: f5(slab) [ 19.580465] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.580591] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.580708] page dumped because: kasan: bad access detected [ 19.580788] [ 19.580925] Memory state around the buggy address: [ 19.581026] fff00000c7897900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.581392] fff00000c7897980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.581551] >fff00000c7897a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.581658] ^ [ 19.581760] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.581810] fff00000c7897b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.581853] ================================================================== [ 19.583251] ================================================================== [ 19.583410] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.583477] Write of size 8 at addr fff00000c7897a78 by task kunit_try_catch/281 [ 19.583555] [ 19.583613] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.583828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.583879] Hardware name: linux,dummy-virt (DT) [ 19.583977] Call trace: [ 19.584057] show_stack+0x20/0x38 (C) [ 19.584122] dump_stack_lvl+0x8c/0xd0 [ 19.584433] print_report+0x118/0x5d0 [ 19.584622] kasan_report+0xdc/0x128 [ 19.584676] kasan_check_range+0x100/0x1a8 [ 19.584736] __kasan_check_write+0x20/0x30 [ 19.584782] copy_to_kernel_nofault+0x8c/0x250 [ 19.584831] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.584882] kunit_try_run_case+0x170/0x3f0 [ 19.584974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.585048] kthread+0x328/0x630 [ 19.585092] ret_from_fork+0x10/0x20 [ 19.585164] [ 19.585194] Allocated by task 281: [ 19.585224] kasan_save_stack+0x3c/0x68 [ 19.585271] kasan_save_track+0x20/0x40 [ 19.585324] kasan_save_alloc_info+0x40/0x58 [ 19.585376] __kasan_kmalloc+0xd4/0xd8 [ 19.585416] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.585465] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.585507] kunit_try_run_case+0x170/0x3f0 [ 19.585548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.585604] kthread+0x328/0x630 [ 19.585639] ret_from_fork+0x10/0x20 [ 19.585677] [ 19.585706] The buggy address belongs to the object at fff00000c7897a00 [ 19.585706] which belongs to the cache kmalloc-128 of size 128 [ 19.585777] The buggy address is located 0 bytes to the right of [ 19.585777] allocated 120-byte region [fff00000c7897a00, fff00000c7897a78) [ 19.585860] [ 19.585890] The buggy address belongs to the physical page: [ 19.585928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 19.586018] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.586070] page_type: f5(slab) [ 19.586110] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.586182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.586795] page dumped because: kasan: bad access detected [ 19.586835] [ 19.586856] Memory state around the buggy address: [ 19.586891] fff00000c7897900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.587154] fff00000c7897980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.587565] >fff00000c7897a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.587648] ^ [ 19.587794] fff00000c7897a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.587898] fff00000c7897b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.588074] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.514187] ================================================================== [ 19.514292] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.514350] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 19.514864] [ 19.514904] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.515477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.515510] Hardware name: linux,dummy-virt (DT) [ 19.515569] Call trace: [ 19.515594] show_stack+0x20/0x38 (C) [ 19.515795] dump_stack_lvl+0x8c/0xd0 [ 19.515987] print_report+0x310/0x5d0 [ 19.516492] kasan_report+0xdc/0x128 [ 19.516584] __asan_report_load1_noabort+0x20/0x30 [ 19.516860] vmalloc_oob+0x578/0x5d0 [ 19.516912] kunit_try_run_case+0x170/0x3f0 [ 19.517058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.517116] kthread+0x328/0x630 [ 19.517495] ret_from_fork+0x10/0x20 [ 19.517820] [ 19.517847] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 19.517898] The buggy address belongs to the physical page: [ 19.518101] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595b [ 19.518165] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.518505] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.518564] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.518615] page dumped because: kasan: bad access detected [ 19.518797] [ 19.518892] Memory state around the buggy address: [ 19.518934] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.519004] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.519114] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.519156] ^ [ 19.519266] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.519313] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.519377] ================================================================== [ 19.520380] ================================================================== [ 19.520432] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.520482] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 19.520533] [ 19.520565] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.520652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.521191] Hardware name: linux,dummy-virt (DT) [ 19.521438] Call trace: [ 19.521580] show_stack+0x20/0x38 (C) [ 19.521633] dump_stack_lvl+0x8c/0xd0 [ 19.522297] print_report+0x310/0x5d0 [ 19.522533] kasan_report+0xdc/0x128 [ 19.522610] __asan_report_load1_noabort+0x20/0x30 [ 19.522720] vmalloc_oob+0x51c/0x5d0 [ 19.522795] kunit_try_run_case+0x170/0x3f0 [ 19.522849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.523012] kthread+0x328/0x630 [ 19.523061] ret_from_fork+0x10/0x20 [ 19.523508] [ 19.523615] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 19.523691] The buggy address belongs to the physical page: [ 19.524060] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595b [ 19.524208] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.524565] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.524622] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.525020] page dumped because: kasan: bad access detected [ 19.525067] [ 19.525373] Memory state around the buggy address: [ 19.525622] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.525735] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.525781] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.526106] ^ [ 19.526154] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.526211] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.526254] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.132115] ================================================================== [ 19.132164] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.132271] Read of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.132615] [ 19.132658] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.132745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.132773] Hardware name: linux,dummy-virt (DT) [ 19.132806] Call trace: [ 19.132828] show_stack+0x20/0x38 (C) [ 19.132881] dump_stack_lvl+0x8c/0xd0 [ 19.132927] print_report+0x118/0x5d0 [ 19.132975] kasan_report+0xdc/0x128 [ 19.133021] __asan_report_load4_noabort+0x20/0x30 [ 19.133075] kasan_atomics_helper+0x42d8/0x4858 [ 19.133126] kasan_atomics+0x198/0x2e0 [ 19.134303] kasan_save_alloc_info+0x40/0x58 [ 19.134907] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.135899] The buggy address is located 0 bytes to the right of [ 19.135899] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.136046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.137095] [ 19.137431] ^ [ 19.138446] ================================================================== [ 19.293407] ================================================================== [ 19.293463] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.293517] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.295385] [ 19.295997] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.296718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.296884] Hardware name: linux,dummy-virt (DT) [ 19.297452] Call trace: [ 19.297543] show_stack+0x20/0x38 (C) [ 19.298119] dump_stack_lvl+0x8c/0xd0 [ 19.298301] print_report+0x118/0x5d0 [ 19.298352] kasan_report+0xdc/0x128 [ 19.298401] kasan_check_range+0x100/0x1a8 [ 19.298453] __kasan_check_write+0x20/0x30 [ 19.298499] kasan_atomics_helper+0x10c0/0x4858 [ 19.298550] kasan_atomics+0x198/0x2e0 [ 19.298595] kunit_try_run_case+0x170/0x3f0 [ 19.298645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.298699] kthread+0x328/0x630 [ 19.298741] ret_from_fork+0x10/0x20 [ 19.298788] [ 19.298810] Allocated by task 265: [ 19.298839] kasan_save_stack+0x3c/0x68 [ 19.298883] kasan_save_track+0x20/0x40 [ 19.298923] kasan_save_alloc_info+0x40/0x58 [ 19.298964] __kasan_kmalloc+0xd4/0xd8 [ 19.299003] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.299045] kasan_atomics+0xb8/0x2e0 [ 19.299083] kunit_try_run_case+0x170/0x3f0 [ 19.299122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.299168] kthread+0x328/0x630 [ 19.299221] ret_from_fork+0x10/0x20 [ 19.299259] [ 19.299281] The buggy address belongs to the object at fff00000c65b1c00 [ 19.299281] which belongs to the cache kmalloc-64 of size 64 [ 19.299345] The buggy address is located 0 bytes to the right of [ 19.299345] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.299414] [ 19.299435] The buggy address belongs to the physical page: [ 19.299468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.299526] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.299578] page_type: f5(slab) [ 19.299618] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.299673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.299717] page dumped because: kasan: bad access detected [ 19.299752] [ 19.299771] Memory state around the buggy address: [ 19.299805] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.299850] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.299896] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.299938] ^ [ 19.299971] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.300016] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.300057] ================================================================== [ 19.483000] ================================================================== [ 19.483328] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.483675] Read of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.483984] [ 19.484082] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.484181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.484212] Hardware name: linux,dummy-virt (DT) [ 19.484246] Call trace: [ 19.484281] show_stack+0x20/0x38 (C) [ 19.484332] dump_stack_lvl+0x8c/0xd0 [ 19.484571] print_report+0x118/0x5d0 [ 19.484626] kasan_report+0xdc/0x128 [ 19.485308] __asan_report_load8_noabort+0x20/0x30 [ 19.485546] kasan_atomics_helper+0x3e20/0x4858 [ 19.485774] kasan_atomics+0x198/0x2e0 [ 19.485828] kunit_try_run_case+0x170/0x3f0 [ 19.485876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.486117] kthread+0x328/0x630 [ 19.486165] ret_from_fork+0x10/0x20 [ 19.486226] [ 19.486528] Allocated by task 265: [ 19.486564] kasan_save_stack+0x3c/0x68 [ 19.486698] kasan_save_track+0x20/0x40 [ 19.486804] kasan_save_alloc_info+0x40/0x58 [ 19.486870] __kasan_kmalloc+0xd4/0xd8 [ 19.486907] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.486949] kasan_atomics+0xb8/0x2e0 [ 19.486985] kunit_try_run_case+0x170/0x3f0 [ 19.487079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.487125] kthread+0x328/0x630 [ 19.487506] ret_from_fork+0x10/0x20 [ 19.487792] [ 19.487994] The buggy address belongs to the object at fff00000c65b1c00 [ 19.487994] which belongs to the cache kmalloc-64 of size 64 [ 19.488204] The buggy address is located 0 bytes to the right of [ 19.488204] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.488488] [ 19.488535] The buggy address belongs to the physical page: [ 19.488570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.488630] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.488886] page_type: f5(slab) [ 19.489049] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.489404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.489459] page dumped because: kasan: bad access detected [ 19.489494] [ 19.489513] Memory state around the buggy address: [ 19.489551] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.490137] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.490450] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.490498] ^ [ 19.490623] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.490682] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.490725] ================================================================== [ 19.323110] ================================================================== [ 19.323190] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.323370] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.323772] [ 19.324078] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.324386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.324463] Hardware name: linux,dummy-virt (DT) [ 19.324535] Call trace: [ 19.324686] show_stack+0x20/0x38 (C) [ 19.324759] dump_stack_lvl+0x8c/0xd0 [ 19.324835] print_report+0x118/0x5d0 [ 19.325243] kasan_report+0xdc/0x128 [ 19.325572] kasan_check_range+0x100/0x1a8 [ 19.325816] __kasan_check_write+0x20/0x30 [ 19.325898] kasan_atomics_helper+0x11f8/0x4858 [ 19.325955] kasan_atomics+0x198/0x2e0 [ 19.326002] kunit_try_run_case+0x170/0x3f0 [ 19.326051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.326128] kthread+0x328/0x630 [ 19.326205] ret_from_fork+0x10/0x20 [ 19.326255] [ 19.326276] Allocated by task 265: [ 19.326314] kasan_save_stack+0x3c/0x68 [ 19.326361] kasan_save_track+0x20/0x40 [ 19.326409] kasan_save_alloc_info+0x40/0x58 [ 19.326462] __kasan_kmalloc+0xd4/0xd8 [ 19.326510] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.326551] kasan_atomics+0xb8/0x2e0 [ 19.326590] kunit_try_run_case+0x170/0x3f0 [ 19.326630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.326683] kthread+0x328/0x630 [ 19.326727] ret_from_fork+0x10/0x20 [ 19.326766] [ 19.326787] The buggy address belongs to the object at fff00000c65b1c00 [ 19.326787] which belongs to the cache kmalloc-64 of size 64 [ 19.326851] The buggy address is located 0 bytes to the right of [ 19.326851] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.326920] [ 19.326952] The buggy address belongs to the physical page: [ 19.327006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.327070] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.327128] page_type: f5(slab) [ 19.327189] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.327245] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.327304] page dumped because: kasan: bad access detected [ 19.327340] [ 19.327360] Memory state around the buggy address: [ 19.328065] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.328143] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.328217] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.328530] ^ [ 19.328693] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.329289] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.329458] ================================================================== [ 19.244736] ================================================================== [ 19.244840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.245254] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.245318] [ 19.245396] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.245482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.245550] Hardware name: linux,dummy-virt (DT) [ 19.245585] Call trace: [ 19.245608] show_stack+0x20/0x38 (C) [ 19.245820] dump_stack_lvl+0x8c/0xd0 [ 19.245879] print_report+0x118/0x5d0 [ 19.245928] kasan_report+0xdc/0x128 [ 19.245979] kasan_check_range+0x100/0x1a8 [ 19.246238] __kasan_check_write+0x20/0x30 [ 19.246290] kasan_atomics_helper+0xeb8/0x4858 [ 19.246346] kasan_atomics+0x198/0x2e0 [ 19.246439] kunit_try_run_case+0x170/0x3f0 [ 19.246494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.246704] kthread+0x328/0x630 [ 19.246747] ret_from_fork+0x10/0x20 [ 19.246795] [ 19.246816] Allocated by task 265: [ 19.246845] kasan_save_stack+0x3c/0x68 [ 19.246888] kasan_save_track+0x20/0x40 [ 19.246939] kasan_save_alloc_info+0x40/0x58 [ 19.246982] __kasan_kmalloc+0xd4/0xd8 [ 19.247118] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.247415] kasan_atomics+0xb8/0x2e0 [ 19.247453] kunit_try_run_case+0x170/0x3f0 [ 19.247495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.247897] kthread+0x328/0x630 [ 19.247939] ret_from_fork+0x10/0x20 [ 19.247977] [ 19.248050] The buggy address belongs to the object at fff00000c65b1c00 [ 19.248050] which belongs to the cache kmalloc-64 of size 64 [ 19.248258] The buggy address is located 0 bytes to the right of [ 19.248258] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.248344] [ 19.248367] The buggy address belongs to the physical page: [ 19.248401] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.248520] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.248668] page_type: f5(slab) [ 19.248711] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.248849] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.248916] page dumped because: kasan: bad access detected [ 19.248980] [ 19.249002] Memory state around the buggy address: [ 19.249037] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.249126] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.249217] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.249256] ^ [ 19.249291] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.249472] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.249517] ================================================================== [ 19.343338] ================================================================== [ 19.343394] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.343446] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.343500] [ 19.343990] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.344383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.344457] Hardware name: linux,dummy-virt (DT) [ 19.344625] Call trace: [ 19.344704] show_stack+0x20/0x38 (C) [ 19.344886] dump_stack_lvl+0x8c/0xd0 [ 19.345075] print_report+0x118/0x5d0 [ 19.345265] kasan_report+0xdc/0x128 [ 19.345325] kasan_check_range+0x100/0x1a8 [ 19.345546] __kasan_check_write+0x20/0x30 [ 19.345764] kasan_atomics_helper+0x12d8/0x4858 [ 19.345856] kasan_atomics+0x198/0x2e0 [ 19.346042] kunit_try_run_case+0x170/0x3f0 [ 19.346278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.346491] kthread+0x328/0x630 [ 19.346546] ret_from_fork+0x10/0x20 [ 19.347026] [ 19.347124] Allocated by task 265: [ 19.347444] kasan_save_stack+0x3c/0x68 [ 19.347524] kasan_save_track+0x20/0x40 [ 19.347741] kasan_save_alloc_info+0x40/0x58 [ 19.347959] __kasan_kmalloc+0xd4/0xd8 [ 19.348183] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.348275] kasan_atomics+0xb8/0x2e0 [ 19.348479] kunit_try_run_case+0x170/0x3f0 [ 19.348596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.349199] kthread+0x328/0x630 [ 19.349295] ret_from_fork+0x10/0x20 [ 19.349356] [ 19.349503] The buggy address belongs to the object at fff00000c65b1c00 [ 19.349503] which belongs to the cache kmalloc-64 of size 64 [ 19.349714] The buggy address is located 0 bytes to the right of [ 19.349714] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.350261] [ 19.350442] The buggy address belongs to the physical page: [ 19.350492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.350716] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.351045] page_type: f5(slab) [ 19.351342] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.351500] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.351572] page dumped because: kasan: bad access detected [ 19.351924] [ 19.352017] Memory state around the buggy address: [ 19.352112] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.352332] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.352425] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.352591] ^ [ 19.352652] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.352700] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.352750] ================================================================== [ 19.237914] ================================================================== [ 19.237971] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.238021] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.238803] [ 19.238841] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.238928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.238956] Hardware name: linux,dummy-virt (DT) [ 19.238989] Call trace: [ 19.239011] show_stack+0x20/0x38 (C) [ 19.239065] dump_stack_lvl+0x8c/0xd0 [ 19.239111] print_report+0x118/0x5d0 [ 19.239160] kasan_report+0xdc/0x128 [ 19.239381] __asan_report_store8_noabort+0x20/0x30 [ 19.239838] kasan_atomics_helper+0x3e5c/0x4858 [ 19.239899] kasan_atomics+0x198/0x2e0 [ 19.240030] kunit_try_run_case+0x170/0x3f0 [ 19.240199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.240255] kthread+0x328/0x630 [ 19.240322] ret_from_fork+0x10/0x20 [ 19.240372] [ 19.240392] Allocated by task 265: [ 19.240653] kasan_save_stack+0x3c/0x68 [ 19.240748] kasan_save_track+0x20/0x40 [ 19.240834] kasan_save_alloc_info+0x40/0x58 [ 19.240928] __kasan_kmalloc+0xd4/0xd8 [ 19.240965] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.241044] kasan_atomics+0xb8/0x2e0 [ 19.241208] kunit_try_run_case+0x170/0x3f0 [ 19.241250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.241297] kthread+0x328/0x630 [ 19.241333] ret_from_fork+0x10/0x20 [ 19.241403] [ 19.241449] The buggy address belongs to the object at fff00000c65b1c00 [ 19.241449] which belongs to the cache kmalloc-64 of size 64 [ 19.241566] The buggy address is located 0 bytes to the right of [ 19.241566] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.241770] [ 19.241851] The buggy address belongs to the physical page: [ 19.241883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.241994] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.242108] page_type: f5(slab) [ 19.242778] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.242838] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.242883] page dumped because: kasan: bad access detected [ 19.242917] [ 19.242938] Memory state around the buggy address: [ 19.242973] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.243327] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.243488] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.243754] ^ [ 19.243798] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.243925] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.243968] ================================================================== [ 19.257396] ================================================================== [ 19.257453] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.257504] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.258109] [ 19.258147] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.258247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.258278] Hardware name: linux,dummy-virt (DT) [ 19.258311] Call trace: [ 19.258333] show_stack+0x20/0x38 (C) [ 19.258384] dump_stack_lvl+0x8c/0xd0 [ 19.258432] print_report+0x118/0x5d0 [ 19.258489] kasan_report+0xdc/0x128 [ 19.258537] kasan_check_range+0x100/0x1a8 [ 19.258909] __kasan_check_write+0x20/0x30 [ 19.258961] kasan_atomics_helper+0xf88/0x4858 [ 19.259375] kasan_atomics+0x198/0x2e0 [ 19.259539] kunit_try_run_case+0x170/0x3f0 [ 19.259689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.259758] kthread+0x328/0x630 [ 19.259802] ret_from_fork+0x10/0x20 [ 19.259851] [ 19.259872] Allocated by task 265: [ 19.259937] kasan_save_stack+0x3c/0x68 [ 19.259984] kasan_save_track+0x20/0x40 [ 19.260022] kasan_save_alloc_info+0x40/0x58 [ 19.260417] __kasan_kmalloc+0xd4/0xd8 [ 19.260463] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.260583] kasan_atomics+0xb8/0x2e0 [ 19.260624] kunit_try_run_case+0x170/0x3f0 [ 19.260697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.260745] kthread+0x328/0x630 [ 19.260818] ret_from_fork+0x10/0x20 [ 19.260916] [ 19.260938] The buggy address belongs to the object at fff00000c65b1c00 [ 19.260938] which belongs to the cache kmalloc-64 of size 64 [ 19.261132] The buggy address is located 0 bytes to the right of [ 19.261132] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.261231] [ 19.261350] The buggy address belongs to the physical page: [ 19.261383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.261455] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.261506] page_type: f5(slab) [ 19.261637] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.261826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.261870] page dumped because: kasan: bad access detected [ 19.262044] [ 19.262064] Memory state around the buggy address: [ 19.262098] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.262516] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.262830] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.263280] ^ [ 19.263475] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.263521] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.263562] ================================================================== [ 19.204489] ================================================================== [ 19.204541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.204607] Read of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.204660] [ 19.204690] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.205073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.205314] Hardware name: linux,dummy-virt (DT) [ 19.205380] Call trace: [ 19.205507] show_stack+0x20/0x38 (C) [ 19.205761] dump_stack_lvl+0x8c/0xd0 [ 19.205911] print_report+0x118/0x5d0 [ 19.206008] kasan_report+0xdc/0x128 [ 19.206184] __asan_report_load4_noabort+0x20/0x30 [ 19.206241] kasan_atomics_helper+0x3dd8/0x4858 [ 19.206292] kasan_atomics+0x198/0x2e0 [ 19.206338] kunit_try_run_case+0x170/0x3f0 [ 19.206387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.206785] kthread+0x328/0x630 [ 19.206830] ret_from_fork+0x10/0x20 [ 19.207045] [ 19.207068] Allocated by task 265: [ 19.207098] kasan_save_stack+0x3c/0x68 [ 19.207141] kasan_save_track+0x20/0x40 [ 19.207192] kasan_save_alloc_info+0x40/0x58 [ 19.207267] __kasan_kmalloc+0xd4/0xd8 [ 19.207306] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.207359] kasan_atomics+0xb8/0x2e0 [ 19.207662] kunit_try_run_case+0x170/0x3f0 [ 19.208120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.208184] kthread+0x328/0x630 [ 19.208238] ret_from_fork+0x10/0x20 [ 19.208276] [ 19.208304] The buggy address belongs to the object at fff00000c65b1c00 [ 19.208304] which belongs to the cache kmalloc-64 of size 64 [ 19.208367] The buggy address is located 0 bytes to the right of [ 19.208367] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.208437] [ 19.208512] The buggy address belongs to the physical page: [ 19.208643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.208736] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.208875] page_type: f5(slab) [ 19.208917] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.209059] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.209157] page dumped because: kasan: bad access detected [ 19.209215] [ 19.209234] Memory state around the buggy address: [ 19.209267] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.209313] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.209357] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.209400] ^ [ 19.209434] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209480] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209521] ================================================================== [ 19.423699] ================================================================== [ 19.423824] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.423969] Read of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.424029] [ 19.424077] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.424366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.424446] Hardware name: linux,dummy-virt (DT) [ 19.424507] Call trace: [ 19.424534] show_stack+0x20/0x38 (C) [ 19.424585] dump_stack_lvl+0x8c/0xd0 [ 19.424690] print_report+0x118/0x5d0 [ 19.424745] kasan_report+0xdc/0x128 [ 19.424831] __asan_report_load8_noabort+0x20/0x30 [ 19.425086] kasan_atomics_helper+0x3df4/0x4858 [ 19.425149] kasan_atomics+0x198/0x2e0 [ 19.425211] kunit_try_run_case+0x170/0x3f0 [ 19.425267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.425320] kthread+0x328/0x630 [ 19.425364] ret_from_fork+0x10/0x20 [ 19.425622] [ 19.425670] Allocated by task 265: [ 19.425703] kasan_save_stack+0x3c/0x68 [ 19.425812] kasan_save_track+0x20/0x40 [ 19.425871] kasan_save_alloc_info+0x40/0x58 [ 19.425993] __kasan_kmalloc+0xd4/0xd8 [ 19.426036] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.426078] kasan_atomics+0xb8/0x2e0 [ 19.426115] kunit_try_run_case+0x170/0x3f0 [ 19.426163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.426218] kthread+0x328/0x630 [ 19.426405] ret_from_fork+0x10/0x20 [ 19.426697] [ 19.426754] The buggy address belongs to the object at fff00000c65b1c00 [ 19.426754] which belongs to the cache kmalloc-64 of size 64 [ 19.427043] The buggy address is located 0 bytes to the right of [ 19.427043] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.427244] [ 19.427337] The buggy address belongs to the physical page: [ 19.427694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.427881] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.427946] page_type: f5(slab) [ 19.428057] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.428274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.428384] page dumped because: kasan: bad access detected [ 19.428549] [ 19.428643] Memory state around the buggy address: [ 19.428686] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.428733] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.428780] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.428822] ^ [ 19.428978] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.429349] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.429607] ================================================================== [ 19.102464] ================================================================== [ 19.102520] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 19.102571] Write of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.102623] [ 19.102656] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.102740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.103132] Hardware name: linux,dummy-virt (DT) [ 19.103464] Call trace: [ 19.103500] show_stack+0x20/0x38 (C) [ 19.103555] dump_stack_lvl+0x8c/0xd0 [ 19.103601] print_report+0x118/0x5d0 [ 19.103697] kasan_check_range+0x100/0x1a8 [ 19.103745] __kasan_check_write+0x20/0x30 [ 19.104257] kasan_atomics_helper+0x6ec/0x4858 [ 19.104439] kasan_atomics+0x198/0x2e0 [ 19.104488] kunit_try_run_case+0x170/0x3f0 [ 19.104539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.104594] kthread+0x328/0x630 [ 19.104637] ret_from_fork+0x10/0x20 [ 19.104696] [ 19.104717] Allocated by task 265: [ 19.104748] kasan_save_stack+0x3c/0x68 [ 19.105140] kasan_save_track+0x20/0x40 [ 19.105245] kasan_save_alloc_info+0x40/0x58 [ 19.105291] __kasan_kmalloc+0xd4/0xd8 [ 19.105330] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.105372] kasan_atomics+0xb8/0x2e0 [ 19.105409] kunit_try_run_case+0x170/0x3f0 [ 19.105458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.106045] ret_from_fork+0x10/0x20 [ 19.106509] The buggy address is located 0 bytes to the right of [ 19.106509] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.106586] [ 19.106607] The buggy address belongs to the physical page: [ 19.106638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.106696] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.107696] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.107997] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.109844] ================================================================== [ 19.250453] ================================================================== [ 19.250664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.250847] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.250900] [ 19.250932] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.251079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.251267] Hardware name: linux,dummy-virt (DT) [ 19.251398] Call trace: [ 19.251450] show_stack+0x20/0x38 (C) [ 19.251575] dump_stack_lvl+0x8c/0xd0 [ 19.251622] print_report+0x118/0x5d0 [ 19.252009] kasan_report+0xdc/0x128 [ 19.252094] kasan_check_range+0x100/0x1a8 [ 19.252219] __kasan_check_write+0x20/0x30 [ 19.252291] kasan_atomics_helper+0xf20/0x4858 [ 19.252343] kasan_atomics+0x198/0x2e0 [ 19.252422] kunit_try_run_case+0x170/0x3f0 [ 19.252472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.252722] kthread+0x328/0x630 [ 19.252765] ret_from_fork+0x10/0x20 [ 19.252813] [ 19.252846] Allocated by task 265: [ 19.252875] kasan_save_stack+0x3c/0x68 [ 19.253245] kasan_save_track+0x20/0x40 [ 19.253293] kasan_save_alloc_info+0x40/0x58 [ 19.253334] __kasan_kmalloc+0xd4/0xd8 [ 19.253384] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.253495] kasan_atomics+0xb8/0x2e0 [ 19.253535] kunit_try_run_case+0x170/0x3f0 [ 19.253576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.253771] kthread+0x328/0x630 [ 19.253862] ret_from_fork+0x10/0x20 [ 19.253902] [ 19.253923] The buggy address belongs to the object at fff00000c65b1c00 [ 19.253923] which belongs to the cache kmalloc-64 of size 64 [ 19.253993] The buggy address is located 0 bytes to the right of [ 19.253993] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.254581] [ 19.254669] The buggy address belongs to the physical page: [ 19.254702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.254762] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.254813] page_type: f5(slab) [ 19.255153] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.255277] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.255544] page dumped because: kasan: bad access detected [ 19.255587] [ 19.255607] Memory state around the buggy address: [ 19.255659] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.255707] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.255890] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.255977] ^ [ 19.256014] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.256084] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.256225] ================================================================== [ 19.473887] ================================================================== [ 19.474078] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.474242] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.474511] [ 19.474651] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.475107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.475139] Hardware name: linux,dummy-virt (DT) [ 19.475188] Call trace: [ 19.475279] show_stack+0x20/0x38 (C) [ 19.475331] dump_stack_lvl+0x8c/0xd0 [ 19.475814] print_report+0x118/0x5d0 [ 19.475866] kasan_report+0xdc/0x128 [ 19.476141] kasan_check_range+0x100/0x1a8 [ 19.476245] __kasan_check_write+0x20/0x30 [ 19.476293] kasan_atomics_helper+0x175c/0x4858 [ 19.476343] kasan_atomics+0x198/0x2e0 [ 19.476390] kunit_try_run_case+0x170/0x3f0 [ 19.476449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.476503] kthread+0x328/0x630 [ 19.476921] ret_from_fork+0x10/0x20 [ 19.477043] [ 19.477064] Allocated by task 265: [ 19.477093] kasan_save_stack+0x3c/0x68 [ 19.477139] kasan_save_track+0x20/0x40 [ 19.477191] kasan_save_alloc_info+0x40/0x58 [ 19.477246] __kasan_kmalloc+0xd4/0xd8 [ 19.477287] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.477804] kasan_atomics+0xb8/0x2e0 [ 19.477973] kunit_try_run_case+0x170/0x3f0 [ 19.478050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.478100] kthread+0x328/0x630 [ 19.478135] ret_from_fork+0x10/0x20 [ 19.478182] [ 19.478205] The buggy address belongs to the object at fff00000c65b1c00 [ 19.478205] which belongs to the cache kmalloc-64 of size 64 [ 19.478269] The buggy address is located 0 bytes to the right of [ 19.478269] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.478337] [ 19.478370] The buggy address belongs to the physical page: [ 19.478404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.479408] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.479510] page_type: f5(slab) [ 19.479673] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.479857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.480191] page dumped because: kasan: bad access detected [ 19.480535] [ 19.480557] Memory state around the buggy address: [ 19.480659] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.480728] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.480776] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.480817] ^ [ 19.480853] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.480942] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.481133] ================================================================== [ 19.213281] ================================================================== [ 19.213331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.213379] Read of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.213439] [ 19.213593] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.214006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.214042] Hardware name: linux,dummy-virt (DT) [ 19.214074] Call trace: [ 19.214183] show_stack+0x20/0x38 (C) [ 19.214234] dump_stack_lvl+0x8c/0xd0 [ 19.214280] print_report+0x118/0x5d0 [ 19.214328] kasan_report+0xdc/0x128 [ 19.214374] __asan_report_load4_noabort+0x20/0x30 [ 19.214438] kasan_atomics_helper+0x3e04/0x4858 [ 19.214498] kasan_atomics+0x198/0x2e0 [ 19.214546] kunit_try_run_case+0x170/0x3f0 [ 19.214595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.214660] kthread+0x328/0x630 [ 19.214711] ret_from_fork+0x10/0x20 [ 19.214842] [ 19.214861] Allocated by task 265: [ 19.214892] kasan_save_stack+0x3c/0x68 [ 19.214933] kasan_save_track+0x20/0x40 [ 19.214987] kasan_save_alloc_info+0x40/0x58 [ 19.215040] __kasan_kmalloc+0xd4/0xd8 [ 19.215193] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.215291] kasan_atomics+0xb8/0x2e0 [ 19.215366] kunit_try_run_case+0x170/0x3f0 [ 19.215429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.215476] kthread+0x328/0x630 [ 19.215511] ret_from_fork+0x10/0x20 [ 19.215547] [ 19.215569] The buggy address belongs to the object at fff00000c65b1c00 [ 19.215569] which belongs to the cache kmalloc-64 of size 64 [ 19.215640] The buggy address is located 0 bytes to the right of [ 19.215640] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.215720] [ 19.215803] The buggy address belongs to the physical page: [ 19.215836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.215894] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.216004] page_type: f5(slab) [ 19.216044] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.216098] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.216152] page dumped because: kasan: bad access detected [ 19.216598] [ 19.216628] Memory state around the buggy address: [ 19.216665] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.216711] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.216757] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.216797] ^ [ 19.216835] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.216892] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.216934] ================================================================== [ 19.416429] ================================================================== [ 19.416584] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.416757] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.416838] [ 19.416871] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.417046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.417080] Hardware name: linux,dummy-virt (DT) [ 19.417131] Call trace: [ 19.417158] show_stack+0x20/0x38 (C) [ 19.417298] dump_stack_lvl+0x8c/0xd0 [ 19.417491] print_report+0x118/0x5d0 [ 19.417694] kasan_report+0xdc/0x128 [ 19.417785] kasan_check_range+0x100/0x1a8 [ 19.418117] __kasan_check_write+0x20/0x30 [ 19.418252] kasan_atomics_helper+0x1644/0x4858 [ 19.418325] kasan_atomics+0x198/0x2e0 [ 19.418401] kunit_try_run_case+0x170/0x3f0 [ 19.418456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.418597] kthread+0x328/0x630 [ 19.418641] ret_from_fork+0x10/0x20 [ 19.418734] [ 19.418754] Allocated by task 265: [ 19.418783] kasan_save_stack+0x3c/0x68 [ 19.418947] kasan_save_track+0x20/0x40 [ 19.419002] kasan_save_alloc_info+0x40/0x58 [ 19.419046] __kasan_kmalloc+0xd4/0xd8 [ 19.419190] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.419428] kasan_atomics+0xb8/0x2e0 [ 19.419642] kunit_try_run_case+0x170/0x3f0 [ 19.419821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.419917] kthread+0x328/0x630 [ 19.420059] ret_from_fork+0x10/0x20 [ 19.420134] [ 19.420156] The buggy address belongs to the object at fff00000c65b1c00 [ 19.420156] which belongs to the cache kmalloc-64 of size 64 [ 19.420422] The buggy address is located 0 bytes to the right of [ 19.420422] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.420511] [ 19.420554] The buggy address belongs to the physical page: [ 19.421240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.421312] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.421520] page_type: f5(slab) [ 19.421574] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.421826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.422035] page dumped because: kasan: bad access detected [ 19.422140] [ 19.422203] Memory state around the buggy address: [ 19.422318] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.422403] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.422457] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.422665] ^ [ 19.422840] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.422928] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.423016] ================================================================== [ 19.409222] ================================================================== [ 19.409298] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.409359] Read of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.409644] [ 19.409690] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.409870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.409919] Hardware name: linux,dummy-virt (DT) [ 19.409979] Call trace: [ 19.410008] show_stack+0x20/0x38 (C) [ 19.410068] dump_stack_lvl+0x8c/0xd0 [ 19.410115] print_report+0x118/0x5d0 [ 19.410214] kasan_report+0xdc/0x128 [ 19.410265] __asan_report_load8_noabort+0x20/0x30 [ 19.410319] kasan_atomics_helper+0x3db0/0x4858 [ 19.410491] kasan_atomics+0x198/0x2e0 [ 19.410545] kunit_try_run_case+0x170/0x3f0 [ 19.410739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.410957] kthread+0x328/0x630 [ 19.411027] ret_from_fork+0x10/0x20 [ 19.411246] [ 19.411308] Allocated by task 265: [ 19.411457] kasan_save_stack+0x3c/0x68 [ 19.411510] kasan_save_track+0x20/0x40 [ 19.411616] kasan_save_alloc_info+0x40/0x58 [ 19.411728] __kasan_kmalloc+0xd4/0xd8 [ 19.411857] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.411953] kasan_atomics+0xb8/0x2e0 [ 19.412197] kunit_try_run_case+0x170/0x3f0 [ 19.412285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.412428] kthread+0x328/0x630 [ 19.412507] ret_from_fork+0x10/0x20 [ 19.412644] [ 19.412727] The buggy address belongs to the object at fff00000c65b1c00 [ 19.412727] which belongs to the cache kmalloc-64 of size 64 [ 19.412877] The buggy address is located 0 bytes to the right of [ 19.412877] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.412949] [ 19.412978] The buggy address belongs to the physical page: [ 19.413205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.413350] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.413455] page_type: f5(slab) [ 19.413781] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.413856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.413989] page dumped because: kasan: bad access detected [ 19.414027] [ 19.414047] Memory state around the buggy address: [ 19.414143] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.414508] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.414709] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.414938] ^ [ 19.415078] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.415133] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.415495] ================================================================== [ 19.146343] ================================================================== [ 19.146401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.146826] Write of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.146935] [ 19.147115] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.147322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.147473] Hardware name: linux,dummy-virt (DT) [ 19.147510] Call trace: [ 19.147589] show_stack+0x20/0x38 (C) [ 19.147808] dump_stack_lvl+0x8c/0xd0 [ 19.147919] print_report+0x118/0x5d0 [ 19.147967] kasan_report+0xdc/0x128 [ 19.148014] kasan_check_range+0x100/0x1a8 [ 19.148064] __kasan_check_write+0x20/0x30 [ 19.148110] kasan_atomics_helper+0x99c/0x4858 [ 19.148160] kasan_atomics+0x198/0x2e0 [ 19.148217] kunit_try_run_case+0x170/0x3f0 [ 19.148266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.148332] kthread+0x328/0x630 [ 19.148376] ret_from_fork+0x10/0x20 [ 19.148527] [ 19.148732] Allocated by task 265: [ 19.148779] kasan_save_stack+0x3c/0x68 [ 19.149033] kasan_save_track+0x20/0x40 [ 19.149078] kasan_save_alloc_info+0x40/0x58 [ 19.149140] __kasan_kmalloc+0xd4/0xd8 [ 19.149190] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.149232] kasan_atomics+0xb8/0x2e0 [ 19.149269] kunit_try_run_case+0x170/0x3f0 [ 19.149741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.149820] kthread+0x328/0x630 [ 19.149920] ret_from_fork+0x10/0x20 [ 19.149966] [ 19.150009] The buggy address belongs to the object at fff00000c65b1c00 [ 19.150009] which belongs to the cache kmalloc-64 of size 64 [ 19.150102] The buggy address is located 0 bytes to the right of [ 19.150102] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.150338] [ 19.150382] The buggy address belongs to the physical page: [ 19.150413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.150473] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.150679] page_type: f5(slab) [ 19.150736] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.151384] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.152796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.153737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.153793] kthread+0x328/0x630 [ 19.153842] ret_from_fork+0x10/0x20 [ 19.154095] [ 19.154138] Allocated by task 265: [ 19.154169] kasan_save_stack+0x3c/0x68 [ 19.154222] kasan_save_track+0x20/0x40 [ 19.154262] kasan_save_alloc_info+0x40/0x58 [ 19.154305] __kasan_kmalloc+0xd4/0xd8 [ 19.154345] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.154387] kasan_atomics+0xb8/0x2e0 [ 19.154426] kunit_try_run_case+0x170/0x3f0 [ 19.154812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.155246] kthread+0x328/0x630 [ 19.155294] ret_from_fork+0x10/0x20 [ 19.155331] [ 19.155353] The buggy address belongs to the object at fff00000c65b1c00 [ 19.155353] which belongs to the cache kmalloc-64 of size 64 [ 19.155907] The buggy address is located 0 bytes to the right of [ 19.155907] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.155982] [ 19.156111] The buggy address belongs to the physical page: [ 19.156180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.156268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.156319] page_type: f5(slab) [ 19.156385] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.156473] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.156516] page dumped because: kasan: bad access detected [ 19.156550] [ 19.156570] Memory state around the buggy address: [ 19.156605] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.156650] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.156696] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.156736] ^ [ 19.156812] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.156858] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.156945] ================================================================== [ 19.095710] ================================================================== [ 19.095766] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 19.095816] Write of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.095868] [ 19.095900] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.095983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.096048] Hardware name: linux,dummy-virt (DT) [ 19.096082] Call trace: [ 19.096107] show_stack+0x20/0x38 (C) [ 19.096359] dump_stack_lvl+0x8c/0xd0 [ 19.096691] print_report+0x118/0x5d0 [ 19.096744] kasan_report+0xdc/0x128 [ 19.096793] kasan_check_range+0x100/0x1a8 [ 19.097191] __kasan_check_write+0x20/0x30 [ 19.097276] kasan_atomics_helper+0x684/0x4858 [ 19.097351] kasan_atomics+0x198/0x2e0 [ 19.097397] kunit_try_run_case+0x170/0x3f0 [ 19.097826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.097881] kthread+0x328/0x630 [ 19.097925] ret_from_fork+0x10/0x20 [ 19.097979] [ 19.097999] Allocated by task 265: [ 19.098031] kasan_save_stack+0x3c/0x68 [ 19.098083] kasan_save_track+0x20/0x40 [ 19.098402] kasan_save_alloc_info+0x40/0x58 [ 19.098599] __kasan_kmalloc+0xd4/0xd8 [ 19.098854] kasan_atomics+0xb8/0x2e0 [ 19.098892] kunit_try_run_case+0x170/0x3f0 [ 19.098933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.099680] The buggy address is located 0 bytes to the right of [ 19.099680] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.099748] [ 19.100004] The buggy address belongs to the physical page: [ 19.100075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.100135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.100198] page_type: f5(slab) [ 19.100577] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.100687] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.100823] page dumped because: kasan: bad access detected [ 19.100909] [ 19.100957] Memory state around the buggy address: [ 19.101056] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.101116] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.101163] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.101215] ^ [ 19.101251] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.101389] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.101542] ================================================================== [ 19.210181] ================================================================== [ 19.210234] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.210285] Write of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.210338] [ 19.210368] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.210452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.210481] Hardware name: linux,dummy-virt (DT) [ 19.210513] Call trace: [ 19.210535] show_stack+0x20/0x38 (C) [ 19.210583] dump_stack_lvl+0x8c/0xd0 [ 19.210629] print_report+0x118/0x5d0 [ 19.210677] kasan_report+0xdc/0x128 [ 19.210722] kasan_check_range+0x100/0x1a8 [ 19.210772] __kasan_check_write+0x20/0x30 [ 19.210819] kasan_atomics_helper+0xd3c/0x4858 [ 19.210866] kasan_atomics+0x198/0x2e0 [ 19.210912] kunit_try_run_case+0x170/0x3f0 [ 19.210972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.211027] kthread+0x328/0x630 [ 19.211069] ret_from_fork+0x10/0x20 [ 19.211119] [ 19.211138] Allocated by task 265: [ 19.211168] kasan_save_stack+0x3c/0x68 [ 19.211227] kasan_save_track+0x20/0x40 [ 19.211267] kasan_save_alloc_info+0x40/0x58 [ 19.211309] __kasan_kmalloc+0xd4/0xd8 [ 19.211348] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.211535] kasan_atomics+0xb8/0x2e0 [ 19.211640] kunit_try_run_case+0x170/0x3f0 [ 19.211681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.211780] kthread+0x328/0x630 [ 19.211817] ret_from_fork+0x10/0x20 [ 19.211881] [ 19.211903] The buggy address belongs to the object at fff00000c65b1c00 [ 19.211903] which belongs to the cache kmalloc-64 of size 64 [ 19.211964] The buggy address is located 0 bytes to the right of [ 19.211964] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.212044] [ 19.212066] The buggy address belongs to the physical page: [ 19.212111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.212168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.212229] page_type: f5(slab) [ 19.212267] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.212321] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.212366] page dumped because: kasan: bad access detected [ 19.212411] [ 19.212498] Memory state around the buggy address: [ 19.212564] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.212610] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.212654] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.212705] ^ [ 19.212739] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.212802] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.212926] ================================================================== [ 19.218126] ================================================================== [ 19.218192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.218241] Read of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.218293] [ 19.218322] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.218699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.218945] Hardware name: linux,dummy-virt (DT) [ 19.219028] Call trace: [ 19.219052] show_stack+0x20/0x38 (C) [ 19.219102] dump_stack_lvl+0x8c/0xd0 [ 19.219692] print_report+0x118/0x5d0 [ 19.219745] kasan_report+0xdc/0x128 [ 19.219793] kasan_check_range+0x100/0x1a8 [ 19.219844] __kasan_check_read+0x20/0x30 [ 19.219916] kasan_atomics_helper+0xdd4/0x4858 [ 19.220060] kasan_atomics+0x198/0x2e0 [ 19.220280] kunit_try_run_case+0x170/0x3f0 [ 19.220523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.220638] kthread+0x328/0x630 [ 19.220701] ret_from_fork+0x10/0x20 [ 19.220892] [ 19.220912] Allocated by task 265: [ 19.220962] kasan_save_stack+0x3c/0x68 [ 19.221030] kasan_save_track+0x20/0x40 [ 19.221104] kasan_save_alloc_info+0x40/0x58 [ 19.221147] __kasan_kmalloc+0xd4/0xd8 [ 19.221458] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.221767] kasan_atomics+0xb8/0x2e0 [ 19.221871] kunit_try_run_case+0x170/0x3f0 [ 19.221949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.221995] kthread+0x328/0x630 [ 19.222031] ret_from_fork+0x10/0x20 [ 19.222071] [ 19.222456] The buggy address belongs to the object at fff00000c65b1c00 [ 19.222456] which belongs to the cache kmalloc-64 of size 64 [ 19.222527] The buggy address is located 0 bytes to the right of [ 19.222527] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.222843] [ 19.223306] The buggy address belongs to the physical page: [ 19.223443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.223612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.223666] page_type: f5(slab) [ 19.223708] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.223762] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.223806] page dumped because: kasan: bad access detected [ 19.223842] [ 19.223862] Memory state around the buggy address: [ 19.223897] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.223941] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.224232] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.224394] ^ [ 19.224465] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.224510] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.224551] ================================================================== [ 19.363592] ================================================================== [ 19.363646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.363697] Read of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.364254] [ 19.364434] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.364529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.364557] Hardware name: linux,dummy-virt (DT) [ 19.364726] Call trace: [ 19.364938] show_stack+0x20/0x38 (C) [ 19.365019] dump_stack_lvl+0x8c/0xd0 [ 19.365144] print_report+0x118/0x5d0 [ 19.365217] kasan_report+0xdc/0x128 [ 19.365318] __asan_report_load8_noabort+0x20/0x30 [ 19.365376] kasan_atomics_helper+0x3f04/0x4858 [ 19.365427] kasan_atomics+0x198/0x2e0 [ 19.366008] kunit_try_run_case+0x170/0x3f0 [ 19.366150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.366295] kthread+0x328/0x630 [ 19.366371] ret_from_fork+0x10/0x20 [ 19.366490] [ 19.366574] Allocated by task 265: [ 19.366607] kasan_save_stack+0x3c/0x68 [ 19.366655] kasan_save_track+0x20/0x40 [ 19.366701] kasan_save_alloc_info+0x40/0x58 [ 19.366855] __kasan_kmalloc+0xd4/0xd8 [ 19.366909] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.367003] kasan_atomics+0xb8/0x2e0 [ 19.367048] kunit_try_run_case+0x170/0x3f0 [ 19.367255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.367312] kthread+0x328/0x630 [ 19.367348] ret_from_fork+0x10/0x20 [ 19.367387] [ 19.367877] The buggy address belongs to the object at fff00000c65b1c00 [ 19.367877] which belongs to the cache kmalloc-64 of size 64 [ 19.367965] The buggy address is located 0 bytes to the right of [ 19.367965] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.368617] [ 19.369188] The buggy address belongs to the physical page: [ 19.369497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.369615] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.369708] page_type: f5(slab) [ 19.369878] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.370238] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.370468] page dumped because: kasan: bad access detected [ 19.370512] [ 19.370714] Memory state around the buggy address: [ 19.370893] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.371222] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.371423] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.371499] ^ [ 19.371548] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.371927] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.372141] ================================================================== [ 19.431292] ================================================================== [ 19.431348] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.431396] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.432890] [ 19.433456] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.434273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.434406] Hardware name: linux,dummy-virt (DT) [ 19.434440] Call trace: [ 19.434990] show_stack+0x20/0x38 (C) [ 19.435088] dump_stack_lvl+0x8c/0xd0 [ 19.435164] print_report+0x118/0x5d0 [ 19.435232] kasan_report+0xdc/0x128 [ 19.435278] kasan_check_range+0x100/0x1a8 [ 19.436532] __kasan_check_write+0x20/0x30 [ 19.436596] kasan_atomics_helper+0x16d0/0x4858 [ 19.436646] kasan_atomics+0x198/0x2e0 [ 19.436694] kunit_try_run_case+0x170/0x3f0 [ 19.436743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.438192] kthread+0x328/0x630 [ 19.438778] ret_from_fork+0x10/0x20 [ 19.439422] [ 19.439488] Allocated by task 265: [ 19.439522] kasan_save_stack+0x3c/0x68 [ 19.440084] kasan_save_track+0x20/0x40 [ 19.440561] kasan_save_alloc_info+0x40/0x58 [ 19.441019] __kasan_kmalloc+0xd4/0xd8 [ 19.441280] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.441331] kasan_atomics+0xb8/0x2e0 [ 19.442091] kunit_try_run_case+0x170/0x3f0 [ 19.442484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.443294] kthread+0x328/0x630 [ 19.443535] ret_from_fork+0x10/0x20 [ 19.443722] [ 19.443745] The buggy address belongs to the object at fff00000c65b1c00 [ 19.443745] which belongs to the cache kmalloc-64 of size 64 [ 19.444281] The buggy address is located 0 bytes to the right of [ 19.444281] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.444754] [ 19.445471] The buggy address belongs to the physical page: [ 19.446106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.446330] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.446496] page_type: f5(slab) [ 19.447072] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.447459] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.447528] page dumped because: kasan: bad access detected [ 19.447966] [ 19.448183] Memory state around the buggy address: [ 19.448223] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.449066] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.449315] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.449386] ^ [ 19.450201] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.450914] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.451274] ================================================================== [ 19.452604] ================================================================== [ 19.452872] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.453431] Read of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.454011] [ 19.454070] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.454651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.454700] Hardware name: linux,dummy-virt (DT) [ 19.455119] Call trace: [ 19.455145] show_stack+0x20/0x38 (C) [ 19.456322] dump_stack_lvl+0x8c/0xd0 [ 19.456935] print_report+0x118/0x5d0 [ 19.457313] kasan_report+0xdc/0x128 [ 19.457626] __asan_report_load8_noabort+0x20/0x30 [ 19.457861] kasan_atomics_helper+0x3e10/0x4858 [ 19.458329] kasan_atomics+0x198/0x2e0 [ 19.459324] kunit_try_run_case+0x170/0x3f0 [ 19.459722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.459917] kthread+0x328/0x630 [ 19.460850] ret_from_fork+0x10/0x20 [ 19.461293] [ 19.461477] Allocated by task 265: [ 19.461674] kasan_save_stack+0x3c/0x68 [ 19.462017] kasan_save_track+0x20/0x40 [ 19.462400] kasan_save_alloc_info+0x40/0x58 [ 19.462578] __kasan_kmalloc+0xd4/0xd8 [ 19.463029] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.463089] kasan_atomics+0xb8/0x2e0 [ 19.463310] kunit_try_run_case+0x170/0x3f0 [ 19.463356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.463404] kthread+0x328/0x630 [ 19.463438] ret_from_fork+0x10/0x20 [ 19.463475] [ 19.463496] The buggy address belongs to the object at fff00000c65b1c00 [ 19.463496] which belongs to the cache kmalloc-64 of size 64 [ 19.463562] The buggy address is located 0 bytes to the right of [ 19.463562] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.463631] [ 19.465425] The buggy address belongs to the physical page: [ 19.465901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.466718] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.466905] page_type: f5(slab) [ 19.466982] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.467038] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.467925] page dumped because: kasan: bad access detected [ 19.467972] [ 19.468932] Memory state around the buggy address: [ 19.469095] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.469634] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.469781] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.470521] ^ [ 19.470582] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.470632] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.471529] ================================================================== [ 19.330544] ================================================================== [ 19.330599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.330651] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.330706] [ 19.331222] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.331329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.331490] Hardware name: linux,dummy-virt (DT) [ 19.331604] Call trace: [ 19.332012] show_stack+0x20/0x38 (C) [ 19.332292] dump_stack_lvl+0x8c/0xd0 [ 19.332471] print_report+0x118/0x5d0 [ 19.332791] kasan_report+0xdc/0x128 [ 19.332882] kasan_check_range+0x100/0x1a8 [ 19.333007] __kasan_check_write+0x20/0x30 [ 19.333218] kasan_atomics_helper+0x126c/0x4858 [ 19.333678] kasan_atomics+0x198/0x2e0 [ 19.333835] kunit_try_run_case+0x170/0x3f0 [ 19.334087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.334865] kthread+0x328/0x630 [ 19.335048] ret_from_fork+0x10/0x20 [ 19.335210] [ 19.335475] Allocated by task 265: [ 19.335571] kasan_save_stack+0x3c/0x68 [ 19.335958] kasan_save_track+0x20/0x40 [ 19.336230] kasan_save_alloc_info+0x40/0x58 [ 19.336378] __kasan_kmalloc+0xd4/0xd8 [ 19.336604] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.336656] kasan_atomics+0xb8/0x2e0 [ 19.336695] kunit_try_run_case+0x170/0x3f0 [ 19.336850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.337216] kthread+0x328/0x630 [ 19.337401] ret_from_fork+0x10/0x20 [ 19.337779] [ 19.338047] The buggy address belongs to the object at fff00000c65b1c00 [ 19.338047] which belongs to the cache kmalloc-64 of size 64 [ 19.338187] The buggy address is located 0 bytes to the right of [ 19.338187] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.338259] [ 19.338525] The buggy address belongs to the physical page: [ 19.338902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.339057] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.339136] page_type: f5(slab) [ 19.339389] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.339484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.339879] page dumped because: kasan: bad access detected [ 19.339925] [ 19.339946] Memory state around the buggy address: [ 19.340163] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.340240] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.340561] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.340817] ^ [ 19.340863] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.341455] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.341571] ================================================================== [ 19.158160] ================================================================== [ 19.158229] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.158291] Write of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.158344] [ 19.158377] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.160612] [ 19.160633] Allocated by task 265: [ 19.160664] kasan_save_stack+0x3c/0x68 [ 19.160710] kasan_save_track+0x20/0x40 [ 19.160749] kasan_save_alloc_info+0x40/0x58 [ 19.160795] __kasan_kmalloc+0xd4/0xd8 [ 19.161631] kthread+0x328/0x630 [ 19.162350] page_type: f5(slab) [ 19.162881] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.166446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.167065] kasan_save_stack+0x3c/0x68 [ 19.167109] kasan_save_track+0x20/0x40 [ 19.167151] kasan_save_alloc_info+0x40/0x58 [ 19.167206] __kasan_kmalloc+0xd4/0xd8 [ 19.167281] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.167537] kasan_atomics+0xb8/0x2e0 [ 19.167822] kthread+0x328/0x630 [ 19.168324] page_type: f5(slab) [ 19.168598] page dumped because: kasan: bad access detected [ 19.170120] [ 19.170923] kasan_atomics_helper+0x3dcc/0x4858 [ 19.171921] __kasan_kmalloc+0xd4/0xd8 [ 19.172593] [ 19.172916] page_type: f5(slab) [ 19.173380] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.177837] kasan_save_alloc_info+0x40/0x58 [ 19.178903] [ 19.179369] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.181449] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.184273] kthread+0x328/0x630 [ 19.185046] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.185972] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.187780] kasan_check_range+0x100/0x1a8 [ 19.189164] __kasan_kmalloc+0xd4/0xd8 [ 19.190238] [ 19.190947] page dumped because: kasan: bad access detected [ 19.192726] Read of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.195622] kunit_try_run_case+0x170/0x3f0 [ 19.197464] ^ [ 19.198916] [ 19.199997] kasan_check_range+0x100/0x1a8 [ 19.201299] kunit_try_run_case+0x170/0x3f0 [ 19.201341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.201388] kthread+0x328/0x630 [ 19.201468] ret_from_fork+0x10/0x20 [ 19.201540] [ 19.201574] The buggy address belongs to the object at fff00000c65b1c00 [ 19.201574] which belongs to the cache kmalloc-64 of size 64 [ 19.201662] The buggy address is located 0 bytes to the right of [ 19.201662] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.201878] [ 19.201899] The buggy address belongs to the physical page: [ 19.201936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.201993] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.202087] page_type: f5(slab) [ 19.202129] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.202193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.202238] page dumped because: kasan: bad access detected [ 19.202273] [ 19.202293] Memory state around the buggy address: [ 19.202325] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.202370] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.202415] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.202854] ^ [ 19.202892] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.203314] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.203674] ================================================================== [ 19.225999] ================================================================== [ 19.226270] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.226345] Read of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.226504] [ 19.226535] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.226617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.226645] Hardware name: linux,dummy-virt (DT) [ 19.226678] Call trace: [ 19.226707] show_stack+0x20/0x38 (C) [ 19.226951] dump_stack_lvl+0x8c/0xd0 [ 19.227186] print_report+0x118/0x5d0 [ 19.227260] kasan_report+0xdc/0x128 [ 19.227753] __asan_report_load8_noabort+0x20/0x30 [ 19.227825] kasan_atomics_helper+0x3f58/0x4858 [ 19.227877] kasan_atomics+0x198/0x2e0 [ 19.228050] kunit_try_run_case+0x170/0x3f0 [ 19.228401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.228464] kthread+0x328/0x630 [ 19.228808] ret_from_fork+0x10/0x20 [ 19.228936] [ 19.228956] Allocated by task 265: [ 19.229012] kasan_save_stack+0x3c/0x68 [ 19.229074] kasan_save_track+0x20/0x40 [ 19.229234] kasan_save_alloc_info+0x40/0x58 [ 19.229276] __kasan_kmalloc+0xd4/0xd8 [ 19.229321] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.229386] kasan_atomics+0xb8/0x2e0 [ 19.229423] kunit_try_run_case+0x170/0x3f0 [ 19.229463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.229846] kthread+0x328/0x630 [ 19.229884] ret_from_fork+0x10/0x20 [ 19.229922] [ 19.230111] The buggy address belongs to the object at fff00000c65b1c00 [ 19.230111] which belongs to the cache kmalloc-64 of size 64 [ 19.230258] The buggy address is located 0 bytes to the right of [ 19.230258] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.230329] [ 19.230350] The buggy address belongs to the physical page: [ 19.230539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.230623] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.230715] page_type: f5(slab) [ 19.230773] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.230945] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.230990] page dumped because: kasan: bad access detected [ 19.231024] [ 19.231188] Memory state around the buggy address: [ 19.231254] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.231402] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.231450] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.231491] ^ [ 19.231527] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.231871] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.231931] ================================================================== [ 19.311905] ================================================================== [ 19.312118] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.312199] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.312586] [ 19.312800] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.313084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.313153] Hardware name: linux,dummy-virt (DT) [ 19.313223] Call trace: [ 19.313248] show_stack+0x20/0x38 (C) [ 19.313303] dump_stack_lvl+0x8c/0xd0 [ 19.313350] print_report+0x118/0x5d0 [ 19.313398] kasan_report+0xdc/0x128 [ 19.313443] kasan_check_range+0x100/0x1a8 [ 19.313966] __kasan_check_write+0x20/0x30 [ 19.314046] kasan_atomics_helper+0x1190/0x4858 [ 19.314331] kasan_atomics+0x198/0x2e0 [ 19.314435] kunit_try_run_case+0x170/0x3f0 [ 19.314495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.314692] kthread+0x328/0x630 [ 19.314932] ret_from_fork+0x10/0x20 [ 19.314996] [ 19.315016] Allocated by task 265: [ 19.315048] kasan_save_stack+0x3c/0x68 [ 19.315093] kasan_save_track+0x20/0x40 [ 19.315134] kasan_save_alloc_info+0x40/0x58 [ 19.315195] __kasan_kmalloc+0xd4/0xd8 [ 19.315463] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.316108] kasan_atomics+0xb8/0x2e0 [ 19.316277] kunit_try_run_case+0x170/0x3f0 [ 19.316556] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.316733] kthread+0x328/0x630 [ 19.316776] ret_from_fork+0x10/0x20 [ 19.316852] [ 19.317092] The buggy address belongs to the object at fff00000c65b1c00 [ 19.317092] which belongs to the cache kmalloc-64 of size 64 [ 19.317304] The buggy address is located 0 bytes to the right of [ 19.317304] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.317619] [ 19.317648] The buggy address belongs to the physical page: [ 19.317683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.317879] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.318163] page_type: f5(slab) [ 19.318403] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.318464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.318642] page dumped because: kasan: bad access detected [ 19.319008] [ 19.319053] Memory state around the buggy address: [ 19.319374] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.319428] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.319859] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.320310] ^ [ 19.320357] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.320769] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.321090] ================================================================== [ 19.264828] ================================================================== [ 19.264897] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.264948] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.265191] [ 19.265224] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.265537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.265730] Hardware name: linux,dummy-virt (DT) [ 19.265945] Call trace: [ 19.265969] show_stack+0x20/0x38 (C) [ 19.266021] dump_stack_lvl+0x8c/0xd0 [ 19.266070] print_report+0x118/0x5d0 [ 19.266116] kasan_report+0xdc/0x128 [ 19.266164] kasan_check_range+0x100/0x1a8 [ 19.266223] __kasan_check_write+0x20/0x30 [ 19.266301] kasan_atomics_helper+0xff0/0x4858 [ 19.266561] kasan_atomics+0x198/0x2e0 [ 19.266968] kunit_try_run_case+0x170/0x3f0 [ 19.267089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.267145] kthread+0x328/0x630 [ 19.267200] ret_from_fork+0x10/0x20 [ 19.267641] [ 19.267925] Allocated by task 265: [ 19.268012] kasan_save_stack+0x3c/0x68 [ 19.268080] kasan_save_track+0x20/0x40 [ 19.268195] kasan_save_alloc_info+0x40/0x58 [ 19.268360] __kasan_kmalloc+0xd4/0xd8 [ 19.268401] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.268445] kasan_atomics+0xb8/0x2e0 [ 19.268483] kunit_try_run_case+0x170/0x3f0 [ 19.268523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.268626] kthread+0x328/0x630 [ 19.268663] ret_from_fork+0x10/0x20 [ 19.269230] [ 19.269383] The buggy address belongs to the object at fff00000c65b1c00 [ 19.269383] which belongs to the cache kmalloc-64 of size 64 [ 19.269451] The buggy address is located 0 bytes to the right of [ 19.269451] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.269520] [ 19.269542] The buggy address belongs to the physical page: [ 19.269575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.270045] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.270219] page_type: f5(slab) [ 19.270292] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.270350] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.270394] page dumped because: kasan: bad access detected [ 19.270449] [ 19.270544] Memory state around the buggy address: [ 19.270579] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.270641] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.270687] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.270729] ^ [ 19.270763] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.270872] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.270914] ================================================================== [ 19.302397] ================================================================== [ 19.302454] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.302504] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.303599] [ 19.303654] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.303743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.303771] Hardware name: linux,dummy-virt (DT) [ 19.303805] Call trace: [ 19.303828] show_stack+0x20/0x38 (C) [ 19.303880] dump_stack_lvl+0x8c/0xd0 [ 19.303927] print_report+0x118/0x5d0 [ 19.303975] kasan_report+0xdc/0x128 [ 19.304021] kasan_check_range+0x100/0x1a8 [ 19.304070] __kasan_check_write+0x20/0x30 [ 19.304116] kasan_atomics_helper+0x1128/0x4858 [ 19.304166] kasan_atomics+0x198/0x2e0 [ 19.304355] kunit_try_run_case+0x170/0x3f0 [ 19.304879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.304947] kthread+0x328/0x630 [ 19.304990] ret_from_fork+0x10/0x20 [ 19.305038] [ 19.305059] Allocated by task 265: [ 19.305090] kasan_save_stack+0x3c/0x68 [ 19.305135] kasan_save_track+0x20/0x40 [ 19.305188] kasan_save_alloc_info+0x40/0x58 [ 19.305232] __kasan_kmalloc+0xd4/0xd8 [ 19.305271] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.305312] kasan_atomics+0xb8/0x2e0 [ 19.305350] kunit_try_run_case+0x170/0x3f0 [ 19.305389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.305436] kthread+0x328/0x630 [ 19.305470] ret_from_fork+0x10/0x20 [ 19.305533] [ 19.305555] The buggy address belongs to the object at fff00000c65b1c00 [ 19.305555] which belongs to the cache kmalloc-64 of size 64 [ 19.305619] The buggy address is located 0 bytes to the right of [ 19.305619] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.306912] [ 19.309422] The buggy address belongs to the physical page: [ 19.309474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.309537] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.309599] page_type: f5(slab) [ 19.309639] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.309694] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.309738] page dumped because: kasan: bad access detected [ 19.309773] [ 19.309793] Memory state around the buggy address: [ 19.309828] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.309875] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.309922] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.309968] ^ [ 19.310004] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.310851] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.311063] ================================================================== [ 19.272746] ================================================================== [ 19.272835] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.273465] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.273804] [ 19.273841] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.274470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.275540] Hardware name: linux,dummy-virt (DT) [ 19.275764] Call trace: [ 19.275788] show_stack+0x20/0x38 (C) [ 19.276023] dump_stack_lvl+0x8c/0xd0 [ 19.276683] print_report+0x118/0x5d0 [ 19.276794] kasan_report+0xdc/0x128 [ 19.277196] kasan_check_range+0x100/0x1a8 [ 19.277509] __kasan_check_write+0x20/0x30 [ 19.278143] kasan_atomics_helper+0x1058/0x4858 [ 19.278988] kasan_atomics+0x198/0x2e0 [ 19.279050] kunit_try_run_case+0x170/0x3f0 [ 19.279312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.279740] kthread+0x328/0x630 [ 19.280475] ret_from_fork+0x10/0x20 [ 19.280921] [ 19.280973] Allocated by task 265: [ 19.281422] kasan_save_stack+0x3c/0x68 [ 19.281474] kasan_save_track+0x20/0x40 [ 19.282209] kasan_save_alloc_info+0x40/0x58 [ 19.282653] __kasan_kmalloc+0xd4/0xd8 [ 19.283182] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.283569] kasan_atomics+0xb8/0x2e0 [ 19.283616] kunit_try_run_case+0x170/0x3f0 [ 19.284061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.284377] kthread+0x328/0x630 [ 19.284415] ret_from_fork+0x10/0x20 [ 19.284770] [ 19.284969] The buggy address belongs to the object at fff00000c65b1c00 [ 19.284969] which belongs to the cache kmalloc-64 of size 64 [ 19.286146] The buggy address is located 0 bytes to the right of [ 19.286146] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.286406] [ 19.286430] The buggy address belongs to the physical page: [ 19.286535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.286608] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.286918] page_type: f5(slab) [ 19.287552] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.288319] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.289072] page dumped because: kasan: bad access detected [ 19.289230] [ 19.289251] Memory state around the buggy address: [ 19.289477] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.289672] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.290476] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.290597] ^ [ 19.291008] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.291533] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.291864] ================================================================== [ 19.354404] ================================================================== [ 19.354627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.354858] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.354928] [ 19.354964] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.355054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.355133] Hardware name: linux,dummy-virt (DT) [ 19.355183] Call trace: [ 19.355210] show_stack+0x20/0x38 (C) [ 19.355404] dump_stack_lvl+0x8c/0xd0 [ 19.355857] print_report+0x118/0x5d0 [ 19.355982] kasan_report+0xdc/0x128 [ 19.356213] kasan_check_range+0x100/0x1a8 [ 19.356548] __kasan_check_write+0x20/0x30 [ 19.356702] kasan_atomics_helper+0x1384/0x4858 [ 19.356777] kasan_atomics+0x198/0x2e0 [ 19.357049] kunit_try_run_case+0x170/0x3f0 [ 19.357402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.357613] kthread+0x328/0x630 [ 19.357873] ret_from_fork+0x10/0x20 [ 19.358018] [ 19.358041] Allocated by task 265: [ 19.358071] kasan_save_stack+0x3c/0x68 [ 19.358429] kasan_save_track+0x20/0x40 [ 19.358592] kasan_save_alloc_info+0x40/0x58 [ 19.358665] __kasan_kmalloc+0xd4/0xd8 [ 19.358707] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.358747] kasan_atomics+0xb8/0x2e0 [ 19.358786] kunit_try_run_case+0x170/0x3f0 [ 19.358826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.359044] kthread+0x328/0x630 [ 19.359096] ret_from_fork+0x10/0x20 [ 19.359144] [ 19.359166] The buggy address belongs to the object at fff00000c65b1c00 [ 19.359166] which belongs to the cache kmalloc-64 of size 64 [ 19.359279] The buggy address is located 0 bytes to the right of [ 19.359279] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.359503] [ 19.359530] The buggy address belongs to the physical page: [ 19.359564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.359623] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.359677] page_type: f5(slab) [ 19.360116] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.360480] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.360647] page dumped because: kasan: bad access detected [ 19.360689] [ 19.360709] Memory state around the buggy address: [ 19.361199] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.361971] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.362050] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.362113] ^ [ 19.362220] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.362270] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.362537] ================================================================== [ 19.491595] ================================================================== [ 19.491733] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.491794] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.491899] [ 19.491996] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.492081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.492108] Hardware name: linux,dummy-virt (DT) [ 19.492141] Call trace: [ 19.492165] show_stack+0x20/0x38 (C) [ 19.492227] dump_stack_lvl+0x8c/0xd0 [ 19.492274] print_report+0x118/0x5d0 [ 19.492442] kasan_report+0xdc/0x128 [ 19.492964] kasan_check_range+0x100/0x1a8 [ 19.493020] __kasan_check_write+0x20/0x30 [ 19.493066] kasan_atomics_helper+0x17ec/0x4858 [ 19.493115] kasan_atomics+0x198/0x2e0 [ 19.493161] kunit_try_run_case+0x170/0x3f0 [ 19.493219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.493273] kthread+0x328/0x630 [ 19.493316] ret_from_fork+0x10/0x20 [ 19.493370] [ 19.493469] Allocated by task 265: [ 19.493567] kasan_save_stack+0x3c/0x68 [ 19.493611] kasan_save_track+0x20/0x40 [ 19.493795] kasan_save_alloc_info+0x40/0x58 [ 19.494000] __kasan_kmalloc+0xd4/0xd8 [ 19.494184] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.494226] kasan_atomics+0xb8/0x2e0 [ 19.494720] kunit_try_run_case+0x170/0x3f0 [ 19.494789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.494836] kthread+0x328/0x630 [ 19.494873] ret_from_fork+0x10/0x20 [ 19.494910] [ 19.494931] The buggy address belongs to the object at fff00000c65b1c00 [ 19.494931] which belongs to the cache kmalloc-64 of size 64 [ 19.494993] The buggy address is located 0 bytes to the right of [ 19.494993] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.495063] [ 19.495084] The buggy address belongs to the physical page: [ 19.495119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.495186] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.495522] page_type: f5(slab) [ 19.495578] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.495631] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.495755] page dumped because: kasan: bad access detected [ 19.495813] [ 19.495833] Memory state around the buggy address: [ 19.496482] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.496562] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.496608] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.496650] ^ [ 19.496686] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.496733] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.496910] ================================================================== [ 19.232741] ================================================================== [ 19.232795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.232844] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.232900] [ 19.232931] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.233017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.233044] Hardware name: linux,dummy-virt (DT) [ 19.233076] Call trace: [ 19.233099] show_stack+0x20/0x38 (C) [ 19.233479] dump_stack_lvl+0x8c/0xd0 [ 19.233654] print_report+0x118/0x5d0 [ 19.233707] kasan_report+0xdc/0x128 [ 19.233763] kasan_check_range+0x100/0x1a8 [ 19.233812] __kasan_check_write+0x20/0x30 [ 19.234293] kasan_atomics_helper+0xe44/0x4858 [ 19.234363] kasan_atomics+0x198/0x2e0 [ 19.234410] kunit_try_run_case+0x170/0x3f0 [ 19.234459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.234513] kthread+0x328/0x630 [ 19.234555] ret_from_fork+0x10/0x20 [ 19.234621] [ 19.234642] Allocated by task 265: [ 19.234673] kasan_save_stack+0x3c/0x68 [ 19.235127] kasan_save_track+0x20/0x40 [ 19.235309] kasan_save_alloc_info+0x40/0x58 [ 19.235506] __kasan_kmalloc+0xd4/0xd8 [ 19.235544] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.235608] kasan_atomics+0xb8/0x2e0 [ 19.235647] kunit_try_run_case+0x170/0x3f0 [ 19.235689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.235891] kthread+0x328/0x630 [ 19.235933] ret_from_fork+0x10/0x20 [ 19.235973] [ 19.236047] The buggy address belongs to the object at fff00000c65b1c00 [ 19.236047] which belongs to the cache kmalloc-64 of size 64 [ 19.236148] The buggy address is located 0 bytes to the right of [ 19.236148] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.236251] [ 19.236296] The buggy address belongs to the physical page: [ 19.236330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.236594] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.236654] page_type: f5(slab) [ 19.236695] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.236751] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.237031] page dumped because: kasan: bad access detected [ 19.237203] [ 19.237239] Memory state around the buggy address: [ 19.237275] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.237323] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.237418] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.237579] ^ [ 19.237630] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.237677] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.237717] ================================================================== [ 19.373654] ================================================================== [ 19.373845] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.373910] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.373976] [ 19.374008] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.374237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.374300] Hardware name: linux,dummy-virt (DT) [ 19.374333] Call trace: [ 19.374359] show_stack+0x20/0x38 (C) [ 19.374409] dump_stack_lvl+0x8c/0xd0 [ 19.374465] print_report+0x118/0x5d0 [ 19.374511] kasan_report+0xdc/0x128 [ 19.374558] kasan_check_range+0x100/0x1a8 [ 19.374618] __kasan_check_write+0x20/0x30 [ 19.374673] kasan_atomics_helper+0x1414/0x4858 [ 19.374724] kasan_atomics+0x198/0x2e0 [ 19.374780] kunit_try_run_case+0x170/0x3f0 [ 19.374831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.374887] kthread+0x328/0x630 [ 19.374930] ret_from_fork+0x10/0x20 [ 19.374984] [ 19.375043] Allocated by task 265: [ 19.375072] kasan_save_stack+0x3c/0x68 [ 19.375117] kasan_save_track+0x20/0x40 [ 19.375155] kasan_save_alloc_info+0x40/0x58 [ 19.375209] __kasan_kmalloc+0xd4/0xd8 [ 19.375255] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.375317] kasan_atomics+0xb8/0x2e0 [ 19.375374] kunit_try_run_case+0x170/0x3f0 [ 19.375415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.376470] kthread+0x328/0x630 [ 19.376542] ret_from_fork+0x10/0x20 [ 19.376621] [ 19.376754] The buggy address belongs to the object at fff00000c65b1c00 [ 19.376754] which belongs to the cache kmalloc-64 of size 64 [ 19.376826] The buggy address is located 0 bytes to the right of [ 19.376826] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.376896] [ 19.376919] The buggy address belongs to the physical page: [ 19.376955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.377155] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.377251] page_type: f5(slab) [ 19.377293] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.377349] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.377395] page dumped because: kasan: bad access detected [ 19.377458] [ 19.377484] Memory state around the buggy address: [ 19.377540] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.377588] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.377635] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.377687] ^ [ 19.377731] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.377776] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.377822] ================================================================== [ 19.378963] ================================================================== [ 19.379383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.379596] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.379859] [ 19.379933] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.380385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.380577] Hardware name: linux,dummy-virt (DT) [ 19.380618] Call trace: [ 19.380903] show_stack+0x20/0x38 (C) [ 19.381246] dump_stack_lvl+0x8c/0xd0 [ 19.381476] print_report+0x118/0x5d0 [ 19.381658] kasan_report+0xdc/0x128 [ 19.381807] kasan_check_range+0x100/0x1a8 [ 19.381921] __kasan_check_write+0x20/0x30 [ 19.382123] kasan_atomics_helper+0x147c/0x4858 [ 19.382300] kasan_atomics+0x198/0x2e0 [ 19.382562] kunit_try_run_case+0x170/0x3f0 [ 19.382892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.383452] kthread+0x328/0x630 [ 19.383624] ret_from_fork+0x10/0x20 [ 19.383789] [ 19.383879] Allocated by task 265: [ 19.383960] kasan_save_stack+0x3c/0x68 [ 19.384010] kasan_save_track+0x20/0x40 [ 19.384353] kasan_save_alloc_info+0x40/0x58 [ 19.385260] __kasan_kmalloc+0xd4/0xd8 [ 19.385347] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.385429] kasan_atomics+0xb8/0x2e0 [ 19.385491] kunit_try_run_case+0x170/0x3f0 [ 19.385532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.386063] kthread+0x328/0x630 [ 19.386413] ret_from_fork+0x10/0x20 [ 19.386665] [ 19.386976] The buggy address belongs to the object at fff00000c65b1c00 [ 19.386976] which belongs to the cache kmalloc-64 of size 64 [ 19.387075] The buggy address is located 0 bytes to the right of [ 19.387075] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.387413] [ 19.387562] The buggy address belongs to the physical page: [ 19.387715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.387991] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.388302] page_type: f5(slab) [ 19.388517] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.388704] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.389138] page dumped because: kasan: bad access detected [ 19.389527] [ 19.389561] Memory state around the buggy address: [ 19.389838] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.390249] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.390350] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.390395] ^ [ 19.390495] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.390837] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.391062] ================================================================== [ 19.404975] ================================================================== [ 19.405028] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.405131] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.405210] [ 19.405251] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.405346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.405374] Hardware name: linux,dummy-virt (DT) [ 19.405413] Call trace: [ 19.405447] show_stack+0x20/0x38 (C) [ 19.405498] dump_stack_lvl+0x8c/0xd0 [ 19.405555] print_report+0x118/0x5d0 [ 19.405617] kasan_report+0xdc/0x128 [ 19.405664] kasan_check_range+0x100/0x1a8 [ 19.405715] __kasan_check_write+0x20/0x30 [ 19.405761] kasan_atomics_helper+0x15b4/0x4858 [ 19.405810] kasan_atomics+0x198/0x2e0 [ 19.405856] kunit_try_run_case+0x170/0x3f0 [ 19.405905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.405967] kthread+0x328/0x630 [ 19.406013] ret_from_fork+0x10/0x20 [ 19.406061] [ 19.406089] Allocated by task 265: [ 19.406129] kasan_save_stack+0x3c/0x68 [ 19.406191] kasan_save_track+0x20/0x40 [ 19.406233] kasan_save_alloc_info+0x40/0x58 [ 19.406285] __kasan_kmalloc+0xd4/0xd8 [ 19.406327] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.406369] kasan_atomics+0xb8/0x2e0 [ 19.406413] kunit_try_run_case+0x170/0x3f0 [ 19.406453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.406501] kthread+0x328/0x630 [ 19.406545] ret_from_fork+0x10/0x20 [ 19.406590] [ 19.406613] The buggy address belongs to the object at fff00000c65b1c00 [ 19.406613] which belongs to the cache kmalloc-64 of size 64 [ 19.406681] The buggy address is located 0 bytes to the right of [ 19.406681] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.406749] [ 19.406779] The buggy address belongs to the physical page: [ 19.406813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.406868] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.406918] page_type: f5(slab) [ 19.406956] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.407011] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.407054] page dumped because: kasan: bad access detected [ 19.407089] [ 19.407118] Memory state around the buggy address: [ 19.407157] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.407279] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.407544] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.407755] ^ [ 19.407956] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.408009] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.408610] ================================================================== [ 19.017893] ================================================================== [ 19.020017] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 19.020272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.020503] kasan_report+0xdc/0x128 [ 19.020804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.021101] kasan_save_alloc_info+0x40/0x58 [ 19.021552] The buggy address is located 0 bytes to the right of [ 19.021552] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.021686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.022070] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.022611] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.023215] ================================================================== [ 19.398120] ================================================================== [ 19.398184] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.398329] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.398389] [ 19.398449] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.398671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.398702] Hardware name: linux,dummy-virt (DT) [ 19.398737] Call trace: [ 19.398799] show_stack+0x20/0x38 (C) [ 19.398870] dump_stack_lvl+0x8c/0xd0 [ 19.398916] print_report+0x118/0x5d0 [ 19.398964] kasan_report+0xdc/0x128 [ 19.399010] kasan_check_range+0x100/0x1a8 [ 19.399070] __kasan_check_write+0x20/0x30 [ 19.399126] kasan_atomics_helper+0x154c/0x4858 [ 19.399188] kasan_atomics+0x198/0x2e0 [ 19.399568] kunit_try_run_case+0x170/0x3f0 [ 19.399692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.399845] kthread+0x328/0x630 [ 19.399940] ret_from_fork+0x10/0x20 [ 19.400064] [ 19.400113] Allocated by task 265: [ 19.400145] kasan_save_stack+0x3c/0x68 [ 19.400441] kasan_save_track+0x20/0x40 [ 19.400562] kasan_save_alloc_info+0x40/0x58 [ 19.400671] __kasan_kmalloc+0xd4/0xd8 [ 19.400947] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.401123] kasan_atomics+0xb8/0x2e0 [ 19.401203] kunit_try_run_case+0x170/0x3f0 [ 19.401333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.401440] kthread+0x328/0x630 [ 19.401568] ret_from_fork+0x10/0x20 [ 19.401635] [ 19.401658] The buggy address belongs to the object at fff00000c65b1c00 [ 19.401658] which belongs to the cache kmalloc-64 of size 64 [ 19.401980] The buggy address is located 0 bytes to the right of [ 19.401980] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.402209] [ 19.402269] The buggy address belongs to the physical page: [ 19.402423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.402630] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.402830] page_type: f5(slab) [ 19.402986] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.403250] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.403402] page dumped because: kasan: bad access detected [ 19.403448] [ 19.403468] Memory state around the buggy address: [ 19.403504] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.403551] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.403597] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.403840] ^ [ 19.403966] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.404080] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.404361] ================================================================== [ 19.391791] ================================================================== [ 19.391920] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.391990] Write of size 8 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 19.392048] [ 19.392146] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.392255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.392333] Hardware name: linux,dummy-virt (DT) [ 19.392368] Call trace: [ 19.392419] show_stack+0x20/0x38 (C) [ 19.392472] dump_stack_lvl+0x8c/0xd0 [ 19.392526] print_report+0x118/0x5d0 [ 19.392575] kasan_report+0xdc/0x128 [ 19.392621] kasan_check_range+0x100/0x1a8 [ 19.392671] __kasan_check_write+0x20/0x30 [ 19.392717] kasan_atomics_helper+0x14e4/0x4858 [ 19.392765] kasan_atomics+0x198/0x2e0 [ 19.393067] kunit_try_run_case+0x170/0x3f0 [ 19.393271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.393385] kthread+0x328/0x630 [ 19.393452] ret_from_fork+0x10/0x20 [ 19.393562] [ 19.393600] Allocated by task 265: [ 19.393633] kasan_save_stack+0x3c/0x68 [ 19.393679] kasan_save_track+0x20/0x40 [ 19.393720] kasan_save_alloc_info+0x40/0x58 [ 19.393928] __kasan_kmalloc+0xd4/0xd8 [ 19.394227] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.394306] kasan_atomics+0xb8/0x2e0 [ 19.394348] kunit_try_run_case+0x170/0x3f0 [ 19.394534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.394609] kthread+0x328/0x630 [ 19.394654] ret_from_fork+0x10/0x20 [ 19.394871] [ 19.394946] The buggy address belongs to the object at fff00000c65b1c00 [ 19.394946] which belongs to the cache kmalloc-64 of size 64 [ 19.395027] The buggy address is located 0 bytes to the right of [ 19.395027] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.395329] [ 19.395393] The buggy address belongs to the physical page: [ 19.395507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.395602] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.395783] page_type: f5(slab) [ 19.395830] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.395886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.395931] page dumped because: kasan: bad access detected [ 19.396323] [ 19.396403] Memory state around the buggy address: [ 19.396492] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.396804] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.396959] >fff00000c65b1c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.397052] ^ [ 19.397088] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.397141] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.397463] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 18.948656] ================================================================== [ 18.949002] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 18.949134] Read of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.949199] [ 18.949588] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.949696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.949853] Hardware name: linux,dummy-virt (DT) [ 18.949897] Call trace: [ 18.949940] show_stack+0x20/0x38 (C) [ 18.950140] dump_stack_lvl+0x8c/0xd0 [ 18.950376] print_report+0x118/0x5d0 [ 18.950466] kasan_report+0xdc/0x128 [ 18.950561] __asan_report_load8_noabort+0x20/0x30 [ 18.950619] kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 18.950683] kasan_bitops_generic+0x11c/0x1c8 [ 18.950754] kunit_try_run_case+0x170/0x3f0 [ 18.950805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.950861] kthread+0x328/0x630 [ 18.950958] [ 18.950978] Allocated by task 261: [ 18.951054] kasan_save_track+0x20/0x40 [ 18.951104] kasan_save_alloc_info+0x40/0x58 [ 18.951148] __kasan_kmalloc+0xd4/0xd8 [ 18.951413] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.951689] kasan_bitops_generic+0xa0/0x1c8 [ 18.951992] kthread+0x328/0x630 [ 18.952157] [ 18.952416] The buggy address is located 8 bytes inside of [ 18.952416] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.952997] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.953393] page_type: f5(slab) [ 18.953459] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.953590] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.953705] page dumped because: kasan: bad access detected [ 18.953808] [ 18.953908] Memory state around the buggy address: [ 18.953948] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.954146] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.954393] >fff00000c45d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.954457] ^ [ 18.954600] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.960290] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.960543] page_type: f5(slab) [ 18.960709] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.961108] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.961227] page dumped because: kasan: bad access detected [ 18.985818] dump_stack_lvl+0x8c/0xd0 [ 18.986139] __asan_report_load4_noabort+0x20/0x30 [ 18.986209] kasan_atomics_helper+0x40a8/0x4858 [ 18.986283] kasan_atomics+0x198/0x2e0 [ 18.986331] kunit_try_run_case+0x170/0x3f0 [ 18.986609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.986780] kthread+0x328/0x630 [ 18.986854] ret_from_fork+0x10/0x20 [ 18.986971] [ 18.988703] The buggy address is located 0 bytes to the right of [ 18.988703] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 18.989455] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.990587] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.991067] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.992537] Write of size 4 at addr fff00000c65b1c30 by task kunit_try_catch/265 [ 18.993084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.993961] kasan_atomics+0x198/0x2e0 [ 18.994623] kasan_save_alloc_info+0x40/0x58 [ 18.994918] ret_from_fork+0x10/0x20 [ 18.995052] The buggy address is located 0 bytes to the right of [ 18.995052] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 18.995564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 18.996872] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.997879] fff00000c65b1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.998426] fff00000c65b1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.001615] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.004600] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.006187] The buggy address is located 0 bytes to the right of [ 19.006187] allocated 48-byte region [fff00000c65b1c00, fff00000c65b1c30) [ 19.006626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.007776] fff00000c65b1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.008207] ^ [ 19.008664] fff00000c65b1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.010059] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 18.807047] ================================================================== [ 18.807101] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.807155] Read of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.807228] [ 18.807261] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.807344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.808438] Hardware name: linux,dummy-virt (DT) [ 18.808492] Call trace: [ 18.808665] show_stack+0x20/0x38 (C) [ 18.808723] dump_stack_lvl+0x8c/0xd0 [ 18.808848] print_report+0x118/0x5d0 [ 18.808898] kasan_report+0xdc/0x128 [ 18.808947] __asan_report_load8_noabort+0x20/0x30 [ 18.809075] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.809132] kasan_bitops_generic+0x110/0x1c8 [ 18.809682] kunit_try_run_case+0x170/0x3f0 [ 18.810393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.810738] kthread+0x328/0x630 [ 18.811019] ret_from_fork+0x10/0x20 [ 18.811368] [ 18.811392] Allocated by task 261: [ 18.811645] kasan_save_stack+0x3c/0x68 [ 18.811719] kasan_save_track+0x20/0x40 [ 18.811918] kasan_save_alloc_info+0x40/0x58 [ 18.812180] __kasan_kmalloc+0xd4/0xd8 [ 18.812784] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.813055] kasan_bitops_generic+0xa0/0x1c8 [ 18.813101] kunit_try_run_case+0x170/0x3f0 [ 18.813338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.813477] kthread+0x328/0x630 [ 18.813515] ret_from_fork+0x10/0x20 [ 18.813892] [ 18.814187] The buggy address belongs to the object at fff00000c45d1b00 [ 18.814187] which belongs to the cache kmalloc-16 of size 16 [ 18.814474] The buggy address is located 8 bytes inside of [ 18.814474] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.814546] [ 18.814986] The buggy address belongs to the physical page: [ 18.815037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.815107] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.815392] page_type: f5(slab) [ 18.815444] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.815890] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.816167] page dumped because: kasan: bad access detected [ 18.816253] [ 18.816503] Memory state around the buggy address: [ 18.816542] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.816865] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.816999] >fff00000c45d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.817313] ^ [ 18.817580] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.817762] fff00000c45d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.818039] ================================================================== [ 18.832761] ================================================================== [ 18.832825] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 18.832881] Read of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.833421] [ 18.833545] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.833639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.833668] Hardware name: linux,dummy-virt (DT) [ 18.833704] Call trace: [ 18.833727] show_stack+0x20/0x38 (C) [ 18.833780] dump_stack_lvl+0x8c/0xd0 [ 18.833828] print_report+0x118/0x5d0 [ 18.833877] kasan_report+0xdc/0x128 [ 18.833923] __asan_report_load8_noabort+0x20/0x30 [ 18.835337] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 18.835595] kasan_bitops_generic+0x110/0x1c8 [ 18.835784] kunit_try_run_case+0x170/0x3f0 [ 18.836390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.836787] kthread+0x328/0x630 [ 18.836843] ret_from_fork+0x10/0x20 [ 18.836903] [ 18.836923] Allocated by task 261: [ 18.836955] kasan_save_stack+0x3c/0x68 [ 18.837534] kasan_save_track+0x20/0x40 [ 18.837596] kasan_save_alloc_info+0x40/0x58 [ 18.837971] __kasan_kmalloc+0xd4/0xd8 [ 18.838091] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.838416] kasan_bitops_generic+0xa0/0x1c8 [ 18.838572] kunit_try_run_case+0x170/0x3f0 [ 18.838860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.839115] kthread+0x328/0x630 [ 18.839320] ret_from_fork+0x10/0x20 [ 18.839759] [ 18.839838] The buggy address belongs to the object at fff00000c45d1b00 [ 18.839838] which belongs to the cache kmalloc-16 of size 16 [ 18.839910] The buggy address is located 8 bytes inside of [ 18.839910] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.839976] [ 18.840696] The buggy address belongs to the physical page: [ 18.840733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.840797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.840853] page_type: f5(slab) [ 18.840896] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.841109] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.841794] page dumped because: kasan: bad access detected [ 18.841974] [ 18.841995] Memory state around the buggy address: [ 18.842380] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.842434] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.843064] >fff00000c45d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.843259] ^ [ 18.843298] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.843346] fff00000c45d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.843575] ================================================================== [ 18.845776] ================================================================== [ 18.845830] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 18.845884] Write of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.845944] [ 18.845976] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.846063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.846092] Hardware name: linux,dummy-virt (DT) [ 18.847312] Call trace: [ 18.847357] show_stack+0x20/0x38 (C) [ 18.847418] dump_stack_lvl+0x8c/0xd0 [ 18.847475] print_report+0x118/0x5d0 [ 18.847524] kasan_report+0xdc/0x128 [ 18.847572] kasan_check_range+0x100/0x1a8 [ 18.848042] __kasan_check_write+0x20/0x30 [ 18.848130] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 18.848198] kasan_bitops_generic+0x110/0x1c8 [ 18.848248] kunit_try_run_case+0x170/0x3f0 [ 18.848728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.848886] kthread+0x328/0x630 [ 18.849264] ret_from_fork+0x10/0x20 [ 18.849343] [ 18.849365] Allocated by task 261: [ 18.849401] kasan_save_stack+0x3c/0x68 [ 18.849448] kasan_save_track+0x20/0x40 [ 18.849490] kasan_save_alloc_info+0x40/0x58 [ 18.849532] __kasan_kmalloc+0xd4/0xd8 [ 18.850282] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.850355] kasan_bitops_generic+0xa0/0x1c8 [ 18.850619] kunit_try_run_case+0x170/0x3f0 [ 18.850664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.850712] kthread+0x328/0x630 [ 18.851164] ret_from_fork+0x10/0x20 [ 18.851375] [ 18.851403] The buggy address belongs to the object at fff00000c45d1b00 [ 18.851403] which belongs to the cache kmalloc-16 of size 16 [ 18.851849] The buggy address is located 8 bytes inside of [ 18.851849] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.851924] [ 18.852305] The buggy address belongs to the physical page: [ 18.852583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.852848] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.853140] page_type: f5(slab) [ 18.853320] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.853597] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.853645] page dumped because: kasan: bad access detected [ 18.854437] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.857296] Call trace: [ 18.859066] __kasan_check_write+0x20/0x30 [ 18.859578] kasan_save_alloc_info+0x40/0x58 [ 18.862725] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.863978] [ 18.865198] ^ [ 18.865918] ================================================================== [ 18.819376] ================================================================== [ 18.819438] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 18.819494] Write of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.819548] [ 18.819580] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.819666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.819694] Hardware name: linux,dummy-virt (DT) [ 18.820744] Call trace: [ 18.820786] show_stack+0x20/0x38 (C) [ 18.822297] dump_stack_lvl+0x8c/0xd0 [ 18.822397] print_report+0x118/0x5d0 [ 18.822692] kasan_report+0xdc/0x128 [ 18.822827] kasan_check_range+0x100/0x1a8 [ 18.823091] __kasan_check_write+0x20/0x30 [ 18.823498] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 18.823566] kasan_bitops_generic+0x110/0x1c8 [ 18.823989] kunit_try_run_case+0x170/0x3f0 [ 18.824054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.824521] kthread+0x328/0x630 [ 18.824602] ret_from_fork+0x10/0x20 [ 18.825023] [ 18.825057] Allocated by task 261: [ 18.825268] kasan_save_stack+0x3c/0x68 [ 18.825564] kasan_save_track+0x20/0x40 [ 18.825848] kasan_save_alloc_info+0x40/0x58 [ 18.825997] __kasan_kmalloc+0xd4/0xd8 [ 18.826041] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.826084] kasan_bitops_generic+0xa0/0x1c8 [ 18.826124] kunit_try_run_case+0x170/0x3f0 [ 18.826165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.826222] kthread+0x328/0x630 [ 18.826967] ret_from_fork+0x10/0x20 [ 18.827335] [ 18.827360] The buggy address belongs to the object at fff00000c45d1b00 [ 18.827360] which belongs to the cache kmalloc-16 of size 16 [ 18.827675] The buggy address is located 8 bytes inside of [ 18.827675] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.827819] [ 18.828045] The buggy address belongs to the physical page: [ 18.828085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.828578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.828721] page_type: f5(slab) [ 18.828764] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.829106] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.829415] page dumped because: kasan: bad access detected [ 18.829469] [ 18.829661] Memory state around the buggy address: [ 18.829700] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.830116] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.830180] >fff00000c45d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.830908] ^ [ 18.831208] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.831285] fff00000c45d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.831327] ================================================================== [ 18.794315] ================================================================== [ 18.794380] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.794437] Write of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.794489] [ 18.794521] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.796318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.796369] Hardware name: linux,dummy-virt (DT) [ 18.796882] Call trace: [ 18.797116] show_stack+0x20/0x38 (C) [ 18.797256] dump_stack_lvl+0x8c/0xd0 [ 18.797550] print_report+0x118/0x5d0 [ 18.797602] kasan_report+0xdc/0x128 [ 18.798082] kasan_check_range+0x100/0x1a8 [ 18.798142] __kasan_check_write+0x20/0x30 [ 18.798910] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.799205] kasan_bitops_generic+0x110/0x1c8 [ 18.799314] kunit_try_run_case+0x170/0x3f0 [ 18.799366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.799524] kthread+0x328/0x630 [ 18.799577] ret_from_fork+0x10/0x20 [ 18.799771] [ 18.799797] Allocated by task 261: [ 18.799977] kasan_save_stack+0x3c/0x68 [ 18.800159] kasan_save_track+0x20/0x40 [ 18.800236] kasan_save_alloc_info+0x40/0x58 [ 18.800996] __kasan_kmalloc+0xd4/0xd8 [ 18.801241] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.801355] kasan_bitops_generic+0xa0/0x1c8 [ 18.801403] kunit_try_run_case+0x170/0x3f0 [ 18.801883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.801953] kthread+0x328/0x630 [ 18.801989] ret_from_fork+0x10/0x20 [ 18.802496] [ 18.802694] The buggy address belongs to the object at fff00000c45d1b00 [ 18.802694] which belongs to the cache kmalloc-16 of size 16 [ 18.802928] The buggy address is located 8 bytes inside of [ 18.802928] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.803089] [ 18.803114] The buggy address belongs to the physical page: [ 18.803469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.803536] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.803731] page_type: f5(slab) [ 18.804044] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.804232] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.804278] page dumped because: kasan: bad access detected [ 18.804316] [ 18.804409] Memory state around the buggy address: [ 18.804447] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.804874] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.805195] >fff00000c45d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.805402] ^ [ 18.805474] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.805540] fff00000c45d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.805584] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 18.777133] ================================================================== [ 18.777207] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 18.777257] Read of size 1 at addr fff00000c66fec50 by task kunit_try_catch/259 [ 18.777309] [ 18.777485] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.777587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.777634] Hardware name: linux,dummy-virt (DT) [ 18.777668] Call trace: [ 18.777694] show_stack+0x20/0x38 (C) [ 18.777755] dump_stack_lvl+0x8c/0xd0 [ 18.777812] print_report+0x118/0x5d0 [ 18.777859] kasan_report+0xdc/0x128 [ 18.777905] __asan_report_load1_noabort+0x20/0x30 [ 18.777963] strnlen+0x80/0x88 [ 18.778004] kasan_strings+0x478/0xb00 [ 18.778055] kunit_try_run_case+0x170/0x3f0 [ 18.778105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.778160] kthread+0x328/0x630 [ 18.778211] ret_from_fork+0x10/0x20 [ 18.778259] [ 18.778279] Allocated by task 259: [ 18.778308] kasan_save_stack+0x3c/0x68 [ 18.778352] kasan_save_track+0x20/0x40 [ 18.778393] kasan_save_alloc_info+0x40/0x58 [ 18.778434] __kasan_kmalloc+0xd4/0xd8 [ 18.778474] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.778514] kasan_strings+0xc8/0xb00 [ 18.778551] kunit_try_run_case+0x170/0x3f0 [ 18.778594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.778640] kthread+0x328/0x630 [ 18.778674] ret_from_fork+0x10/0x20 [ 18.778711] [ 18.778742] Freed by task 259: [ 18.778770] kasan_save_stack+0x3c/0x68 [ 18.778819] kasan_save_track+0x20/0x40 [ 18.779201] kasan_save_free_info+0x4c/0x78 [ 18.781196] __kasan_slab_free+0x6c/0x98 [ 18.781271] kfree+0x214/0x3c8 [ 18.781315] kasan_strings+0x24c/0xb00 [ 18.781359] kunit_try_run_case+0x170/0x3f0 [ 18.781401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.781446] kthread+0x328/0x630 [ 18.781481] ret_from_fork+0x10/0x20 [ 18.781519] [ 18.781541] The buggy address belongs to the object at fff00000c66fec40 [ 18.781541] which belongs to the cache kmalloc-32 of size 32 [ 18.781604] The buggy address is located 16 bytes inside of [ 18.781604] freed 32-byte region [fff00000c66fec40, fff00000c66fec60) [ 18.781669] [ 18.781691] The buggy address belongs to the physical page: [ 18.781725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066fe [ 18.781778] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.781829] page_type: f5(slab) [ 18.781869] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.781922] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.781972] page dumped because: kasan: bad access detected [ 18.782007] [ 18.782027] Memory state around the buggy address: [ 18.782061] fff00000c66feb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.782107] fff00000c66feb80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.782154] >fff00000c66fec00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.782207] ^ [ 18.782247] fff00000c66fec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.782293] fff00000c66fed00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.782336] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.681621] ================================================================== [ 18.681711] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 18.682119] Read of size 1 at addr ffff800080907b5f by task kunit_try_catch/251 [ 18.682236] [ 18.682370] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.682461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.682542] Hardware name: linux,dummy-virt (DT) [ 18.682576] Call trace: [ 18.682631] show_stack+0x20/0x38 (C) [ 18.682685] dump_stack_lvl+0x8c/0xd0 [ 18.682735] print_report+0x310/0x5d0 [ 18.683024] kasan_report+0xdc/0x128 [ 18.683109] __asan_report_load1_noabort+0x20/0x30 [ 18.683165] kasan_alloca_oob_left+0x2b8/0x310 [ 18.683480] kunit_try_run_case+0x170/0x3f0 [ 18.683646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.683722] kthread+0x328/0x630 [ 18.683769] ret_from_fork+0x10/0x20 [ 18.683827] [ 18.683850] The buggy address belongs to stack of task kunit_try_catch/251 [ 18.684462] [ 18.684508] The buggy address ffff800080907b5f belongs to a vmalloc virtual mapping [ 18.684568] The buggy address belongs to the physical page: [ 18.684698] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065fb [ 18.685027] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.685155] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.685277] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.685548] page dumped because: kasan: bad access detected [ 18.685681] [ 18.685743] Memory state around the buggy address: [ 18.686058] ffff800080907a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.686133] ffff800080907a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.686314] >ffff800080907b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 18.686421] ^ [ 18.686771] ffff800080907b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.686875] ffff800080907c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.687006] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 18.766409] ================================================================== [ 18.766465] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 18.766516] Read of size 1 at addr fff00000c66fec50 by task kunit_try_catch/259 [ 18.766568] [ 18.766600] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.766684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.766717] Hardware name: linux,dummy-virt (DT) [ 18.766750] Call trace: [ 18.766775] show_stack+0x20/0x38 (C) [ 18.766825] dump_stack_lvl+0x8c/0xd0 [ 18.766927] print_report+0x118/0x5d0 [ 18.766993] kasan_report+0xdc/0x128 [ 18.767041] __asan_report_load1_noabort+0x20/0x30 [ 18.767096] strlen+0xa8/0xb0 [ 18.767138] kasan_strings+0x418/0xb00 [ 18.767195] kunit_try_run_case+0x170/0x3f0 [ 18.767252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.767308] kthread+0x328/0x630 [ 18.767582] ret_from_fork+0x10/0x20 [ 18.768453] [ 18.768492] Allocated by task 259: [ 18.768620] kasan_save_stack+0x3c/0x68 [ 18.768734] kasan_save_track+0x20/0x40 [ 18.768836] kasan_save_alloc_info+0x40/0x58 [ 18.768895] __kasan_kmalloc+0xd4/0xd8 [ 18.769366] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.769611] kasan_strings+0xc8/0xb00 [ 18.769771] kunit_try_run_case+0x170/0x3f0 [ 18.769888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.770007] kthread+0x328/0x630 [ 18.770114] ret_from_fork+0x10/0x20 [ 18.770291] [ 18.770333] Freed by task 259: [ 18.770581] kasan_save_stack+0x3c/0x68 [ 18.770829] kasan_save_track+0x20/0x40 [ 18.770889] kasan_save_free_info+0x4c/0x78 [ 18.771126] __kasan_slab_free+0x6c/0x98 [ 18.771207] kfree+0x214/0x3c8 [ 18.771382] kasan_strings+0x24c/0xb00 [ 18.771566] kunit_try_run_case+0x170/0x3f0 [ 18.771783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.772039] kthread+0x328/0x630 [ 18.772198] ret_from_fork+0x10/0x20 [ 18.772392] [ 18.772417] The buggy address belongs to the object at fff00000c66fec40 [ 18.772417] which belongs to the cache kmalloc-32 of size 32 [ 18.772652] The buggy address is located 16 bytes inside of [ 18.772652] freed 32-byte region [fff00000c66fec40, fff00000c66fec60) [ 18.772870] [ 18.772897] The buggy address belongs to the physical page: [ 18.773267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066fe [ 18.773360] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.773585] page_type: f5(slab) [ 18.773798] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.774027] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.774235] page dumped because: kasan: bad access detected [ 18.774327] [ 18.774406] Memory state around the buggy address: [ 18.774456] fff00000c66feb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.774667] fff00000c66feb80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.774933] >fff00000c66fec00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.774997] ^ [ 18.775188] fff00000c66fec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.775458] fff00000c66fed00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.775540] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 18.757143] ================================================================== [ 18.757221] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 18.757403] Read of size 1 at addr fff00000c66fec50 by task kunit_try_catch/259 [ 18.757513] [ 18.757570] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.757778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.757859] Hardware name: linux,dummy-virt (DT) [ 18.757895] Call trace: [ 18.757941] show_stack+0x20/0x38 (C) [ 18.758085] dump_stack_lvl+0x8c/0xd0 [ 18.758137] print_report+0x118/0x5d0 [ 18.758210] kasan_report+0xdc/0x128 [ 18.758260] __asan_report_load1_noabort+0x20/0x30 [ 18.758590] kasan_strings+0x95c/0xb00 [ 18.758730] kunit_try_run_case+0x170/0x3f0 [ 18.758838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.758923] kthread+0x328/0x630 [ 18.759067] ret_from_fork+0x10/0x20 [ 18.759119] [ 18.759159] Allocated by task 259: [ 18.759267] kasan_save_stack+0x3c/0x68 [ 18.759439] kasan_save_track+0x20/0x40 [ 18.759742] kasan_save_alloc_info+0x40/0x58 [ 18.759882] __kasan_kmalloc+0xd4/0xd8 [ 18.760042] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.760151] kasan_strings+0xc8/0xb00 [ 18.760338] kunit_try_run_case+0x170/0x3f0 [ 18.760469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.760645] kthread+0x328/0x630 [ 18.760739] ret_from_fork+0x10/0x20 [ 18.760890] [ 18.760951] Freed by task 259: [ 18.761087] kasan_save_stack+0x3c/0x68 [ 18.761236] kasan_save_track+0x20/0x40 [ 18.761351] kasan_save_free_info+0x4c/0x78 [ 18.761396] __kasan_slab_free+0x6c/0x98 [ 18.761648] kfree+0x214/0x3c8 [ 18.761823] kasan_strings+0x24c/0xb00 [ 18.761889] kunit_try_run_case+0x170/0x3f0 [ 18.761943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.762135] kthread+0x328/0x630 [ 18.762248] ret_from_fork+0x10/0x20 [ 18.762399] [ 18.762461] The buggy address belongs to the object at fff00000c66fec40 [ 18.762461] which belongs to the cache kmalloc-32 of size 32 [ 18.762614] The buggy address is located 16 bytes inside of [ 18.762614] freed 32-byte region [fff00000c66fec40, fff00000c66fec60) [ 18.762766] [ 18.762838] The buggy address belongs to the physical page: [ 18.762891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066fe [ 18.763148] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.763417] page_type: f5(slab) [ 18.763505] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.763689] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.763847] page dumped because: kasan: bad access detected [ 18.763909] [ 18.763931] Memory state around the buggy address: [ 18.763987] fff00000c66feb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.764240] fff00000c66feb80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.764427] >fff00000c66fec00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.764502] ^ [ 18.764616] fff00000c66fec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.764743] fff00000c66fed00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.764897] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 18.749032] ================================================================== [ 18.749100] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 18.749156] Read of size 1 at addr fff00000c66fec50 by task kunit_try_catch/259 [ 18.749222] [ 18.749257] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.749345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.749375] Hardware name: linux,dummy-virt (DT) [ 18.749419] Call trace: [ 18.749445] show_stack+0x20/0x38 (C) [ 18.749496] dump_stack_lvl+0x8c/0xd0 [ 18.749543] print_report+0x118/0x5d0 [ 18.749591] kasan_report+0xdc/0x128 [ 18.749638] __asan_report_load1_noabort+0x20/0x30 [ 18.749692] strcmp+0xc0/0xc8 [ 18.749734] kasan_strings+0x340/0xb00 [ 18.749780] kunit_try_run_case+0x170/0x3f0 [ 18.749835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.749891] kthread+0x328/0x630 [ 18.749937] ret_from_fork+0x10/0x20 [ 18.749998] [ 18.750020] Allocated by task 259: [ 18.750050] kasan_save_stack+0x3c/0x68 [ 18.750101] kasan_save_track+0x20/0x40 [ 18.750143] kasan_save_alloc_info+0x40/0x58 [ 18.750866] __kasan_kmalloc+0xd4/0xd8 [ 18.750924] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.750968] kasan_strings+0xc8/0xb00 [ 18.751006] kunit_try_run_case+0x170/0x3f0 [ 18.751116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.751168] kthread+0x328/0x630 [ 18.751589] ret_from_fork+0x10/0x20 [ 18.751688] [ 18.751823] Freed by task 259: [ 18.751913] kasan_save_stack+0x3c/0x68 [ 18.751981] kasan_save_track+0x20/0x40 [ 18.752187] kasan_save_free_info+0x4c/0x78 [ 18.752278] __kasan_slab_free+0x6c/0x98 [ 18.752360] kfree+0x214/0x3c8 [ 18.752499] kasan_strings+0x24c/0xb00 [ 18.752579] kunit_try_run_case+0x170/0x3f0 [ 18.752691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.752819] kthread+0x328/0x630 [ 18.752935] ret_from_fork+0x10/0x20 [ 18.753081] [ 18.753152] The buggy address belongs to the object at fff00000c66fec40 [ 18.753152] which belongs to the cache kmalloc-32 of size 32 [ 18.753240] The buggy address is located 16 bytes inside of [ 18.753240] freed 32-byte region [fff00000c66fec40, fff00000c66fec60) [ 18.753426] [ 18.753674] The buggy address belongs to the physical page: [ 18.753848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066fe [ 18.753958] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.754076] page_type: f5(slab) [ 18.754141] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.754381] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.754505] page dumped because: kasan: bad access detected [ 18.754581] [ 18.754740] Memory state around the buggy address: [ 18.754828] fff00000c66feb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.755040] fff00000c66feb80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.755123] >fff00000c66fec00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.755269] ^ [ 18.755312] fff00000c66fec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.755793] fff00000c66fed00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.755919] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 18.721047] ================================================================== [ 18.721474] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 18.721543] Read of size 1 at addr fff00000c66feb18 by task kunit_try_catch/257 [ 18.721595] [ 18.721631] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.721728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.721756] Hardware name: linux,dummy-virt (DT) [ 18.721790] Call trace: [ 18.721813] show_stack+0x20/0x38 (C) [ 18.721866] dump_stack_lvl+0x8c/0xd0 [ 18.721957] print_report+0x118/0x5d0 [ 18.722045] kasan_report+0xdc/0x128 [ 18.722094] __asan_report_load1_noabort+0x20/0x30 [ 18.722386] memcmp+0x198/0x1d8 [ 18.722476] kasan_memcmp+0x16c/0x300 [ 18.722527] kunit_try_run_case+0x170/0x3f0 [ 18.722580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.722637] kthread+0x328/0x630 [ 18.722689] ret_from_fork+0x10/0x20 [ 18.722741] [ 18.722761] Allocated by task 257: [ 18.722851] kasan_save_stack+0x3c/0x68 [ 18.722902] kasan_save_track+0x20/0x40 [ 18.722943] kasan_save_alloc_info+0x40/0x58 [ 18.722985] __kasan_kmalloc+0xd4/0xd8 [ 18.723024] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.723098] kasan_memcmp+0xbc/0x300 [ 18.723277] kunit_try_run_case+0x170/0x3f0 [ 18.723529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.723577] kthread+0x328/0x630 [ 18.723613] ret_from_fork+0x10/0x20 [ 18.723909] [ 18.723937] The buggy address belongs to the object at fff00000c66feb00 [ 18.723937] which belongs to the cache kmalloc-32 of size 32 [ 18.724378] The buggy address is located 0 bytes to the right of [ 18.724378] allocated 24-byte region [fff00000c66feb00, fff00000c66feb18) [ 18.724456] [ 18.724480] The buggy address belongs to the physical page: [ 18.724514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066fe [ 18.725373] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.725949] page_type: f5(slab) [ 18.726204] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.726265] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.726310] page dumped because: kasan: bad access detected [ 18.726684] [ 18.726850] Memory state around the buggy address: [ 18.726885] fff00000c66fea00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 18.727144] fff00000c66fea80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.727205] >fff00000c66feb00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.727693] ^ [ 18.727736] fff00000c66feb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.727833] fff00000c66fec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.727875] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.667545] ================================================================== [ 18.667624] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.667678] Read of size 1 at addr ffff800080907c2a by task kunit_try_catch/249 [ 18.667728] [ 18.667759] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.667844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.667949] Hardware name: linux,dummy-virt (DT) [ 18.667981] Call trace: [ 18.668022] show_stack+0x20/0x38 (C) [ 18.668073] dump_stack_lvl+0x8c/0xd0 [ 18.668122] print_report+0x310/0x5d0 [ 18.668186] kasan_report+0xdc/0x128 [ 18.668234] __asan_report_load1_noabort+0x20/0x30 [ 18.668376] kasan_stack_oob+0x238/0x270 [ 18.668567] kunit_try_run_case+0x170/0x3f0 [ 18.668676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.668876] kthread+0x328/0x630 [ 18.668923] ret_from_fork+0x10/0x20 [ 18.668973] [ 18.669346] The buggy address belongs to stack of task kunit_try_catch/249 [ 18.669717] and is located at offset 138 in frame: [ 18.669857] kasan_stack_oob+0x0/0x270 [ 18.670517] [ 18.670610] This frame has 4 objects: [ 18.671048] [48, 49) '__assertion' [ 18.671337] [64, 72) 'array' [ 18.671454] [96, 112) '__assertion' [ 18.671575] [128, 138) 'stack_array' [ 18.671753] [ 18.671782] The buggy address ffff800080907c2a belongs to a vmalloc virtual mapping [ 18.672147] The buggy address belongs to the physical page: [ 18.672275] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065fb [ 18.672378] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.672821] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.673788] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.673886] page dumped because: kasan: bad access detected [ 18.674006] [ 18.674029] Memory state around the buggy address: [ 18.674066] ffff800080907b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.674123] ffff800080907b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.674510] >ffff800080907c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.674710] ^ [ 18.674789] ffff800080907c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.674941] ffff800080907d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.675029] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.649989] ================================================================== [ 18.650159] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 18.650272] Read of size 1 at addr ffff9433e934f58d by task kunit_try_catch/245 [ 18.650364] [ 18.650406] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.650496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.650524] Hardware name: linux,dummy-virt (DT) [ 18.650674] Call trace: [ 18.650828] show_stack+0x20/0x38 (C) [ 18.650891] dump_stack_lvl+0x8c/0xd0 [ 18.651057] print_report+0x310/0x5d0 [ 18.651278] kasan_report+0xdc/0x128 [ 18.651370] __asan_report_load1_noabort+0x20/0x30 [ 18.651536] kasan_global_oob_right+0x230/0x270 [ 18.651593] kunit_try_run_case+0x170/0x3f0 [ 18.651786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.651977] kthread+0x328/0x630 [ 18.652126] ret_from_fork+0x10/0x20 [ 18.652307] [ 18.652505] The buggy address belongs to the variable: [ 18.652540] global_array+0xd/0x40 [ 18.652899] [ 18.653015] The buggy address ffff9433e934f58d belongs to a vmalloc virtual mapping [ 18.653127] The buggy address belongs to the physical page: [ 18.653167] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 18.653257] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 18.653340] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 18.653400] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.653442] page dumped because: kasan: bad access detected [ 18.653473] [ 18.653490] Memory state around the buggy address: [ 18.653542] ffff9433e934f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.653596] ffff9433e934f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 18.653650] >ffff9433e934f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 18.653688] ^ [ 18.653717] ffff9433e934f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 18.653767] ffff9433e934f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.653815] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.615320] ================================================================== [ 18.615384] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.615438] Free of addr fff00000c5942501 by task kunit_try_catch/241 [ 18.615481] [ 18.615859] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.616300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.616349] Hardware name: linux,dummy-virt (DT) [ 18.616380] Call trace: [ 18.616716] show_stack+0x20/0x38 (C) [ 18.616834] dump_stack_lvl+0x8c/0xd0 [ 18.616886] print_report+0x118/0x5d0 [ 18.617259] kasan_report_invalid_free+0xc0/0xe8 [ 18.617409] check_slab_allocation+0xfc/0x108 [ 18.617509] __kasan_mempool_poison_object+0x78/0x150 [ 18.617832] mempool_free+0x28c/0x328 [ 18.618141] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.618365] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.618442] kunit_try_run_case+0x170/0x3f0 [ 18.618594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.618892] kthread+0x328/0x630 [ 18.618978] ret_from_fork+0x10/0x20 [ 18.619125] [ 18.619281] Allocated by task 241: [ 18.619315] kasan_save_stack+0x3c/0x68 [ 18.619359] kasan_save_track+0x20/0x40 [ 18.619771] kasan_save_alloc_info+0x40/0x58 [ 18.619875] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.619940] remove_element+0x130/0x1f8 [ 18.620345] mempool_alloc_preallocated+0x58/0xc0 [ 18.620438] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.620543] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.620599] kunit_try_run_case+0x170/0x3f0 [ 18.620675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.620839] kthread+0x328/0x630 [ 18.621036] ret_from_fork+0x10/0x20 [ 18.621198] [ 18.621269] The buggy address belongs to the object at fff00000c5942500 [ 18.621269] which belongs to the cache kmalloc-128 of size 128 [ 18.621608] The buggy address is located 1 bytes inside of [ 18.621608] 128-byte region [fff00000c5942500, fff00000c5942580) [ 18.621779] [ 18.621828] The buggy address belongs to the physical page: [ 18.622305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 18.622407] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.622522] page_type: f5(slab) [ 18.622625] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.622981] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.623102] page dumped because: kasan: bad access detected [ 18.623148] [ 18.623165] Memory state around the buggy address: [ 18.623476] fff00000c5942400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.623669] fff00000c5942480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.623716] >fff00000c5942500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.623784] ^ [ 18.624097] fff00000c5942580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.624280] fff00000c5942600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.624344] ================================================================== [ 18.630578] ================================================================== [ 18.630824] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.630903] Free of addr fff00000c7918001 by task kunit_try_catch/243 [ 18.630949] [ 18.630988] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.631082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.631110] Hardware name: linux,dummy-virt (DT) [ 18.631246] Call trace: [ 18.631464] show_stack+0x20/0x38 (C) [ 18.631553] dump_stack_lvl+0x8c/0xd0 [ 18.631686] print_report+0x118/0x5d0 [ 18.631775] kasan_report_invalid_free+0xc0/0xe8 [ 18.631941] __kasan_mempool_poison_object+0xfc/0x150 [ 18.632101] mempool_free+0x28c/0x328 [ 18.632210] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.632272] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 18.632325] kunit_try_run_case+0x170/0x3f0 [ 18.632375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.632838] kthread+0x328/0x630 [ 18.632934] ret_from_fork+0x10/0x20 [ 18.633079] [ 18.633119] The buggy address belongs to the physical page: [ 18.633158] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107918 [ 18.633388] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.633814] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.634009] page_type: f8(unknown) [ 18.634066] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.634453] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.634615] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.634712] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.634863] head: 0bfffe0000000002 ffffc1ffc31e4601 00000000ffffffff 00000000ffffffff [ 18.634969] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.635315] page dumped because: kasan: bad access detected [ 18.635383] [ 18.635471] Memory state around the buggy address: [ 18.635585] fff00000c7917f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.635734] fff00000c7917f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.635851] >fff00000c7918000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.635990] ^ [ 18.636030] fff00000c7918080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.636094] fff00000c7918100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.636535] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.566884] ================================================================== [ 18.567447] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.567537] Free of addr fff00000c5942100 by task kunit_try_catch/235 [ 18.568041] [ 18.568079] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.568474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.568535] Hardware name: linux,dummy-virt (DT) [ 18.568663] Call trace: [ 18.568697] show_stack+0x20/0x38 (C) [ 18.568758] dump_stack_lvl+0x8c/0xd0 [ 18.568806] print_report+0x118/0x5d0 [ 18.568855] kasan_report_invalid_free+0xc0/0xe8 [ 18.569338] check_slab_allocation+0xd4/0x108 [ 18.569405] __kasan_mempool_poison_object+0x78/0x150 [ 18.569905] mempool_free+0x28c/0x328 [ 18.570098] mempool_double_free_helper+0x150/0x2e8 [ 18.570605] mempool_kmalloc_double_free+0xc0/0x118 [ 18.570713] kunit_try_run_case+0x170/0x3f0 [ 18.570955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.571041] kthread+0x328/0x630 [ 18.571252] ret_from_fork+0x10/0x20 [ 18.571330] [ 18.571349] Allocated by task 235: [ 18.571381] kasan_save_stack+0x3c/0x68 [ 18.571546] kasan_save_track+0x20/0x40 [ 18.571624] kasan_save_alloc_info+0x40/0x58 [ 18.571847] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.571899] remove_element+0x130/0x1f8 [ 18.572131] mempool_alloc_preallocated+0x58/0xc0 [ 18.572372] mempool_double_free_helper+0x94/0x2e8 [ 18.572431] mempool_kmalloc_double_free+0xc0/0x118 [ 18.572472] kunit_try_run_case+0x170/0x3f0 [ 18.572512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.572557] kthread+0x328/0x630 [ 18.572590] ret_from_fork+0x10/0x20 [ 18.572627] [ 18.572646] Freed by task 235: [ 18.572673] kasan_save_stack+0x3c/0x68 [ 18.573218] kasan_save_track+0x20/0x40 [ 18.573276] kasan_save_free_info+0x4c/0x78 [ 18.573334] __kasan_mempool_poison_object+0xc0/0x150 [ 18.573514] mempool_free+0x28c/0x328 [ 18.573641] mempool_double_free_helper+0x100/0x2e8 [ 18.573708] mempool_kmalloc_double_free+0xc0/0x118 [ 18.573962] kunit_try_run_case+0x170/0x3f0 [ 18.574372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.574439] kthread+0x328/0x630 [ 18.574828] ret_from_fork+0x10/0x20 [ 18.575116] [ 18.575195] The buggy address belongs to the object at fff00000c5942100 [ 18.575195] which belongs to the cache kmalloc-128 of size 128 [ 18.575380] The buggy address is located 0 bytes inside of [ 18.575380] 128-byte region [fff00000c5942100, fff00000c5942180) [ 18.575443] [ 18.575464] The buggy address belongs to the physical page: [ 18.575697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105942 [ 18.576033] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.576316] page_type: f5(slab) [ 18.576590] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.576830] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.577165] page dumped because: kasan: bad access detected [ 18.577417] [ 18.577436] Memory state around the buggy address: [ 18.577648] fff00000c5942000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.578021] fff00000c5942080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.578071] >fff00000c5942100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.578428] ^ [ 18.578462] fff00000c5942180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.578952] fff00000c5942200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.578999] ================================================================== [ 18.587775] ================================================================== [ 18.587924] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.588050] Free of addr fff00000c7918000 by task kunit_try_catch/237 [ 18.588113] [ 18.588147] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.588628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.588705] Hardware name: linux,dummy-virt (DT) [ 18.588936] Call trace: [ 18.589162] show_stack+0x20/0x38 (C) [ 18.589337] dump_stack_lvl+0x8c/0xd0 [ 18.589420] print_report+0x118/0x5d0 [ 18.589467] kasan_report_invalid_free+0xc0/0xe8 [ 18.589728] __kasan_mempool_poison_object+0x14c/0x150 [ 18.589874] mempool_free+0x28c/0x328 [ 18.590038] mempool_double_free_helper+0x150/0x2e8 [ 18.590095] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.590157] kunit_try_run_case+0x170/0x3f0 [ 18.590218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.590273] kthread+0x328/0x630 [ 18.590316] ret_from_fork+0x10/0x20 [ 18.590371] [ 18.590395] The buggy address belongs to the physical page: [ 18.590428] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107918 [ 18.590492] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.590553] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.590615] page_type: f8(unknown) [ 18.590656] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.590713] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.590765] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.590813] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.590863] head: 0bfffe0000000002 ffffc1ffc31e4601 00000000ffffffff 00000000ffffffff [ 18.590913] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.590954] page dumped because: kasan: bad access detected [ 18.590984] [ 18.591001] Memory state around the buggy address: [ 18.591043] fff00000c7917f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.591087] fff00000c7917f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.591146] >fff00000c7918000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.591212] ^ [ 18.591753] fff00000c7918080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.592082] fff00000c7918100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.592263] ================================================================== [ 18.602350] ================================================================== [ 18.602453] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.602645] Free of addr fff00000c7918000 by task kunit_try_catch/239 [ 18.602704] [ 18.602757] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.602843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.602883] Hardware name: linux,dummy-virt (DT) [ 18.602915] Call trace: [ 18.602941] show_stack+0x20/0x38 (C) [ 18.602991] dump_stack_lvl+0x8c/0xd0 [ 18.603039] print_report+0x118/0x5d0 [ 18.603085] kasan_report_invalid_free+0xc0/0xe8 [ 18.603136] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.603604] mempool_free+0x24c/0x328 [ 18.603675] mempool_double_free_helper+0x150/0x2e8 [ 18.603904] mempool_page_alloc_double_free+0xbc/0x118 [ 18.604048] kunit_try_run_case+0x170/0x3f0 [ 18.604507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.604606] kthread+0x328/0x630 [ 18.604683] ret_from_fork+0x10/0x20 [ 18.605012] [ 18.605062] The buggy address belongs to the physical page: [ 18.605244] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107918 [ 18.605398] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.605472] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.605549] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.605950] page dumped because: kasan: bad access detected [ 18.606003] [ 18.606126] Memory state around the buggy address: [ 18.606206] fff00000c7917f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.606401] fff00000c7917f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.606480] >fff00000c7918000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.606619] ^ [ 18.606648] fff00000c7918080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.606699] fff00000c7918100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.607019] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.450714] ================================================================== [ 18.450808] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.450860] Read of size 1 at addr fff00000c79b4000 by task kunit_try_catch/229 [ 18.451257] [ 18.451388] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.451602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.451630] Hardware name: linux,dummy-virt (DT) [ 18.451661] Call trace: [ 18.451684] show_stack+0x20/0x38 (C) [ 18.451734] dump_stack_lvl+0x8c/0xd0 [ 18.451804] print_report+0x118/0x5d0 [ 18.451987] kasan_report+0xdc/0x128 [ 18.452039] __asan_report_load1_noabort+0x20/0x30 [ 18.452092] mempool_uaf_helper+0x314/0x340 [ 18.452190] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.452260] kunit_try_run_case+0x170/0x3f0 [ 18.452508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.452579] kthread+0x328/0x630 [ 18.452648] ret_from_fork+0x10/0x20 [ 18.452709] [ 18.452770] The buggy address belongs to the physical page: [ 18.452816] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 18.452931] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.452986] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.453140] page_type: f8(unknown) [ 18.453339] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.453540] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.453674] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.453724] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.454037] head: 0bfffe0000000002 ffffc1ffc31e6d01 00000000ffffffff 00000000ffffffff [ 18.454487] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.454599] page dumped because: kasan: bad access detected [ 18.454632] [ 18.454651] Memory state around the buggy address: [ 18.454695] fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.454823] fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.454864] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.454906] ^ [ 18.454935] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.454978] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.455017] ================================================================== [ 18.545895] ================================================================== [ 18.545977] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.546049] Read of size 1 at addr fff00000c7918000 by task kunit_try_catch/233 [ 18.546100] [ 18.546142] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.546247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.546273] Hardware name: linux,dummy-virt (DT) [ 18.546308] Call trace: [ 18.546331] show_stack+0x20/0x38 (C) [ 18.546384] dump_stack_lvl+0x8c/0xd0 [ 18.546433] print_report+0x118/0x5d0 [ 18.546480] kasan_report+0xdc/0x128 [ 18.546525] __asan_report_load1_noabort+0x20/0x30 [ 18.546575] mempool_uaf_helper+0x314/0x340 [ 18.546620] mempool_page_alloc_uaf+0xc0/0x118 [ 18.546666] kunit_try_run_case+0x170/0x3f0 [ 18.546715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.546768] kthread+0x328/0x630 [ 18.546810] ret_from_fork+0x10/0x20 [ 18.546858] [ 18.546879] The buggy address belongs to the physical page: [ 18.546914] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107918 [ 18.546973] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.547044] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.547096] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.547137] page dumped because: kasan: bad access detected [ 18.547181] [ 18.547198] Memory state around the buggy address: [ 18.547329] fff00000c7917f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.547382] fff00000c7917f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.547426] >fff00000c7918000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.547465] ^ [ 18.547492] fff00000c7918080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.547535] fff00000c7918100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.547573] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.482507] ================================================================== [ 18.482572] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.482628] Read of size 1 at addr fff00000c65c4240 by task kunit_try_catch/231 [ 18.482678] [ 18.482710] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.482794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.482820] Hardware name: linux,dummy-virt (DT) [ 18.486820] Call trace: [ 18.488050] show_stack+0x20/0x38 (C) [ 18.488623] dump_stack_lvl+0x8c/0xd0 [ 18.489257] print_report+0x118/0x5d0 [ 18.489471] kasan_report+0xdc/0x128 [ 18.489518] __asan_report_load1_noabort+0x20/0x30 [ 18.490383] mempool_uaf_helper+0x314/0x340 [ 18.490519] mempool_slab_uaf+0xc0/0x118 [ 18.490564] kunit_try_run_case+0x170/0x3f0 [ 18.490611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.491748] kthread+0x328/0x630 [ 18.492106] ret_from_fork+0x10/0x20 [ 18.492695] [ 18.492786] Allocated by task 231: [ 18.493029] kasan_save_stack+0x3c/0x68 [ 18.493335] kasan_save_track+0x20/0x40 [ 18.493375] kasan_save_alloc_info+0x40/0x58 [ 18.493417] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.494144] remove_element+0x16c/0x1f8 [ 18.494203] mempool_alloc_preallocated+0x58/0xc0 [ 18.494244] mempool_uaf_helper+0xa4/0x340 [ 18.494281] mempool_slab_uaf+0xc0/0x118 [ 18.494318] kunit_try_run_case+0x170/0x3f0 [ 18.494356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.494401] kthread+0x328/0x630 [ 18.494434] ret_from_fork+0x10/0x20 [ 18.494470] [ 18.494489] Freed by task 231: [ 18.494518] kasan_save_stack+0x3c/0x68 [ 18.494556] kasan_save_track+0x20/0x40 [ 18.496907] kasan_save_free_info+0x4c/0x78 [ 18.497000] __kasan_mempool_poison_object+0xc0/0x150 [ 18.497047] mempool_free+0x28c/0x328 [ 18.497723] mempool_uaf_helper+0x104/0x340 [ 18.498179] mempool_slab_uaf+0xc0/0x118 [ 18.498904] kunit_try_run_case+0x170/0x3f0 [ 18.499010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.499621] kthread+0x328/0x630 [ 18.500076] ret_from_fork+0x10/0x20 [ 18.500434] [ 18.500464] The buggy address belongs to the object at fff00000c65c4240 [ 18.500464] which belongs to the cache test_cache of size 123 [ 18.501337] The buggy address is located 0 bytes inside of [ 18.501337] freed 123-byte region [fff00000c65c4240, fff00000c65c42bb) [ 18.502221] [ 18.502429] The buggy address belongs to the physical page: [ 18.502665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c4 [ 18.502910] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.503526] page_type: f5(slab) [ 18.503642] raw: 0bfffe0000000000 fff00000c66fd280 dead000000000122 0000000000000000 [ 18.503744] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.503864] page dumped because: kasan: bad access detected [ 18.504619] [ 18.504644] Memory state around the buggy address: [ 18.504940] fff00000c65c4100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.505706] fff00000c65c4180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.505832] >fff00000c65c4200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.506316] ^ [ 18.507155] fff00000c65c4280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.507288] fff00000c65c4300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.507328] ================================================================== [ 18.428157] ================================================================== [ 18.428238] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.428298] Read of size 1 at addr fff00000c7897700 by task kunit_try_catch/227 [ 18.428348] [ 18.428383] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.428469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.428765] Hardware name: linux,dummy-virt (DT) [ 18.429107] Call trace: [ 18.429364] show_stack+0x20/0x38 (C) [ 18.429697] dump_stack_lvl+0x8c/0xd0 [ 18.430030] print_report+0x118/0x5d0 [ 18.430344] kasan_report+0xdc/0x128 [ 18.430500] __asan_report_load1_noabort+0x20/0x30 [ 18.430668] mempool_uaf_helper+0x314/0x340 [ 18.430902] mempool_kmalloc_uaf+0xc4/0x120 [ 18.430978] kunit_try_run_case+0x170/0x3f0 [ 18.431029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.431082] kthread+0x328/0x630 [ 18.431124] ret_from_fork+0x10/0x20 [ 18.431528] [ 18.431564] Allocated by task 227: [ 18.431599] kasan_save_stack+0x3c/0x68 [ 18.431984] kasan_save_track+0x20/0x40 [ 18.432062] kasan_save_alloc_info+0x40/0x58 [ 18.432103] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.432149] remove_element+0x130/0x1f8 [ 18.432201] mempool_alloc_preallocated+0x58/0xc0 [ 18.432242] mempool_uaf_helper+0xa4/0x340 [ 18.432280] mempool_kmalloc_uaf+0xc4/0x120 [ 18.432319] kunit_try_run_case+0x170/0x3f0 [ 18.432357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.432743] kthread+0x328/0x630 [ 18.432896] ret_from_fork+0x10/0x20 [ 18.432952] [ 18.432973] Freed by task 227: [ 18.433000] kasan_save_stack+0x3c/0x68 [ 18.433038] kasan_save_track+0x20/0x40 [ 18.433303] kasan_save_free_info+0x4c/0x78 [ 18.433394] __kasan_mempool_poison_object+0xc0/0x150 [ 18.433476] mempool_free+0x28c/0x328 [ 18.433510] mempool_uaf_helper+0x104/0x340 [ 18.433582] mempool_kmalloc_uaf+0xc4/0x120 [ 18.433618] kunit_try_run_case+0x170/0x3f0 [ 18.433949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.433999] kthread+0x328/0x630 [ 18.434030] ret_from_fork+0x10/0x20 [ 18.434279] [ 18.434305] The buggy address belongs to the object at fff00000c7897700 [ 18.434305] which belongs to the cache kmalloc-128 of size 128 [ 18.434369] The buggy address is located 0 bytes inside of [ 18.434369] freed 128-byte region [fff00000c7897700, fff00000c7897780) [ 18.434432] [ 18.434608] The buggy address belongs to the physical page: [ 18.434734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 18.434864] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.435285] page_type: f5(slab) [ 18.435334] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.435501] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.435544] page dumped because: kasan: bad access detected [ 18.435864] [ 18.435934] Memory state around the buggy address: [ 18.435967] fff00000c7897600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.436012] fff00000c7897680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.436066] >fff00000c7897700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.436104] ^ [ 18.436132] fff00000c7897780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.436347] fff00000c7897800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.436651] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.402565] ================================================================== [ 18.402640] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.402929] Read of size 1 at addr fff00000c65b12bb by task kunit_try_catch/225 [ 18.403361] [ 18.403425] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.403513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.403541] Hardware name: linux,dummy-virt (DT) [ 18.403572] Call trace: [ 18.403594] show_stack+0x20/0x38 (C) [ 18.403643] dump_stack_lvl+0x8c/0xd0 [ 18.403692] print_report+0x118/0x5d0 [ 18.403738] kasan_report+0xdc/0x128 [ 18.404057] __asan_report_load1_noabort+0x20/0x30 [ 18.404118] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.404300] mempool_slab_oob_right+0xc0/0x118 [ 18.404436] kunit_try_run_case+0x170/0x3f0 [ 18.404537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.404647] kthread+0x328/0x630 [ 18.404732] ret_from_fork+0x10/0x20 [ 18.404792] [ 18.404810] Allocated by task 225: [ 18.405065] kasan_save_stack+0x3c/0x68 [ 18.405162] kasan_save_track+0x20/0x40 [ 18.405274] kasan_save_alloc_info+0x40/0x58 [ 18.405326] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.405416] remove_element+0x16c/0x1f8 [ 18.405469] mempool_alloc_preallocated+0x58/0xc0 [ 18.405514] mempool_oob_right_helper+0x98/0x2f0 [ 18.405563] mempool_slab_oob_right+0xc0/0x118 [ 18.405611] kunit_try_run_case+0x170/0x3f0 [ 18.405648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.405715] kthread+0x328/0x630 [ 18.405765] ret_from_fork+0x10/0x20 [ 18.405802] [ 18.405823] The buggy address belongs to the object at fff00000c65b1240 [ 18.405823] which belongs to the cache test_cache of size 123 [ 18.405882] The buggy address is located 0 bytes to the right of [ 18.405882] allocated 123-byte region [fff00000c65b1240, fff00000c65b12bb) [ 18.406072] [ 18.406135] The buggy address belongs to the physical page: [ 18.406267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 18.406362] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.406415] page_type: f5(slab) [ 18.406454] raw: 0bfffe0000000000 fff00000c66fd140 dead000000000122 0000000000000000 [ 18.406732] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.406780] page dumped because: kasan: bad access detected [ 18.406812] [ 18.406848] Memory state around the buggy address: [ 18.406892] fff00000c65b1180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.406938] fff00000c65b1200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.406991] >fff00000c65b1280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.407030] ^ [ 18.407073] fff00000c65b1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.407134] fff00000c65b1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.407182] ================================================================== [ 18.357441] ================================================================== [ 18.357517] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.357592] Read of size 1 at addr fff00000c7897373 by task kunit_try_catch/221 [ 18.357644] [ 18.357685] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.357772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.357798] Hardware name: linux,dummy-virt (DT) [ 18.357833] Call trace: [ 18.357856] show_stack+0x20/0x38 (C) [ 18.357908] dump_stack_lvl+0x8c/0xd0 [ 18.357962] print_report+0x118/0x5d0 [ 18.358010] kasan_report+0xdc/0x128 [ 18.358053] __asan_report_load1_noabort+0x20/0x30 [ 18.358104] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.358152] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.358212] kunit_try_run_case+0x170/0x3f0 [ 18.358261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.358314] kthread+0x328/0x630 [ 18.358355] ret_from_fork+0x10/0x20 [ 18.358404] [ 18.358423] Allocated by task 221: [ 18.358454] kasan_save_stack+0x3c/0x68 [ 18.358494] kasan_save_track+0x20/0x40 [ 18.358531] kasan_save_alloc_info+0x40/0x58 [ 18.358572] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.358616] remove_element+0x130/0x1f8 [ 18.358654] mempool_alloc_preallocated+0x58/0xc0 [ 18.358693] mempool_oob_right_helper+0x98/0x2f0 [ 18.358732] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.358773] kunit_try_run_case+0x170/0x3f0 [ 18.358812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.358854] kthread+0x328/0x630 [ 18.358888] ret_from_fork+0x10/0x20 [ 18.358923] [ 18.358944] The buggy address belongs to the object at fff00000c7897300 [ 18.358944] which belongs to the cache kmalloc-128 of size 128 [ 18.359004] The buggy address is located 0 bytes to the right of [ 18.359004] allocated 115-byte region [fff00000c7897300, fff00000c7897373) [ 18.359072] [ 18.359094] The buggy address belongs to the physical page: [ 18.359128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 18.359194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.359249] page_type: f5(slab) [ 18.359297] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.359349] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.359392] page dumped because: kasan: bad access detected [ 18.359423] [ 18.359441] Memory state around the buggy address: [ 18.359476] fff00000c7897200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.359520] fff00000c7897280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.359565] >fff00000c7897300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.359607] ^ [ 18.359648] fff00000c7897380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.359691] fff00000c7897400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.359732] ================================================================== [ 18.380264] ================================================================== [ 18.380665] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.380820] Read of size 1 at addr fff00000c79b2001 by task kunit_try_catch/223 [ 18.380871] [ 18.381026] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.381410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.381500] Hardware name: linux,dummy-virt (DT) [ 18.381532] Call trace: [ 18.381798] show_stack+0x20/0x38 (C) [ 18.382129] dump_stack_lvl+0x8c/0xd0 [ 18.382215] print_report+0x118/0x5d0 [ 18.382260] kasan_report+0xdc/0x128 [ 18.382621] __asan_report_load1_noabort+0x20/0x30 [ 18.382804] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.382859] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.383241] kunit_try_run_case+0x170/0x3f0 [ 18.383354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.383409] kthread+0x328/0x630 [ 18.383609] ret_from_fork+0x10/0x20 [ 18.383661] [ 18.383681] The buggy address belongs to the physical page: [ 18.383715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b0 [ 18.384014] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.384123] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.384706] page_type: f8(unknown) [ 18.384755] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.385226] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.385284] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.385365] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.385636] head: 0bfffe0000000002 ffffc1ffc31e6c01 00000000ffffffff 00000000ffffffff [ 18.385690] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.386099] page dumped because: kasan: bad access detected [ 18.386293] [ 18.386326] Memory state around the buggy address: [ 18.386635] fff00000c79b1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.386877] fff00000c79b1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.386942] >fff00000c79b2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.386981] ^ [ 18.387009] fff00000c79b2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.387244] fff00000c79b2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.387818] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 17.794059] ================================================================== [ 17.794196] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 17.794341] Read of size 1 at addr fff00000c4715dc0 by task kunit_try_catch/215 [ 17.794512] [ 17.794597] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.794977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.795087] Hardware name: linux,dummy-virt (DT) [ 17.795123] Call trace: [ 17.795181] show_stack+0x20/0x38 (C) [ 17.795499] dump_stack_lvl+0x8c/0xd0 [ 17.795699] print_report+0x118/0x5d0 [ 17.795848] kasan_report+0xdc/0x128 [ 17.795925] __kasan_check_byte+0x54/0x70 [ 17.796031] kmem_cache_destroy+0x34/0x218 [ 17.796093] kmem_cache_double_destroy+0x174/0x300 [ 17.796352] kunit_try_run_case+0x170/0x3f0 [ 17.796638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.796819] kthread+0x328/0x630 [ 17.796952] ret_from_fork+0x10/0x20 [ 17.797126] [ 17.797256] Allocated by task 215: [ 17.797289] kasan_save_stack+0x3c/0x68 [ 17.797684] kasan_save_track+0x20/0x40 [ 17.797902] kasan_save_alloc_info+0x40/0x58 [ 17.798006] __kasan_slab_alloc+0xa8/0xb0 [ 17.798293] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.798650] __kmem_cache_create_args+0x178/0x280 [ 17.798793] kmem_cache_double_destroy+0xc0/0x300 [ 17.798945] kunit_try_run_case+0x170/0x3f0 [ 17.799552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.799747] kthread+0x328/0x630 [ 17.799858] ret_from_fork+0x10/0x20 [ 17.799903] [ 17.799922] Freed by task 215: [ 17.800201] kasan_save_stack+0x3c/0x68 [ 17.800382] kasan_save_track+0x20/0x40 [ 17.800573] kasan_save_free_info+0x4c/0x78 [ 17.800760] __kasan_slab_free+0x6c/0x98 [ 17.800853] kmem_cache_free+0x260/0x468 [ 17.800923] slab_kmem_cache_release+0x38/0x50 [ 17.801124] kmem_cache_release+0x1c/0x30 [ 17.801341] kobject_put+0x17c/0x420 [ 17.801430] sysfs_slab_release+0x1c/0x30 [ 17.801650] kmem_cache_destroy+0x118/0x218 [ 17.801718] kmem_cache_double_destroy+0x128/0x300 [ 17.801840] kunit_try_run_case+0x170/0x3f0 [ 17.802099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.802307] kthread+0x328/0x630 [ 17.802468] ret_from_fork+0x10/0x20 [ 17.802641] [ 17.802669] The buggy address belongs to the object at fff00000c4715dc0 [ 17.802669] which belongs to the cache kmem_cache of size 208 [ 17.802738] The buggy address is located 0 bytes inside of [ 17.802738] freed 208-byte region [fff00000c4715dc0, fff00000c4715e90) [ 17.802959] [ 17.803184] The buggy address belongs to the physical page: [ 17.803389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104715 [ 17.803473] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.803539] page_type: f5(slab) [ 17.803748] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 17.803899] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 17.804220] page dumped because: kasan: bad access detected [ 17.804402] [ 17.804482] Memory state around the buggy address: [ 17.804584] fff00000c4715c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.804658] fff00000c4715d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 17.804701] >fff00000c4715d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.805196] ^ [ 17.805343] fff00000c4715e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.805514] fff00000c4715e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.805608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.500912] ================================================================== [ 17.501095] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 17.501231] Read of size 1 at addr fff00000c78ac000 by task kunit_try_catch/213 [ 17.501326] [ 17.501419] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.501506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.501535] Hardware name: linux,dummy-virt (DT) [ 17.501834] Call trace: [ 17.501959] show_stack+0x20/0x38 (C) [ 17.502118] dump_stack_lvl+0x8c/0xd0 [ 17.502187] print_report+0x118/0x5d0 [ 17.502234] kasan_report+0xdc/0x128 [ 17.502344] __asan_report_load1_noabort+0x20/0x30 [ 17.502399] kmem_cache_rcu_uaf+0x388/0x468 [ 17.502444] kunit_try_run_case+0x170/0x3f0 [ 17.502724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.502837] kthread+0x328/0x630 [ 17.502939] ret_from_fork+0x10/0x20 [ 17.502992] [ 17.503009] Allocated by task 213: [ 17.503069] kasan_save_stack+0x3c/0x68 [ 17.503407] kasan_save_track+0x20/0x40 [ 17.503654] kasan_save_alloc_info+0x40/0x58 [ 17.503824] __kasan_slab_alloc+0xa8/0xb0 [ 17.503892] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.504021] kmem_cache_rcu_uaf+0x12c/0x468 [ 17.504204] kunit_try_run_case+0x170/0x3f0 [ 17.504266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.504466] kthread+0x328/0x630 [ 17.504506] ret_from_fork+0x10/0x20 [ 17.504692] [ 17.504791] Freed by task 0: [ 17.504925] kasan_save_stack+0x3c/0x68 [ 17.505014] kasan_save_track+0x20/0x40 [ 17.505105] kasan_save_free_info+0x4c/0x78 [ 17.505152] __kasan_slab_free+0x6c/0x98 [ 17.505201] slab_free_after_rcu_debug+0xd4/0x2f8 [ 17.505255] rcu_core+0x9f4/0x1e20 [ 17.505294] rcu_core_si+0x18/0x30 [ 17.505338] handle_softirqs+0x374/0xb28 [ 17.505386] __do_softirq+0x1c/0x28 [ 17.505430] [ 17.505450] Last potentially related work creation: [ 17.505478] kasan_save_stack+0x3c/0x68 [ 17.505525] kasan_record_aux_stack+0xb4/0xc8 [ 17.505566] kmem_cache_free+0x120/0x468 [ 17.505603] kmem_cache_rcu_uaf+0x16c/0x468 [ 17.505642] kunit_try_run_case+0x170/0x3f0 [ 17.505680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.505723] kthread+0x328/0x630 [ 17.505755] ret_from_fork+0x10/0x20 [ 17.505799] [ 17.505817] The buggy address belongs to the object at fff00000c78ac000 [ 17.505817] which belongs to the cache test_cache of size 200 [ 17.505878] The buggy address is located 0 bytes inside of [ 17.505878] freed 200-byte region [fff00000c78ac000, fff00000c78ac0c8) [ 17.505953] [ 17.505974] The buggy address belongs to the physical page: [ 17.506009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ac [ 17.506078] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.506133] page_type: f5(slab) [ 17.506191] raw: 0bfffe0000000000 fff00000c4715c80 dead000000000122 0000000000000000 [ 17.506642] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.506833] page dumped because: kasan: bad access detected [ 17.506987] [ 17.507011] Memory state around the buggy address: [ 17.507338] fff00000c78abf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.507944] fff00000c78abf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.508121] >fff00000c78ac000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.508302] ^ [ 17.508343] fff00000c78ac080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.508547] fff00000c78ac100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.508660] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.386194] ================================================================== [ 17.386362] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.386557] Free of addr fff00000c78b0001 by task kunit_try_catch/211 [ 17.386635] [ 17.386672] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.386772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.386835] Hardware name: linux,dummy-virt (DT) [ 17.386894] Call trace: [ 17.386933] show_stack+0x20/0x38 (C) [ 17.387004] dump_stack_lvl+0x8c/0xd0 [ 17.387064] print_report+0x118/0x5d0 [ 17.387130] kasan_report_invalid_free+0xc0/0xe8 [ 17.387229] check_slab_allocation+0xfc/0x108 [ 17.387291] __kasan_slab_pre_free+0x2c/0x48 [ 17.387403] kmem_cache_free+0xf0/0x468 [ 17.387452] kmem_cache_invalid_free+0x184/0x3c8 [ 17.387678] kunit_try_run_case+0x170/0x3f0 [ 17.387913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.388055] kthread+0x328/0x630 [ 17.388197] ret_from_fork+0x10/0x20 [ 17.388303] [ 17.388396] Allocated by task 211: [ 17.388474] kasan_save_stack+0x3c/0x68 [ 17.388544] kasan_save_track+0x20/0x40 [ 17.388639] kasan_save_alloc_info+0x40/0x58 [ 17.388709] __kasan_slab_alloc+0xa8/0xb0 [ 17.388822] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.388951] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.388992] kunit_try_run_case+0x170/0x3f0 [ 17.389316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.389469] kthread+0x328/0x630 [ 17.389583] ret_from_fork+0x10/0x20 [ 17.389676] [ 17.389792] The buggy address belongs to the object at fff00000c78b0000 [ 17.389792] which belongs to the cache test_cache of size 200 [ 17.389898] The buggy address is located 1 bytes inside of [ 17.389898] 200-byte region [fff00000c78b0000, fff00000c78b00c8) [ 17.390197] [ 17.390257] The buggy address belongs to the physical page: [ 17.390291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b0 [ 17.390353] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.390404] page_type: f5(slab) [ 17.390487] raw: 0bfffe0000000000 fff00000c4715b40 dead000000000122 0000000000000000 [ 17.390582] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.390625] page dumped because: kasan: bad access detected [ 17.390666] [ 17.390685] Memory state around the buggy address: [ 17.390753] fff00000c78aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.390800] fff00000c78aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.390844] >fff00000c78b0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.390937] ^ [ 17.391072] fff00000c78b0080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.391194] fff00000c78b0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.391233] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.360597] ================================================================== [ 17.360679] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.360755] Free of addr fff00000c78b1000 by task kunit_try_catch/209 [ 17.360798] [ 17.360839] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.360925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.360952] Hardware name: linux,dummy-virt (DT) [ 17.360985] Call trace: [ 17.361009] show_stack+0x20/0x38 (C) [ 17.361059] dump_stack_lvl+0x8c/0xd0 [ 17.361111] print_report+0x118/0x5d0 [ 17.361157] kasan_report_invalid_free+0xc0/0xe8 [ 17.361222] check_slab_allocation+0xd4/0x108 [ 17.361270] __kasan_slab_pre_free+0x2c/0x48 [ 17.361355] kmem_cache_free+0xf0/0x468 [ 17.361410] kmem_cache_double_free+0x190/0x3c8 [ 17.361475] kunit_try_run_case+0x170/0x3f0 [ 17.361526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.361578] kthread+0x328/0x630 [ 17.361623] ret_from_fork+0x10/0x20 [ 17.361670] [ 17.361687] Allocated by task 209: [ 17.361735] kasan_save_stack+0x3c/0x68 [ 17.361800] kasan_save_track+0x20/0x40 [ 17.361839] kasan_save_alloc_info+0x40/0x58 [ 17.361877] __kasan_slab_alloc+0xa8/0xb0 [ 17.361914] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.361986] kmem_cache_double_free+0x12c/0x3c8 [ 17.362025] kunit_try_run_case+0x170/0x3f0 [ 17.362060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.362104] kthread+0x328/0x630 [ 17.362215] ret_from_fork+0x10/0x20 [ 17.362282] [ 17.362327] Freed by task 209: [ 17.362353] kasan_save_stack+0x3c/0x68 [ 17.362392] kasan_save_track+0x20/0x40 [ 17.362429] kasan_save_free_info+0x4c/0x78 [ 17.362502] __kasan_slab_free+0x6c/0x98 [ 17.362569] kmem_cache_free+0x260/0x468 [ 17.362606] kmem_cache_double_free+0x140/0x3c8 [ 17.362677] kunit_try_run_case+0x170/0x3f0 [ 17.362714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.362758] kthread+0x328/0x630 [ 17.362816] ret_from_fork+0x10/0x20 [ 17.362937] [ 17.362959] The buggy address belongs to the object at fff00000c78b1000 [ 17.362959] which belongs to the cache test_cache of size 200 [ 17.363018] The buggy address is located 0 bytes inside of [ 17.363018] 200-byte region [fff00000c78b1000, fff00000c78b10c8) [ 17.363079] [ 17.363189] The buggy address belongs to the physical page: [ 17.363263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b1 [ 17.363376] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.363443] page_type: f5(slab) [ 17.363532] raw: 0bfffe0000000000 fff00000c4715a00 dead000000000122 0000000000000000 [ 17.363614] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.363672] page dumped because: kasan: bad access detected [ 17.363704] [ 17.363722] Memory state around the buggy address: [ 17.364035] fff00000c78b0f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.364087] fff00000c78b0f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.364132] >fff00000c78b1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.364183] ^ [ 17.364250] fff00000c78b1080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.364315] fff00000c78b1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.364365] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.045722] ================================================================== [ 17.045801] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.045859] Read of size 1 at addr fff00000c78a40c8 by task kunit_try_catch/207 [ 17.045911] [ 17.045959] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.046045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.046073] Hardware name: linux,dummy-virt (DT) [ 17.046105] Call trace: [ 17.046127] show_stack+0x20/0x38 (C) [ 17.046791] dump_stack_lvl+0x8c/0xd0 [ 17.046862] print_report+0x118/0x5d0 [ 17.046920] kasan_report+0xdc/0x128 [ 17.046978] __asan_report_load1_noabort+0x20/0x30 [ 17.047032] kmem_cache_oob+0x344/0x430 [ 17.047077] kunit_try_run_case+0x170/0x3f0 [ 17.047181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.047284] kthread+0x328/0x630 [ 17.047629] ret_from_fork+0x10/0x20 [ 17.047819] [ 17.047888] Allocated by task 207: [ 17.048000] kasan_save_stack+0x3c/0x68 [ 17.048103] kasan_save_track+0x20/0x40 [ 17.048278] kasan_save_alloc_info+0x40/0x58 [ 17.048375] __kasan_slab_alloc+0xa8/0xb0 [ 17.048809] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.048901] kmem_cache_oob+0x12c/0x430 [ 17.048961] kunit_try_run_case+0x170/0x3f0 [ 17.049100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.049258] kthread+0x328/0x630 [ 17.049405] ret_from_fork+0x10/0x20 [ 17.049508] [ 17.049529] The buggy address belongs to the object at fff00000c78a4000 [ 17.049529] which belongs to the cache test_cache of size 200 [ 17.049849] The buggy address is located 0 bytes to the right of [ 17.049849] allocated 200-byte region [fff00000c78a4000, fff00000c78a40c8) [ 17.050000] [ 17.050050] The buggy address belongs to the physical page: [ 17.050121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 17.050292] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.050393] page_type: f5(slab) [ 17.050719] raw: 0bfffe0000000000 fff00000c47158c0 dead000000000122 0000000000000000 [ 17.050820] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.050981] page dumped because: kasan: bad access detected [ 17.051056] [ 17.051208] Memory state around the buggy address: [ 17.051256] fff00000c78a3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.051374] fff00000c78a4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.051554] >fff00000c78a4080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.051617] ^ [ 17.051658] fff00000c78a4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.051702] fff00000c78a4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.052101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.002570] ================================================================== [ 17.002637] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.002691] Read of size 8 at addr fff00000c5931500 by task kunit_try_catch/200 [ 17.002740] [ 17.003069] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.003269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.003296] Hardware name: linux,dummy-virt (DT) [ 17.003327] Call trace: [ 17.003350] show_stack+0x20/0x38 (C) [ 17.003898] dump_stack_lvl+0x8c/0xd0 [ 17.004003] print_report+0x118/0x5d0 [ 17.004104] kasan_report+0xdc/0x128 [ 17.004299] __asan_report_load8_noabort+0x20/0x30 [ 17.004385] workqueue_uaf+0x480/0x4a8 [ 17.004428] kunit_try_run_case+0x170/0x3f0 [ 17.004522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.004891] kthread+0x328/0x630 [ 17.005057] ret_from_fork+0x10/0x20 [ 17.005236] [ 17.005618] Allocated by task 200: [ 17.006061] kasan_save_stack+0x3c/0x68 [ 17.006316] kasan_save_track+0x20/0x40 [ 17.006788] kasan_save_alloc_info+0x40/0x58 [ 17.006839] __kasan_kmalloc+0xd4/0xd8 [ 17.006879] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.006920] workqueue_uaf+0x13c/0x4a8 [ 17.006957] kunit_try_run_case+0x170/0x3f0 [ 17.006996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.007040] kthread+0x328/0x630 [ 17.007794] ret_from_fork+0x10/0x20 [ 17.008134] [ 17.008731] Freed by task 47: [ 17.008913] kasan_save_stack+0x3c/0x68 [ 17.009689] kasan_save_track+0x20/0x40 [ 17.009834] kasan_save_free_info+0x4c/0x78 [ 17.009875] __kasan_slab_free+0x6c/0x98 [ 17.009912] kfree+0x214/0x3c8 [ 17.009951] workqueue_uaf_work+0x18/0x30 [ 17.009991] process_one_work+0x530/0xf98 [ 17.010029] worker_thread+0x618/0xf38 [ 17.010067] kthread+0x328/0x630 [ 17.011267] ret_from_fork+0x10/0x20 [ 17.011478] [ 17.011986] Last potentially related work creation: [ 17.012467] kasan_save_stack+0x3c/0x68 [ 17.012777] kasan_record_aux_stack+0xb4/0xc8 [ 17.013026] __queue_work+0x65c/0x1008 [ 17.013104] queue_work_on+0xbc/0xf8 [ 17.013198] workqueue_uaf+0x210/0x4a8 [ 17.013729] kunit_try_run_case+0x170/0x3f0 [ 17.014225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.014286] kthread+0x328/0x630 [ 17.014774] ret_from_fork+0x10/0x20 [ 17.014861] [ 17.014889] The buggy address belongs to the object at fff00000c5931500 [ 17.014889] which belongs to the cache kmalloc-32 of size 32 [ 17.014951] The buggy address is located 0 bytes inside of [ 17.014951] freed 32-byte region [fff00000c5931500, fff00000c5931520) [ 17.015014] [ 17.015035] The buggy address belongs to the physical page: [ 17.015660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105931 [ 17.016351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.016769] page_type: f5(slab) [ 17.016849] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.016924] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.017105] page dumped because: kasan: bad access detected [ 17.017593] [ 17.017640] Memory state around the buggy address: [ 17.017883] fff00000c5931400: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.018141] fff00000c5931480: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 17.018341] >fff00000c5931500: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 17.018407] ^ [ 17.018459] fff00000c5931580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.018509] fff00000c5931600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.018557] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 16.977368] ================================================================== [ 16.977529] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 16.977597] Read of size 4 at addr fff00000c5931300 by task swapper/1/0 [ 16.977645] [ 16.977683] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.977766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.977793] Hardware name: linux,dummy-virt (DT) [ 16.977823] Call trace: [ 16.977845] show_stack+0x20/0x38 (C) [ 16.977894] dump_stack_lvl+0x8c/0xd0 [ 16.977945] print_report+0x118/0x5d0 [ 16.977992] kasan_report+0xdc/0x128 [ 16.978037] __asan_report_load4_noabort+0x20/0x30 [ 16.978090] rcu_uaf_reclaim+0x64/0x70 [ 16.978134] rcu_core+0x9f4/0x1e20 [ 16.978194] rcu_core_si+0x18/0x30 [ 16.978245] handle_softirqs+0x374/0xb28 [ 16.978384] __do_softirq+0x1c/0x28 [ 16.978507] ____do_softirq+0x18/0x30 [ 16.978736] call_on_irq_stack+0x24/0x30 [ 16.978974] do_softirq_own_stack+0x24/0x38 [ 16.979020] __irq_exit_rcu+0x1fc/0x318 [ 16.979065] irq_exit_rcu+0x1c/0x80 [ 16.979115] el1_interrupt+0x38/0x58 [ 16.979435] el1h_64_irq_handler+0x18/0x28 [ 16.980146] el1h_64_irq+0x6c/0x70 [ 16.980300] arch_local_irq_enable+0x4/0x8 (P) [ 16.980357] do_idle+0x384/0x4e8 [ 16.980473] cpu_startup_entry+0x64/0x80 [ 16.980811] secondary_start_kernel+0x288/0x340 [ 16.981061] __secondary_switched+0xc0/0xc8 [ 16.981120] [ 16.981139] Allocated by task 198: [ 16.981195] kasan_save_stack+0x3c/0x68 [ 16.981240] kasan_save_track+0x20/0x40 [ 16.981277] kasan_save_alloc_info+0x40/0x58 [ 16.981468] __kasan_kmalloc+0xd4/0xd8 [ 16.981512] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.981831] rcu_uaf+0xb0/0x2d8 [ 16.981901] kunit_try_run_case+0x170/0x3f0 [ 16.981997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.982063] kthread+0x328/0x630 [ 16.982119] ret_from_fork+0x10/0x20 [ 16.982157] [ 16.982189] Freed by task 0: [ 16.982216] kasan_save_stack+0x3c/0x68 [ 16.982496] kasan_save_track+0x20/0x40 [ 16.982605] kasan_save_free_info+0x4c/0x78 [ 16.982665] __kasan_slab_free+0x6c/0x98 [ 16.982743] kfree+0x214/0x3c8 [ 16.982851] rcu_uaf_reclaim+0x28/0x70 [ 16.982901] rcu_core+0x9f4/0x1e20 [ 16.982938] rcu_core_si+0x18/0x30 [ 16.982973] handle_softirqs+0x374/0xb28 [ 16.983010] __do_softirq+0x1c/0x28 [ 16.983045] [ 16.983078] Last potentially related work creation: [ 16.983611] kasan_save_stack+0x3c/0x68 [ 16.983720] kasan_record_aux_stack+0xb4/0xc8 [ 16.983793] __call_rcu_common.constprop.0+0x74/0x8c8 [ 16.983835] call_rcu+0x18/0x30 [ 16.984002] rcu_uaf+0x14c/0x2d8 [ 16.984201] kunit_try_run_case+0x170/0x3f0 [ 16.984285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.984385] kthread+0x328/0x630 [ 16.984419] ret_from_fork+0x10/0x20 [ 16.984510] [ 16.984619] The buggy address belongs to the object at fff00000c5931300 [ 16.984619] which belongs to the cache kmalloc-32 of size 32 [ 16.984741] The buggy address is located 0 bytes inside of [ 16.984741] freed 32-byte region [fff00000c5931300, fff00000c5931320) [ 16.984852] [ 16.984948] The buggy address belongs to the physical page: [ 16.985051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105931 [ 16.985122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.985213] page_type: f5(slab) [ 16.985308] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 16.985449] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.985498] page dumped because: kasan: bad access detected [ 16.985641] [ 16.985660] Memory state around the buggy address: [ 16.985696] fff00000c5931200: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 16.985782] fff00000c5931280: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 16.985891] >fff00000c5931300: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 16.986023] ^ [ 16.986128] fff00000c5931380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.986457] fff00000c5931400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.986842] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 16.892602] ================================================================== [ 16.892677] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 16.892743] Read of size 1 at addr fff00000c7897000 by task kunit_try_catch/196 [ 16.892806] [ 16.892844] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.892928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.892953] Hardware name: linux,dummy-virt (DT) [ 16.893191] Call trace: [ 16.893321] show_stack+0x20/0x38 (C) [ 16.893375] dump_stack_lvl+0x8c/0xd0 [ 16.893460] print_report+0x118/0x5d0 [ 16.893525] kasan_report+0xdc/0x128 [ 16.893571] __asan_report_load1_noabort+0x20/0x30 [ 16.893638] ksize_uaf+0x598/0x5f8 [ 16.893701] kunit_try_run_case+0x170/0x3f0 [ 16.893748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.893799] kthread+0x328/0x630 [ 16.893842] ret_from_fork+0x10/0x20 [ 16.894150] [ 16.894190] Allocated by task 196: [ 16.894219] kasan_save_stack+0x3c/0x68 [ 16.894321] kasan_save_track+0x20/0x40 [ 16.894361] kasan_save_alloc_info+0x40/0x58 [ 16.894400] __kasan_kmalloc+0xd4/0xd8 [ 16.894466] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.894610] ksize_uaf+0xb8/0x5f8 [ 16.894645] kunit_try_run_case+0x170/0x3f0 [ 16.894780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.894834] kthread+0x328/0x630 [ 16.894967] ret_from_fork+0x10/0x20 [ 16.895011] [ 16.895056] Freed by task 196: [ 16.895346] kasan_save_stack+0x3c/0x68 [ 16.895408] kasan_save_track+0x20/0x40 [ 16.895445] kasan_save_free_info+0x4c/0x78 [ 16.895486] __kasan_slab_free+0x6c/0x98 [ 16.895819] kfree+0x214/0x3c8 [ 16.895940] ksize_uaf+0x11c/0x5f8 [ 16.896024] kunit_try_run_case+0x170/0x3f0 [ 16.896109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.896153] kthread+0x328/0x630 [ 16.896487] ret_from_fork+0x10/0x20 [ 16.896576] [ 16.896624] The buggy address belongs to the object at fff00000c7897000 [ 16.896624] which belongs to the cache kmalloc-128 of size 128 [ 16.896793] The buggy address is located 0 bytes inside of [ 16.896793] freed 128-byte region [fff00000c7897000, fff00000c7897080) [ 16.896868] [ 16.896905] The buggy address belongs to the physical page: [ 16.896957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 16.897047] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.897098] page_type: f5(slab) [ 16.897146] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.897209] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.897251] page dumped because: kasan: bad access detected [ 16.897283] [ 16.897302] Memory state around the buggy address: [ 16.897351] fff00000c7896f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.897397] fff00000c7896f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.897444] >fff00000c7897000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.897490] ^ [ 16.897528] fff00000c7897080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.897581] fff00000c7897100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.897630] ================================================================== [ 16.886212] ================================================================== [ 16.886291] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 16.886342] Read of size 1 at addr fff00000c7897000 by task kunit_try_catch/196 [ 16.886393] [ 16.886431] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.886517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.886542] Hardware name: linux,dummy-virt (DT) [ 16.886582] Call trace: [ 16.886613] show_stack+0x20/0x38 (C) [ 16.886660] dump_stack_lvl+0x8c/0xd0 [ 16.886703] print_report+0x118/0x5d0 [ 16.886759] kasan_report+0xdc/0x128 [ 16.886803] __kasan_check_byte+0x54/0x70 [ 16.886857] ksize+0x30/0x88 [ 16.886899] ksize_uaf+0x168/0x5f8 [ 16.886942] kunit_try_run_case+0x170/0x3f0 [ 16.886990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.887043] kthread+0x328/0x630 [ 16.887091] ret_from_fork+0x10/0x20 [ 16.887139] [ 16.887156] Allocated by task 196: [ 16.887423] kasan_save_stack+0x3c/0x68 [ 16.887920] kasan_save_track+0x20/0x40 [ 16.887994] kasan_save_alloc_info+0x40/0x58 [ 16.888090] __kasan_kmalloc+0xd4/0xd8 [ 16.888182] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.888231] ksize_uaf+0xb8/0x5f8 [ 16.888266] kunit_try_run_case+0x170/0x3f0 [ 16.888607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.888696] kthread+0x328/0x630 [ 16.888783] ret_from_fork+0x10/0x20 [ 16.888862] [ 16.888947] Freed by task 196: [ 16.889025] kasan_save_stack+0x3c/0x68 [ 16.889066] kasan_save_track+0x20/0x40 [ 16.889105] kasan_save_free_info+0x4c/0x78 [ 16.889143] __kasan_slab_free+0x6c/0x98 [ 16.889390] kfree+0x214/0x3c8 [ 16.889480] ksize_uaf+0x11c/0x5f8 [ 16.889563] kunit_try_run_case+0x170/0x3f0 [ 16.889695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.889745] kthread+0x328/0x630 [ 16.889829] ret_from_fork+0x10/0x20 [ 16.889869] [ 16.889888] The buggy address belongs to the object at fff00000c7897000 [ 16.889888] which belongs to the cache kmalloc-128 of size 128 [ 16.890126] The buggy address is located 0 bytes inside of [ 16.890126] freed 128-byte region [fff00000c7897000, fff00000c7897080) [ 16.890282] [ 16.890318] The buggy address belongs to the physical page: [ 16.890389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 16.890482] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.890531] page_type: f5(slab) [ 16.890570] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.890791] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.890941] page dumped because: kasan: bad access detected [ 16.891045] [ 16.891134] Memory state around the buggy address: [ 16.891250] fff00000c7896f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.891349] fff00000c7896f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.891393] >fff00000c7897000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.891433] ^ [ 16.891460] fff00000c7897080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.891503] fff00000c7897100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.891544] ================================================================== [ 16.897851] ================================================================== [ 16.897899] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 16.897950] Read of size 1 at addr fff00000c7897078 by task kunit_try_catch/196 [ 16.898001] [ 16.898029] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.898417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.898456] Hardware name: linux,dummy-virt (DT) [ 16.898507] Call trace: [ 16.898545] show_stack+0x20/0x38 (C) [ 16.898643] dump_stack_lvl+0x8c/0xd0 [ 16.898689] print_report+0x118/0x5d0 [ 16.898733] kasan_report+0xdc/0x128 [ 16.898779] __asan_report_load1_noabort+0x20/0x30 [ 16.899131] ksize_uaf+0x544/0x5f8 [ 16.899229] kunit_try_run_case+0x170/0x3f0 [ 16.899395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.899481] kthread+0x328/0x630 [ 16.899546] ret_from_fork+0x10/0x20 [ 16.899593] [ 16.899611] Allocated by task 196: [ 16.899769] kasan_save_stack+0x3c/0x68 [ 16.899817] kasan_save_track+0x20/0x40 [ 16.899909] kasan_save_alloc_info+0x40/0x58 [ 16.900046] __kasan_kmalloc+0xd4/0xd8 [ 16.900147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.900246] ksize_uaf+0xb8/0x5f8 [ 16.900303] kunit_try_run_case+0x170/0x3f0 [ 16.900454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.900501] kthread+0x328/0x630 [ 16.900965] ret_from_fork+0x10/0x20 [ 16.901089] [ 16.901195] Freed by task 196: [ 16.901253] kasan_save_stack+0x3c/0x68 [ 16.901293] kasan_save_track+0x20/0x40 [ 16.901611] kasan_save_free_info+0x4c/0x78 [ 16.901747] __kasan_slab_free+0x6c/0x98 [ 16.901839] kfree+0x214/0x3c8 [ 16.901922] ksize_uaf+0x11c/0x5f8 [ 16.902043] kunit_try_run_case+0x170/0x3f0 [ 16.902135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.902190] kthread+0x328/0x630 [ 16.902465] ret_from_fork+0x10/0x20 [ 16.902564] [ 16.902627] The buggy address belongs to the object at fff00000c7897000 [ 16.902627] which belongs to the cache kmalloc-128 of size 128 [ 16.902776] The buggy address is located 120 bytes inside of [ 16.902776] freed 128-byte region [fff00000c7897000, fff00000c7897080) [ 16.902857] [ 16.902932] The buggy address belongs to the physical page: [ 16.903133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107897 [ 16.903361] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.903438] page_type: f5(slab) [ 16.903476] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.903543] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.903586] page dumped because: kasan: bad access detected [ 16.903867] [ 16.903964] Memory state around the buggy address: [ 16.903999] fff00000c7896f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.904124] fff00000c7896f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.904445] >fff00000c7897000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.904534] ^ [ 16.904629] fff00000c7897080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.904686] fff00000c7897100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.904739] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 16.861446] ================================================================== [ 16.861517] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.861570] Read of size 1 at addr fff00000c585ef73 by task kunit_try_catch/194 [ 16.861621] [ 16.861653] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.861763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.861801] Hardware name: linux,dummy-virt (DT) [ 16.861833] Call trace: [ 16.861863] show_stack+0x20/0x38 (C) [ 16.861921] dump_stack_lvl+0x8c/0xd0 [ 16.861978] print_report+0x118/0x5d0 [ 16.862025] kasan_report+0xdc/0x128 [ 16.862070] __asan_report_load1_noabort+0x20/0x30 [ 16.862122] ksize_unpoisons_memory+0x628/0x740 [ 16.862182] kunit_try_run_case+0x170/0x3f0 [ 16.862231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.862285] kthread+0x328/0x630 [ 16.862329] ret_from_fork+0x10/0x20 [ 16.862376] [ 16.862394] Allocated by task 194: [ 16.862422] kasan_save_stack+0x3c/0x68 [ 16.862463] kasan_save_track+0x20/0x40 [ 16.862932] kasan_save_alloc_info+0x40/0x58 [ 16.863013] __kasan_kmalloc+0xd4/0xd8 [ 16.863072] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.863118] ksize_unpoisons_memory+0xc0/0x740 [ 16.863422] kunit_try_run_case+0x170/0x3f0 [ 16.863513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.863559] kthread+0x328/0x630 [ 16.863591] ret_from_fork+0x10/0x20 [ 16.863628] [ 16.863648] The buggy address belongs to the object at fff00000c585ef00 [ 16.863648] which belongs to the cache kmalloc-128 of size 128 [ 16.863749] The buggy address is located 0 bytes to the right of [ 16.863749] allocated 115-byte region [fff00000c585ef00, fff00000c585ef73) [ 16.864053] [ 16.864077] The buggy address belongs to the physical page: [ 16.864150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.864317] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.864406] page_type: f5(slab) [ 16.864511] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.864598] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.864703] page dumped because: kasan: bad access detected [ 16.864818] [ 16.864870] Memory state around the buggy address: [ 16.864995] fff00000c585ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.865039] fff00000c585ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.865160] >fff00000c585ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.865503] ^ [ 16.865581] fff00000c585ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.865714] fff00000c585f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.865813] ================================================================== [ 16.873880] ================================================================== [ 16.873935] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.874304] Read of size 1 at addr fff00000c585ef7f by task kunit_try_catch/194 [ 16.874370] [ 16.874419] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.874512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.874566] Hardware name: linux,dummy-virt (DT) [ 16.874640] Call trace: [ 16.874689] show_stack+0x20/0x38 (C) [ 16.874745] dump_stack_lvl+0x8c/0xd0 [ 16.874807] print_report+0x118/0x5d0 [ 16.874907] kasan_report+0xdc/0x128 [ 16.874993] __asan_report_load1_noabort+0x20/0x30 [ 16.875046] ksize_unpoisons_memory+0x690/0x740 [ 16.875094] kunit_try_run_case+0x170/0x3f0 [ 16.875264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.875431] kthread+0x328/0x630 [ 16.875642] ret_from_fork+0x10/0x20 [ 16.875790] [ 16.875888] Allocated by task 194: [ 16.875965] kasan_save_stack+0x3c/0x68 [ 16.876116] kasan_save_track+0x20/0x40 [ 16.876200] kasan_save_alloc_info+0x40/0x58 [ 16.876282] __kasan_kmalloc+0xd4/0xd8 [ 16.876340] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.876378] ksize_unpoisons_memory+0xc0/0x740 [ 16.876437] kunit_try_run_case+0x170/0x3f0 [ 16.876736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.876790] kthread+0x328/0x630 [ 16.876889] ret_from_fork+0x10/0x20 [ 16.876965] [ 16.877089] The buggy address belongs to the object at fff00000c585ef00 [ 16.877089] which belongs to the cache kmalloc-128 of size 128 [ 16.877235] The buggy address is located 12 bytes to the right of [ 16.877235] allocated 115-byte region [fff00000c585ef00, fff00000c585ef73) [ 16.877408] [ 16.877497] The buggy address belongs to the physical page: [ 16.877623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.877689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.877975] page_type: f5(slab) [ 16.878159] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.878348] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.878490] page dumped because: kasan: bad access detected [ 16.878603] [ 16.878671] Memory state around the buggy address: [ 16.878786] fff00000c585ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.878850] fff00000c585ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.878926] >fff00000c585ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.878967] ^ [ 16.879299] fff00000c585ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.879354] fff00000c585f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.879505] ================================================================== [ 16.866855] ================================================================== [ 16.866933] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.866982] Read of size 1 at addr fff00000c585ef78 by task kunit_try_catch/194 [ 16.867070] [ 16.867118] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.867363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.867518] Hardware name: linux,dummy-virt (DT) [ 16.867618] Call trace: [ 16.867659] show_stack+0x20/0x38 (C) [ 16.867706] dump_stack_lvl+0x8c/0xd0 [ 16.867752] print_report+0x118/0x5d0 [ 16.868315] kasan_report+0xdc/0x128 [ 16.868447] __asan_report_load1_noabort+0x20/0x30 [ 16.868543] ksize_unpoisons_memory+0x618/0x740 [ 16.868668] kunit_try_run_case+0x170/0x3f0 [ 16.868787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.868918] kthread+0x328/0x630 [ 16.868995] ret_from_fork+0x10/0x20 [ 16.869067] [ 16.869084] Allocated by task 194: [ 16.869112] kasan_save_stack+0x3c/0x68 [ 16.869471] kasan_save_track+0x20/0x40 [ 16.869636] kasan_save_alloc_info+0x40/0x58 [ 16.869724] __kasan_kmalloc+0xd4/0xd8 [ 16.869878] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.869997] ksize_unpoisons_memory+0xc0/0x740 [ 16.870075] kunit_try_run_case+0x170/0x3f0 [ 16.870386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.870441] kthread+0x328/0x630 [ 16.870475] ret_from_fork+0x10/0x20 [ 16.870787] [ 16.870937] The buggy address belongs to the object at fff00000c585ef00 [ 16.870937] which belongs to the cache kmalloc-128 of size 128 [ 16.871081] The buggy address is located 5 bytes to the right of [ 16.871081] allocated 115-byte region [fff00000c585ef00, fff00000c585ef73) [ 16.871253] [ 16.871324] The buggy address belongs to the physical page: [ 16.871354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.871431] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.871481] page_type: f5(slab) [ 16.871518] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.871807] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.871914] page dumped because: kasan: bad access detected [ 16.872021] [ 16.872158] Memory state around the buggy address: [ 16.872311] fff00000c585ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.872395] fff00000c585ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.872459] >fff00000c585ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.872598] ^ [ 16.872679] fff00000c585ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.872907] fff00000c585f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.872973] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 16.845056] ================================================================== [ 16.845129] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 16.845194] Free of addr fff00000c45d1ae0 by task kunit_try_catch/192 [ 16.845236] [ 16.845265] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.845349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.845577] Hardware name: linux,dummy-virt (DT) [ 16.845934] Call trace: [ 16.845971] show_stack+0x20/0x38 (C) [ 16.846059] dump_stack_lvl+0x8c/0xd0 [ 16.846271] print_report+0x118/0x5d0 [ 16.846329] kasan_report_invalid_free+0xc0/0xe8 [ 16.846515] check_slab_allocation+0xd4/0x108 [ 16.846580] __kasan_slab_pre_free+0x2c/0x48 [ 16.846629] kfree+0xe8/0x3c8 [ 16.846848] kfree_sensitive+0x3c/0xb0 [ 16.847038] kmalloc_double_kzfree+0x168/0x308 [ 16.847145] kunit_try_run_case+0x170/0x3f0 [ 16.847207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.847336] kthread+0x328/0x630 [ 16.847401] ret_from_fork+0x10/0x20 [ 16.847450] [ 16.847470] Allocated by task 192: [ 16.847499] kasan_save_stack+0x3c/0x68 [ 16.847541] kasan_save_track+0x20/0x40 [ 16.847581] kasan_save_alloc_info+0x40/0x58 [ 16.847622] __kasan_kmalloc+0xd4/0xd8 [ 16.847852] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.847948] kmalloc_double_kzfree+0xb8/0x308 [ 16.848037] kunit_try_run_case+0x170/0x3f0 [ 16.848137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.848206] kthread+0x328/0x630 [ 16.848238] ret_from_fork+0x10/0x20 [ 16.848535] [ 16.848635] Freed by task 192: [ 16.848734] kasan_save_stack+0x3c/0x68 [ 16.848822] kasan_save_track+0x20/0x40 [ 16.848911] kasan_save_free_info+0x4c/0x78 [ 16.848970] __kasan_slab_free+0x6c/0x98 [ 16.849346] kfree+0x214/0x3c8 [ 16.849412] kfree_sensitive+0x80/0xb0 [ 16.849471] kmalloc_double_kzfree+0x11c/0x308 [ 16.849591] kunit_try_run_case+0x170/0x3f0 [ 16.849654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.849699] kthread+0x328/0x630 [ 16.849764] ret_from_fork+0x10/0x20 [ 16.850189] [ 16.850279] The buggy address belongs to the object at fff00000c45d1ae0 [ 16.850279] which belongs to the cache kmalloc-16 of size 16 [ 16.850360] The buggy address is located 0 bytes inside of [ 16.850360] 16-byte region [fff00000c45d1ae0, fff00000c45d1af0) [ 16.850743] [ 16.850843] The buggy address belongs to the physical page: [ 16.850900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 16.850964] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.851013] page_type: f5(slab) [ 16.851052] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.851118] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.851160] page dumped because: kasan: bad access detected [ 16.851203] [ 16.851243] Memory state around the buggy address: [ 16.851442] fff00000c45d1980: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.851527] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.851577] >fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.851616] ^ [ 16.851655] fff00000c45d1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.851699] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.851791] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.836771] ================================================================== [ 16.837024] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 16.837165] Read of size 1 at addr fff00000c45d1ae0 by task kunit_try_catch/192 [ 16.837229] [ 16.837261] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.837352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.837380] Hardware name: linux,dummy-virt (DT) [ 16.837411] Call trace: [ 16.837557] show_stack+0x20/0x38 (C) [ 16.837609] dump_stack_lvl+0x8c/0xd0 [ 16.837654] print_report+0x118/0x5d0 [ 16.837698] kasan_report+0xdc/0x128 [ 16.837743] __kasan_check_byte+0x54/0x70 [ 16.837789] kfree_sensitive+0x30/0xb0 [ 16.838000] kmalloc_double_kzfree+0x168/0x308 [ 16.838061] kunit_try_run_case+0x170/0x3f0 [ 16.838108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.838161] kthread+0x328/0x630 [ 16.838295] ret_from_fork+0x10/0x20 [ 16.838379] [ 16.838507] Allocated by task 192: [ 16.838542] kasan_save_stack+0x3c/0x68 [ 16.838587] kasan_save_track+0x20/0x40 [ 16.838625] kasan_save_alloc_info+0x40/0x58 [ 16.838740] __kasan_kmalloc+0xd4/0xd8 [ 16.838779] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.838819] kmalloc_double_kzfree+0xb8/0x308 [ 16.838858] kunit_try_run_case+0x170/0x3f0 [ 16.838905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.838950] kthread+0x328/0x630 [ 16.838982] ret_from_fork+0x10/0x20 [ 16.839017] [ 16.839045] Freed by task 192: [ 16.839070] kasan_save_stack+0x3c/0x68 [ 16.839106] kasan_save_track+0x20/0x40 [ 16.839143] kasan_save_free_info+0x4c/0x78 [ 16.839195] __kasan_slab_free+0x6c/0x98 [ 16.839258] kfree+0x214/0x3c8 [ 16.839341] kfree_sensitive+0x80/0xb0 [ 16.839631] kmalloc_double_kzfree+0x11c/0x308 [ 16.839722] kunit_try_run_case+0x170/0x3f0 [ 16.839822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.839944] kthread+0x328/0x630 [ 16.840015] ret_from_fork+0x10/0x20 [ 16.840113] [ 16.840206] The buggy address belongs to the object at fff00000c45d1ae0 [ 16.840206] which belongs to the cache kmalloc-16 of size 16 [ 16.840278] The buggy address is located 0 bytes inside of [ 16.840278] freed 16-byte region [fff00000c45d1ae0, fff00000c45d1af0) [ 16.840712] [ 16.840808] The buggy address belongs to the physical page: [ 16.840885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 16.840955] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.841004] page_type: f5(slab) [ 16.841210] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.841320] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.841447] page dumped because: kasan: bad access detected [ 16.841539] [ 16.841599] Memory state around the buggy address: [ 16.841692] fff00000c45d1980: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.841762] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.841815] >fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.842111] ^ [ 16.842186] fff00000c45d1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.842322] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.842426] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.820265] ================================================================== [ 16.820334] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 16.820382] Read of size 1 at addr fff00000c592faa8 by task kunit_try_catch/188 [ 16.820457] [ 16.820490] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.820619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.820748] Hardware name: linux,dummy-virt (DT) [ 16.820792] Call trace: [ 16.820834] show_stack+0x20/0x38 (C) [ 16.820890] dump_stack_lvl+0x8c/0xd0 [ 16.820955] print_report+0x118/0x5d0 [ 16.821020] kasan_report+0xdc/0x128 [ 16.821086] __asan_report_load1_noabort+0x20/0x30 [ 16.821158] kmalloc_uaf2+0x3f4/0x468 [ 16.821245] kunit_try_run_case+0x170/0x3f0 [ 16.821310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.821365] kthread+0x328/0x630 [ 16.821407] ret_from_fork+0x10/0x20 [ 16.821770] [ 16.821798] Allocated by task 188: [ 16.821829] kasan_save_stack+0x3c/0x68 [ 16.822013] kasan_save_track+0x20/0x40 [ 16.822058] kasan_save_alloc_info+0x40/0x58 [ 16.822255] __kasan_kmalloc+0xd4/0xd8 [ 16.822329] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.822397] kmalloc_uaf2+0xc4/0x468 [ 16.822434] kunit_try_run_case+0x170/0x3f0 [ 16.822473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.822606] kthread+0x328/0x630 [ 16.822657] ret_from_fork+0x10/0x20 [ 16.822694] [ 16.822712] Freed by task 188: [ 16.822763] kasan_save_stack+0x3c/0x68 [ 16.822820] kasan_save_track+0x20/0x40 [ 16.823157] kasan_save_free_info+0x4c/0x78 [ 16.823399] __kasan_slab_free+0x6c/0x98 [ 16.823506] kfree+0x214/0x3c8 [ 16.823608] kmalloc_uaf2+0x134/0x468 [ 16.823706] kunit_try_run_case+0x170/0x3f0 [ 16.823853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.823920] kthread+0x328/0x630 [ 16.823953] ret_from_fork+0x10/0x20 [ 16.823988] [ 16.824030] The buggy address belongs to the object at fff00000c592fa80 [ 16.824030] which belongs to the cache kmalloc-64 of size 64 [ 16.824093] The buggy address is located 40 bytes inside of [ 16.824093] freed 64-byte region [fff00000c592fa80, fff00000c592fac0) [ 16.824416] [ 16.824649] The buggy address belongs to the physical page: [ 16.824729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592f [ 16.824863] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.824983] page_type: f5(slab) [ 16.825060] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.825194] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.825285] page dumped because: kasan: bad access detected [ 16.825515] [ 16.825535] Memory state around the buggy address: [ 16.825697] fff00000c592f980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.825844] fff00000c592fa00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.825919] >fff00000c592fa80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.826008] ^ [ 16.826062] fff00000c592fb00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 16.826196] fff00000c592fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.826288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.812229] ================================================================== [ 16.812309] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.812368] Write of size 33 at addr fff00000c592f900 by task kunit_try_catch/186 [ 16.812421] [ 16.812459] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.812543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.812570] Hardware name: linux,dummy-virt (DT) [ 16.812609] Call trace: [ 16.812633] show_stack+0x20/0x38 (C) [ 16.812680] dump_stack_lvl+0x8c/0xd0 [ 16.812733] print_report+0x118/0x5d0 [ 16.812789] kasan_report+0xdc/0x128 [ 16.812834] kasan_check_range+0x100/0x1a8 [ 16.812892] __asan_memset+0x34/0x78 [ 16.812935] kmalloc_uaf_memset+0x170/0x310 [ 16.812981] kunit_try_run_case+0x170/0x3f0 [ 16.813038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.813093] kthread+0x328/0x630 [ 16.813143] ret_from_fork+0x10/0x20 [ 16.813204] [ 16.813223] Allocated by task 186: [ 16.813250] kasan_save_stack+0x3c/0x68 [ 16.813291] kasan_save_track+0x20/0x40 [ 16.813327] kasan_save_alloc_info+0x40/0x58 [ 16.813367] __kasan_kmalloc+0xd4/0xd8 [ 16.813406] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.813444] kmalloc_uaf_memset+0xb8/0x310 [ 16.813481] kunit_try_run_case+0x170/0x3f0 [ 16.813517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.813570] kthread+0x328/0x630 [ 16.813604] ret_from_fork+0x10/0x20 [ 16.813646] [ 16.813665] Freed by task 186: [ 16.813700] kasan_save_stack+0x3c/0x68 [ 16.813745] kasan_save_track+0x20/0x40 [ 16.813783] kasan_save_free_info+0x4c/0x78 [ 16.813822] __kasan_slab_free+0x6c/0x98 [ 16.813863] kfree+0x214/0x3c8 [ 16.813895] kmalloc_uaf_memset+0x11c/0x310 [ 16.813940] kunit_try_run_case+0x170/0x3f0 [ 16.813987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.814030] kthread+0x328/0x630 [ 16.814061] ret_from_fork+0x10/0x20 [ 16.814106] [ 16.814125] The buggy address belongs to the object at fff00000c592f900 [ 16.814125] which belongs to the cache kmalloc-64 of size 64 [ 16.814570] The buggy address is located 0 bytes inside of [ 16.814570] freed 64-byte region [fff00000c592f900, fff00000c592f940) [ 16.814651] [ 16.814670] The buggy address belongs to the physical page: [ 16.814821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592f [ 16.814909] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.814961] page_type: f5(slab) [ 16.815142] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.815230] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.815311] page dumped because: kasan: bad access detected [ 16.815399] [ 16.815491] Memory state around the buggy address: [ 16.815600] fff00000c592f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.815722] fff00000c592f880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.815809] >fff00000c592f900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.815924] ^ [ 16.816028] fff00000c592f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.816159] fff00000c592fa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.816211] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.801471] ================================================================== [ 16.801577] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.801629] Read of size 1 at addr fff00000c45d1ac8 by task kunit_try_catch/184 [ 16.801700] [ 16.801730] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.801898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.801927] Hardware name: linux,dummy-virt (DT) [ 16.802064] Call trace: [ 16.802165] show_stack+0x20/0x38 (C) [ 16.802260] dump_stack_lvl+0x8c/0xd0 [ 16.802353] print_report+0x118/0x5d0 [ 16.802399] kasan_report+0xdc/0x128 [ 16.802443] __asan_report_load1_noabort+0x20/0x30 [ 16.802494] kmalloc_uaf+0x300/0x338 [ 16.802535] kunit_try_run_case+0x170/0x3f0 [ 16.802655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.802708] kthread+0x328/0x630 [ 16.802772] ret_from_fork+0x10/0x20 [ 16.802990] [ 16.803015] Allocated by task 184: [ 16.803097] kasan_save_stack+0x3c/0x68 [ 16.803142] kasan_save_track+0x20/0x40 [ 16.803190] kasan_save_alloc_info+0x40/0x58 [ 16.803237] __kasan_kmalloc+0xd4/0xd8 [ 16.803275] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.803314] kmalloc_uaf+0xb8/0x338 [ 16.803346] kunit_try_run_case+0x170/0x3f0 [ 16.803384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.803428] kthread+0x328/0x630 [ 16.803460] ret_from_fork+0x10/0x20 [ 16.803636] [ 16.803756] Freed by task 184: [ 16.803824] kasan_save_stack+0x3c/0x68 [ 16.803867] kasan_save_track+0x20/0x40 [ 16.803905] kasan_save_free_info+0x4c/0x78 [ 16.803967] __kasan_slab_free+0x6c/0x98 [ 16.804005] kfree+0x214/0x3c8 [ 16.804233] kmalloc_uaf+0x11c/0x338 [ 16.804358] kunit_try_run_case+0x170/0x3f0 [ 16.804418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.804497] kthread+0x328/0x630 [ 16.804550] ret_from_fork+0x10/0x20 [ 16.804585] [ 16.804850] The buggy address belongs to the object at fff00000c45d1ac0 [ 16.804850] which belongs to the cache kmalloc-16 of size 16 [ 16.804971] The buggy address is located 8 bytes inside of [ 16.804971] freed 16-byte region [fff00000c45d1ac0, fff00000c45d1ad0) [ 16.805070] [ 16.805127] The buggy address belongs to the physical page: [ 16.805230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 16.805304] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.805387] page_type: f5(slab) [ 16.805425] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.805476] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.805516] page dumped because: kasan: bad access detected [ 16.805556] [ 16.805574] Memory state around the buggy address: [ 16.805616] fff00000c45d1980: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.805672] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.805726] >fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 16.805774] ^ [ 16.805811] fff00000c45d1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.805866] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.805905] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.790674] ================================================================== [ 16.790735] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.790814] Read of size 64 at addr fff00000c592f604 by task kunit_try_catch/182 [ 16.790865] [ 16.790893] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.791338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.791436] Hardware name: linux,dummy-virt (DT) [ 16.791546] Call trace: [ 16.791576] show_stack+0x20/0x38 (C) [ 16.791626] dump_stack_lvl+0x8c/0xd0 [ 16.791670] print_report+0x118/0x5d0 [ 16.791959] kasan_report+0xdc/0x128 [ 16.792136] kasan_check_range+0x100/0x1a8 [ 16.792245] __asan_memmove+0x3c/0x98 [ 16.792354] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.792454] kunit_try_run_case+0x170/0x3f0 [ 16.792499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.792551] kthread+0x328/0x630 [ 16.792812] ret_from_fork+0x10/0x20 [ 16.793005] [ 16.793062] Allocated by task 182: [ 16.793166] kasan_save_stack+0x3c/0x68 [ 16.793268] kasan_save_track+0x20/0x40 [ 16.793339] kasan_save_alloc_info+0x40/0x58 [ 16.793380] __kasan_kmalloc+0xd4/0xd8 [ 16.793439] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.793720] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.793845] kunit_try_run_case+0x170/0x3f0 [ 16.793978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.794035] kthread+0x328/0x630 [ 16.794067] ret_from_fork+0x10/0x20 [ 16.794405] [ 16.794454] The buggy address belongs to the object at fff00000c592f600 [ 16.794454] which belongs to the cache kmalloc-64 of size 64 [ 16.794559] The buggy address is located 4 bytes inside of [ 16.794559] allocated 64-byte region [fff00000c592f600, fff00000c592f640) [ 16.794668] [ 16.794719] The buggy address belongs to the physical page: [ 16.794770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592f [ 16.794836] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.795135] page_type: f5(slab) [ 16.795204] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.795284] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.795395] page dumped because: kasan: bad access detected [ 16.795446] [ 16.795464] Memory state around the buggy address: [ 16.795496] fff00000c592f500: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.795540] fff00000c592f580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.795583] >fff00000c592f600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.795624] ^ [ 16.795833] fff00000c592f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.795925] fff00000c592f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.795981] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.779757] ================================================================== [ 16.779851] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.779909] Read of size 18446744073709551614 at addr fff00000c592f404 by task kunit_try_catch/180 [ 16.779989] [ 16.780017] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.780144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.780212] Hardware name: linux,dummy-virt (DT) [ 16.780243] Call trace: [ 16.780264] show_stack+0x20/0x38 (C) [ 16.780310] dump_stack_lvl+0x8c/0xd0 [ 16.780548] print_report+0x118/0x5d0 [ 16.780616] kasan_report+0xdc/0x128 [ 16.780661] kasan_check_range+0x100/0x1a8 [ 16.780739] __asan_memmove+0x3c/0x98 [ 16.780781] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.780859] kunit_try_run_case+0x170/0x3f0 [ 16.780905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.780972] kthread+0x328/0x630 [ 16.781020] ret_from_fork+0x10/0x20 [ 16.781311] [ 16.781363] Allocated by task 180: [ 16.781411] kasan_save_stack+0x3c/0x68 [ 16.781479] kasan_save_track+0x20/0x40 [ 16.781517] kasan_save_alloc_info+0x40/0x58 [ 16.781556] __kasan_kmalloc+0xd4/0xd8 [ 16.781844] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.781929] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.782355] kunit_try_run_case+0x170/0x3f0 [ 16.782458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.782579] kthread+0x328/0x630 [ 16.782626] ret_from_fork+0x10/0x20 [ 16.782683] [ 16.782958] The buggy address belongs to the object at fff00000c592f400 [ 16.782958] which belongs to the cache kmalloc-64 of size 64 [ 16.783030] The buggy address is located 4 bytes inside of [ 16.783030] 64-byte region [fff00000c592f400, fff00000c592f440) [ 16.783092] [ 16.783132] The buggy address belongs to the physical page: [ 16.783164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592f [ 16.783262] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.783312] page_type: f5(slab) [ 16.783350] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.783632] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.783776] page dumped because: kasan: bad access detected [ 16.784157] [ 16.784247] Memory state around the buggy address: [ 16.784357] fff00000c592f300: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.784466] fff00000c592f380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.784548] >fff00000c592f400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.784588] ^ [ 16.784616] fff00000c592f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.784683] fff00000c592f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.784723] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.770420] ================================================================== [ 16.770505] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.770582] Write of size 16 at addr fff00000c585ee69 by task kunit_try_catch/178 [ 16.770649] [ 16.770685] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.770766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.771088] Hardware name: linux,dummy-virt (DT) [ 16.771130] Call trace: [ 16.771275] show_stack+0x20/0x38 (C) [ 16.771519] dump_stack_lvl+0x8c/0xd0 [ 16.771624] print_report+0x118/0x5d0 [ 16.771724] kasan_report+0xdc/0x128 [ 16.771769] kasan_check_range+0x100/0x1a8 [ 16.771815] __asan_memset+0x34/0x78 [ 16.771856] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.771917] kunit_try_run_case+0x170/0x3f0 [ 16.771979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.772030] kthread+0x328/0x630 [ 16.772073] ret_from_fork+0x10/0x20 [ 16.772127] [ 16.772146] Allocated by task 178: [ 16.772393] kasan_save_stack+0x3c/0x68 [ 16.772577] kasan_save_track+0x20/0x40 [ 16.772646] kasan_save_alloc_info+0x40/0x58 [ 16.772811] __kasan_kmalloc+0xd4/0xd8 [ 16.772869] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.772907] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.772944] kunit_try_run_case+0x170/0x3f0 [ 16.773152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.773248] kthread+0x328/0x630 [ 16.773316] ret_from_fork+0x10/0x20 [ 16.773361] [ 16.773441] The buggy address belongs to the object at fff00000c585ee00 [ 16.773441] which belongs to the cache kmalloc-128 of size 128 [ 16.773515] The buggy address is located 105 bytes inside of [ 16.773515] allocated 120-byte region [fff00000c585ee00, fff00000c585ee78) [ 16.773610] [ 16.773646] The buggy address belongs to the physical page: [ 16.773685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.773773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.773860] page_type: f5(slab) [ 16.773915] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.774039] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.774097] page dumped because: kasan: bad access detected [ 16.774127] [ 16.774144] Memory state around the buggy address: [ 16.774197] fff00000c585ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.774239] fff00000c585ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.774280] >fff00000c585ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.774578] ^ [ 16.774684] fff00000c585ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.774758] fff00000c585ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.774861] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.760717] ================================================================== [ 16.760778] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.760828] Write of size 8 at addr fff00000c585ed71 by task kunit_try_catch/176 [ 16.760877] [ 16.761217] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.761361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.761409] Hardware name: linux,dummy-virt (DT) [ 16.761491] Call trace: [ 16.761530] show_stack+0x20/0x38 (C) [ 16.761580] dump_stack_lvl+0x8c/0xd0 [ 16.761625] print_report+0x118/0x5d0 [ 16.761865] kasan_report+0xdc/0x128 [ 16.761926] kasan_check_range+0x100/0x1a8 [ 16.762011] __asan_memset+0x34/0x78 [ 16.762062] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.762127] kunit_try_run_case+0x170/0x3f0 [ 16.762185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.762253] kthread+0x328/0x630 [ 16.762310] ret_from_fork+0x10/0x20 [ 16.762376] [ 16.762439] Allocated by task 176: [ 16.762468] kasan_save_stack+0x3c/0x68 [ 16.762508] kasan_save_track+0x20/0x40 [ 16.762546] kasan_save_alloc_info+0x40/0x58 [ 16.762602] __kasan_kmalloc+0xd4/0xd8 [ 16.762727] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.762769] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.762895] kunit_try_run_case+0x170/0x3f0 [ 16.763006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.763055] kthread+0x328/0x630 [ 16.763104] ret_from_fork+0x10/0x20 [ 16.763140] [ 16.763297] The buggy address belongs to the object at fff00000c585ed00 [ 16.763297] which belongs to the cache kmalloc-128 of size 128 [ 16.763638] The buggy address is located 113 bytes inside of [ 16.763638] allocated 120-byte region [fff00000c585ed00, fff00000c585ed78) [ 16.763713] [ 16.763733] The buggy address belongs to the physical page: [ 16.763762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.763817] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.764089] page_type: f5(slab) [ 16.764228] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.764280] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.764747] page dumped because: kasan: bad access detected [ 16.764834] [ 16.764935] Memory state around the buggy address: [ 16.765023] fff00000c585ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.765145] fff00000c585ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.765199] >fff00000c585ed00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.765285] ^ [ 16.765571] fff00000c585ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.765653] fff00000c585ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.765753] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.749078] ================================================================== [ 16.749695] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.749782] Write of size 4 at addr fff00000c585ec75 by task kunit_try_catch/174 [ 16.749832] [ 16.749883] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.750025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.750054] Hardware name: linux,dummy-virt (DT) [ 16.750084] Call trace: [ 16.750325] show_stack+0x20/0x38 (C) [ 16.750386] dump_stack_lvl+0x8c/0xd0 [ 16.750432] print_report+0x118/0x5d0 [ 16.750512] kasan_report+0xdc/0x128 [ 16.750556] kasan_check_range+0x100/0x1a8 [ 16.750622] __asan_memset+0x34/0x78 [ 16.750699] kmalloc_oob_memset_4+0x150/0x300 [ 16.750764] kunit_try_run_case+0x170/0x3f0 [ 16.750830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.750888] kthread+0x328/0x630 [ 16.750930] ret_from_fork+0x10/0x20 [ 16.750975] [ 16.750993] Allocated by task 174: [ 16.751019] kasan_save_stack+0x3c/0x68 [ 16.751291] kasan_save_track+0x20/0x40 [ 16.751458] kasan_save_alloc_info+0x40/0x58 [ 16.751578] __kasan_kmalloc+0xd4/0xd8 [ 16.751667] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.751774] kmalloc_oob_memset_4+0xb0/0x300 [ 16.751817] kunit_try_run_case+0x170/0x3f0 [ 16.751855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.751897] kthread+0x328/0x630 [ 16.751928] ret_from_fork+0x10/0x20 [ 16.751963] [ 16.752010] The buggy address belongs to the object at fff00000c585ec00 [ 16.752010] which belongs to the cache kmalloc-128 of size 128 [ 16.752068] The buggy address is located 117 bytes inside of [ 16.752068] allocated 120-byte region [fff00000c585ec00, fff00000c585ec78) [ 16.752130] [ 16.752149] The buggy address belongs to the physical page: [ 16.752403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.752508] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.752620] page_type: f5(slab) [ 16.752678] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.753104] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.753185] page dumped because: kasan: bad access detected [ 16.753218] [ 16.753235] Memory state around the buggy address: [ 16.753537] fff00000c585eb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.753673] fff00000c585eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.753798] >fff00000c585ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.753888] ^ [ 16.753961] fff00000c585ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.754003] fff00000c585ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.754041] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.537206] ================================================================== [ 16.537608] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.537670] Read of size 1 at addr fff00000c7960000 by task kunit_try_catch/154 [ 16.537735] [ 16.537914] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.538387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.538718] Hardware name: linux,dummy-virt (DT) [ 16.538751] Call trace: [ 16.539053] show_stack+0x20/0x38 (C) [ 16.539122] dump_stack_lvl+0x8c/0xd0 [ 16.539570] print_report+0x118/0x5d0 [ 16.539623] kasan_report+0xdc/0x128 [ 16.539668] __asan_report_load1_noabort+0x20/0x30 [ 16.539757] page_alloc_uaf+0x328/0x350 [ 16.540105] kunit_try_run_case+0x170/0x3f0 [ 16.540160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.540224] kthread+0x328/0x630 [ 16.540566] ret_from_fork+0x10/0x20 [ 16.540630] [ 16.540650] The buggy address belongs to the physical page: [ 16.540680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107960 [ 16.541231] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.541564] page_type: f0(buddy) [ 16.541606] raw: 0bfffe0000000000 fff00000ff616108 fff00000ff616108 0000000000000000 [ 16.541655] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 16.541696] page dumped because: kasan: bad access detected [ 16.541726] [ 16.541743] Memory state around the buggy address: [ 16.541775] fff00000c795ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.542159] fff00000c795ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.542231] >fff00000c7960000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.542967] ^ [ 16.543010] fff00000c7960080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.543281] fff00000c7960100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.543325] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.735218] ================================================================== [ 16.735520] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.735571] Write of size 2 at addr fff00000c585eb77 by task kunit_try_catch/172 [ 16.735661] [ 16.735809] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.735937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.736008] Hardware name: linux,dummy-virt (DT) [ 16.736115] Call trace: [ 16.736198] show_stack+0x20/0x38 (C) [ 16.736327] dump_stack_lvl+0x8c/0xd0 [ 16.736460] print_report+0x118/0x5d0 [ 16.736547] kasan_report+0xdc/0x128 [ 16.736612] kasan_check_range+0x100/0x1a8 [ 16.736678] __asan_memset+0x34/0x78 [ 16.736768] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.736814] kunit_try_run_case+0x170/0x3f0 [ 16.736882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.736973] kthread+0x328/0x630 [ 16.737040] ret_from_fork+0x10/0x20 [ 16.737085] [ 16.737143] Allocated by task 172: [ 16.737190] kasan_save_stack+0x3c/0x68 [ 16.737230] kasan_save_track+0x20/0x40 [ 16.737457] kasan_save_alloc_info+0x40/0x58 [ 16.737553] __kasan_kmalloc+0xd4/0xd8 [ 16.737620] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.737700] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.737856] kunit_try_run_case+0x170/0x3f0 [ 16.737959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.738013] kthread+0x328/0x630 [ 16.738106] ret_from_fork+0x10/0x20 [ 16.738155] [ 16.738202] The buggy address belongs to the object at fff00000c585eb00 [ 16.738202] which belongs to the cache kmalloc-128 of size 128 [ 16.738308] The buggy address is located 119 bytes inside of [ 16.738308] allocated 120-byte region [fff00000c585eb00, fff00000c585eb78) [ 16.738392] [ 16.738411] The buggy address belongs to the physical page: [ 16.738440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.738633] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.738704] page_type: f5(slab) [ 16.738780] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.738900] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.739027] page dumped because: kasan: bad access detected [ 16.739138] [ 16.739284] Memory state around the buggy address: [ 16.739412] fff00000c585ea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.739455] fff00000c585ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.739496] >fff00000c585eb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.739532] ^ [ 16.739571] fff00000c585eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.739612] fff00000c585ec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.739651] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.726083] ================================================================== [ 16.726140] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.726417] Write of size 128 at addr fff00000c585ea00 by task kunit_try_catch/170 [ 16.726479] [ 16.726518] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.726619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.726646] Hardware name: linux,dummy-virt (DT) [ 16.726701] Call trace: [ 16.726725] show_stack+0x20/0x38 (C) [ 16.726773] dump_stack_lvl+0x8c/0xd0 [ 16.726906] print_report+0x118/0x5d0 [ 16.727019] kasan_report+0xdc/0x128 [ 16.727094] kasan_check_range+0x100/0x1a8 [ 16.727167] __asan_memset+0x34/0x78 [ 16.727281] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.727377] kunit_try_run_case+0x170/0x3f0 [ 16.727422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.727489] kthread+0x328/0x630 [ 16.727530] ret_from_fork+0x10/0x20 [ 16.727575] [ 16.727592] Allocated by task 170: [ 16.727619] kasan_save_stack+0x3c/0x68 [ 16.727983] kasan_save_track+0x20/0x40 [ 16.728032] kasan_save_alloc_info+0x40/0x58 [ 16.728072] __kasan_kmalloc+0xd4/0xd8 [ 16.728356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.728493] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.728547] kunit_try_run_case+0x170/0x3f0 [ 16.728647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.728739] kthread+0x328/0x630 [ 16.728814] ret_from_fork+0x10/0x20 [ 16.728882] [ 16.729000] The buggy address belongs to the object at fff00000c585ea00 [ 16.729000] which belongs to the cache kmalloc-128 of size 128 [ 16.729082] The buggy address is located 0 bytes inside of [ 16.729082] allocated 120-byte region [fff00000c585ea00, fff00000c585ea78) [ 16.729481] [ 16.729541] The buggy address belongs to the physical page: [ 16.729639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.729712] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.729853] page_type: f5(slab) [ 16.729936] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.730021] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.730121] page dumped because: kasan: bad access detected [ 16.730258] [ 16.730275] Memory state around the buggy address: [ 16.730307] fff00000c585e900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.730384] fff00000c585e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.730547] >fff00000c585ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.730811] ^ [ 16.730906] fff00000c585ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.731015] fff00000c585eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.731116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.716665] ================================================================== [ 16.716736] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.716786] Read of size 16 at addr fff00000c45d1aa0 by task kunit_try_catch/168 [ 16.716887] [ 16.716946] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.717026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.717052] Hardware name: linux,dummy-virt (DT) [ 16.717082] Call trace: [ 16.717102] show_stack+0x20/0x38 (C) [ 16.717190] dump_stack_lvl+0x8c/0xd0 [ 16.717238] print_report+0x118/0x5d0 [ 16.717324] kasan_report+0xdc/0x128 [ 16.717400] __asan_report_load16_noabort+0x20/0x30 [ 16.717471] kmalloc_uaf_16+0x3bc/0x438 [ 16.717516] kunit_try_run_case+0x170/0x3f0 [ 16.717561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.717620] kthread+0x328/0x630 [ 16.717688] ret_from_fork+0x10/0x20 [ 16.717754] [ 16.717771] Allocated by task 168: [ 16.717798] kasan_save_stack+0x3c/0x68 [ 16.717837] kasan_save_track+0x20/0x40 [ 16.717893] kasan_save_alloc_info+0x40/0x58 [ 16.717938] __kasan_kmalloc+0xd4/0xd8 [ 16.717972] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.718009] kmalloc_uaf_16+0x140/0x438 [ 16.718212] kunit_try_run_case+0x170/0x3f0 [ 16.718282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.718326] kthread+0x328/0x630 [ 16.718408] ret_from_fork+0x10/0x20 [ 16.718443] [ 16.718461] Freed by task 168: [ 16.718492] kasan_save_stack+0x3c/0x68 [ 16.718529] kasan_save_track+0x20/0x40 [ 16.718564] kasan_save_free_info+0x4c/0x78 [ 16.718602] __kasan_slab_free+0x6c/0x98 [ 16.718786] kfree+0x214/0x3c8 [ 16.718846] kmalloc_uaf_16+0x190/0x438 [ 16.718881] kunit_try_run_case+0x170/0x3f0 [ 16.718917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.719002] kthread+0x328/0x630 [ 16.719047] ret_from_fork+0x10/0x20 [ 16.719082] [ 16.719100] The buggy address belongs to the object at fff00000c45d1aa0 [ 16.719100] which belongs to the cache kmalloc-16 of size 16 [ 16.719194] The buggy address is located 0 bytes inside of [ 16.719194] freed 16-byte region [fff00000c45d1aa0, fff00000c45d1ab0) [ 16.719289] [ 16.719322] The buggy address belongs to the physical page: [ 16.719355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 16.719433] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.719481] page_type: f5(slab) [ 16.719721] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.719873] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.719925] page dumped because: kasan: bad access detected [ 16.719982] [ 16.720252] Memory state around the buggy address: [ 16.720334] fff00000c45d1980: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.720435] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.720513] >fff00000c45d1a80: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.720556] ^ [ 16.720586] fff00000c45d1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720735] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720881] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.702035] ================================================================== [ 16.702210] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.702286] Write of size 16 at addr fff00000c45d1a40 by task kunit_try_catch/166 [ 16.702592] [ 16.702675] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.702835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.702893] Hardware name: linux,dummy-virt (DT) [ 16.702950] Call trace: [ 16.703114] show_stack+0x20/0x38 (C) [ 16.703206] dump_stack_lvl+0x8c/0xd0 [ 16.703260] print_report+0x118/0x5d0 [ 16.703381] kasan_report+0xdc/0x128 [ 16.703426] __asan_report_store16_noabort+0x20/0x30 [ 16.703484] kmalloc_oob_16+0x3a0/0x3f8 [ 16.703528] kunit_try_run_case+0x170/0x3f0 [ 16.703863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.704032] kthread+0x328/0x630 [ 16.704138] ret_from_fork+0x10/0x20 [ 16.704351] [ 16.704467] Allocated by task 166: [ 16.704497] kasan_save_stack+0x3c/0x68 [ 16.704733] kasan_save_track+0x20/0x40 [ 16.705351] kasan_save_alloc_info+0x40/0x58 [ 16.705545] __kasan_kmalloc+0xd4/0xd8 [ 16.705586] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.705625] kmalloc_oob_16+0xb4/0x3f8 [ 16.705660] kunit_try_run_case+0x170/0x3f0 [ 16.705697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.705739] kthread+0x328/0x630 [ 16.705770] ret_from_fork+0x10/0x20 [ 16.705804] [ 16.705823] The buggy address belongs to the object at fff00000c45d1a40 [ 16.705823] which belongs to the cache kmalloc-16 of size 16 [ 16.705881] The buggy address is located 0 bytes inside of [ 16.705881] allocated 13-byte region [fff00000c45d1a40, fff00000c45d1a4d) [ 16.705949] [ 16.705968] The buggy address belongs to the physical page: [ 16.705998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 16.706054] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.706102] page_type: f5(slab) [ 16.706139] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.706403] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.706474] page dumped because: kasan: bad access detected [ 16.706522] [ 16.706539] Memory state around the buggy address: [ 16.706581] fff00000c45d1900: 00 00 fc fc 00 00 fc fc 00 00 fc fc fa fb fc fc [ 16.706624] fff00000c45d1980: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.706666] >fff00000c45d1a00: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 16.706704] ^ [ 16.706739] fff00000c45d1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.706781] fff00000c45d1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.706834] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.685264] ================================================================== [ 16.685319] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.685365] Read of size 1 at addr fff00000c4786400 by task kunit_try_catch/164 [ 16.685414] [ 16.685456] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.685548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.685574] Hardware name: linux,dummy-virt (DT) [ 16.685603] Call trace: [ 16.685624] show_stack+0x20/0x38 (C) [ 16.685673] dump_stack_lvl+0x8c/0xd0 [ 16.685727] print_report+0x118/0x5d0 [ 16.685774] kasan_report+0xdc/0x128 [ 16.685840] __asan_report_load1_noabort+0x20/0x30 [ 16.685890] krealloc_uaf+0x4c8/0x520 [ 16.685947] kunit_try_run_case+0x170/0x3f0 [ 16.685993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.686044] kthread+0x328/0x630 [ 16.686085] ret_from_fork+0x10/0x20 [ 16.686137] [ 16.686154] Allocated by task 164: [ 16.687117] kasan_save_stack+0x3c/0x68 [ 16.687233] kasan_save_track+0x20/0x40 [ 16.687274] kasan_save_alloc_info+0x40/0x58 [ 16.687378] __kasan_kmalloc+0xd4/0xd8 [ 16.687505] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.687603] krealloc_uaf+0xc8/0x520 [ 16.687688] kunit_try_run_case+0x170/0x3f0 [ 16.687725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.687780] kthread+0x328/0x630 [ 16.687819] ret_from_fork+0x10/0x20 [ 16.688137] [ 16.688241] Freed by task 164: [ 16.688352] kasan_save_stack+0x3c/0x68 [ 16.688704] kasan_save_track+0x20/0x40 [ 16.688836] kasan_save_free_info+0x4c/0x78 [ 16.688997] __kasan_slab_free+0x6c/0x98 [ 16.689075] kfree+0x214/0x3c8 [ 16.689121] krealloc_uaf+0x12c/0x520 [ 16.689163] kunit_try_run_case+0x170/0x3f0 [ 16.689444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.689785] kthread+0x328/0x630 [ 16.689867] ret_from_fork+0x10/0x20 [ 16.689997] [ 16.690040] The buggy address belongs to the object at fff00000c4786400 [ 16.690040] which belongs to the cache kmalloc-256 of size 256 [ 16.690431] The buggy address is located 0 bytes inside of [ 16.690431] freed 256-byte region [fff00000c4786400, fff00000c4786500) [ 16.690596] [ 16.690635] The buggy address belongs to the physical page: [ 16.690691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104786 [ 16.690909] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.691070] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.691283] page_type: f5(slab) [ 16.691323] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.691664] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.691812] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.691920] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.691994] head: 0bfffe0000000001 ffffc1ffc311e181 00000000ffffffff 00000000ffffffff [ 16.692256] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.692450] page dumped because: kasan: bad access detected [ 16.692510] [ 16.692570] Memory state around the buggy address: [ 16.692715] fff00000c4786300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.693101] fff00000c4786380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.693298] >fff00000c4786400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.693339] ^ [ 16.693381] fff00000c4786480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.693789] fff00000c4786500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.693862] ================================================================== [ 16.676779] ================================================================== [ 16.677231] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.677297] Read of size 1 at addr fff00000c4786400 by task kunit_try_catch/164 [ 16.677349] [ 16.677458] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.677547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.677663] Hardware name: linux,dummy-virt (DT) [ 16.677735] Call trace: [ 16.677775] show_stack+0x20/0x38 (C) [ 16.677871] dump_stack_lvl+0x8c/0xd0 [ 16.677917] print_report+0x118/0x5d0 [ 16.677992] kasan_report+0xdc/0x128 [ 16.678307] __kasan_check_byte+0x54/0x70 [ 16.678372] krealloc_noprof+0x44/0x360 [ 16.678471] krealloc_uaf+0x180/0x520 [ 16.678517] kunit_try_run_case+0x170/0x3f0 [ 16.678562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.678658] kthread+0x328/0x630 [ 16.678702] ret_from_fork+0x10/0x20 [ 16.678747] [ 16.678765] Allocated by task 164: [ 16.678793] kasan_save_stack+0x3c/0x68 [ 16.678973] kasan_save_track+0x20/0x40 [ 16.679011] kasan_save_alloc_info+0x40/0x58 [ 16.679166] __kasan_kmalloc+0xd4/0xd8 [ 16.679372] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.679416] krealloc_uaf+0xc8/0x520 [ 16.679451] kunit_try_run_case+0x170/0x3f0 [ 16.679640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.679861] kthread+0x328/0x630 [ 16.680013] ret_from_fork+0x10/0x20 [ 16.680188] [ 16.680280] Freed by task 164: [ 16.680364] kasan_save_stack+0x3c/0x68 [ 16.680492] kasan_save_track+0x20/0x40 [ 16.680578] kasan_save_free_info+0x4c/0x78 [ 16.680624] __kasan_slab_free+0x6c/0x98 [ 16.681040] kfree+0x214/0x3c8 [ 16.681167] krealloc_uaf+0x12c/0x520 [ 16.681349] kunit_try_run_case+0x170/0x3f0 [ 16.681437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.681765] kthread+0x328/0x630 [ 16.681849] ret_from_fork+0x10/0x20 [ 16.681914] [ 16.682012] The buggy address belongs to the object at fff00000c4786400 [ 16.682012] which belongs to the cache kmalloc-256 of size 256 [ 16.682143] The buggy address is located 0 bytes inside of [ 16.682143] freed 256-byte region [fff00000c4786400, fff00000c4786500) [ 16.682323] [ 16.682393] The buggy address belongs to the physical page: [ 16.682478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104786 [ 16.682536] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.682649] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.683661] page_type: f5(slab) [ 16.683710] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.683763] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.683813] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.683861] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.683910] head: 0bfffe0000000001 ffffc1ffc311e181 00000000ffffffff 00000000ffffffff [ 16.683959] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.683998] page dumped because: kasan: bad access detected [ 16.684029] [ 16.684046] Memory state around the buggy address: [ 16.684077] fff00000c4786300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.684122] fff00000c4786380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.684180] >fff00000c4786400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.684218] ^ [ 16.684245] fff00000c4786480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.684286] fff00000c4786500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.684323] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.653027] ================================================================== [ 16.653229] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.653315] Write of size 1 at addr fff00000c665e0d0 by task kunit_try_catch/162 [ 16.653426] [ 16.653457] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.653536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.653562] Hardware name: linux,dummy-virt (DT) [ 16.653598] Call trace: [ 16.653618] show_stack+0x20/0x38 (C) [ 16.653794] dump_stack_lvl+0x8c/0xd0 [ 16.653855] print_report+0x118/0x5d0 [ 16.653900] kasan_report+0xdc/0x128 [ 16.653955] __asan_report_store1_noabort+0x20/0x30 [ 16.654043] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.654130] krealloc_large_less_oob+0x20/0x38 [ 16.654209] kunit_try_run_case+0x170/0x3f0 [ 16.654256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.654307] kthread+0x328/0x630 [ 16.654370] ret_from_fork+0x10/0x20 [ 16.654418] [ 16.654443] The buggy address belongs to the physical page: [ 16.654473] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10665c [ 16.654525] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.654582] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.654633] page_type: f8(unknown) [ 16.654670] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.654729] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.654779] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.654827] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.654885] head: 0bfffe0000000002 ffffc1ffc3199701 00000000ffffffff 00000000ffffffff [ 16.654939] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.654979] page dumped because: kasan: bad access detected [ 16.655014] [ 16.655031] Memory state around the buggy address: [ 16.655066] fff00000c665df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.655108] fff00000c665e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.655154] >fff00000c665e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.655482] ^ [ 16.655525] fff00000c665e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.655734] fff00000c665e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.655908] ================================================================== [ 16.603143] ================================================================== [ 16.603352] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.603449] Write of size 1 at addr fff00000c47862da by task kunit_try_catch/158 [ 16.603604] [ 16.603662] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.603809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.603837] Hardware name: linux,dummy-virt (DT) [ 16.603875] Call trace: [ 16.603895] show_stack+0x20/0x38 (C) [ 16.604079] dump_stack_lvl+0x8c/0xd0 [ 16.604162] print_report+0x118/0x5d0 [ 16.604224] kasan_report+0xdc/0x128 [ 16.604286] __asan_report_store1_noabort+0x20/0x30 [ 16.604456] krealloc_less_oob_helper+0xa80/0xc50 [ 16.604556] krealloc_less_oob+0x20/0x38 [ 16.604698] kunit_try_run_case+0x170/0x3f0 [ 16.604829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.605012] kthread+0x328/0x630 [ 16.605085] ret_from_fork+0x10/0x20 [ 16.605518] [ 16.605597] Allocated by task 158: [ 16.605719] kasan_save_stack+0x3c/0x68 [ 16.605822] kasan_save_track+0x20/0x40 [ 16.605957] kasan_save_alloc_info+0x40/0x58 [ 16.606008] __kasan_krealloc+0x118/0x178 [ 16.606045] krealloc_noprof+0x128/0x360 [ 16.606090] krealloc_less_oob_helper+0x168/0xc50 [ 16.606140] krealloc_less_oob+0x20/0x38 [ 16.606236] kunit_try_run_case+0x170/0x3f0 [ 16.606291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.606343] kthread+0x328/0x630 [ 16.606374] ret_from_fork+0x10/0x20 [ 16.606418] [ 16.606437] The buggy address belongs to the object at fff00000c4786200 [ 16.606437] which belongs to the cache kmalloc-256 of size 256 [ 16.606503] The buggy address is located 17 bytes to the right of [ 16.606503] allocated 201-byte region [fff00000c4786200, fff00000c47862c9) [ 16.606568] [ 16.606586] The buggy address belongs to the physical page: [ 16.606617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104786 [ 16.606669] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.606724] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.606773] page_type: f5(slab) [ 16.606810] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.606858] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.606917] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.606964] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.607022] head: 0bfffe0000000001 ffffc1ffc311e181 00000000ffffffff 00000000ffffffff [ 16.607076] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.607116] page dumped because: kasan: bad access detected [ 16.607155] [ 16.607182] Memory state around the buggy address: [ 16.607427] fff00000c4786180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.607540] fff00000c4786200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.607763] >fff00000c4786280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.607838] ^ [ 16.608338] fff00000c4786300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.608734] fff00000c4786380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.608869] ================================================================== [ 16.646397] ================================================================== [ 16.646453] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.646503] Write of size 1 at addr fff00000c665e0c9 by task kunit_try_catch/162 [ 16.646733] [ 16.646785] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.646874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.646911] Hardware name: linux,dummy-virt (DT) [ 16.646993] Call trace: [ 16.647031] show_stack+0x20/0x38 (C) [ 16.647082] dump_stack_lvl+0x8c/0xd0 [ 16.647127] print_report+0x118/0x5d0 [ 16.647250] kasan_report+0xdc/0x128 [ 16.647318] __asan_report_store1_noabort+0x20/0x30 [ 16.647486] krealloc_less_oob_helper+0xa48/0xc50 [ 16.647568] krealloc_large_less_oob+0x20/0x38 [ 16.647616] kunit_try_run_case+0x170/0x3f0 [ 16.647689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.647888] kthread+0x328/0x630 [ 16.648060] ret_from_fork+0x10/0x20 [ 16.648131] [ 16.648151] The buggy address belongs to the physical page: [ 16.648193] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10665c [ 16.648626] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.648752] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.648919] page_type: f8(unknown) [ 16.648982] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.649150] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.649254] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.649470] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.649564] head: 0bfffe0000000002 ffffc1ffc3199701 00000000ffffffff 00000000ffffffff [ 16.649620] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.649686] page dumped because: kasan: bad access detected [ 16.649796] [ 16.649865] Memory state around the buggy address: [ 16.649946] fff00000c665df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.650050] fff00000c665e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.650092] >fff00000c665e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.650129] ^ [ 16.650196] fff00000c665e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.650238] fff00000c665e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.650276] ================================================================== [ 16.616674] ================================================================== [ 16.616727] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.616784] Write of size 1 at addr fff00000c47862eb by task kunit_try_catch/158 [ 16.616941] [ 16.617002] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.617148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.617327] Hardware name: linux,dummy-virt (DT) [ 16.617375] Call trace: [ 16.617486] show_stack+0x20/0x38 (C) [ 16.617540] dump_stack_lvl+0x8c/0xd0 [ 16.617584] print_report+0x118/0x5d0 [ 16.617717] kasan_report+0xdc/0x128 [ 16.617781] __asan_report_store1_noabort+0x20/0x30 [ 16.617831] krealloc_less_oob_helper+0xa58/0xc50 [ 16.618042] krealloc_less_oob+0x20/0x38 [ 16.618109] kunit_try_run_case+0x170/0x3f0 [ 16.618196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.618250] kthread+0x328/0x630 [ 16.618299] ret_from_fork+0x10/0x20 [ 16.618391] [ 16.618410] Allocated by task 158: [ 16.618437] kasan_save_stack+0x3c/0x68 [ 16.618506] kasan_save_track+0x20/0x40 [ 16.618605] kasan_save_alloc_info+0x40/0x58 [ 16.618648] __kasan_krealloc+0x118/0x178 [ 16.618712] krealloc_noprof+0x128/0x360 [ 16.618756] krealloc_less_oob_helper+0x168/0xc50 [ 16.618924] krealloc_less_oob+0x20/0x38 [ 16.618976] kunit_try_run_case+0x170/0x3f0 [ 16.619037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.619218] kthread+0x328/0x630 [ 16.619309] ret_from_fork+0x10/0x20 [ 16.619390] [ 16.619630] The buggy address belongs to the object at fff00000c4786200 [ 16.619630] which belongs to the cache kmalloc-256 of size 256 [ 16.619699] The buggy address is located 34 bytes to the right of [ 16.619699] allocated 201-byte region [fff00000c4786200, fff00000c47862c9) [ 16.619784] [ 16.619802] The buggy address belongs to the physical page: [ 16.619832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104786 [ 16.619883] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.619931] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.619981] page_type: f5(slab) [ 16.620017] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.620377] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.620467] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.620663] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.620741] head: 0bfffe0000000001 ffffc1ffc311e181 00000000ffffffff 00000000ffffffff [ 16.620826] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.620974] page dumped because: kasan: bad access detected [ 16.621005] [ 16.621250] Memory state around the buggy address: [ 16.621332] fff00000c4786180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.621477] fff00000c4786200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.621556] >fff00000c4786280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.621634] ^ [ 16.621683] fff00000c4786300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.621734] fff00000c4786380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.621776] ================================================================== [ 16.657374] ================================================================== [ 16.657558] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.657616] Write of size 1 at addr fff00000c665e0da by task kunit_try_catch/162 [ 16.657748] [ 16.657782] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.657862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.658066] Hardware name: linux,dummy-virt (DT) [ 16.658196] Call trace: [ 16.658222] show_stack+0x20/0x38 (C) [ 16.658342] dump_stack_lvl+0x8c/0xd0 [ 16.658408] print_report+0x118/0x5d0 [ 16.658454] kasan_report+0xdc/0x128 [ 16.658623] __asan_report_store1_noabort+0x20/0x30 [ 16.658690] krealloc_less_oob_helper+0xa80/0xc50 [ 16.658738] krealloc_large_less_oob+0x20/0x38 [ 16.658794] kunit_try_run_case+0x170/0x3f0 [ 16.658840] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.658929] kthread+0x328/0x630 [ 16.658974] ret_from_fork+0x10/0x20 [ 16.659029] [ 16.659049] The buggy address belongs to the physical page: [ 16.659292] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10665c [ 16.659389] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.659447] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.659577] page_type: f8(unknown) [ 16.659652] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.659847] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.659903] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.660054] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.660234] head: 0bfffe0000000002 ffffc1ffc3199701 00000000ffffffff 00000000ffffffff [ 16.660318] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.660416] page dumped because: kasan: bad access detected [ 16.660494] [ 16.660547] Memory state around the buggy address: [ 16.660579] fff00000c665df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.660818] fff00000c665e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.660922] >fff00000c665e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.661009] ^ [ 16.661094] fff00000c665e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.661211] fff00000c665e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.661271] ================================================================== [ 16.595347] ================================================================== [ 16.595431] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.595604] Write of size 1 at addr fff00000c47862d0 by task kunit_try_catch/158 [ 16.595713] [ 16.595834] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.595967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.595993] Hardware name: linux,dummy-virt (DT) [ 16.596023] Call trace: [ 16.596044] show_stack+0x20/0x38 (C) [ 16.596292] dump_stack_lvl+0x8c/0xd0 [ 16.596341] print_report+0x118/0x5d0 [ 16.596421] kasan_report+0xdc/0x128 [ 16.596588] __asan_report_store1_noabort+0x20/0x30 [ 16.596759] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.596847] krealloc_less_oob+0x20/0x38 [ 16.596962] kunit_try_run_case+0x170/0x3f0 [ 16.597071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.597220] kthread+0x328/0x630 [ 16.597265] ret_from_fork+0x10/0x20 [ 16.597505] [ 16.597543] Allocated by task 158: [ 16.597720] kasan_save_stack+0x3c/0x68 [ 16.597801] kasan_save_track+0x20/0x40 [ 16.597969] kasan_save_alloc_info+0x40/0x58 [ 16.598230] __kasan_krealloc+0x118/0x178 [ 16.598469] krealloc_noprof+0x128/0x360 [ 16.598513] krealloc_less_oob_helper+0x168/0xc50 [ 16.598589] krealloc_less_oob+0x20/0x38 [ 16.598780] kunit_try_run_case+0x170/0x3f0 [ 16.598861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.599023] kthread+0x328/0x630 [ 16.599162] ret_from_fork+0x10/0x20 [ 16.599212] [ 16.599365] The buggy address belongs to the object at fff00000c4786200 [ 16.599365] which belongs to the cache kmalloc-256 of size 256 [ 16.599427] The buggy address is located 7 bytes to the right of [ 16.599427] allocated 201-byte region [fff00000c4786200, fff00000c47862c9) [ 16.599501] [ 16.599520] The buggy address belongs to the physical page: [ 16.599557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104786 [ 16.599614] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.599667] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.599717] page_type: f5(slab) [ 16.600141] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.600241] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.600426] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.600600] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.600689] head: 0bfffe0000000001 ffffc1ffc311e181 00000000ffffffff 00000000ffffffff [ 16.600837] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.600902] page dumped because: kasan: bad access detected [ 16.600933] [ 16.600990] Memory state around the buggy address: [ 16.601208] fff00000c4786180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601256] fff00000c4786200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.601313] >fff00000c4786280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.601369] ^ [ 16.601481] fff00000c4786300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601538] fff00000c4786380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601636] ================================================================== [ 16.586704] ================================================================== [ 16.586761] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.586869] Write of size 1 at addr fff00000c47862c9 by task kunit_try_catch/158 [ 16.586942] [ 16.586981] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.587067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.587094] Hardware name: linux,dummy-virt (DT) [ 16.587123] Call trace: [ 16.587145] show_stack+0x20/0x38 (C) [ 16.587213] dump_stack_lvl+0x8c/0xd0 [ 16.587287] print_report+0x118/0x5d0 [ 16.587335] kasan_report+0xdc/0x128 [ 16.587380] __asan_report_store1_noabort+0x20/0x30 [ 16.587430] krealloc_less_oob_helper+0xa48/0xc50 [ 16.587479] krealloc_less_oob+0x20/0x38 [ 16.588011] kunit_try_run_case+0x170/0x3f0 [ 16.588475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.588589] kthread+0x328/0x630 [ 16.589016] ret_from_fork+0x10/0x20 [ 16.589252] [ 16.589560] Allocated by task 158: [ 16.589714] kasan_save_stack+0x3c/0x68 [ 16.589781] kasan_save_track+0x20/0x40 [ 16.589955] kasan_save_alloc_info+0x40/0x58 [ 16.590095] __kasan_krealloc+0x118/0x178 [ 16.590407] krealloc_noprof+0x128/0x360 [ 16.590558] krealloc_less_oob_helper+0x168/0xc50 [ 16.590710] krealloc_less_oob+0x20/0x38 [ 16.590807] kunit_try_run_case+0x170/0x3f0 [ 16.590930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.590977] kthread+0x328/0x630 [ 16.591038] ret_from_fork+0x10/0x20 [ 16.591457] [ 16.591506] The buggy address belongs to the object at fff00000c4786200 [ 16.591506] which belongs to the cache kmalloc-256 of size 256 [ 16.591661] The buggy address is located 0 bytes to the right of [ 16.591661] allocated 201-byte region [fff00000c4786200, fff00000c47862c9) [ 16.591809] [ 16.591858] The buggy address belongs to the physical page: [ 16.591931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104786 [ 16.592017] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.592137] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.592201] page_type: f5(slab) [ 16.592440] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.592531] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.592726] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.592892] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.593042] head: 0bfffe0000000001 ffffc1ffc311e181 00000000ffffffff 00000000ffffffff [ 16.593168] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.593321] page dumped because: kasan: bad access detected [ 16.593365] [ 16.593383] Memory state around the buggy address: [ 16.593414] fff00000c4786180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.593623] fff00000c4786200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.593852] >fff00000c4786280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.594065] ^ [ 16.594164] fff00000c4786300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.594290] fff00000c4786380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.594329] ================================================================== [ 16.661955] ================================================================== [ 16.662004] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.662050] Write of size 1 at addr fff00000c665e0ea by task kunit_try_catch/162 [ 16.662348] [ 16.662384] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.662538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.662582] Hardware name: linux,dummy-virt (DT) [ 16.662658] Call trace: [ 16.662694] show_stack+0x20/0x38 (C) [ 16.662760] dump_stack_lvl+0x8c/0xd0 [ 16.662805] print_report+0x118/0x5d0 [ 16.662979] kasan_report+0xdc/0x128 [ 16.663053] __asan_report_store1_noabort+0x20/0x30 [ 16.663112] krealloc_less_oob_helper+0xae4/0xc50 [ 16.663192] krealloc_large_less_oob+0x20/0x38 [ 16.663374] kunit_try_run_case+0x170/0x3f0 [ 16.663422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.663635] kthread+0x328/0x630 [ 16.663681] ret_from_fork+0x10/0x20 [ 16.663770] [ 16.663806] The buggy address belongs to the physical page: [ 16.663896] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10665c [ 16.663969] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.664080] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.664288] page_type: f8(unknown) [ 16.664354] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.664406] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.664469] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.664539] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.664589] head: 0bfffe0000000002 ffffc1ffc3199701 00000000ffffffff 00000000ffffffff [ 16.664647] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.664686] page dumped because: kasan: bad access detected [ 16.664716] [ 16.664733] Memory state around the buggy address: [ 16.664772] fff00000c665df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.664814] fff00000c665e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.664861] >fff00000c665e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.664907] ^ [ 16.664946] fff00000c665e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.664987] fff00000c665e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.665042] ================================================================== [ 16.665679] ================================================================== [ 16.665811] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.665869] Write of size 1 at addr fff00000c665e0eb by task kunit_try_catch/162 [ 16.665966] [ 16.666052] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.666166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.666234] Hardware name: linux,dummy-virt (DT) [ 16.666282] Call trace: [ 16.666343] show_stack+0x20/0x38 (C) [ 16.666411] dump_stack_lvl+0x8c/0xd0 [ 16.666456] print_report+0x118/0x5d0 [ 16.666627] kasan_report+0xdc/0x128 [ 16.666698] __asan_report_store1_noabort+0x20/0x30 [ 16.666767] krealloc_less_oob_helper+0xa58/0xc50 [ 16.666815] krealloc_large_less_oob+0x20/0x38 [ 16.666928] kunit_try_run_case+0x170/0x3f0 [ 16.667102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.667198] kthread+0x328/0x630 [ 16.667333] ret_from_fork+0x10/0x20 [ 16.667419] [ 16.667511] The buggy address belongs to the physical page: [ 16.667546] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10665c [ 16.667620] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.667800] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.667998] page_type: f8(unknown) [ 16.668100] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.668257] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.668321] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.668520] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.668578] head: 0bfffe0000000002 ffffc1ffc3199701 00000000ffffffff 00000000ffffffff [ 16.668675] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.668774] page dumped because: kasan: bad access detected [ 16.668911] [ 16.669041] Memory state around the buggy address: [ 16.669130] fff00000c665df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.669196] fff00000c665e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.669344] >fff00000c665e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.669454] ^ [ 16.669495] fff00000c665e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.669548] fff00000c665e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.669878] ================================================================== [ 16.609256] ================================================================== [ 16.609479] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.609538] Write of size 1 at addr fff00000c47862ea by task kunit_try_catch/158 [ 16.609720] [ 16.609758] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.609860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.609917] Hardware name: linux,dummy-virt (DT) [ 16.609981] Call trace: [ 16.610020] show_stack+0x20/0x38 (C) [ 16.610122] dump_stack_lvl+0x8c/0xd0 [ 16.610183] print_report+0x118/0x5d0 [ 16.610228] kasan_report+0xdc/0x128 [ 16.610330] __asan_report_store1_noabort+0x20/0x30 [ 16.610384] krealloc_less_oob_helper+0xae4/0xc50 [ 16.610432] krealloc_less_oob+0x20/0x38 [ 16.610476] kunit_try_run_case+0x170/0x3f0 [ 16.610549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.610627] kthread+0x328/0x630 [ 16.610786] ret_from_fork+0x10/0x20 [ 16.610862] [ 16.610880] Allocated by task 158: [ 16.611024] kasan_save_stack+0x3c/0x68 [ 16.611095] kasan_save_track+0x20/0x40 [ 16.611133] kasan_save_alloc_info+0x40/0x58 [ 16.611200] __kasan_krealloc+0x118/0x178 [ 16.611389] krealloc_noprof+0x128/0x360 [ 16.611550] krealloc_less_oob_helper+0x168/0xc50 [ 16.611624] krealloc_less_oob+0x20/0x38 [ 16.611734] kunit_try_run_case+0x170/0x3f0 [ 16.611874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.611926] kthread+0x328/0x630 [ 16.611976] ret_from_fork+0x10/0x20 [ 16.612141] [ 16.612240] The buggy address belongs to the object at fff00000c4786200 [ 16.612240] which belongs to the cache kmalloc-256 of size 256 [ 16.612412] The buggy address is located 33 bytes to the right of [ 16.612412] allocated 201-byte region [fff00000c4786200, fff00000c47862c9) [ 16.612486] [ 16.612505] The buggy address belongs to the physical page: [ 16.612693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104786 [ 16.612751] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.612873] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.612954] page_type: f5(slab) [ 16.612991] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.613205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.613259] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.613332] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.613450] head: 0bfffe0000000001 ffffc1ffc311e181 00000000ffffffff 00000000ffffffff [ 16.613567] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.613743] page dumped because: kasan: bad access detected [ 16.613777] [ 16.613837] Memory state around the buggy address: [ 16.614007] fff00000c4786180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.614097] fff00000c4786200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.614235] >fff00000c4786280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.614273] ^ [ 16.614626] fff00000c4786300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.614716] fff00000c4786380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.614967] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.557960] ================================================================== [ 16.558021] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.558074] Write of size 1 at addr fff00000c47860eb by task kunit_try_catch/156 [ 16.558125] [ 16.558156] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.558250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.559482] Hardware name: linux,dummy-virt (DT) [ 16.559531] Call trace: [ 16.559710] show_stack+0x20/0x38 (C) [ 16.559844] dump_stack_lvl+0x8c/0xd0 [ 16.559892] print_report+0x118/0x5d0 [ 16.560737] kasan_report+0xdc/0x128 [ 16.561076] __asan_report_store1_noabort+0x20/0x30 [ 16.561344] krealloc_more_oob_helper+0x60c/0x678 [ 16.561520] krealloc_more_oob+0x20/0x38 [ 16.561565] kunit_try_run_case+0x170/0x3f0 [ 16.561611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.561662] kthread+0x328/0x630 [ 16.561707] ret_from_fork+0x10/0x20 [ 16.562587] [ 16.562611] Allocated by task 156: [ 16.562902] kasan_save_stack+0x3c/0x68 [ 16.563076] kasan_save_track+0x20/0x40 [ 16.563196] kasan_save_alloc_info+0x40/0x58 [ 16.563279] __kasan_krealloc+0x118/0x178 [ 16.563320] krealloc_noprof+0x128/0x360 [ 16.563357] krealloc_more_oob_helper+0x168/0x678 [ 16.563398] krealloc_more_oob+0x20/0x38 [ 16.563433] kunit_try_run_case+0x170/0x3f0 [ 16.563470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.563512] kthread+0x328/0x630 [ 16.563543] ret_from_fork+0x10/0x20 [ 16.564240] [ 16.564267] The buggy address belongs to the object at fff00000c4786000 [ 16.564267] which belongs to the cache kmalloc-256 of size 256 [ 16.564395] The buggy address is located 0 bytes to the right of [ 16.564395] allocated 235-byte region [fff00000c4786000, fff00000c47860eb) [ 16.564644] [ 16.564702] The buggy address belongs to the physical page: [ 16.564740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104786 [ 16.564959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.565186] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.565662] page_type: f5(slab) [ 16.565716] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.566088] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.566429] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.566614] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.566753] head: 0bfffe0000000001 ffffc1ffc311e181 00000000ffffffff 00000000ffffffff [ 16.566801] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.567246] page dumped because: kasan: bad access detected [ 16.567382] [ 16.567400] Memory state around the buggy address: [ 16.567434] fff00000c4785f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.567477] fff00000c4786000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.568242] >fff00000c4786080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.568460] ^ [ 16.568577] fff00000c4786100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.568633] fff00000c4786180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.568671] ================================================================== [ 16.573585] ================================================================== [ 16.573639] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.575257] Write of size 1 at addr fff00000c47860f0 by task kunit_try_catch/156 [ 16.575645] [ 16.575679] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.575827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.575855] Hardware name: linux,dummy-virt (DT) [ 16.575886] Call trace: [ 16.575909] show_stack+0x20/0x38 (C) [ 16.575959] dump_stack_lvl+0x8c/0xd0 [ 16.576004] print_report+0x118/0x5d0 [ 16.576049] kasan_report+0xdc/0x128 [ 16.576093] __asan_report_store1_noabort+0x20/0x30 [ 16.576143] krealloc_more_oob_helper+0x5c0/0x678 [ 16.576204] krealloc_more_oob+0x20/0x38 [ 16.576291] kunit_try_run_case+0x170/0x3f0 [ 16.576393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.576516] kthread+0x328/0x630 [ 16.576616] ret_from_fork+0x10/0x20 [ 16.576753] [ 16.576804] Allocated by task 156: [ 16.576920] kasan_save_stack+0x3c/0x68 [ 16.576984] kasan_save_track+0x20/0x40 [ 16.577020] kasan_save_alloc_info+0x40/0x58 [ 16.577059] __kasan_krealloc+0x118/0x178 [ 16.577095] krealloc_noprof+0x128/0x360 [ 16.577131] krealloc_more_oob_helper+0x168/0x678 [ 16.577413] krealloc_more_oob+0x20/0x38 [ 16.577517] kunit_try_run_case+0x170/0x3f0 [ 16.577596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.577691] kthread+0x328/0x630 [ 16.577761] ret_from_fork+0x10/0x20 [ 16.577825] [ 16.577924] The buggy address belongs to the object at fff00000c4786000 [ 16.577924] which belongs to the cache kmalloc-256 of size 256 [ 16.578039] The buggy address is located 5 bytes to the right of [ 16.578039] allocated 235-byte region [fff00000c4786000, fff00000c47860eb) [ 16.578473] [ 16.578506] The buggy address belongs to the physical page: [ 16.578537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104786 [ 16.578603] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.578653] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.578711] page_type: f5(slab) [ 16.578760] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.578811] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.578869] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.578933] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.578991] head: 0bfffe0000000001 ffffc1ffc311e181 00000000ffffffff 00000000ffffffff [ 16.579039] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.579078] page dumped because: kasan: bad access detected [ 16.579109] [ 16.579126] Memory state around the buggy address: [ 16.579165] fff00000c4785f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.579257] fff00000c4786000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.579300] >fff00000c4786080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.579337] ^ [ 16.579375] fff00000c4786100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.579416] fff00000c4786180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.579453] ================================================================== [ 16.634643] ================================================================== [ 16.634698] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.634743] Write of size 1 at addr fff00000c665e0f0 by task kunit_try_catch/160 [ 16.634792] [ 16.634819] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.635075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.635123] Hardware name: linux,dummy-virt (DT) [ 16.635153] Call trace: [ 16.635334] show_stack+0x20/0x38 (C) [ 16.635498] dump_stack_lvl+0x8c/0xd0 [ 16.635546] print_report+0x118/0x5d0 [ 16.635592] kasan_report+0xdc/0x128 [ 16.635887] __asan_report_store1_noabort+0x20/0x30 [ 16.636055] krealloc_more_oob_helper+0x5c0/0x678 [ 16.636223] krealloc_large_more_oob+0x20/0x38 [ 16.636322] kunit_try_run_case+0x170/0x3f0 [ 16.636404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.636550] kthread+0x328/0x630 [ 16.636618] ret_from_fork+0x10/0x20 [ 16.636734] [ 16.636753] The buggy address belongs to the physical page: [ 16.636801] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10665c [ 16.637007] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.637252] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.637422] page_type: f8(unknown) [ 16.637595] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.637766] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.637856] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.638095] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.638264] head: 0bfffe0000000002 ffffc1ffc3199701 00000000ffffffff 00000000ffffffff [ 16.638441] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.638536] page dumped because: kasan: bad access detected [ 16.638646] [ 16.638844] Memory state around the buggy address: [ 16.638922] fff00000c665df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.638972] fff00000c665e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.639015] >fff00000c665e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.639250] ^ [ 16.639300] fff00000c665e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.639417] fff00000c665e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.639496] ================================================================== [ 16.629809] ================================================================== [ 16.629909] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.630043] Write of size 1 at addr fff00000c665e0eb by task kunit_try_catch/160 [ 16.630095] [ 16.630126] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.630344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.630372] Hardware name: linux,dummy-virt (DT) [ 16.630401] Call trace: [ 16.630574] show_stack+0x20/0x38 (C) [ 16.630666] dump_stack_lvl+0x8c/0xd0 [ 16.630721] print_report+0x118/0x5d0 [ 16.630766] kasan_report+0xdc/0x128 [ 16.630895] __asan_report_store1_noabort+0x20/0x30 [ 16.630981] krealloc_more_oob_helper+0x60c/0x678 [ 16.631109] krealloc_large_more_oob+0x20/0x38 [ 16.631183] kunit_try_run_case+0x170/0x3f0 [ 16.631288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.631425] kthread+0x328/0x630 [ 16.631471] ret_from_fork+0x10/0x20 [ 16.631628] [ 16.631651] The buggy address belongs to the physical page: [ 16.631682] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10665c [ 16.631815] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.631885] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.632034] page_type: f8(unknown) [ 16.632106] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.632284] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.632373] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.632497] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.632576] head: 0bfffe0000000002 ffffc1ffc3199701 00000000ffffffff 00000000ffffffff [ 16.632642] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.632834] page dumped because: kasan: bad access detected [ 16.632995] [ 16.633076] Memory state around the buggy address: [ 16.633145] fff00000c665df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.633277] fff00000c665e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.633356] >fff00000c665e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.633473] ^ [ 16.633588] fff00000c665e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.633657] fff00000c665e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.633695] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.509845] ================================================================== [ 16.509935] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.509996] Free of addr fff00000c6654001 by task kunit_try_catch/150 [ 16.510041] [ 16.510071] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.510820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.511453] Hardware name: linux,dummy-virt (DT) [ 16.511491] Call trace: [ 16.511513] show_stack+0x20/0x38 (C) [ 16.511894] dump_stack_lvl+0x8c/0xd0 [ 16.511957] print_report+0x118/0x5d0 [ 16.512011] kasan_report_invalid_free+0xc0/0xe8 [ 16.512163] __kasan_kfree_large+0x5c/0xa8 [ 16.512223] free_large_kmalloc+0x64/0x190 [ 16.512267] kfree+0x270/0x3c8 [ 16.512309] kmalloc_large_invalid_free+0x108/0x270 [ 16.512356] kunit_try_run_case+0x170/0x3f0 [ 16.512401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.512451] kthread+0x328/0x630 [ 16.512740] ret_from_fork+0x10/0x20 [ 16.512811] [ 16.512832] The buggy address belongs to the physical page: [ 16.512973] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106654 [ 16.513043] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.513670] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.513736] page_type: f8(unknown) [ 16.514096] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.514156] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.514215] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.514264] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.514792] head: 0bfffe0000000002 ffffc1ffc3199501 00000000ffffffff 00000000ffffffff [ 16.515063] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.515251] page dumped because: kasan: bad access detected [ 16.515372] [ 16.515391] Memory state around the buggy address: [ 16.515424] fff00000c6653f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515493] fff00000c6653f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515705] >fff00000c6654000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.515813] ^ [ 16.515841] fff00000c6654080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.516000] fff00000c6654100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.516057] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.491027] ================================================================== [ 16.491547] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.491664] Read of size 1 at addr fff00000c6654000 by task kunit_try_catch/148 [ 16.491714] [ 16.491747] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.492030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.492076] Hardware name: linux,dummy-virt (DT) [ 16.492106] Call trace: [ 16.492133] show_stack+0x20/0x38 (C) [ 16.492437] dump_stack_lvl+0x8c/0xd0 [ 16.492584] print_report+0x118/0x5d0 [ 16.492862] kasan_report+0xdc/0x128 [ 16.492911] __asan_report_load1_noabort+0x20/0x30 [ 16.493329] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.493376] kunit_try_run_case+0x170/0x3f0 [ 16.493421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.493472] kthread+0x328/0x630 [ 16.493518] ret_from_fork+0x10/0x20 [ 16.494195] [ 16.494238] The buggy address belongs to the physical page: [ 16.494270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106654 [ 16.494339] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.494667] raw: 0bfffe0000000000 ffffc1ffc3199608 fff00000da478c40 0000000000000000 [ 16.494728] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.494997] page dumped because: kasan: bad access detected [ 16.495032] [ 16.495050] Memory state around the buggy address: [ 16.495548] fff00000c6653f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.495668] fff00000c6653f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.495787] >fff00000c6654000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.495825] ^ [ 16.495853] fff00000c6654080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.496283] fff00000c6654100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.496334] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.472988] ================================================================== [ 16.473311] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.473867] Write of size 1 at addr fff00000c665600a by task kunit_try_catch/146 [ 16.474040] [ 16.474116] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.474513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.474793] Hardware name: linux,dummy-virt (DT) [ 16.474826] Call trace: [ 16.474847] show_stack+0x20/0x38 (C) [ 16.475294] dump_stack_lvl+0x8c/0xd0 [ 16.475540] print_report+0x118/0x5d0 [ 16.475588] kasan_report+0xdc/0x128 [ 16.475903] __asan_report_store1_noabort+0x20/0x30 [ 16.476226] kmalloc_large_oob_right+0x278/0x2b8 [ 16.476457] kunit_try_run_case+0x170/0x3f0 [ 16.476510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.476982] kthread+0x328/0x630 [ 16.477032] ret_from_fork+0x10/0x20 [ 16.477221] [ 16.477260] The buggy address belongs to the physical page: [ 16.477339] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106654 [ 16.477450] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.477844] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.478377] page_type: f8(unknown) [ 16.478484] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.478551] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.478697] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.478838] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.478916] head: 0bfffe0000000002 ffffc1ffc3199501 00000000ffffffff 00000000ffffffff [ 16.478965] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.479005] page dumped because: kasan: bad access detected [ 16.479037] [ 16.479559] Memory state around the buggy address: [ 16.479629] fff00000c6655f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.479673] fff00000c6655f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.479716] >fff00000c6656000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.479904] ^ [ 16.479941] fff00000c6656080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.479986] fff00000c6656100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.480486] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.454368] ================================================================== [ 16.454429] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.454476] Write of size 1 at addr fff00000c6685f00 by task kunit_try_catch/144 [ 16.454558] [ 16.454588] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.454683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.454708] Hardware name: linux,dummy-virt (DT) [ 16.454737] Call trace: [ 16.454757] show_stack+0x20/0x38 (C) [ 16.454853] dump_stack_lvl+0x8c/0xd0 [ 16.454921] print_report+0x118/0x5d0 [ 16.455018] kasan_report+0xdc/0x128 [ 16.455103] __asan_report_store1_noabort+0x20/0x30 [ 16.455450] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.455507] kunit_try_run_case+0x170/0x3f0 [ 16.455827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.455954] kthread+0x328/0x630 [ 16.456053] ret_from_fork+0x10/0x20 [ 16.456264] [ 16.456511] Allocated by task 144: [ 16.456578] kasan_save_stack+0x3c/0x68 [ 16.456827] kasan_save_track+0x20/0x40 [ 16.456868] kasan_save_alloc_info+0x40/0x58 [ 16.456907] __kasan_kmalloc+0xd4/0xd8 [ 16.457304] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.457354] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.457525] kunit_try_run_case+0x170/0x3f0 [ 16.457590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.457634] kthread+0x328/0x630 [ 16.457665] ret_from_fork+0x10/0x20 [ 16.457700] [ 16.458204] The buggy address belongs to the object at fff00000c6684000 [ 16.458204] which belongs to the cache kmalloc-8k of size 8192 [ 16.458388] The buggy address is located 0 bytes to the right of [ 16.458388] allocated 7936-byte region [fff00000c6684000, fff00000c6685f00) [ 16.458459] [ 16.458479] The buggy address belongs to the physical page: [ 16.458510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106680 [ 16.458930] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.459275] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.459367] page_type: f5(slab) [ 16.459431] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.459483] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.459599] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.459807] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.460320] head: 0bfffe0000000003 ffffc1ffc319a001 00000000ffffffff 00000000ffffffff [ 16.460482] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.460818] page dumped because: kasan: bad access detected [ 16.461067] [ 16.461229] Memory state around the buggy address: [ 16.461337] fff00000c6685e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.461724] fff00000c6685e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.461809] >fff00000c6685f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.462040] ^ [ 16.462076] fff00000c6685f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.462390] fff00000c6686000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.462432] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.435094] ================================================================== [ 16.435142] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.435654] Write of size 1 at addr fff00000c585e978 by task kunit_try_catch/142 [ 16.435718] [ 16.436240] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.436620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.436676] Hardware name: linux,dummy-virt (DT) [ 16.436729] Call trace: [ 16.436749] show_stack+0x20/0x38 (C) [ 16.436799] dump_stack_lvl+0x8c/0xd0 [ 16.436844] print_report+0x118/0x5d0 [ 16.436889] kasan_report+0xdc/0x128 [ 16.436933] __asan_report_store1_noabort+0x20/0x30 [ 16.436984] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.437250] kunit_try_run_case+0x170/0x3f0 [ 16.437396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.437453] kthread+0x328/0x630 [ 16.437506] ret_from_fork+0x10/0x20 [ 16.437670] [ 16.437687] Allocated by task 142: [ 16.437714] kasan_save_stack+0x3c/0x68 [ 16.437756] kasan_save_track+0x20/0x40 [ 16.438085] kasan_save_alloc_info+0x40/0x58 [ 16.438159] __kasan_kmalloc+0xd4/0xd8 [ 16.438227] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.438428] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.438490] kunit_try_run_case+0x170/0x3f0 [ 16.438620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.438662] kthread+0x328/0x630 [ 16.438732] ret_from_fork+0x10/0x20 [ 16.438791] [ 16.438809] The buggy address belongs to the object at fff00000c585e900 [ 16.438809] which belongs to the cache kmalloc-128 of size 128 [ 16.439048] The buggy address is located 0 bytes to the right of [ 16.439048] allocated 120-byte region [fff00000c585e900, fff00000c585e978) [ 16.439151] [ 16.439456] The buggy address belongs to the physical page: [ 16.439627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.439684] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.439888] page_type: f5(slab) [ 16.439930] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.440148] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.440252] page dumped because: kasan: bad access detected [ 16.440304] [ 16.440321] Memory state around the buggy address: [ 16.440351] fff00000c585e800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.440515] fff00000c585e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.440558] >fff00000c585e900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.440595] ^ [ 16.440634] fff00000c585e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.440676] fff00000c585ea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.440714] ================================================================== [ 16.429036] ================================================================== [ 16.429219] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.429506] Write of size 1 at addr fff00000c585e878 by task kunit_try_catch/142 [ 16.429691] [ 16.429873] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.430367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.430396] Hardware name: linux,dummy-virt (DT) [ 16.430427] Call trace: [ 16.430455] show_stack+0x20/0x38 (C) [ 16.430555] dump_stack_lvl+0x8c/0xd0 [ 16.430728] print_report+0x118/0x5d0 [ 16.430790] kasan_report+0xdc/0x128 [ 16.430834] __asan_report_store1_noabort+0x20/0x30 [ 16.430884] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.430933] kunit_try_run_case+0x170/0x3f0 [ 16.430979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.431030] kthread+0x328/0x630 [ 16.431078] ret_from_fork+0x10/0x20 [ 16.431266] [ 16.431284] Allocated by task 142: [ 16.431328] kasan_save_stack+0x3c/0x68 [ 16.431369] kasan_save_track+0x20/0x40 [ 16.431405] kasan_save_alloc_info+0x40/0x58 [ 16.431443] __kasan_kmalloc+0xd4/0xd8 [ 16.431500] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.431543] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.431583] kunit_try_run_case+0x170/0x3f0 [ 16.431619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.431661] kthread+0x328/0x630 [ 16.431694] ret_from_fork+0x10/0x20 [ 16.432259] [ 16.432293] The buggy address belongs to the object at fff00000c585e800 [ 16.432293] which belongs to the cache kmalloc-128 of size 128 [ 16.432528] The buggy address is located 0 bytes to the right of [ 16.432528] allocated 120-byte region [fff00000c585e800, fff00000c585e878) [ 16.432819] [ 16.432839] The buggy address belongs to the physical page: [ 16.432871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.432992] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.433042] page_type: f5(slab) [ 16.433183] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.433337] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.433403] page dumped because: kasan: bad access detected [ 16.433505] [ 16.433522] Memory state around the buggy address: [ 16.433563] fff00000c585e700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.433676] fff00000c585e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.433724] >fff00000c585e800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.433761] ^ [ 16.433801] fff00000c585e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.433842] fff00000c585e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.433880] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.412063] ================================================================== [ 16.412129] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.412193] Read of size 1 at addr fff00000c7929000 by task kunit_try_catch/140 [ 16.412242] [ 16.412271] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.412877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.412905] Hardware name: linux,dummy-virt (DT) [ 16.412935] Call trace: [ 16.412956] show_stack+0x20/0x38 (C) [ 16.413005] dump_stack_lvl+0x8c/0xd0 [ 16.413050] print_report+0x118/0x5d0 [ 16.413103] kasan_report+0xdc/0x128 [ 16.413317] __asan_report_load1_noabort+0x20/0x30 [ 16.413468] kmalloc_node_oob_right+0x2f4/0x330 [ 16.413726] kunit_try_run_case+0x170/0x3f0 [ 16.413958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.414132] kthread+0x328/0x630 [ 16.414208] ret_from_fork+0x10/0x20 [ 16.414387] [ 16.414406] Allocated by task 140: [ 16.414433] kasan_save_stack+0x3c/0x68 [ 16.414480] kasan_save_track+0x20/0x40 [ 16.414584] kasan_save_alloc_info+0x40/0x58 [ 16.414625] __kasan_kmalloc+0xd4/0xd8 [ 16.414660] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.414700] kmalloc_node_oob_right+0xbc/0x330 [ 16.414737] kunit_try_run_case+0x170/0x3f0 [ 16.414772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.414814] kthread+0x328/0x630 [ 16.414854] ret_from_fork+0x10/0x20 [ 16.414889] [ 16.414908] The buggy address belongs to the object at fff00000c7928000 [ 16.414908] which belongs to the cache kmalloc-4k of size 4096 [ 16.415256] The buggy address is located 0 bytes to the right of [ 16.415256] allocated 4096-byte region [fff00000c7928000, fff00000c7929000) [ 16.415408] [ 16.415480] The buggy address belongs to the physical page: [ 16.415972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107928 [ 16.416486] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.416743] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.416849] page_type: f5(slab) [ 16.416997] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.417048] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.417135] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.417196] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.417268] head: 0bfffe0000000003 ffffc1ffc31e4a01 00000000ffffffff 00000000ffffffff [ 16.417320] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.417364] page dumped because: kasan: bad access detected [ 16.417634] [ 16.417655] Memory state around the buggy address: [ 16.417687] fff00000c7928f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.417989] fff00000c7928f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.418035] >fff00000c7929000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.418482] ^ [ 16.418560] fff00000c7929080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.418603] fff00000c7929100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.418679] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.397371] ================================================================== [ 16.397457] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.397508] Read of size 1 at addr fff00000c45d1a1f by task kunit_try_catch/138 [ 16.397558] [ 16.397594] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.397684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.397719] Hardware name: linux,dummy-virt (DT) [ 16.397802] Call trace: [ 16.397910] show_stack+0x20/0x38 (C) [ 16.398066] dump_stack_lvl+0x8c/0xd0 [ 16.398541] print_report+0x118/0x5d0 [ 16.398928] kasan_report+0xdc/0x128 [ 16.399362] __asan_report_load1_noabort+0x20/0x30 [ 16.399735] kmalloc_oob_left+0x2ec/0x320 [ 16.400112] kunit_try_run_case+0x170/0x3f0 [ 16.400169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.400232] kthread+0x328/0x630 [ 16.400398] ret_from_fork+0x10/0x20 [ 16.400454] [ 16.400471] Allocated by task 26: [ 16.400501] kasan_save_stack+0x3c/0x68 [ 16.400541] kasan_save_track+0x20/0x40 [ 16.400631] kasan_save_alloc_info+0x40/0x58 [ 16.400671] __kasan_kmalloc+0xd4/0xd8 [ 16.400742] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.400842] kstrdup+0x54/0xc8 [ 16.400941] devtmpfs_work_loop+0x6f8/0xa58 [ 16.400991] devtmpfsd+0x50/0x58 [ 16.401141] kthread+0x328/0x630 [ 16.401184] ret_from_fork+0x10/0x20 [ 16.401253] [ 16.401466] Freed by task 26: [ 16.401580] kasan_save_stack+0x3c/0x68 [ 16.401842] kasan_save_track+0x20/0x40 [ 16.401891] kasan_save_free_info+0x4c/0x78 [ 16.401929] __kasan_slab_free+0x6c/0x98 [ 16.401970] kfree+0x214/0x3c8 [ 16.402005] devtmpfs_work_loop+0x804/0xa58 [ 16.402041] devtmpfsd+0x50/0x58 [ 16.402212] kthread+0x328/0x630 [ 16.402279] ret_from_fork+0x10/0x20 [ 16.402420] [ 16.402446] The buggy address belongs to the object at fff00000c45d1a00 [ 16.402446] which belongs to the cache kmalloc-16 of size 16 [ 16.402815] The buggy address is located 15 bytes to the right of [ 16.402815] allocated 16-byte region [fff00000c45d1a00, fff00000c45d1a10) [ 16.402953] [ 16.402972] The buggy address belongs to the physical page: [ 16.403003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 16.403058] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.403400] page_type: f5(slab) [ 16.403505] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.403556] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.403596] page dumped because: kasan: bad access detected [ 16.403626] [ 16.403645] Memory state around the buggy address: [ 16.403688] fff00000c45d1900: 00 00 fc fc 00 00 fc fc 00 00 fc fc fa fb fc fc [ 16.403901] fff00000c45d1980: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.403946] >fff00000c45d1a00: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 16.403982] ^ [ 16.404038] fff00000c45d1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.404081] fff00000c45d1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.404119] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.381430] ================================================================== [ 16.381473] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.381520] Write of size 1 at addr fff00000c585e778 by task kunit_try_catch/136 [ 16.381598] [ 16.381645] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.381736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.381763] Hardware name: linux,dummy-virt (DT) [ 16.381792] Call trace: [ 16.381813] show_stack+0x20/0x38 (C) [ 16.382050] dump_stack_lvl+0x8c/0xd0 [ 16.382125] print_report+0x118/0x5d0 [ 16.382184] kasan_report+0xdc/0x128 [ 16.382394] __asan_report_store1_noabort+0x20/0x30 [ 16.382567] kmalloc_oob_right+0x538/0x660 [ 16.382664] kunit_try_run_case+0x170/0x3f0 [ 16.382714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.382765] kthread+0x328/0x630 [ 16.382814] ret_from_fork+0x10/0x20 [ 16.382861] [ 16.382885] Allocated by task 136: [ 16.382920] kasan_save_stack+0x3c/0x68 [ 16.382966] kasan_save_track+0x20/0x40 [ 16.383003] kasan_save_alloc_info+0x40/0x58 [ 16.383050] __kasan_kmalloc+0xd4/0xd8 [ 16.383085] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.383123] kmalloc_oob_right+0xb0/0x660 [ 16.383166] kunit_try_run_case+0x170/0x3f0 [ 16.383296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.383579] kthread+0x328/0x630 [ 16.383619] ret_from_fork+0x10/0x20 [ 16.383677] [ 16.383696] The buggy address belongs to the object at fff00000c585e700 [ 16.383696] which belongs to the cache kmalloc-128 of size 128 [ 16.383754] The buggy address is located 5 bytes to the right of [ 16.383754] allocated 115-byte region [fff00000c585e700, fff00000c585e773) [ 16.383818] [ 16.383836] The buggy address belongs to the physical page: [ 16.383915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.384062] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.384114] page_type: f5(slab) [ 16.384154] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.384218] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.384258] page dumped because: kasan: bad access detected [ 16.384287] [ 16.384304] Memory state around the buggy address: [ 16.384334] fff00000c585e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.384376] fff00000c585e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384417] >fff00000c585e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.384454] ^ [ 16.384493] fff00000c585e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384534] fff00000c585e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384570] ================================================================== [ 16.370551] ================================================================== [ 16.370916] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.373565] Write of size 1 at addr fff00000c585e773 by task kunit_try_catch/136 [ 16.373681] [ 16.374664] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 16.374818] Tainted: [N]=TEST [ 16.374850] Hardware name: linux,dummy-virt (DT) [ 16.375077] Call trace: [ 16.375273] show_stack+0x20/0x38 (C) [ 16.375413] dump_stack_lvl+0x8c/0xd0 [ 16.375473] print_report+0x118/0x5d0 [ 16.375523] kasan_report+0xdc/0x128 [ 16.375568] __asan_report_store1_noabort+0x20/0x30 [ 16.375619] kmalloc_oob_right+0x5a4/0x660 [ 16.375665] kunit_try_run_case+0x170/0x3f0 [ 16.375715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.375767] kthread+0x328/0x630 [ 16.375810] ret_from_fork+0x10/0x20 [ 16.375965] [ 16.376002] Allocated by task 136: [ 16.376135] kasan_save_stack+0x3c/0x68 [ 16.376223] kasan_save_track+0x20/0x40 [ 16.376262] kasan_save_alloc_info+0x40/0x58 [ 16.376301] __kasan_kmalloc+0xd4/0xd8 [ 16.376337] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.376377] kmalloc_oob_right+0xb0/0x660 [ 16.376412] kunit_try_run_case+0x170/0x3f0 [ 16.376449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.376491] kthread+0x328/0x630 [ 16.376523] ret_from_fork+0x10/0x20 [ 16.376576] [ 16.376635] The buggy address belongs to the object at fff00000c585e700 [ 16.376635] which belongs to the cache kmalloc-128 of size 128 [ 16.376729] The buggy address is located 0 bytes to the right of [ 16.376729] allocated 115-byte region [fff00000c585e700, fff00000c585e773) [ 16.376797] [ 16.376875] The buggy address belongs to the physical page: [ 16.377084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.377390] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.377678] page_type: f5(slab) [ 16.377979] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.378044] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.378148] page dumped because: kasan: bad access detected [ 16.378201] [ 16.378226] Memory state around the buggy address: [ 16.378444] fff00000c585e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.378510] fff00000c585e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.378564] >fff00000c585e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.378617] ^ [ 16.378697] fff00000c585e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.378740] fff00000c585e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.378799] ================================================================== [ 16.385438] ================================================================== [ 16.385504] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.385564] Read of size 1 at addr fff00000c585e780 by task kunit_try_catch/136 [ 16.385629] [ 16.385659] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.385873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.386061] Hardware name: linux,dummy-virt (DT) [ 16.386158] Call trace: [ 16.386192] show_stack+0x20/0x38 (C) [ 16.386260] dump_stack_lvl+0x8c/0xd0 [ 16.386542] print_report+0x118/0x5d0 [ 16.386661] kasan_report+0xdc/0x128 [ 16.386770] __asan_report_load1_noabort+0x20/0x30 [ 16.386823] kmalloc_oob_right+0x5d0/0x660 [ 16.386868] kunit_try_run_case+0x170/0x3f0 [ 16.387092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.387249] kthread+0x328/0x630 [ 16.387376] ret_from_fork+0x10/0x20 [ 16.387494] [ 16.387511] Allocated by task 136: [ 16.387538] kasan_save_stack+0x3c/0x68 [ 16.387705] kasan_save_track+0x20/0x40 [ 16.387750] kasan_save_alloc_info+0x40/0x58 [ 16.387789] __kasan_kmalloc+0xd4/0xd8 [ 16.387969] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.388052] kmalloc_oob_right+0xb0/0x660 [ 16.388135] kunit_try_run_case+0x170/0x3f0 [ 16.388232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.388315] kthread+0x328/0x630 [ 16.388346] ret_from_fork+0x10/0x20 [ 16.388381] [ 16.388399] The buggy address belongs to the object at fff00000c585e700 [ 16.388399] which belongs to the cache kmalloc-128 of size 128 [ 16.388457] The buggy address is located 13 bytes to the right of [ 16.388457] allocated 115-byte region [fff00000c585e700, fff00000c585e773) [ 16.388753] [ 16.388812] The buggy address belongs to the physical page: [ 16.388893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10585e [ 16.388948] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.389053] page_type: f5(slab) [ 16.389406] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.389517] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.389596] page dumped because: kasan: bad access detected [ 16.389657] [ 16.389702] Memory state around the buggy address: [ 16.389733] fff00000c585e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.389780] fff00000c585e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.389830] >fff00000c585e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.389866] ^ [ 16.389900] fff00000c585e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.389953] fff00000c585e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.390006] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 97.794189] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 97.796028] Modules linked in: [ 97.796528] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 97.797232] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 97.797878] Hardware name: linux,dummy-virt (DT) [ 97.798250] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.798524] pc : intlog10+0x38/0x48 [ 97.798701] lr : intlog10_test+0xe4/0x200 [ 97.798885] sp : ffff8000821f7c10 [ 97.799039] x29: ffff8000821f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.800253] x26: 1ffe0000199d8fa1 x25: 0000000000000000 x24: ffff8000821f7ce0 [ 97.801035] x23: ffff8000821f7d00 x22: 0000000000000000 x21: 1ffff0001043ef82 [ 97.801799] x20: ffff9433e5489d80 x19: ffff800080087990 x18: 00000000f9c35398 [ 97.802561] x17: 0000000001462dd2 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 97.803369] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: ffff72867d263379 [ 97.804187] x11: 1ffff2867d263378 x10: ffff72867d263378 x9 : ffff9433e2a34e9c [ 97.804937] x8 : ffff9433e9319bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.805692] x5 : ffff70001043ef82 x4 : 1ffff00010010f3a x3 : 1ffff2867ca913b0 [ 97.806423] x2 : 1ffff2867ca913b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.806770] Call trace: [ 97.806909] intlog10+0x38/0x48 (P) [ 97.807100] kunit_try_run_case+0x170/0x3f0 [ 97.807440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.807890] kthread+0x328/0x630 [ 97.808076] ret_from_fork+0x10/0x20 [ 97.808601] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 97.742114] WARNING: CPU: 1 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 97.747117] Modules linked in: [ 97.747676] CPU: 1 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 97.748990] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 97.749480] Hardware name: linux,dummy-virt (DT) [ 97.750143] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.750789] pc : intlog2+0xd8/0xf8 [ 97.750971] lr : intlog2_test+0xe4/0x200 [ 97.751153] sp : ffff8000820f7c10 [ 97.751629] x29: ffff8000820f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.752573] x26: 1ffe0000199d8e61 x25: 0000000000000000 x24: ffff8000820f7ce0 [ 97.753509] x23: ffff8000820f7d00 x22: 0000000000000000 x21: 1ffff0001041ef82 [ 97.754266] x20: ffff9433e5489c80 x19: ffff800080087990 x18: 0000000083499c8c [ 97.754948] x17: 00000000b54f9013 x16: fff00000c0975c3c x15: 000000009c4b7dae [ 97.755545] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a5cd x12: ffff72867d263379 [ 97.756339] x11: 1ffff2867d263378 x10: ffff72867d263378 x9 : ffff9433e2a3509c [ 97.757099] x8 : ffff9433e9319bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.757684] x5 : ffff70001041ef82 x4 : 1ffff00010010f3a x3 : 1ffff2867ca91390 [ 97.758039] x2 : 1ffff2867ca91390 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.758817] Call trace: [ 97.759126] intlog2+0xd8/0xf8 (P) [ 97.759672] kunit_try_run_case+0x170/0x3f0 [ 97.760156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.760729] kthread+0x328/0x630 [ 97.761108] ret_from_fork+0x10/0x20 [ 97.761548] ---[ end trace 0000000000000000 ]---